4290 matches found
CVE-2025-23358
NVIDIA NVApp for Windows contains a vulnerability in the installer, where a local attacker can cause a search path element issue. A successful exploit of this vulnerability might lead to code execution and escalation of privileges...
CVE-2025-23358
CVE-2025-23358 affects NVIDIA NVApp for Windows. The vulnerability is a flaw in the NVIDIA NVApp installer that can manipulate a search path element, potentially enabling code execution and privilege escalation on a local attacker’s host. Multiple connected sources confirm the issue and its impac...
PT-2025-44645
Name of the Vulnerable Software and Affected Versions Bizerba Communication Server BCS affected versions not specified Description The Bizerba Communication Server BCS service has an unquoted service path. This occurs when the Windows service's executable path contains spaces but is not enclosed ...
CVE-2025-61161
DLL hijacking vulnerability in Evope Collector 1.1.6.9.0 and related components load the wtsapi32.dll library from an uncontrolled search path C:\ProgramData\Evope. This allows local unprivileged attackers to execute arbitrary code or escalate privileges to SYSTEM by placing a crafted DLL in that...
PT-2025-50327
Name of the Vulnerable Software and Affected Versions Gogs versions prior to 0.13.0 with PutContents API enabled. Description Gogs contains a path traversal vulnerability in the PutContents API, allowing authenticated attackers to overwrite files outside the repository and achieve remote code...
MGASA-2025-0249 Updated icu packages fix security vulnerability
A stack buffer overflow was found in Internationl components for unicode ICU . While running the genrb binary, the 'subtag' struct overflowed at the SRBRoot::addTag function. This issue may lead to memory corruption and local arbitrary code execution...
BambuStudio 安全漏洞
BambuStudio is a Bambu Lab open source software that connects BambuLab to other 3D printers. A security vulnerability exists in BambuStudio version 2.1.1.52 and prior versions, which stems from the loading of a web plug-in at application startup without verifying the digital signature or...
Fortinet FortiClientMAC Resource Management Error Vulnerability
Fortinet FortiClientMAC is a U.S. fly tower Fortinet company based on macOS platform security tools. Fortinet FortiClientMAC has a resource management error vulnerability that stems from improper allocation of critical resource permissions, which can be exploited by an attacker to cause a local...
CVE-2025-58733
Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally...
CVE-2025-58736
Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally...
CVE-2025-58732
Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally...
CVE-2025-58734
Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally...
CVE-2025-58730
Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally...
CVE-2025-58735
Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally...
CVE-2025-58738
Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally...
CVE-2025-58731
Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally...
CVE-2025-59224
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally...
CVE-2025-59233
Access of resource using incompatible type 'type confusion' in Microsoft Office Excel allows an unauthorized attacker to execute code locally...
CVE-2025-59231
Access of resource using incompatible type 'type confusion' in Microsoft Office Excel allows an unauthorized attacker to execute code locally...
CVE-2025-59282
Concurrent execution using shared resource with improper synchronization 'race condition' in Inbox COM Objects allows an unauthorized attacker to execute code locally...