2841 matches found
CVE-2025-30296 Adobe Framemaker | Integer Underflow (Wrap or Wraparound) (CWE-191)
Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an Integer Underflow Wrap or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious...
CVE-2025-27750
CVE-2025-27750 is a real vulnerability affecting Microsoft Excel within Microsoft Office. The connected sources confirm a use-after-free condition in Excel that allows an attacker to execute arbitrary code locally. The CVSSv3.1 vector (LOCAL, Privileges NONE, User Interaction REQUIRED) yields a b...
CVE-2025-27751 Microsoft Excel Remote Code Execution Vulnerability
...
CVE-2025-27748 Microsoft Office Remote Code Execution Vulnerability
...
CVE-2025-3286
A local code execution vulnerability exists in the Rockwell Automation Arena® due to a threat actor being able to read outside of the allocated memory buffer. The flaw is a result of improper validation of user-supplied data. If exploited a threat actor can disclose information and execute...
CVE-2025-3287
A local code execution vulnerability exists in the Rockwell Automation Arena® due to a stack-based memory buffer overflow. The flaw is result of improper validation of user-supplied data. If exploited a threat actor can disclose information and execute arbitrary code on the system. To exploit the...
CVE-2025-3285
A local code execution vulnerability exists in the Rockwell Automation Arena® due to a threat actor being able to read outside of the allocated memory buffer. The flaw is a result of improper validation of user-supplied data. If exploited a threat actor can disclose information and execute...
CVE-2025-3289
CVE-2025-3289 is a local code‑execution vulnerability in Rockwell Automation Arena caused by a stack‑based memory buffer overflow from improper validation of user‑supplied data. A legitimate user must open a malicious DOE file to exploit it, potentially allowing information disclosure and arbitra...
CVE-2025-3287
CVE-2025-3287 affects Rockwell Automation Arena. It is a local code execution vulnerability caused by a stack-based memory buffer overflow from improper validation of user-supplied data. Exploitation requires a legitimate user to open a malicious DOE file, enabling potential information disclosur...
CVE-2025-3287 Local Code Execution Vulnerability in Arena®
A local code execution vulnerability exists in the Rockwell Automation Arena® due to a stack-based memory buffer overflow. The flaw is result of improper validation of user-supplied data. If exploited a threat actor can disclose information and execute arbitrary code on the system. To exploit the...
CVE-2025-2829 Local Code Execution Vulnerability in Arena®
A local code execution vulnerability exists in the Rockwell Automation Arena® due to a threat actor being able to write outside of the allocated memory buffer. The flaw is a result of improper validation of user-supplied data. If exploited a threat actor can disclose information and execute...
CVE-2025-2288
CVE-2025-2288 describes a local code execution vulnerability in Rockwell Automation Arena. The issue arises from improper validation of user-supplied data which can allow a threat actor to write outside the allocated memory buffer, leading to information disclosure and arbitrary code execution. E...
CVE-2024-54024
An improper neutralization of special elements used in an OS command 'OS Command Injection' vulnerability CWE-78 in Fortinet FortiIsolator before version 2.4.6 allows a privileged attacker with super-admin profile and CLI access to execute unauthorized code via specifically crafted HTTP requests...
Rockwell Automation Arena 缓冲区错误漏洞
Rockwell Automation Arena is a discrete-event simulation and automation software from Rockwell Automation USA. A local code execution vulnerability exists in Rockwell Automation Arena due to improper validation of user-supplied data. An attacker could exploit the vulnerability to disclose...
Microsoft Office 资源管理错误漏洞
Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A code execution vulnerability exists in Microsoft Excel, which can be exploited by an attacker to execute arbitrary code on a system...
Rockwell Automation Arena 安全漏洞
Rockwell Automation Arena is a discrete-event simulation and automation software from Rockwell Automation USA. A local code execution vulnerability exists in Rockwell Automation Arena due to improper validation of user-supplied data. An attacker could exploit the vulnerability to disclose...
Security Updates for Microsoft Access Products (April 2025)
The Microsoft Access Products are missing a security update. It is, therefore, affected by a remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. Note that Nessus has not tested for this issue but has instead relie...
APSB25-32 : Security update available for Adobe Experience Manager Screens
Adobe has released security updates for AEM Screens. This vulnerability resolves an important vulnerability that could lead to arbitrary code execution...
PT-2025-15444 · Rockwell Automation · Rockwell Automation Arena
Name of the Vulnerable Software and Affected Versions: Rockwell Automation Arena affected versions not specified Description: A local code execution issue exists due to an uninitialized pointer, resulting from improper validation of user-supplied data. If exploited, a threat actor can disclose...
Exploit for Unrestricted Upload of File with Dangerous Type in Etoilewebdesign Front_End_Users
WordPress FEUP Arbitrary File Upload Exploit CVE-2025-2005 T...