4291 matches found
Security Updates for Microsoft Office Products (March 2026) (macOS)
The version of Microsoft Office for Mac installed on the remote host is affected by multiple vulnerabilities as referenced in the march-10-2026 advisory. - Untrusted pointer dereference in Microsoft Office allows an unauthorized attacker to execute code locally. CVE-2026-26113 - Use after free in...
CVE-2025-20105
Improper input validation in some UEFI firmware SMM module for the IntelR reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a low complexity attack may enable local code execution. This result may potentially occur via local...
CVE-2025-20064
Improper input validation in the UEFI FlashUcAcmSmm module for some IntelR reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable local code execution. This result may potentially occur via local...
CVE-2025-20105
Improper input validation in some UEFI firmware SMM module for the IntelR reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a low complexity attack may enable local code execution. This result may potentially occur via local...
CVE-2025-20105
Improper input validation in some UEFI firmware SMM module for the IntelR reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a low complexity attack may enable local code execution. This result may potentially occur via local...
CVE-2025-20105
The CVE-2025-20105 issue concerns improper input validation in certain UEFI firmware SMM modules on Intel reference platforms, enabling local privilege escalation and potential local code execution with a privileged user and low attack complexity (no user interaction required). Affected component...
CVE-2025-20105
Improper input validation in some UEFI firmware SMM module for the IntelR reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a low complexity attack may enable local code execution. This result may potentially occur via local...
CVE-2025-20064
Improper input validation in the UEFI FlashUcAcmSmm module for some IntelR reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable local code execution. This result may potentially occur via local...
CVE-2025-20064
Improper input validation in the UEFI FlashUcAcmSmm module for some IntelR reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable local code execution. This result may potentially occur via local...
CVE-2025-20064
CVE-2025-20064 describes improper input validation in the UEFI FlashUcAcmSmm module for Intel reference platforms, enabling local privilege escalation and potential local code execution. The vulnerability requires a privileged system software adversary, with no user interaction, and is characteri...
CVE-2026-2713
IBM Trusteer Rapport installer 3.5.2309.290 IBM Trusteer Rapport could allow a local attacker to execute arbitrary code on the system, caused by DLL uncontrolled search path element vulnerability. By placing a specially crafted file in a compromised folder, an attacker could exploit this...
CVE-2026-2713 IBM Trusteer Rapport installer affected by uncontrolled search path element vulnerability
IBM Trusteer Rapport installer 3.5.2309.290 IBM Trusteer Rapport could allow a local attacker to execute arbitrary code on the system, caused by DLL uncontrolled search path element vulnerability. By placing a specially crafted file in a compromised folder, an attacker could exploit this...
CVE-2026-2713 IBM Trusteer Rapport installer affected by uncontrolled search path element vulnerability
IBM Trusteer Rapport installer 3.5.2309.290 IBM Trusteer Rapport could allow a local attacker to execute arbitrary code on the system, caused by DLL uncontrolled search path element vulnerability. By placing a specially crafted file in a compromised folder, an attacker could exploit this...
EUVD-2026-10674
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally...
EUVD-2026-10673
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally...
EUVD-2026-10675
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally...
EUVD-2026-10676
Access of resource using incompatible type 'type confusion' in Microsoft Office allows an unauthorized attacker to execute code locally...
EUVD-2026-10671
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally...
EUVD-2026-10672
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally...
EUVD-2026-10679
Untrusted pointer dereference in Microsoft Office allows an unauthorized attacker to execute code locally...