CVE-2025-3287

A local code execution vulnerability exists in the Rockwell Automation Arena® due to a stack-based memory buffer overflow. The flaw is result of improper validation of user-supplied data. If exploited a threat actor can disclose information and execute arbitrary code on the system. To exploit the...

CVE-2025-3288

A local code execution vulnerability exists in the Rockwell Automation Arena® due to a threat actor being able to read outside of the allocated memory buffer. The flaw is a result of improper validation of user-supplied data. If exploited a threat actor can disclose information and execute...

CVE-2025-2285

A local code execution vulnerability exists in the Rockwell Automation Arena® due to an uninitialized pointer. The flaw is result of improper validation of user-supplied data. If exploited a threat actor can disclose information and execute arbitrary code on the system. To exploit the vulnerabili...

CVE-2025-3114 Spotfire Code Execution Vulnerability

Code Execution via Malicious Files: Attackers can create specially crafted files with embedded code that may execute without adequate security validation, potentially leading to system compromise. Sandbox Bypass Vulnerability: A flaw in the TERR security mechanism allows attackers to bypass sandb...

PyTorch torch.lstm_cell function buffer overflow vulnerability

PyTorch is a Python package open-sourced by PyTorch. PyTorch has a buffer overflow vulnerability that stems from the failure of the function torch.lstmcell to properly validate the length size of the input data, which can be exploited by an attacker to execute arbitrary code on the system or caus...

CVE-2025-30286 ColdFusion | Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') (CWE-78)

ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability that could lead in arbitrary code execution by an attacker. A high-privileged attacker could leverage this vulnerabili...

CVE-2025-27751

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally...

CVE-2025-26642

Out-of-bounds read in Microsoft Office allows an unauthorized attacker to execute code locally...

CVE-2025-30296 Adobe Framemaker | Integer Underflow (Wrap or Wraparound) (CWE-191)

Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an Integer Underflow Wrap or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious...

CVE-2025-27750

CVE-2025-27750 is a real vulnerability affecting Microsoft Excel within Microsoft Office. The connected sources confirm a use-after-free condition in Excel that allows an attacker to execute arbitrary code locally. The CVSSv3.1 vector (LOCAL, Privileges NONE, User Interaction REQUIRED) yields a b...

CVE-2025-27751 Microsoft Excel Remote Code Execution Vulnerability

...

CVE-2025-27748 Microsoft Office Remote Code Execution Vulnerability

...

CVE-2025-3285

A local code execution vulnerability exists in the Rockwell Automation Arena® due to a threat actor being able to read outside of the allocated memory buffer. The flaw is a result of improper validation of user-supplied data. If exploited a threat actor can disclose information and execute...

CVE-2025-3286

A local code execution vulnerability exists in the Rockwell Automation Arena® due to a threat actor being able to read outside of the allocated memory buffer. The flaw is a result of improper validation of user-supplied data. If exploited a threat actor can disclose information and execute...

CVE-2025-3287

A local code execution vulnerability exists in the Rockwell Automation Arena® due to a stack-based memory buffer overflow. The flaw is result of improper validation of user-supplied data. If exploited a threat actor can disclose information and execute arbitrary code on the system. To exploit the...

CVE-2025-3289

CVE-2025-3289 is a local code‑execution vulnerability in Rockwell Automation Arena caused by a stack‑based memory buffer overflow from improper validation of user‑supplied data. A legitimate user must open a malicious DOE file to exploit it, potentially allowing information disclosure and arbitra...

CVE-2025-3287 Local Code Execution Vulnerability in Arena®

A local code execution vulnerability exists in the Rockwell Automation Arena® due to a stack-based memory buffer overflow. The flaw is result of improper validation of user-supplied data. If exploited a threat actor can disclose information and execute arbitrary code on the system. To exploit the...

CVE-2025-3287

CVE-2025-3287 affects Rockwell Automation Arena. It is a local code execution vulnerability caused by a stack-based memory buffer overflow from improper validation of user-supplied data. Exploitation requires a legitimate user to open a malicious DOE file, enabling potential information disclosur...

CVE-2025-2829 Local Code Execution Vulnerability in Arena®

A local code execution vulnerability exists in the Rockwell Automation Arena® due to a threat actor being able to write outside of the allocated memory buffer. The flaw is a result of improper validation of user-supplied data. If exploited a threat actor can disclose information and execute...

CVE-2025-2288

CVE-2025-2288 describes a local code execution vulnerability in Rockwell Automation Arena. The issue arises from improper validation of user-supplied data which can allow a threat actor to write outside the allocated memory buffer, leading to information disclosure and arbitrary code execution. E...