652 matches found
CVE-2025-62627
An untrusted pointer dereference in the ionic cloud driver for VMWare ESXi could allow an attacker with an unprivileged VM to read kernel memory or co-located guest VM memory, potentially resulting in loss of confidentiality or availability...
CVE-2026-40367
Access of resource using incompatible type 'type confusion' in Microsoft Office Word allows an unauthorized attacker to execute code locally...
CVE-2025-62627
An untrusted pointer dereference in the ionic cloud driver for VMWare ESXi could allow an attacker with an unprivileged VM to read kernel memory or co-located guest VM memory, potentially resulting in loss of confidentiality or availability...
CVE-2025-62627
Vulnerability CVE-2025-62627 describes an untrusted pointer dereference in AMD Ionic cloud driver used with VMware ESXi/ESX hosts (AMD-Pensando DPU integration). This could allow an unprivileged VM to read kernel memory or memory of co-located VMs, exposing confidentiality and impacting availabil...
EUVD-2026-29651
Untrusted pointer dereference in Windows Kernel allows an authorized attacker to elevate privileges locally...
EUVD-2026-29649
Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally...
CVE-2026-40369
Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally...
CVE-2026-20738
Untrusted pointer dereference for some IntelR QuickAssist Adapter 8960 software before version 1.13 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable escalation of...
CVE-2026-40369
Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally...
CVE-2026-40367
Access of resource using incompatible type 'type confusion' in Microsoft Office Word allows an unauthorized attacker to execute code locally...
CVE-2026-20738
Intel QuickAssist Adapter 8960 software prior to version 1.13 contains an untrusted pointer dereference in Ring 3 (User Applications) that may allow local privilege escalation by an authenticated, low-priv user with no user interaction. Impact is high on confidentiality, integrity, and availabili...
Microsoft Word Remote Code Execution Vulnerability
Access of resource using incompatible type 'type confusion' in Microsoft Office Word allows an unauthorized attacker to execute code locally...
Intel QuickAssist Adapter 8960 安全漏洞
The Intel QuickAssist Adapter 8960 is a hardware acceleration card developed by Intel Corporation, aimed at data center security, networking, and storage scenarios. Versions of the Intel QuickAssist Adapter 8960 prior to 1.13 contained security vulnerabilities. These vulnerabilities stemmed from...
Ionic Driver Vulnerabilities
CVE Details Refer to Glossary for explanation of terms CVE| CVE Description| CVSS Score ---|---|--- CVE-2025-62623| A heap-based buffer overflow in the ionic cloud driver for VMware ESXi could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution.| 8....
CVE-2025-47408 Untrusted Pointer Dereference in Power Optimization Firmware
Memory corruption when another driver calls an IOCTL with invalid input/output buffer...
CVE-2025-47405 Untrusted Pointer Dereference in Camera
Memory corruption when processing camera sensor input/output control codes with invalid output buffers...
CVE-2025-47405 Untrusted Pointer Dereference in Camera
Memory corruption when processing camera sensor input/output control codes with invalid output buffers...
CVE-2025-47405
CVE-2025-47405 describes memory corruption that occurs when processing camera sensor IO controls with invalid output buffers. The connected CVE records call it an untrusted pointer dereference in the camera path, linking root cause to dereferencing pointers derived from untrusted inputs during IO...
Microsoft Word Code Execution Vulnerability (CNVD-2026-19748)
Microsoft Word is a word processing software in the Office suite of the U.S. company Microsoft Microsoft. A code execution vulnerability exists in Microsoft Word due to an untrusted pointer dereference flaw. An attacker could exploit this vulnerability to execute arbitrary code on a system...
CVE-2026-23670
Untrusted pointer dereference in Windows Virtualization-Based Security VBS Enclave allows an authorized attacker to bypass a security feature locally...