1291 matches found
CVE-2026-40369
Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally...
CVE-2026-40367
Access of resource using incompatible type 'type confusion' in Microsoft Office Word allows an unauthorized attacker to execute code locally...
CVE-2026-20738
Intel QuickAssist Adapter 8960 software prior to version 1.13 contains an untrusted pointer dereference in Ring 3 (User Applications) that may allow local privilege escalation by an authenticated, low-priv user with no user interaction. Impact is high on confidentiality, integrity, and availabili...
CVE-2026-20738
Untrusted pointer dereference for some IntelR QuickAssist Adapter 8960 software before version 1.13 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable escalation of...
Microsoft Word Remote Code Execution Vulnerability
Access of resource using incompatible type 'type confusion' in Microsoft Office Word allows an unauthorized attacker to execute code locally...
Windows Kernel Elevation of Privilege Vulnerability
Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally...
Intel QuickAssist Adapter 8960 安全漏洞
The Intel QuickAssist Adapter 8960 is a hardware acceleration card developed by Intel Corporation, aimed at data center security, networking, and storage scenarios. Versions of the Intel QuickAssist Adapter 8960 prior to 1.13 contained security vulnerabilities. These vulnerabilities stemmed from...
Ionic Driver Vulnerabilities
CVE Details Refer to Glossary for explanation of terms CVE| CVE Description| CVSS Score ---|---|--- CVE-2025-62623| A heap-based buffer overflow in the ionic cloud driver for VMware ESXi could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution.| 8....
CVE-2025-47408 Untrusted Pointer Dereference in Power Optimization Firmware
Memory corruption when another driver calls an IOCTL with invalid input/output buffer...
CVE-2025-47408
CVE-2025-47408 involves memory corruption in Power Optimization Firmware triggered when a second driver issues an IOCTL with an invalid input/output buffer. The CVE is described as an Untrusted Pointer Dereference in firmware per CVE record, aligning with the NVD description of memory corruption ...
CVE-2025-47408 Untrusted Pointer Dereference in Power Optimization Firmware
Memory corruption when another driver calls an IOCTL with invalid input/output buffer...
CVE-2025-47405 Untrusted Pointer Dereference in Camera
Memory corruption when processing camera sensor input/output control codes with invalid output buffers...
CVE-2025-47405
CVE-2025-47405 describes memory corruption that occurs when processing camera sensor IO controls with invalid output buffers. The connected CVE records call it an untrusted pointer dereference in the camera path, linking root cause to dereferencing pointers derived from untrusted inputs during IO...
CVE-2025-47405 Untrusted Pointer Dereference in Camera
Memory corruption when processing camera sensor input/output control codes with invalid output buffers...
Exploit for Untrusted Pointer Dereference in Microsoft
CVE-2026-21250: Windows HTTP.sys Local Privilege Escalation W...
Microsoft Word Code Execution Vulnerability (CNVD-2026-19748)
Microsoft Word is a word processing software in the Office suite of the U.S. company Microsoft Microsoft. A code execution vulnerability exists in Microsoft Word due to an untrusted pointer dereference flaw. An attacker could exploit this vulnerability to execute arbitrary code on a system...
CVE-2026-41034
ONLYOFFICE DocumentServer before 9.3.0 has an untrusted pointer dereference in XLS processing/conversion via pictFmla.cbBufInCtlStm and other vectors, leading to an information leak and ASLR bypass...
CVE-2026-23670
Untrusted pointer dereference in Windows Virtualization-Based Security VBS Enclave allows an authorized attacker to bypass a security feature locally...
CVE-2026-33120
Untrusted pointer dereference in SQL Server allows an authorized attacker to execute code over a network...
CVE-2026-33114
Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally...