CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2026/03/10 11:16 p.m.•3 views

CVE-2025-20064

Improper input validation in the UEFI FlashUcAcmSmm module for some IntelR reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable local code execution. This result may potentially occur via local...

8.7CVSS0.00115EPSS

CVE•added 2026/03/10 10:49 p.m.•15 views

CVE-2025-20105

The CVE-2025-20105 issue concerns improper input validation in certain UEFI firmware SMM modules on Intel reference platforms, enabling local privilege escalation and potential local code execution with a privileged user and low attack complexity (no user interaction required). Affected component...

8.7CVSS5.8AI score0.00127EPSS

Cvelist•added 2026/03/10 10:49 p.m.•19 views

CVE-2025-20105

8.7CVSS0.00127EPSS

Vulnrichment•added 2026/03/10 10:49 p.m.•6 views

CVE-2025-20105

8.7CVSS5.8AI score0.00127EPSS

ATTACKERKB•added 2026/03/10 10:49 p.m.•6 views

CVE-2025-20105

8.7CVSS5.8AI score0.00127EPSS

Cvelist•added 2026/03/10 10:49 p.m.•17 views

CVE-2025-20064

8.7CVSS0.00115EPSS

Vulnrichment•added 2026/03/10 10:49 p.m.•2 views

CVE-2025-20064

8.7CVSS5.8AI score0.00115EPSS

CVE•added 2026/03/10 10:49 p.m.•1535 views

CVE-2025-20064

CVE-2025-20064 describes improper input validation in the UEFI FlashUcAcmSmm module for Intel reference platforms, enabling local privilege escalation and potential local code execution. The vulnerability requires a privileged system software adversary, with no user interaction, and is characteri...

8.7CVSS5.8AI score0.00115EPSS

NVD•added 2026/03/10 8:16 p.m.•4 views

CVE-2026-2713

IBM Trusteer Rapport installer 3.5.2309.290 IBM Trusteer Rapport could allow a local attacker to execute arbitrary code on the system, caused by DLL uncontrolled search path element vulnerability. By placing a specially crafted file in a compromised folder, an attacker could exploit this...

7.8CVSS0.00147EPSS

Vulnrichment•added 2026/03/10 7:53 p.m.•4 views

CVE-2026-2713 IBM Trusteer Rapport installer affected by uncontrolled search path element vulnerability

7.4CVSS6.1AI score0.00147EPSS

Cvelist•added 2026/03/10 7:53 p.m.•26 views

CVE-2026-2713 IBM Trusteer Rapport installer affected by uncontrolled search path element vulnerability

7.4CVSS0.00147EPSS

EUVD•added 2026/03/10 6:31 p.m.•3 views

EUVD-2026-10675

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally...

8.4CVSS5.9AI score0.00416EPSS

EUVD•added 2026/03/10 6:31 p.m.•3 views

EUVD-2026-10674

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally...

7.8CVSS6.2AI score0.00493EPSS

8.4CVSS5.9AI score0.0049EPSS

EUVD-2026-10676

Access of resource using incompatible type 'type confusion' in Microsoft Office allows an unauthorized attacker to execute code locally...

EUVD•added 2026/03/10 6:31 p.m.•3 views

EUVD-2026-10672

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally...

7.8CVSS5.9AI score0.00435EPSS

EUVD•added 2026/03/10 6:31 p.m.•2 views

EUVD-2026-10671

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally...

7.8CVSS5.9AI score0.00435EPSS

7.8CVSS6.2AI score0.00493EPSS

EUVD-2026-10673

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally...

7.8CVSS5.9AI score0.00496EPSS

EUVD-2026-10666

Untrusted search path in Windows GDI allows an unauthorized attacker to execute code locally...

8.4CVSS5.9AI score0.00543EPSS

EUVD-2026-10680

Untrusted pointer dereference in Microsoft Office allows an unauthorized attacker to execute code locally...