4316 matches found
HP Integrated Lights-Out Improper Input Validation (CVE-2022-28640)
A potential local adjacent arbitrary code execution vulnerability that could potentially lead to a loss of confidentiality, integrity, and availability was discovered in HPE Integrated Lights-Out 5 iLO 5 in Version: 2.71. Hewlett Packard Enterprise has provided updated firmware for HPE Integrated...
Security Updates for Microsoft Excel Products C2R (November 2025)
The Microsoft Excel Products are missing a security update. It is, therefore, affected by the following vulnerabilities: - Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally. CVE-2025-60727 - Untrusted pointer dereference in Microsoft Office Excel...
HP Integrated Lights-Out Improper Input Validation (CVE-2022-28627)
A local arbitrary code execution vulnerability was discovered in HPE Integrated Lights-Out 5 iLO 5 firmware versions: Prior to 2.71. An unprivileged user could locally exploit this vulnerability to execute arbitrary code resulting in a complete loss of confidentiality, integrity, and availability...
HP Integrated Lights-Out Improper Input Validatio (CVE-2022-28629)
A local arbitrary code execution vulnerability was discovered in HPE Integrated Lights-Out 5 iLO 5 firmware versions: Prior to 2.71. A low privileged user could locally exploit this vulnerability to execute arbitrary code resulting in a complete loss of confidentiality, integrity, and availabilit...
Siemens SIMATIC S7-1500 Use After Free (CVE-2020-1712)
A heap use-after-free vulnerability was found in systemd before version v245-rc1, where asynchronous Polkit queries are performed while handling dbus messages. A local unprivileged attacker can abuse this flaw to crash systemd services or potentially execute code and elevate their privileges, by...
HP Integrated Lights-Out Improper Input Validation (CVE-2022-28637)
A local Denial of Service DoS and local arbitrary code execution vulnerability that could potentially lead to a loss of confidentiality, integrity, and availability were discovered in HPE Integrated Lights-Out 5 iLO 5 in Version: 2.71. Hewlett Packard Enterprise has provided updated firmware for...
HP Integrated Lights-Out Improper Input Validation (CVE-2022-28630)
A local arbitrary code execution vulnerability was discovered in HPE Integrated Lights-Out 5 iLO 5 firmware versions: Prior to 2.71. An unprivileged user could locally exploit this vulnerability to execute arbitrary code resulting in a complete loss of confidentiality and integrity, and a partial...
CVE-2024-48829
Dell SmartFabric OS10 Software, versions prior to 10.6.1.0, contain an Improper Control of Generation of Code 'Code Injection' vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution...
CVE-2025-60727
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally...
CVE-2025-59504
Heap-based buffer overflow in Azure Monitor Agent allows an unauthorized attacker to execute code locally...
CVE-2025-60714
Heap-based buffer overflow in Windows OLE allows an unauthorized attacker to execute code locally...
CVE-2025-62200
Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally...
CVE-2025-62201
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally...
CVE-2025-62199
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally...
CVE-2025-62203
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally...
CVE-2025-62216
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally...
CVE-2025-62214
Improper neutralization of special elements used in a command 'command injection' in Visual Studio allows an authorized attacker to execute code locally...
CVE-2025-62205
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally...
CVE-2025-27246
Incorrect default permissions for the IntelR Processor Identification Utility before version 8.0.43 within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user combined with a high complexity attack may enable local code execution...
CVE-2025-24327
Insecure inherited permissions for some IntelR Rapid Storage Technology Application before version 20.0.1021 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable local co...