4198 matches found
Microsoft Office Remote Code Execution Vulnerability
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally...
Microsoft Excel Remote Code Execution Vulnerability
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally...
Microsoft Office Remote Code Execution Vulnerability
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally...
PT-2026-40217
Name of the Vulnerable Software and Affected Versions Windows Win32K - GRFX affected versions not specified Description A heap-based buffer overflow in Windows Win32K - GRFX allows an authorized attacker to execute code locally. This issue can potentially be used to escape a virtual machine...
PT-2026-40087
Integer overflow in the UEFI firmware for the Slim Bootloader may allow an escalation of privilege. System software adversary with a privileged user combined with a low complexity attack may enable local code execution. This result may potentially occur via local access when attack requirements a...
PT-2026-40247
Name of the Vulnerable Software and Affected Versions Visual Studio Code affected versions not specified Description Improper neutralization of script-related HTML tags in a web page leads to a basic cross-site scripting XSS issue. This lack of data sanitization at the control level allows an...
PT-2026-40256
Name of the Vulnerable Software and Affected Versions Microsoft Office affected versions not specified Description A heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. A heap-based buffer overflow occurs when an application writes more data to ...
Security Updates for Microsoft Office Online Server (May 2026)
The Microsoft Office Online Server or Office Web Apps installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. CVE-2026-40359 -...
KB5087539: Windows Server 2025 Security Update (May 2026)
The remote Windows host is missing security update 5087539 or hotpatch 5087423. It is, therefore, affected by multiple vulnerabilities - Heap-based buffer overflow in Microsoft Windows DNS allows an unauthorized attacker to execute code over a network. CVE-2026-41096 - Stack-based buffer overflow...
PT-2026-40182
Name of the Vulnerable Software and Affected Versions Windows affected versions not specified Description A heap-based buffer overflow in the Windows GDI Graphics Device Interface, which is the graphics subsystem of Windows, allows an unauthorized attacker to execute code locally. Recommendations...
Intel Slim Bootloader 输入验证错误漏洞
Intel Slim Bootloader is a lightweight security bootloader designed by Intel Corporation for the Intel platform. There is an input validation vulnerability in Intel Slim Bootloader, which stems from an integer overflow issue in the UEFI firmware. This vulnerability may lead to privilege escalatio...
PT-2026-40198
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally...
KB5087537: Windows 10 Version 1607 / Windows Server 2016 Security Update (May 2026)
The remote Windows host is missing security update 5087537. It is, therefore, affected by multiple vulnerabilities - Stack-based buffer overflow in Windows Netlogon allows an unauthorized attacker to execute code over a network. CVE-2026-41089 - Heap-based buffer overflow in Windows Win32K - GRFX...
PT-2026-40199
Access of resource using incompatible type 'type confusion' in Microsoft Office Word allows an unauthorized attacker to execute code locally...
PT-2026-40197
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally...
PT-2026-40093
Name of the Vulnerable Software and Affected Versions IntelR Data Center Graphics Driver for VMware ESXi versions prior to 2.0.2 Description A buffer overflow in the Ring 1: Device Drivers may allow a privileged local attacker to escalate privileges and execute arbitrary code. This issue can be...
Security Updates for Microsoft Word Products (May 2026)
The Microsoft Word Products are missing a security update. They are, therefore, affected by multiple vulnerabilities: - Access of resource using incompatible type 'type confusion' in Microsoft Office Word allows an unauthorized attacker to execute code locally. CVE-2026-40364 - Use after free in...
PT-2026-40193
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally...
KB5087541: Windows Server version 23H2 Security Update (May 2026)
The remote Windows host is missing security update 5087541. It is, therefore, affected by multiple vulnerabilities - Heap-based buffer overflow in Microsoft Windows DNS allows an unauthorized attacker to execute code over a network. CVE-2026-41096 - Stack-based buffer overflow in Windows Netlogon...
CVE-2026-43944
electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client. From versions 3.0.6 to before 3.8.15, electerm is vulnerable to arbitrary local code execution via deep links, CLI --opts, or crafted shortcuts. Exploit requires clicking a crafted electerm://... link or...