CVE-2026-21318

After Effects versions 25.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2026-21328

After Effects versions 25.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2026-21320

After Effects versions 25.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2026-21326

After Effects versions 25.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2025-69872

DiskCache python-diskcache through 5.6.3 uses Python pickle for serialization by default. An attacker with write access to the cache directory can achieve arbitrary code execution when a victim application reads from the cache...

Out-of-bounds Write

Overview Affected versions of this package are vulnerable to Out-of-bounds Write via the IsNeeded function when using LCMS2. An attacker can achieve arbitrary code execution or cause a denial of service by tricking a user into processing a specially crafted image file. Remediation Upgrade libjxl ...

CVE-2025-61969

Incorrect permission assignment in AMD µProf may allow a local user-privileged attacker to achieve privilege escalation, potentially resulting in arbitrary code execution...

CVE-2025-52541

A DLL hijacking vulnerability in Vivado could allow a local attacker to achieve privilege escalation, potentially resulting in arbitrary code execution...

CVE-2024-36324

Improper input validation in AMD Graphics Driver could allow an attacker to supply a specially crafted pointer, potentially leading to arbitrary code execution...

CVE-2019-25310

CVE-2019-25310 affects ActiveFax Server 6.92 Build 0316. The issue is an unquoted service path in the ActiveFaxServiceNT service, enabling local attackers to inject and launch malicious executables with elevated privileges. The vulnerability relies on an unquoted binary path to perform privilege ...

CVE-2019-25309

The CVE-2019-25309 entry concerns Zilab Remote Console Server 3.2.9, which contains an unquoted service path vulnerability . This enables local attackers to potentially execute arbitrary code with elevated privileges by injecting a malicious executable into the unquoted binary path used by the se...

CVE-2019-25307 WorkgroupMail 7.5.1 - 'WorkgroupMail' Unquoted Service Path

WorkgroupMail 7.5.1 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted binary path to inject malicious executables that will be run with LocalSystem privileges...

CVE-2019-25307

WorkgroupMail 7.5.1 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted binary path to inject malicious executables that will be run with LocalSystem privileges...

CVE-2025-61969

Incorrect permission assignment in AMD µProf may allow a local user-privileged attacker to achieve privilege escalation, potentially resulting in arbitrary code execution...

CVE-2025-61969

The CVE-2025-61969 entry concerns AMD µProf and a faulty permission assignment that can let a local, privileged attacker escalate privileges and potentially achieve arbitrary code execution. The CVSS 4.0 vector (AV:L/AC:L/PR:L/UI:P/VI:H/VA:H/VC:H/SA:N/SI:N) yields a base score of 7.0 (High) with ...

CVE-2025-52541

CVE-2025-52541 is a DLL hijacking vulnerability in AMD/Vivado components. The Red Hat, NVD, CVE list and AMD bulletin describe a local attacker can exploit uncontrolled DLL search paths in the 2024.2 Vivado installation to achieve privilege escalation and potentially arbitrary code execution. The...

CVE-2025-52541

A DLL hijacking vulnerability in Vivado could allow a local attacker to achieve privilege escalation, potentially resulting in arbitrary code execution...

CVE-2025-52541

A DLL hijacking vulnerability in Vivado could allow a local attacker to achieve privilege escalation, potentially resulting in arbitrary code execution...

CVE-2025-52541

A DLL hijacking vulnerability in Vivado could allow a local attacker to achieve privilege escalation, potentially resulting in arbitrary code execution...

CVE-2023-20514

Improper handling of parameters in the AMD Secure Processor ASP could allow a privileged attacker to pass an arbitrary memory value to functions in the trusted execution environment resulting in arbitrary code execution...