HP Integrated Lights-Out Improper Input Validation (CVE-2022-28634)

A local arbitrary code execution vulnerability was discovered in HPE Integrated Lights-Out 5 iLO 5 firmware versions: Prior to 2.71. A highly privileged user could locally exploit this vulnerability to execute arbitrary code resulting in a complete loss of confidentiality, integrity, and...

Siemens SIMATIC S7-1500 Use After Free (CVE-2020-1712)

A heap use-after-free vulnerability was found in systemd before version v245-rc1, where asynchronous Polkit queries are performed while handling dbus messages. A local unprivileged attacker can abuse this flaw to crash systemd services or potentially execute code and elevate their privileges, by...

HP Integrated Lights-Out Improper Input Validation (CVE-2022-28637)

A local Denial of Service DoS and local arbitrary code execution vulnerability that could potentially lead to a loss of confidentiality, integrity, and availability were discovered in HPE Integrated Lights-Out 5 iLO 5 in Version: 2.71. Hewlett Packard Enterprise has provided updated firmware for...

CVE-2024-48829

Dell SmartFabric OS10 Software, versions prior to 10.6.1.0, contain an Improper Control of Generation of Code 'Code Injection' vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution...

CVE-2025-60727

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally...

CVE-2025-59504

Heap-based buffer overflow in Azure Monitor Agent allows an unauthorized attacker to execute code locally...

CVE-2025-60714

Heap-based buffer overflow in Windows OLE allows an unauthorized attacker to execute code locally...

CVE-2025-62200

Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally...

CVE-2025-62199

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally...

CVE-2025-62203

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally...

CVE-2025-62216

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally...

CVE-2025-62214

Improper neutralization of special elements used in a command 'command injection' in Visual Studio allows an authorized attacker to execute code locally...

CVE-2025-62201

Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally...

CVE-2025-62205

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally...

CVE-2025-27246

Incorrect default permissions for the IntelR Processor Identification Utility before version 8.0.43 within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user combined with a high complexity attack may enable local code execution...

CVE-2025-24327

Insecure inherited permissions for some IntelR Rapid Storage Technology Application before version 20.0.1021 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable local co...

CVE-2025-24842

Uncontrolled search path for the IntelR System Support Utility before version 4.1.0 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with a privileged user combined with a high complexity attack may enable local code execution. This result may...

CVE-2025-20050

Uncontrolled search path for some IntelR CIP software before version WINDCA2.4.0.11001 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable local code execution. This...

CVE-2025-11697

A local code execution security issue exists within Studio 5000® Simulation Interface™ via the API. This vulnerability allows any Windows user on the system to extract files using path traversal sequences, resulting in execution of scripts with Administrator privileges on system reboot...

EulerOS 2.0 SP12 : icu (EulerOS-SA-2025-2360)

According to the versions of the icu packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A stack buffer overflow was found in Internationl components for unicode ICU . While running the genrb binary, the 'subtag' struct overflowed at the...