Skip to main content
CVE-2025-24080 HIGH This Week

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. [CVSS 7.8 HIGH]

Use After Free Denial Of Service Microsoft
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2025-24079 HIGH This Week

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. [CVSS 7.8 HIGH]

Use After Free Denial Of Service Microsoft
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2025-26630 HIGH This Week

Use after free in Microsoft Office Access allows an unauthorized attacker to execute code locally. [CVSS 7.8 HIGH]

Use After Free Denial Of Service Microsoft
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2025-26629 HIGH This Week

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. [CVSS 7.8 HIGH]

Use After Free Denial Of Service Microsoft
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2025-24077 HIGH This Week

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. [CVSS 7.8 HIGH]

Use After Free Denial Of Service Microsoft
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2025-24075 HIGH This Week

Stack-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally. [CVSS 7.8 HIGH]

Buffer Overflow
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2025-24059 HIGH This Week

Incorrect conversion between numeric types in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally. [CVSS 7.8 HIGH]

Windows
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2025-24995 HIGH This Week

Heap-based buffer overflow in Kernel Streaming WOW Thunk Service Driver allows an authorized attacker to elevate privileges locally. [CVSS 7.8 HIGH]

Linux Buffer Overflow
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2025-24067 HIGH This Week

Heap-based buffer overflow in Microsoft Streaming Service allows an authorized attacker to elevate privileges locally. [CVSS 7.8 HIGH]

Buffer Overflow
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2025-24066 HIGH This Week

Heap-based buffer overflow in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally. [CVSS 7.8 HIGH]

Linux Windows Buffer Overflow
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2025-24044 HIGH This Week

Use after free in Windows Win32 Kernel Subsystem allows an authorized attacker to elevate privileges locally. [CVSS 7.8 HIGH]

Linux Windows
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2025-22454 HIGH This Week

Insufficiently restrictive permissions in Ivanti Secure Access Client versions up to 22.7 is affected by incorrect permission assignment for critical resource (CVSS 7.8).

Privilege Escalation Ivanti
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2025-2012 HIGH This Week

Ashlar-Vellum Cobalt VS File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. [CVSS 7.8 HIGH]

RCE
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2025-24072 HIGH This Week

Use after free in Microsoft Local Security Authority Server (lsasrv) allows an authorized attacker to elevate privileges locally. [CVSS 7.8 HIGH]

Use After Free Denial Of Service Microsoft
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2025-24050 HIGH This Week

Heap-based buffer overflow in Role: Windows Hyper-V allows an authorized attacker to elevate privileges locally. [CVSS 7.8 HIGH]

Windows Buffer Overflow
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2025-24048 HIGH This Week

Heap-based buffer overflow in Role: Windows Hyper-V allows an authorized attacker to elevate privileges locally. [CVSS 7.8 HIGH]

Windows Buffer Overflow
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2025-24046 HIGH This Week

Use after free in Microsoft Streaming Service allows an authorized attacker to elevate privileges locally. [CVSS 7.8 HIGH]

Use After Free Denial Of Service Microsoft
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2025-2023 HIGH This Week

Ashlar-Vellum Cobalt LI File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. [CVSS 7.8 HIGH]

RCE
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2025-2022 HIGH This Week

Ashlar-Vellum Cobalt VS File Parsing Type Confusion Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. [CVSS 7.8 HIGH]

RCE
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2025-2021 HIGH This Week

Ashlar-Vellum Cobalt XE File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. [CVSS 7.8 HIGH]

RCE
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2025-2020 HIGH This Week

Ashlar-Vellum Cobalt VC6 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. [CVSS 7.8 HIGH]

RCE
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2025-2018 HIGH This Week

Ashlar-Vellum Cobalt VS File Parsing Type Confusion Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. [CVSS 7.8 HIGH]

RCE
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2025-2016 HIGH This Week

Ashlar-Vellum Cobalt VC6 File Parsing Type Confusion Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. [CVSS 7.8 HIGH]

RCE
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2025-2015 HIGH This Week

Ashlar-Vellum Cobalt VS File Parsing Type Confusion Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. [CVSS 7.8 HIGH]

RCE
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2025-2014 HIGH This Week

that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of VS files. The issue results from the lack of proper initialization of memory contains a vulnerability that allows attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt (CVSS 7.8).

RCE
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2025-2013 HIGH This Week

Ashlar-Vellum Cobalt CO File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of CO files. The issue results from the lack of validating the existence of an object prior to performing opera...

RCE
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2025-2019 HIGH This Week

Ashlar-Vellum Cobalt VC6 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of VC6 files. The issue results from the lack of proper validation of the length of user-supplied ...

RCE Buffer Overflow
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2025-2017 HIGH This Week

Ashlar-Vellum Cobalt CO File Parsing Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of CO files. The issue results from the lack of proper validation of the length of user-supplied data prior to...

RCE Buffer Overflow
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2025-27167 HIGH This Week

Illustrator versions 29.2.1, 28.7.4 and earlier are affected by an Untrusted Search Path vulnerability that might allow attackers to execute their own programs, access unauthorized data files, or modify configuration in unexpected ways. [CVSS 7.8 HIGH]

RCE
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-27181 HIGH This Week

Substance3D - Modeler versions 1.15.0 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. [CVSS 7.8 HIGH]

Use After Free RCE Denial Of Service
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-27174 HIGH This Week

Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. [CVSS 7.8 HIGH]

Use After Free Adobe RCE Denial Of Service
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-27160 HIGH This Week

Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. [CVSS 7.8 HIGH]

Use After Free Adobe RCE Denial Of Service
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-27159 HIGH This Week

Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. [CVSS 7.8 HIGH]

Use After Free Adobe RCE Denial Of Service
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-27173 HIGH This Week

Substance3D - Modeler versions 1.15.0 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. [CVSS 7.8 HIGH]

Buffer Overflow RCE
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-27178 HIGH This Week

InDesign Desktop versions ID20.1, ID19.5.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. [CVSS 7.8 HIGH]

Buffer Overflow RCE
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-27177 HIGH This Week

InDesign Desktop versions ID20.1, ID19.5.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. [CVSS 7.8 HIGH]

Buffer Overflow RCE
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-27175 HIGH This Week

InDesign Desktop versions ID20.1, ID19.5.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. [CVSS 7.8 HIGH]

Buffer Overflow RCE
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-27171 HIGH This Week

InDesign Desktop versions ID20.1, ID19.5.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. [CVSS 7.8 HIGH]

Buffer Overflow RCE
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-27169 HIGH This Week

Illustrator versions 29.2.1, 28.7.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. [CVSS 7.8 HIGH]

Buffer Overflow RCE
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-27168 HIGH This Week

Illustrator versions 29.2.1, 28.7.4 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. [CVSS 7.8 HIGH]

Buffer Overflow RCE
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-27166 HIGH This Week

InDesign Desktop versions ID20.1, ID19.5.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. [CVSS 7.8 HIGH]

Buffer Overflow RCE
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-27162 HIGH This Week

Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. [CVSS 7.8 HIGH]

Buffer Overflow Adobe RCE
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-27161 HIGH This Week

Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. [CVSS 7.8 HIGH]

Buffer Overflow Adobe Information Disclosure
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-27158 HIGH This Week

Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. [CVSS 7.8 HIGH]

Buffer Overflow Adobe RCE
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-24453 HIGH This Week

InDesign Desktop versions ID20.1, ID19.5.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. [CVSS 7.8 HIGH]

Buffer Overflow RCE
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-24452 HIGH This Week

InDesign Desktop versions ID20.1, ID19.5.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. [CVSS 7.8 HIGH]

Buffer Overflow RCE
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-24451 HIGH This Week

Substance3D - Painter versions 10.1.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. [CVSS 7.8 HIGH]

Buffer Overflow RCE
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-24450 HIGH This Week

Substance3D - Painter versions 10.1.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. [CVSS 7.8 HIGH]

Buffer Overflow RCE
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-24445 HIGH This Week

Substance3D - Sampler versions 4.5.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. [CVSS 7.8 HIGH]

Buffer Overflow RCE
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-24444 HIGH This Week

Substance3D - Sampler versions 4.5.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. [CVSS 7.8 HIGH]

Buffer Overflow RCE
NVD
CVSS 3.1
7.8
EPSS
0.0%
Prev Page 2 of 4 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy