1830 matches found
CVE-2025-29962
Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network...
CVE-2025-29840
Stack-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network...
CVE-2025-29967
Technical details about CVE-2025-29967 are not provided in the connected documents. Public details in the initial description exist, but no accompanying technical specifics (affected versions, root cause, exploit info, or remediation) are available here. Monitor for updates.
Scripting Engine Memory Corruption Vulnerability
Access of resource using incompatible type 'type confusion' in Microsoft Scripting Engine allows an unauthorized attacker to execute code over a network...
Microsoft SharePoint Server Remote Code Execution Vulnerability
Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to execute code locally...
Microsoft Excel Remote Code Execution Vulnerability
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally...
PT-2025-21004 · Microsoft · Visual Studio
Name of the Vulnerable Software and Affected Versions: Visual Studio versions prior to 17.13.3 Description: The issue is related to improper neutralization of special elements used in a command, allowing an unauthorized attacker to execute code locally. This is a command injection vulnerability i...
PT-2025-20992 · Microsoft · Sharepoint Server
Name of the Vulnerable Software and Affected Versions: Microsoft Office SharePoint affected versions not specified Description: The issue concerns the deserialization of untrusted data in Microsoft Office SharePoint, allowing an unauthorized attacker to execute code locally. This enables remote...
CVE-2025-30397
Access of resource using incompatible type ‘type confusion’ in Microsoft Scripting Engine allows an unauthorized attacker to execute code over a network. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
PT-2025-20999 · Microsoft · Office Excel
Name of the Vulnerable Software and Affected Versions: Microsoft Office Excel affected versions not specified Description: The issue is related to a use after free condition in Microsoft Office Excel, allowing an unauthorized attacker to execute code locally. This poses a threat to data and...
PT-2025-21001
Name of the Vulnerable Software and Affected Versions Microsoft Scripting Engine affected versions not specified Description The issue is related to a type confusion vulnerability in the Microsoft Scripting Engine, which allows an unauthorized attacker to execute code over a network. This can be...
KB5058387: Windows 10 LTS 1507 Security Update (May 2025)
The remote Windows host is missing security update 5058387. It is, therefore, affected by multiple vulnerabilities - Heap-based buffer overflow in Remote Desktop Gateway Service allows an unauthorized attacker to execute code over a network. CVE-2025-29967 - Use of uninitialized resource in Windo...
PT-2025-20979 · Microsoft · Office Excel
Name of the Vulnerable Software and Affected Versions: Microsoft Office Excel affected versions not specified Description: The issue is related to a use-after-free flaw in Microsoft Office Excel, allowing an unauthorized attacker to execute code locally. This can enable remote attackers to execut...
CVE-2025-33074
Improper verification of cryptographic signature in Microsoft Azure Functions allows an authorized attacker to execute code over a network...
Siemens TeleControl Server Basic SQL Injection Vulnerability (CNVD-2025-09142)
Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from a SQL injection vulnerability that stems from the internally used 'LockProject' method. An attacker could exploit the vulnerability to cause bypass of...
Siemens TeleControl Server Basic SQL Injection Vulnerability (CNVD-2025-08610)
Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from an SQL injection vulnerability that originates from an internal method, UnlockGateway, which can be exploited by an attacker to bypass authorization controls an...
Siemens TeleControl Server SQL Injection Vulnerability (CNVD-2025-09150)
Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from a SQL injection vulnerability that can be exploited by an attacker to bypass authorization controls and execute arbitrary code...
Fortinet FortiIsolator Operating System Command Injection Vulnerability
Fortinet FortiIsolator is a Fortinet application that provides remote security isolation for browsers. The application adds additional advanced threat protection capabilities to the Fortinet Security Fabric and protects business-critical data from sophisticated threats on the Web. Content and fil...
Researchers Find CVSS 10.0 Severity RCE Vulnerability in Erlang/OTP SSH
Security researchers report CVE-2025-32433, a CVSS 10.0 RCE vulnerability in Erlang/OTP SSH, allowing unauthenticated code execution on exposed…...
CVE-2025-29820
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally...