Common Vulnerabilities and Exposures (CVE)
CVE-2025-24083
Untrusted pointer dereference in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-24082
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2025-24081
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2025-24080
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-24079
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2025-24078
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2025-24077
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2025-24070
Weak authentication in ASP.NET Core & Visual Studio allows an unauthorized attacker to elevate privileges over a network.
CVE-2025-24057
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-24043
Improper verification of cryptographic signature in .NET allows an authorized attacker to execute code over a network.
CVE-2025-24044
Use after free in Windows Win32 Kernel Subsystem allows an authorized attacker to elevate privileges locally.
CVE-2025-24035
Sensitive data storage in improperly locked memory in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network.
CVE-2026-26190
Milvus is an open-source vector database built for generative AI applications. Prior to 2.5.27 and 2.6.10, Milvus exposes TCP port 9091 by default, which enables authentication bypasses. The /expr debug endpoint uses a weak, predictable def...
CVE-2022-32221
When doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously was used to issue a `PUT` ...
CVE-2018-1160
Netatalk before 3.1.12 is vulnerable to an out of bounds write in dsi_opensess.c. This is due to lack of bounds checking on attacker controlled data. A remote unauthenticated attacker can leverage this vulnerability to achieve arbitrary cod...