CVE-2025-54903

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally...

CVE-2025-54919

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Win32K - GRFX allows an authorized attacker to execute code locally...

CVE-2025-55236

Time-of-check time-of-use toctou race condition in Graphics Kernel allows an authorized attacker to execute code locally...

CVE-2025-54896

Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally...

CVE-2025-54906

Free of memory not on the heap in Microsoft Office allows an unauthorized attacker to execute code locally...

CVE-2025-54899

Free of memory not on the heap in Microsoft Office Excel allows an unauthorized attacker to execute code locally...

CVE-2025-55224

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Win32K - GRFX allows an authorized attacker to execute code locally...

CVE-2025-55228

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Win32K - GRFX allows an authorized attacker to execute code locally...

CVE-2025-43725

Dell PowerProtect Data Manager, Generic Application Agent, versions 19.19 and 19.20, contains an Incorrect Default Permissions vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution...

CVE-2025-43725

Dell PowerProtect Data Manager, Generic Application Agent, versions 19.19 and 19.20, contains an Incorrect Default Permissions vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution...

CVE-2025-43725

Dell PowerProtect Data Manager, Generic Application Agent, versions 19.19 and 19.20, contains an Incorrect Default Permissions vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution...

CVE-2025-43725

Dell PowerProtect Data Manager, Generic Application Agent, versions 19.19 and 19.20, contains an Incorrect Default Permissions vulnerability. The root cause is misconfigured permissions that a low-privileged local attacker could abuse to execute code. Impact is consistent with a local, high-privi...

CVE-2025-10215

DLL search path hijacking vulnerability in the UPDF.exe executable for Windows version 1.8.5.0 allows attackers with local access to execute arbitrary code by placing a FREngine.dll file of their choice in the 'C:\Users\Public\AppData\Local\UPDF\FREngine\Bin64' directory, which could lead to...

CVE-2025-10214

DLL search path hijacking vulnerability in the UPDF.exe executable for Windows version 1.8.5.0 allows attackers with local access to execute arbitrary code by placing a FREngine.dll file of their choice in the 'C:\Users\AppData\Local\UPDF\FREngine\Bin64' directory, which could lead to arbitrary...

CVE-2025-10214

DLL search path hijacking vulnerability in the UPDF.exe executable for Windows version 1.8.5.0 allows attackers with local access to execute arbitrary code by placing a FREngine.dll file of their choice in the 'C:\Users\AppData\Local\UPDF\FREngine\Bin64' directory, which could lead to arbitrary...

CVE-2025-10213

DLL search path hijacking vulnerability in the UPDF.exe executable for Windows version 1.8.5.0 allows attackers with local access to execute arbitrary code by placing a dxtn.dll file of their choice in the 'C:\Users\AppData\Local\Microsoft\WindowsApps' directory, which could lead to arbitrary...

CVE-2025-10213

DLL search path hijacking vulnerability in the UPDF.exe executable for Windows version 1.8.5.0 allows attackers with local access to execute arbitrary code by placing a dxtn.dll file of their choice in the 'C:\Users\AppData\Local\Microsoft\WindowsApps' directory, which could lead to arbitrary...

CVE-2025-10215

CVE-2025-10215 affects UPDF.exe for Windows 1.8.5.0. The issue is DLL search path hijacking: an attacker with local access can place a malicious FREngine.dll in C:\Users\Public\AppData\Local\UPDF\FREngine\Bin64\ and trigger arbitrary code execution (and persistence). Several connected sources con...

CVE-2025-10215 DLL search path hijacking vulnerability

DLL search path hijacking vulnerability in the UPDF.exe executable for Windows version 1.8.5.0 allows attackers with local access to execute arbitrary code by placing a FREngine.dll file of their choice in the 'C:\Users\Public\AppData\Local\UPDF\FREngine\Bin64' directory, which could lead to...

CVE-2025-10214 DLL search path hijacking vulnerability

DLL search path hijacking vulnerability in the UPDF.exe executable for Windows version 1.8.5.0 allows attackers with local access to execute arbitrary code by placing a FREngine.dll file of their choice in the 'C:\Users\AppData\Local\UPDF\FREngine\Bin64' directory, which could lead to arbitrary...