4292 matches found
CVE-2025-4084
Due to insufficient escaping of the special characters in the "copy as cURL" feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system. This bug only affects Firefox for Windows. Other versions of Firefox are unaffected.. Thi...
PT-2025-18153 · Mozilla +2 · Firefox Esr +3
Name of the Vulnerable Software and Affected Versions: Firefox ESR versions prior to 128.10 Firefox ESR versions prior to 115.23 Thunderbird ESR versions prior to 128.10 Description: The issue arises from insufficient escaping of special characters in the "copy as cURL" feature. This could allow ...
Mozilla -- insufficient character escaping
[email protected] reports: Due to insufficient escaping of special characters in the "copy as cURL" feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system...
PT-2025-18158
Name of the Vulnerable Software and Affected Versions Firefox versions prior to 138 Thunderbird versions prior to 138 Description The issue arises from insufficient escaping of special characters in the "copy as cURL" feature. This could allow an attacker to trick a user into executing a command,...
SUSE CVE-2025-29482
Buffer Overflow vulnerability in libheif 1.19.7 allows a local attacker to execute arbitrary code via the SAO Sample Adaptive Offset processing of libde265...
Unspecified Vulnerability in Rockwell Automation Arena (CNVD-2025-21431)
Rockwell Automation Arena is a discrete-event simulation and automation software from Rockwell Automation USA. A local code execution vulnerability exists in Rockwell Automation Arena due to improper validation of user-supplied data. An attacker could exploit the vulnerability to disclose...
Rockwell Automation Arena Local Code Execution Vulnerability (CNVD-2025-21437)
Rockwell Automation Arena is a discrete-event simulation and automation software from Rockwell Automation USA. A local code execution vulnerability exists in Rockwell Automation Arena due to improper validation of user-supplied data. An attacker could exploit the vulnerability to disclose...
Rockwell Automation Arena Local Code Execution Vulnerability (CNVD-2025-21436)
Rockwell Automation Arena is a discrete-event simulation and automation software from Rockwell Automation USA. A local code execution vulnerability exists in Rockwell Automation Arena due to improper validation of user-supplied data. An attacker could exploit the vulnerability to disclose...
Rockwell Automation Arena Local Code Execution Vulnerability (CNVD-2025-21435)
Rockwell Automation Arena is a discrete-event simulation and automation software from Rockwell Automation USA. A local code execution vulnerability exists in Rockwell Automation Arena due to improper validation of user-supplied data. An attacker could exploit the vulnerability to disclose...
Rockwell Automation Arena Local Code Execution Vulnerability (CNVD-2025-21434)
Rockwell Automation Arena is a discrete-event simulation and automation software from Rockwell Automation USA. A local code execution vulnerability exists in Rockwell Automation Arena due to improper validation of user-supplied data. An attacker could exploit the vulnerability to disclose...
Rockwell Automation Arena Local Code Execution Vulnerability (CNVD-2025-21433)
Rockwell Automation Arena is a discrete-event simulation and automation software from Rockwell Automation USA. A local code execution vulnerability exists in Rockwell Automation Arena due to improper validation of user-supplied data. An attacker could exploit the vulnerability to disclose...
Rockwell Automation Arena Local Code Execution Vulnerability (CNVD-2025-21432)
Rockwell Automation Arena is a discrete-event simulation and automation software from Rockwell Automation USA. A local code execution vulnerability exists in Rockwell Automation Arena due to improper validation of user-supplied data. An attacker could exploit the vulnerability to disclose...
Rockwell Automation Arena Local Code Execution Vulnerability (CNVD-2025-21430)
Rockwell Automation Arena is a discrete-event simulation and automation software from Rockwell Automation USA. A local code execution vulnerability exists in Rockwell Automation Arena due to improper validation of user-supplied data. An attacker could exploit the vulnerability to disclose...
Rockwell Automation Arena Local Code Execution Vulnerability
Rockwell Automation Arena is a discrete-event simulation and automation software from Rockwell Automation USA. A local code execution vulnerability exists in Rockwell Automation Arena due to improper validation of user-supplied data. An attacker could exploit the vulnerability to disclose...
Rockwell Automation Arena Local Code Execution Vulnerability (CNVD-2025-21429)
Rockwell Automation Arena is a discrete-event simulation and automation software from Rockwell Automation USA. A local code execution vulnerability exists in Rockwell Automation Arena due to improper validation of user-supplied data. An attacker could exploit the vulnerability to disclose...
Rockwell Automation Arena < 16.20.09 Multiple Vulnerabilities
The version of Rockwell Automation Arena installed on the remote Windows host is prior to 16.20.09. It is, therefore, affected by a multiple vulnerabilities - A local code execution vulnerability exists in the affected products due to an uninitialized pointer. The flaw is result of improper...
Vulnerabilities fixed in Rockwell Automation Arena
Rockwell Automation has fixed vulnerabilities in Arena. The vulnerabilities in Rockwell Automation Arena are related to local code execution caused by improper validation of user-supplied data. This allows malicious actors to reveal sensitive information and execute arbitrary code when a legitima...
CVE-2025-27746
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally...
CVE-2025-27750
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally...
CVE-2025-3289
A local code execution vulnerability exists in the Rockwell Automation Arena® due to a stack-based memory buffer overflow. The flaw is result of improper validation of user-supplied data. If exploited a threat actor can disclose information and execute arbitrary code on the system. To exploit the...