1830 matches found
CVE-2025-27749
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally...
CVE-2025-26671
Use after free in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network...
CVE-2025-26642
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to execute code locally...
CVE-2024-54024
An improper neutralization of special elements used in an OS command 'OS Command Injection' vulnerability CWE-78 in Fortinet FortiIsolator before version 2.4.6 allows a privileged attacker with super-admin profile and CLI access to execute unauthorized code via specifically crafted HTTP requests...
CVE-2024-54025
An improper neutralization of special elements used in an OS command 'OS Command Injection' vulnerability CWE-78 in Fortinet FortiIsolator CLI before version 2.4.6 allows a privileged attacker to execute unauthorized code or commands via crafted CLI requests...
CVE-2025-29823
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally...
CVE-2025-27749
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally...
CVE-2025-27481
Stack-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to execute code over a network...
CVE-2025-26686
Sensitive data storage in improperly locked memory in Windows TCP/IP allows an unauthorized attacker to execute code over a network...
CVE-2025-27751
CVE-2025-27751 is a Microsoft Excel remote code execution vulnerability described as a use-after-free in Excel, enabling an attacker to run code locally. Public materials in the connected set confirm an in-Excel object lifecycle issue is exploited via crafted DOCX payloads to achieve code executi...
CVE-2024-54025
An improper neutralization of special elements used in an OS command 'OS Command Injection' vulnerability CWE-78 in Fortinet FortiIsolator CLI before version 2.4.6 allows a privileged attacker to execute unauthorized code or commands via crafted CLI requests...
CVE-2024-54024
An improper neutralization of special elements used in an OS command 'OS Command Injection' vulnerability CWE-78 in Fortinet FortiIsolator before version 2.4.6 allows a privileged attacker with super-admin profile and CLI access to execute unauthorized code via specifically crafted HTTP requests...
CVE-2024-54025
An improper neutralization of special elements used in an OS command 'OS Command Injection' vulnerability CWE-78 in Fortinet FortiIsolator CLI before version 2.4.6 allows a privileged attacker to execute unauthorized code or commands via crafted CLI requests...
CVE-2024-54025
Fortinet FortiIsolator CLI prior to version 2.4.6 is affected by an OS Command Injection (CWE-78) vulnerability due to improper neutralization of special elements in commands. This could allow a privileged attacker to execute unauthorized commands via crafted CLI requests (local access). Affected...
PT-2025-15592
Name of the Vulnerable Software and Affected Versions Microsoft Office Word affected versions not specified Microsoft 365 Apps for Enterprise affected versions not specified Microsoft Office affected versions not specified Microsoft Office Long Term Servicing Channel affected versions not specifi...
CVE-2023-33302
A buffer copy without checking size of input 'classic buffer overflow' in Fortinet FortiMail webmail and administrative interface version 6.4.0 through 6.4.4 and before 6.2.6 and FortiNDR administrative interface version 7.2.0 and before 7.1.0 allows an authenticated attacker with regular webmail...
CVE-2023-33302
A buffer copy without checking size of input 'classic buffer overflow' in Fortinet FortiMail webmail and administrative interface version 6.4.0 through 6.4.4 and before 6.2.6 and FortiNDR administrative interface version 7.2.0 and before 7.1.0 allows an authenticated attacker with regular webmail...
CVE-2023-33302
A buffer copy without checking size of input 'classic buffer overflow' in Fortinet FortiMail webmail and administrative interface version 6.4.0 through 6.4.4 and before 6.2.6 and FortiNDR administrative interface version 7.2.0 and before 7.1.0 allows an authenticated attacker with regular webmail...
PT-2025-13782 · Fortinet · Fortindr +1
Name of the Vulnerable Software and Affected Versions: FortiMail versions 6.4.0 through 6.4.4 FortiMail versions prior to 6.2.6 FortiNDR versions prior to 7.1.0 FortiNDR version 7.2.0 Description: A buffer copy without checking the size of input, also known as a 'classic buffer overflow', allows ...
CVE-2019-16149
An Improper Neutralization of Input During Web Page Generation in FortiClientEMS version 6.2.0 may allow a remote attacker to execute unauthorized code by injecting malicious payload in the user profile of a FortiClient instance being managed by the vulnerable system...