PT-2026-47944

Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally...

Microsoft Office Excel 安全漏洞

Microsoft Office Excel is a spreadsheet software developed by Microsoft. There is a security vulnerability in Microsoft Office Excel, which stems from integer underflow, potentially allowing unauthorized attackers to execute code locally...

Microsoft Office Excel 竞争条件问题漏洞

Microsoft Office Excel is a spreadsheet software developed by Microsoft in the United States. There is a vulnerability known as a “race condition issue” in Microsoft Office Excel. This vulnerability stems from integer underflow, which may allow unauthorized attackers to execute code locally...

PT-2026-47938

Integer underflow wrap or wraparound in Microsoft Office Excel allows an unauthorized attacker to execute code locally...

PT-2026-47939

Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally...

PT-2026-48024

Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network...

Microsoft Exchange Server 代码注入漏洞

Microsoft Exchange Server is a set of email service programs provided by the American company Microsoft. It offers features such as email access, storage, forwarding, voicemail handling, and email filtering. There is a code injection vulnerability in Microsoft Exchange Server. Attackers can explo...

Microsoft Windows Deployment Services 资源管理错误漏洞

Microsoft Windows Deployment Services are a container for Windows deployment services an updated and redesigned version of Remote Installation Services RIS provided by Microsoft Corporation. These services allow for the setup of new computers through network-based unattended installations...

Fortinet FortiOS和Fortinet FortiProxy 安全漏洞

Fortinet FortiOS and Fortinet FortiProxy are products of the American company Fortinet. Fortinet FortiOS is a security operating system specifically designed for the FortiGate network security platform. This system provides users with various security features, including firewalls, antivirus...

Microsoft Azure Stack Edge 安全漏洞

Microsoft Azure Stack Edge is a Azure-hosted device by Microsoft that integrates Azure computing, storage, and intelligent features at the edge. There are security vulnerabilities present in Microsoft Azure Stack Edge. Attackers can exploit these vulnerabilities to execute code remotely...

Microsoft Windows NTFS 输入验证错误漏洞

Microsoft Windows NTFS is a file system provided by the American company Microsoft for managing computer files. This file system features error alerts, disk self-repair functions, and logging capabilities. There is an input validation vulnerability in Microsoft Windows NTFS. Attackers can exploit...

Microsoft Windows DHCP Server 安全漏洞

Microsoft Windows DHCP Server is a core service of the American company Microsoft, used for automatically retrieving network configuration information. There are security vulnerabilities in Microsoft Windows DHCP Server. Attackers can exploit these vulnerabilities to execute code. The following...

PT-2026-48308

Name of the Vulnerable Software and Affected Versions Spring Security versions 5.7.0 through 5.7.23 Spring Security versions 5.8.0 through 5.8.25 Spring Security versions 6.3.0 through 6.3.16 Spring Security versions 6.4.0 through 6.4.16 Spring Security versions 6.5.0 through 6.5.10 Spring Securi...

PT-2026-47804

Logseq exposes an IPC handler that allows the renderer process to execute shell commands. While an allowlist restricts the command name e.g. git, pandoc, grep, the argument string is concatenated with the command and passed to child process.spawn with the shell: true option, allowing shell...

PT-2026-48136

InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

PT-2026-48144

InCopy versions 21.3, 20.5.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

PT-2026-48139

InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

PT-2026-48138

InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

PT-2026-48145

Name of the Vulnerable Software and Affected Versions InCopy versions 21.3, 20.5.3 and earlier Description A heap-based buffer overflow occurs when a program writes more data to a heap-allocated memory block than it can hold. This issue can lead to arbitrary code execution in the context of the...

PT-2026-48279

OpenClinic GA 5.351.19 contains a reflected cross-site scripting vulnerability in the DICOM image upload handler that allows attackers to execute arbitrary JavaScript in a victim's browser by embedding malicious payloads in DICOM file metadata fields. Attackers can craft a DICOM file with...