PT-2026-32849

CVE-2026-32197 | Microsoft 365 Apps for Enterprise | Remote Code Execution Description Use-after-free vulnerability in Microsoft Office Excel allows unauth attacker to achieve RCE locally by tricking user into opening malicious Excel file. Severity: High Exploitation: Unknown Public PoC: Unknown...

PT-2026-32819

CVE-2026-32149 Improper input validation in Windows Hyper-V allows an authorized attacker to execute code locally. https://t.co/jAvCgQ0s60...

PT-2026-32870

Name of the Vulnerable Software and Affected Versions Microsoft 365 Apps for Enterprise versions 16.0.1 through 16.0.1 Description A use-after-free issue in Microsoft Office Word allows an unauthorized attacker to execute code locally by tricking a user into opening a malicious document...

PT-2026-32841

Name of the Vulnerable Software and Affected Versions Windows Snipping Tool affected versions not specified Description Improper neutralization of special elements used in a command allows an unauthorized attacker to execute arbitrary code locally and remotely, affecting the system. Recommendatio...

PT-2026-32879

Name of the Vulnerable Software and Affected Versions Microsoft 365 Apps for Enterprise versions 16.0.1 through 16.0.1 Description A use-after-free issue in Microsoft Office Word allows an unauthorized attacker to execute code locally. This occurs when a user is tricked into opening a malicious...

PT-2026-32852

CVE-2026-32200 Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally. https://t.co/8Uy6aw5JNe...

PT-2026-32826

Name of the Vulnerable Software and Affected Versions Windows affected versions not specified Description A use after free in the Windows Universal Plug and Play UPnP Device Host allows an unauthorized attacker to execute arbitrary code locally and remotely, affecting the system. Use after free i...

PT-2026-32844

Name of the Vulnerable Software and Affected Versions Microsoft 365 Apps for Enterprise versions 16.0.1 through 16.0.1 Description A use-after-free issue in Microsoft Office Excel allows an unauthorized attacker to execute arbitrary code locally by tricking a user into opening a malicious Excel...

PT-2026-32850

CVE-2026-32198 | Microsoft 365 Apps for Enterprise | Remote Code Execution Description Use-after-free vulnerability in Microsoft Office Excel allows unauth attacker to achieve RCE locally by tricking user into opening malicious Excel file. Severity: High Exploitation: Unknown Public PoC: Unknown...

R 缓冲区错误漏洞

R is a statistical computing software developed by The R Foundation. Version 3.4.4 of R contains a buffer overflow vulnerability, which stems from insufficient input validation for the GUI Preferences language field. This vulnerability could lead to a local buffer overflow and the execution of...

Exploit for CVE-2025-81110

CVE-2025-81110-PoC Improper Symbolic link handling in the PutC...

CVE-2025-70811

Cross Site Request Forgery vulnerability in Phpbb phbb3 v.3.3.15 allows a local attacker to execute arbitrary code via the Admin Control Panel icon management functionality...

Untrusted Search Path

Overview Affected versions of this package are vulnerable to Untrusted Search Path through the hostIDReaderBSD.read function in sdk/resource/hostid.go. An attacker can execute a malicious kenv binary by placing it earlier in $PATH and triggering host ID detection on BSD or Solaris systems when...

CVE-2019-25679

RealTerm Serial Terminal 2.0.0.70 contains a structured exception handling SEH buffer overflow vulnerability in the Echo Port tab that allows local attackers to execute arbitrary code by supplying a malicious payload. Attackers can craft a buffer overflow payload with a POP POP RET gadget chain a...

CVE-2019-25670

River Past Video Cleaner 7.6.3 contains a structured exception handler buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious string in the Lameenc.dll field. Attackers can craft a payload with 280 bytes of padding, a next structured exception...

CVE-2019-25681 Xlight FTP Server 3.9.1 SEH Overwrite Buffer Overflow

Xlight FTP Server 3.9.1 contains a structured exception handler SEH overwrite vulnerability that allows local attackers to crash the application and overwrite SEH pointers by supplying a crafted buffer string. Attackers can inject a 428-byte payload through the program execution field in virtual...

CVE-2019-25681

CVE-2019-25681 affects Xlight FTP Server 3.9.1. The issue is a structured exception handler (SEH) overwrite that allows a local attacker to crash the application and overwrite SEH pointers by sending a crafted buffer. Specifically, a 428-byte payload injected via the program execution field in th...

CVE-2019-25679 RealTerm Serial Terminal 2.0.0.70 Buffer Overflow SEH

RealTerm Serial Terminal 2.0.0.70 contains a structured exception handling SEH buffer overflow vulnerability in the Echo Port tab that allows local attackers to execute arbitrary code by supplying a malicious payload. Attackers can craft a buffer overflow payload with a POP POP RET gadget chain a...

CVE-2019-25679

RealTerm Serial Terminal 2.0.0.70 contains a structured exception handling SEH buffer overflow vulnerability in the Echo Port tab that allows local attackers to execute arbitrary code by supplying a malicious payload. Attackers can craft a buffer overflow payload with a POP POP RET gadget chain a...

CVE-2019-25679 RealTerm Serial Terminal 2.0.0.70 Buffer Overflow SEH

RealTerm Serial Terminal 2.0.0.70 contains a structured exception handling SEH buffer overflow vulnerability in the Echo Port tab that allows local attackers to execute arbitrary code by supplying a malicious payload. Attackers can craft a buffer overflow payload with a POP POP RET gadget chain a...