Lucene search
K

4835 matches found

NVD
NVD
added 2025/07/09 1:15 a.m.19 views

CVE-2025-7207

A vulnerability, which was classified as problematic, was found in mruby up to 3.4.0-rc2. Affected is the function scopenew of the file mrbgems/mruby-compiler/core/codegen.c of the component nregs Handler. The manipulation leads to heap-based buffer overflow. An attack has to be approached locall...

5.5CVSS0.00214EPSS
Exploits1References7
Cvelist
Cvelist
added 2025/07/09 12:2 a.m.30 views

CVE-2025-7207 mruby nregs codegen.c scope_new heap-based overflow

A vulnerability, which was classified as problematic, was found in mruby up to 3.4.0-rc2. Affected is the function scopenew of the file mrbgems/mruby-compiler/core/codegen.c of the component nregs Handler. The manipulation leads to heap-based buffer overflow. An attack has to be approached locall...

4.8CVSS0.00214EPSS
Exploits1References7
Vulnrichment
Vulnrichment
added 2025/07/09 12:2 a.m.3 views

CVE-2025-7207 mruby nregs codegen.c scope_new heap-based overflow

A vulnerability, which was classified as problematic, was found in mruby up to 3.4.0-rc2. Affected is the function scopenew of the file mrbgems/mruby-compiler/core/codegen.c of the component nregs Handler. The manipulation leads to heap-based buffer overflow. An attack has to be approached locall...

4.8CVSS4AI score0.00214EPSS
Exploits1References7
CVE
CVE
added 2025/07/09 12:2 a.m.30 views

CVE-2025-7207

Summary (CVE-2025-7207): A heap-based buffer overflow affects mruby up to 3.4.0-rc2, specifically the function scope_new in file mrbgems/mruby-compiler/core/codegen.c (component nregs Handler). The vulnerability can be triggered locally; an attack requires local access, and the exploit has been d...

5.5CVSS4.2AI score0.00214EPSS
Exploits1References7Affected Software1
Debian CVE
Debian CVE
added 2025/07/09 12:2 a.m.7 views

CVE-2025-7207

A vulnerability, which was classified as problematic, was found in mruby up to 3.4.0-rc2. Affected is the function scopenew of the file mrbgems/mruby-compiler/core/codegen.c of the component nregs Handler. The manipulation leads to heap-based buffer overflow. An attack has to be approached locall...

5.5CVSS4.4AI score0.00214EPSS
Exploits1
OSV
OSV
added 2025/07/08 5:15 p.m.0 views

CVE-2025-49703

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally...

7.8CVSS5.9AI score0.00558EPSS
Exploits0References1
NVD
NVD
added 2025/07/08 5:15 p.m.5 views

CVE-2025-49686

Null pointer dereference in Windows TCP/IP allows an authorized attacker to elevate privileges locally...

7.8CVSS0.00366EPSS
Exploits0References1
OSV
OSV
added 2025/07/08 5:15 p.m.2 views

CVE-2025-49680

Improper link resolution before file access 'link following' in Windows Performance Recorder allows an authorized attacker to deny service locally...

7.3CVSS5.7AI score0.0047EPSS
Exploits0References1
NVD
NVD
added 2025/07/08 5:15 p.m.3 views

CVE-2025-49660

Use after free in Windows Event Tracing allows an authorized attacker to elevate privileges locally...

7.8CVSS0.00352EPSS
Exploits0References1
OSV
OSV
added 2025/07/08 5:15 p.m.4 views

CVE-2025-48820

Improper link resolution before file access 'link following' in Windows AppX Deployment Service allows an authorized attacker to elevate privileges locally...

7.8CVSS5.7AI score0.00399EPSS
Exploits0References1
NVD
NVD
added 2025/07/08 5:15 p.m.3 views

CVE-2025-47996

Integer underflow wrap or wraparound in Windows MBT Transport driver allows an authorized attacker to elevate privileges locally...

7.8CVSS0.00352EPSS
Exploits0References1
NVD
NVD
added 2025/07/08 5:15 p.m.4 views

CVE-2025-47987

Heap-based buffer overflow in Windows Cred SSProvider Protocol allows an authorized attacker to elevate privileges locally...

7.8CVSS0.01677EPSS
Exploits3References1
NVD
NVD
added 2025/07/08 5:15 p.m.2 views

CVE-2025-47982

Improper input validation in Windows Storage VSP Driver allows an authorized attacker to elevate privileges locally...

7.8CVSS0.00366EPSS
Exploits0References1
NVD
NVD
added 2025/07/08 5:15 p.m.5 views

CVE-2025-47985

Untrusted pointer dereference in Windows Event Tracing allows an authorized attacker to elevate privileges locally...

7.8CVSS0.00355EPSS
Exploits0References1
NVD
NVD
added 2025/07/08 5:15 p.m.5 views

CVE-2025-47159

Protection mechanism failure in Windows Virtualization-Based Security VBS Enclave allows an authorized attacker to elevate privileges locally...

7.8CVSS0.00366EPSS
Exploits0References1
CVE
CVE
added 2025/07/08 4:58 p.m.47 views

CVE-2025-49732

Technical details about CVE-2025-49732 are not provided in the connected documents. Public information appears limited to the CVE entry and general Microsoft updates; monitor for official advisories for affected products, impact, and fix timing.

7.8CVSS7AI score0.00273EPSS
Exploits0References1Affected Software15
CVE
CVE
added 2025/07/08 4:57 p.m.65 views

CVE-2025-49667

Technical details about CVE-2025-49667 are not publicly provided in the supplied connected and initial documents. Monitor for updates from official advisories; current materials only indicate a local privilege escalation via Win32K ICOMP without specifics.

7.8CVSS6.6AI score0.00485EPSS
Exploits1References1Affected Software15
CVE
CVE
added 2025/07/08 4:57 p.m.48 views

CVE-2025-48816

Technical details for CVE-2025-48816 (affected components, exploitability, and specific impact) are not provided in the connected documents. Monitor for updates; no public disclosure details are included in the supplied materials.

7.8CVSS6.8AI score0.00352EPSS
Exploits0References1Affected Software15
CVE
CVE
added 2025/07/08 4:57 p.m.45 views

CVE-2025-48811

CVE-2025-48811 affects Windows Virtualization-Based Security (VBS) Enclave, with the root cause described as missing integrity check in the Enclave. The NCSC advisory lists this CVE as impacting Windows VBS Enclave and notes an ability to obtain increased privileges. The entry indicates that Micr...

6.7CVSS6.5AI score0.00258EPSS
Exploits0References1Affected Software13
CVE
CVE
added 2025/07/08 4:57 p.m.151 views

CVE-2025-48799

CVE-2025-48799 is an Elevation of Privilege flaw in Windows Update Service (wuauserv) described as: improper link resolution before file access ('link following') can allow an authorized local attacker to elevate to NT AUTHORITY\SYSTEM when Windows 10/11 systems have at least two drives and Stora...

7.8CVSS6.5AI score0.0103EPSS
Exploits4References3Affected Software8
Rows per page
Query Builder