1411 matches found
Fortinet FortiIsolator Operating System Command Injection Vulnerability
Fortinet FortiIsolator is a Fortinet application that provides remote security isolation for browsers. The application adds additional advanced threat protection capabilities to the Fortinet Security Fabric and protects business-critical data from sophisticated threats on the Web. Content and fil...
Researchers Find CVSS 10.0 Severity RCE Vulnerability in Erlang/OTP SSH
Security researchers report CVE-2025-32433, a CVSS 10.0 RCE vulnerability in Erlang/OTP SSH, allowing unauthenticated code execution on exposed…...
CVE-2025-29820
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally...
CVE-2025-27749
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally...
CVE-2025-26671
Use after free in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network...
CVE-2025-26642
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to execute code locally...
CVE-2024-54024
An improper neutralization of special elements used in an OS command 'OS Command Injection' vulnerability CWE-78 in Fortinet FortiIsolator before version 2.4.6 allows a privileged attacker with super-admin profile and CLI access to execute unauthorized code via specifically crafted HTTP requests...
CVE-2024-54025
An improper neutralization of special elements used in an OS command 'OS Command Injection' vulnerability CWE-78 in Fortinet FortiIsolator CLI before version 2.4.6 allows a privileged attacker to execute unauthorized code or commands via crafted CLI requests...
CVE-2025-29823
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally...
CVE-2025-27749
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally...
CVE-2025-27481
Stack-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to execute code over a network...
CVE-2025-26686
Sensitive data storage in improperly locked memory in Windows TCP/IP allows an unauthorized attacker to execute code over a network...
CVE-2025-27751
CVE-2025-27751 is a Microsoft Excel remote code execution vulnerability described as a use-after-free in Excel, enabling an attacker to run code locally. Public materials in the connected set confirm an in-Excel object lifecycle issue is exploited via crafted DOCX payloads to achieve code executi...
CVE-2024-54025
An improper neutralization of special elements used in an OS command 'OS Command Injection' vulnerability CWE-78 in Fortinet FortiIsolator CLI before version 2.4.6 allows a privileged attacker to execute unauthorized code or commands via crafted CLI requests...
CVE-2024-54025
An improper neutralization of special elements used in an OS command 'OS Command Injection' vulnerability CWE-78 in Fortinet FortiIsolator CLI before version 2.4.6 allows a privileged attacker to execute unauthorized code or commands via crafted CLI requests...
CVE-2024-54025
Fortinet FortiIsolator CLI prior to version 2.4.6 is affected by an OS Command Injection (CWE-78) vulnerability due to improper neutralization of special elements in commands. This could allow a privileged attacker to execute unauthorized commands via crafted CLI requests (local access). Affected...
CVE-2024-54024
An improper neutralization of special elements used in an OS command 'OS Command Injection' vulnerability CWE-78 in Fortinet FortiIsolator before version 2.4.6 allows a privileged attacker with super-admin profile and CLI access to execute unauthorized code via specifically crafted HTTP requests...
PT-2025-15592
Name of the Vulnerable Software and Affected Versions Microsoft Office Word affected versions not specified Microsoft 365 Apps for Enterprise affected versions not specified Microsoft Office affected versions not specified Microsoft Office Long Term Servicing Channel affected versions not specifi...
CVE-2023-33302
A buffer copy without checking size of input 'classic buffer overflow' in Fortinet FortiMail webmail and administrative interface version 6.4.0 through 6.4.4 and before 6.2.6 and FortiNDR administrative interface version 7.2.0 and before 7.1.0 allows an authenticated attacker with regular webmail...
CVE-2023-33302
A buffer copy without checking size of input 'classic buffer overflow' in Fortinet FortiMail webmail and administrative interface version 6.4.0 through 6.4.4 and before 6.2.6 and FortiNDR administrative interface version 7.2.0 and before 7.1.0 allows an authenticated attacker with regular webmail...