4293 matches found
CVE-2025-30377
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally...
CVE-2025-30376
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally...
CVE-2025-30378
Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to execute code locally...
CVE-2025-29979
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally...
CVE-2025-30375
Access of resource using incompatible type 'type confusion' in Microsoft Office Excel allows an unauthorized attacker to execute code locally...
CVE-2025-29978
Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally...
CVE-2025-29978
Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally...
CVE-2025-29977
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally...
CVE-2025-29833
Time-of-check time-of-use toctou race condition in Windows Virtual Machine Bus allows an unauthorized attacker to execute code locally...
CVE-2025-32705
CVE-2025-32705 is an out-of-bounds read vulnerability in Microsoft Office Outlook that enables a local attacker to execute code. The CVE is tied to Microsoft Outlook/Office components and has a high impact with local/remote code execution characteristics as per CVSS 3.1 metrics (AV:L/AC:L/PR:N/UI...
PT-2025-20980
Name of the Vulnerable Software and Affected Versions: Microsoft Office PowerPoint affected versions not specified Description: The issue is related to a use after free condition in Microsoft Office PowerPoint, allowing an unauthorized attacker to execute code locally. There is no information...
FreeBSD : Mozilla -- insufficient character escaping (a59bd59e-2e85-11f0-a989-b42e991fc52e)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the a59bd59e-2e85-11f0-a989-b42e991fc52e advisory. [email protected] reports: Due to insufficient escaping of special characters in the copy as cURL...
CVE-2025-1330
IBM CICS TX Standard 11.1 and IBM CICS TX Advanced 10.1 and 11.1 could allow a local user to execute arbitrary code on the system due to failure to handle DNS return requests by the gethostbyname function...
IBM CICS TX Standard 缓冲区错误漏洞
IBM CICS TX Standard is a comprehensive single transaction runtime package from International Business Machines IBM, Inc. It can provide a cloud-native deployment model for standalone applications. A buffer error vulnerability exists in IBM CICS TX Standard version 11.1, which stems from the...
CVE-2025-20979
Out-of-bounds write in libsavscmn prior to Android 15 allows local attackers to execute arbitrary code...
PT-2025-20064 · Google · Android
Name of the Vulnerable Software and Affected Versions: Android versions prior to 15 Description: The issue is an out-of-bounds write in libsavscmn, which allows local attackers to execute arbitrary code. This can be exploited by local attackers. Recommendations: For versions prior to Android 15,...
CVE-2025-27132
in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. This vulnerability can be exploited only in restricted scenarios...
Vulnerabilities fixed in Mozilla Firefox and Thunderbird
Mozilla has fixed vulnerabilities in Firefox and Thunderbird Specifically for versions under 138 and 128.10. The vulnerabilities include privilege escalation through code injection, insecure processing of WebGL shader attributes, improper isolation of processes, and local code execution through...
Update ASAP: Google Fixes Android Flaw (CVE-2025-27363) Exploited by Attackers
Google has released its monthly security updates for Android with fixes for 46 security flaws, including one vulnerability that it said has been exploited in the wild. The vulnerability in question is CVE-2025-27363 CVSS score: 8.1, a high-severity flaw in the System component that could lead to...
Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.10 : Python vulnerabilities (USN-7488-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7488-1 advisory. It was discovered that Python incorrectly handled parsing bracketed hosts. A remote attacker coul...