4272 matches found
PT-2026-24765
Verypdf docPrint Pro 8.0 contains a structured exception handling buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized alphanumeric encoded payload in the User Password or Master Password fields. Attackers can craft a malicious payload with...
CVE-2025-20105
Improper input validation in some UEFI firmware SMM module for the IntelR reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a low complexity attack may enable local code execution. This result may potentially occur via local...
CVE-2025-20064
Improper input validation in the UEFI FlashUcAcmSmm module for some IntelR reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable local code execution. This result may potentially occur via local...
CVE-2025-20105
Improper input validation in some UEFI firmware SMM module for the IntelR reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a low complexity attack may enable local code execution. This result may potentially occur via local...
CVE-2025-20105
The CVE-2025-20105 issue concerns improper input validation in certain UEFI firmware SMM modules on Intel reference platforms, enabling local privilege escalation and potential local code execution with a privileged user and low attack complexity (no user interaction required). Affected component...
CVE-2025-20105
Improper input validation in some UEFI firmware SMM module for the IntelR reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a low complexity attack may enable local code execution. This result may potentially occur via local...
CVE-2025-20105
Improper input validation in some UEFI firmware SMM module for the IntelR reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a low complexity attack may enable local code execution. This result may potentially occur via local...
CVE-2025-20064
PT-2025-41717 documents a BIOS/UEFI update KWCN51WW that applies to Legion family devices (Legion Pro 5 16IRX8, Legion Y9000P IRX8, Legion Pro 7 16IRX8H, etc.). The update notes indicate CVE-2025-20064 is among the security vulnerabilities addressed by the patch. Affected area is the BIOS/UEFI fi...
CVE-2025-20064
Improper input validation in the UEFI FlashUcAcmSmm module for some IntelR reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable local code execution. This result may potentially occur via local...
CVE-2025-20064
Improper input validation in the UEFI FlashUcAcmSmm module for some IntelR reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable local code execution. This result may potentially occur via local...
CVE-2026-2713
IBM Trusteer Rapport installer 3.5.2309.290 IBM Trusteer Rapport could allow a local attacker to execute arbitrary code on the system, caused by DLL uncontrolled search path element vulnerability. By placing a specially crafted file in a compromised folder, an attacker could exploit this...
CVE-2026-2713 IBM Trusteer Rapport installer affected by uncontrolled search path element vulnerability
IBM Trusteer Rapport installer 3.5.2309.290 IBM Trusteer Rapport could allow a local attacker to execute arbitrary code on the system, caused by DLL uncontrolled search path element vulnerability. By placing a specially crafted file in a compromised folder, an attacker could exploit this...
CVE-2026-2713 IBM Trusteer Rapport installer affected by uncontrolled search path element vulnerability
IBM Trusteer Rapport installer 3.5.2309.290 IBM Trusteer Rapport could allow a local attacker to execute arbitrary code on the system, caused by DLL uncontrolled search path element vulnerability. By placing a specially crafted file in a compromised folder, an attacker could exploit this...
EUVD-2026-10675
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally...
EUVD-2026-10673
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally...
EUVD-2026-10672
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally...
EUVD-2026-10679
Untrusted pointer dereference in Microsoft Office allows an unauthorized attacker to execute code locally...
EUVD-2026-10680
Untrusted pointer dereference in Microsoft Office allows an unauthorized attacker to execute code locally...
EUVD-2026-10676
Access of resource using incompatible type 'type confusion' in Microsoft Office allows an unauthorized attacker to execute code locally...
EUVD-2026-10674
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally...