CVE-2025-6231

Technical details about CVE-2025-6231 are not publicly provided in the connected documents. Monitor for updates; no concrete exploit, affected versions, or fixes are described here.

Lenovo Protection Driver 安全漏洞

Lenovo Protection Driver is a hard disk protection system from Lenovo China. A security vulnerability exists in Lenovo Protection Driver prior to version 5.1.1110.4231, which stems from a buffer overflow vulnerability that could lead to the execution of arbitrary code by a local privileged user...

Stack-based Buffer Overflow

International Components for Unicode ICU is vulnerable to a Stack-based Buffer Overflow. The vulnerability is due to improper handling of the ‘subtag’ struct in the SRBRoot::addTag function while running the genrb binary, which allows an attacker to cause memory corruption and achieve local...

CVE-2025-41236

The CVE-2025-41236 issue is an integer-overflow in the VMXNET3 virtual network adapter used by VMware ESXi, Workstation, and Fusion. A local VM administrator can exploit this to execute code on the host; non‑VMXNET3 adapters are unaffected. Connected IBM advisory confirms the same vulnerability a...

CVE-2025-48805

Heap-based buffer overflow in Microsoft MPEG-2 Video Extension allows an authorized attacker to execute code locally...

Local Code Execution (LCE)

helm.sh/helm/v3 is vulnerable to Local Code Execution LCE. The vulnerability is due to insufficient validation and sanitization of the Chart.yaml and Chart.lock files during dependency updates, allowing a maliciously crafted file to trigger local code execution...

AZL-64877 CVE-2025-53547 affecting package helm for versions less than 3.14.2-7

Helm is a package manager for Charts for Kubernetes. Prior to 3.18.4, a specially crafted Chart.yaml file along with a specially linked Chart.lock file can lead to local code execution when dependencies are updated. Fields in a Chart.yaml file, that are carried over to a Chart.lock file when...

CVE-2025-53547 Helm Chart Dependency Updating With Malicious Chart.yaml Content And Symlink Can Lead To Code Execution

Helm is a package manager for Charts for Kubernetes. Prior to 3.18.4, a specially crafted Chart.yaml file along with a specially linked Chart.lock file can lead to local code execution when dependencies are updated. Fields in a Chart.yaml file, that are carried over to a Chart.lock file when...

CVE-2025-53547

Helm (Kubernetes package manager) before version 3.18.4 is affected by a code-execution vulnerability that arises when a specially crafted Chart.yaml content is carried over to Chart.lock during dependency updates, and the Chart.lock file is symlinked to a file that is executed (e.g., a bashrc or...

CVE-2025-53547 Helm Chart Dependency Updating With Malicious Chart.yaml Content And Symlink Can Lead To Code Execution

Helm is a package manager for Charts for Kubernetes. Prior to 3.18.4, a specially crafted Chart.yaml file along with a specially linked Chart.lock file can lead to local code execution when dependencies are updated. Fields in a Chart.yaml file, that are carried over to a Chart.lock file when...

CVE-2025-53547 Helm Chart Dependency Updating With Malicious Chart.yaml Content And Symlink Can Lead To Code Execution

Helm is a package manager for Charts for Kubernetes. Prior to 3.18.4, a specially crafted Chart.yaml file along with a specially linked Chart.lock file can lead to local code execution when dependencies are updated. Fields in a Chart.yaml file, that are carried over to a Chart.lock file when...

CVE-2025-49742

Integer overflow or wraparound in Microsoft Graphics Component allows an authorized attacker to execute code locally...

CVE-2025-49705

Heap-based buffer overflow in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally...

CVE-2025-49711

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally...

CVE-2025-49702

Access of resource using incompatible type 'type confusion' in Microsoft Office allows an unauthorized attacker to execute code locally...

CVE-2025-49700

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally...

CVE-2025-49697

Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally...

CVE-2025-49699

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally...

CVE-2025-49698

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally...

CVE-2025-49696

Out-of-bounds read in Microsoft Office allows an unauthorized attacker to execute code locally...