Skip to main content
CVE-2025-2019 HIGH This Week

Ashlar-Vellum Cobalt VC6 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of VC6 files. The issue results from the lack of proper validation of the length of user-supplied ...

RCE Buffer Overflow
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2025-2017 HIGH This Week

Ashlar-Vellum Cobalt CO File Parsing Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of CO files. The issue results from the lack of proper validation of the length of user-supplied data prior to...

RCE Buffer Overflow
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2025-27167 HIGH This Week

Illustrator versions 29.2.1, 28.7.4 and earlier are affected by an Untrusted Search Path vulnerability that might allow attackers to execute their own programs, access unauthorized data files, or modify configuration in unexpected ways. [CVSS 7.8 HIGH]

RCE
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-27181 HIGH This Week

Substance3D - Modeler versions 1.15.0 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. [CVSS 7.8 HIGH]

Use After Free RCE Denial Of Service
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-27174 HIGH This Week

Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. [CVSS 7.8 HIGH]

Use After Free Adobe RCE Denial Of Service
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-27160 HIGH This Week

Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. [CVSS 7.8 HIGH]

Use After Free Adobe RCE Denial Of Service
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-27159 HIGH This Week

Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. [CVSS 7.8 HIGH]

Use After Free Adobe RCE Denial Of Service
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-27173 HIGH This Week

Substance3D - Modeler versions 1.15.0 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. [CVSS 7.8 HIGH]

Buffer Overflow RCE
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-27178 HIGH This Week

InDesign Desktop versions ID20.1, ID19.5.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. [CVSS 7.8 HIGH]

Buffer Overflow RCE
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-27177 HIGH This Week

InDesign Desktop versions ID20.1, ID19.5.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. [CVSS 7.8 HIGH]

Buffer Overflow RCE
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-27175 HIGH This Week

InDesign Desktop versions ID20.1, ID19.5.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. [CVSS 7.8 HIGH]

Buffer Overflow RCE
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-27171 HIGH This Week

InDesign Desktop versions ID20.1, ID19.5.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. [CVSS 7.8 HIGH]

Buffer Overflow RCE
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-27169 HIGH This Week

Illustrator versions 29.2.1, 28.7.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. [CVSS 7.8 HIGH]

Buffer Overflow RCE
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-27168 HIGH This Week

Illustrator versions 29.2.1, 28.7.4 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. [CVSS 7.8 HIGH]

Buffer Overflow RCE
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-27166 HIGH This Week

InDesign Desktop versions ID20.1, ID19.5.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. [CVSS 7.8 HIGH]

Buffer Overflow RCE
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-27162 HIGH This Week

Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. [CVSS 7.8 HIGH]

Buffer Overflow Adobe RCE
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-27161 HIGH This Week

Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. [CVSS 7.8 HIGH]

Buffer Overflow Adobe Information Disclosure
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-27158 HIGH This Week

Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. [CVSS 7.8 HIGH]

Buffer Overflow Adobe RCE
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-24453 HIGH This Week

InDesign Desktop versions ID20.1, ID19.5.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. [CVSS 7.8 HIGH]

Buffer Overflow RCE
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-24452 HIGH This Week

InDesign Desktop versions ID20.1, ID19.5.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. [CVSS 7.8 HIGH]

Buffer Overflow RCE
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-24451 HIGH This Week

Substance3D - Painter versions 10.1.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. [CVSS 7.8 HIGH]

Buffer Overflow RCE
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-24450 HIGH This Week

Substance3D - Painter versions 10.1.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. [CVSS 7.8 HIGH]

Buffer Overflow RCE
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-24445 HIGH This Week

Substance3D - Sampler versions 4.5.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. [CVSS 7.8 HIGH]

Buffer Overflow RCE
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-24444 HIGH This Week

Substance3D - Sampler versions 4.5.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. [CVSS 7.8 HIGH]

Buffer Overflow RCE
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-24443 HIGH This Week

Substance3D - Sampler versions 4.5.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. [CVSS 7.8 HIGH]

Buffer Overflow RCE
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-24442 HIGH This Week

Substance3D - Sampler versions 4.5.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. [CVSS 7.8 HIGH]

Buffer Overflow RCE
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-24441 HIGH This Week

Substance3D - Sampler versions 4.5.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. [CVSS 7.8 HIGH]

Buffer Overflow RCE
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-24440 HIGH This Week

Substance3D - Sampler versions 4.5.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. [CVSS 7.8 HIGH]

Buffer Overflow RCE
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-24439 HIGH This Week

Substance3D - Sampler versions 4.5.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. [CVSS 7.8 HIGH]

Buffer Overflow RCE
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-27172 HIGH This Week

Substance3D - Designer versions 14.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. [CVSS 7.8 HIGH]

Buffer Overflow RCE
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-21169 HIGH This Week

Substance3D - Designer versions 14.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. [CVSS 7.8 HIGH]

Buffer Overflow RCE
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-23402 HIGH This Week

A vulnerability has been identified in Teamcenter Visualization V14.3 (All versions < V14.3.0.13), Teamcenter Visualization V2312 (All versions < V2312.0009), Teamcenter Visualization V2406 (All versions < V2406.0007), Teamcenter Visualization V2412 (All versions < V2412.0002), Tecnomatix Plant Simulation V2302 (All versions < V2302.0021), Tecnomatix Plant Simulation V2404 (All versions < V2404.0010). [CVSS 7.8 HIGH]

Use After Free
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2024-9157 HIGH This Week

CxUIUSvc64.exe and CxUIUSvc32.exe of Synaptics audio drivers is affected by improper access control (CVSS 7.8).

Privilege Escalation
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-27438 HIGH This Week

A vulnerability has been identified in Teamcenter Visualization V14.3 (All versions < V14.3.0.13), Teamcenter Visualization V2312 (All versions < V2312.0009), Teamcenter Visualization V2406 (All versions < V2406.0007), Teamcenter Visualization V2412 (All versions < V2412.0002), Tecnomatix Plant Simulation V2302 (All versions < V2302.0021), Tecnomatix Plant Simulation V2404 (All versions < V2404.0010). [CVSS 7.8 HIGH]

Buffer Overflow Information Disclosure
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-23401 HIGH This Week

A vulnerability has been identified in Teamcenter Visualization V14.3 (All versions < V14.3.0.13), Teamcenter Visualization V2312 (All versions < V2312.0009), Teamcenter Visualization V2406 (All versions < V2406.0007), Teamcenter Visualization V2412 (All versions < V2412.0002), Tecnomatix Plant Simulation V2302 (All versions < V2302.0021), Tecnomatix Plant Simulation V2404 (All versions < V2404.0010). [CVSS 7.8 HIGH]

Buffer Overflow Information Disclosure
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-23400 HIGH This Week

A vulnerability has been identified in Teamcenter Visualization V14.3 (All versions < V14.3.0.13), Teamcenter Visualization V2312 (All versions < V2312.0009), Teamcenter Visualization V2406 (All versions < V2406.0007), Teamcenter Visualization V2412 (All versions < V2412.0002), Tecnomatix Plant Simulation V2302 (All versions < V2302.0021), Tecnomatix Plant Simulation V2404 (All versions < V2404.0010). [CVSS 7.8 HIGH]

Buffer Overflow
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-23399 HIGH This Week

A vulnerability has been identified in Teamcenter Visualization V14.3 (All versions < V14.3.0.13), Teamcenter Visualization V2312 (All versions < V2312.0009), Teamcenter Visualization V2406 (All versions < V2406.0007), Teamcenter Visualization V2412 (All versions < V2412.0002), Tecnomatix Plant Simulation V2302 (All versions < V2302.0021), Tecnomatix Plant Simulation V2404 (All versions < V2404.0010). [CVSS 7.8 HIGH]

Buffer Overflow Information Disclosure
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-23398 HIGH This Week

A vulnerability has been identified in Teamcenter Visualization V14.3 (All versions < V14.3.0.13), Teamcenter Visualization V2312 (All versions < V2312.0009), Teamcenter Visualization V2406 (All versions < V2406.0007), Teamcenter Visualization V2412 (All versions < V2412.0002), Tecnomatix Plant Simulation V2302 (All versions < V2302.0021), Tecnomatix Plant Simulation V2404 (All versions < V2404.0010). [CVSS 7.8 HIGH]

Buffer Overflow
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-23397 HIGH This Week

A vulnerability has been identified in Teamcenter Visualization V14.3 (All versions < V14.3.0.13), Teamcenter Visualization V2312 (All versions < V2312.0009), Teamcenter Visualization V2406 (All versions < V2406.0007), Teamcenter Visualization V2412 (All versions < V2412.0002), Tecnomatix Plant Simulation V2302 (All versions < V2302.0021), Tecnomatix Plant Simulation V2404 (All versions < V2404.0010). [CVSS 7.8 HIGH]

Buffer Overflow
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-23396 HIGH This Week

A vulnerability has been identified in Teamcenter Visualization V14.3 (All versions < V14.3.0.13), Teamcenter Visualization V2312 (All versions < V2312.0009), Teamcenter Visualization V2406 (All versions < V2406.0007), Teamcenter Visualization V2412 (All versions < V2412.0002), Tecnomatix Plant Simulation V2302 (All versions < V2302.0021), Tecnomatix Plant Simulation V2404 (All versions < V2404.0010). [CVSS 7.8 HIGH]

Buffer Overflow
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2024-45328 HIGH This Week

An incorrect authorization vulnerability [CWE-863] in FortiSandbox 4.4.0 through 4.4.6 may allow a low priviledged administrator to execute elevated CLI commands via the GUI console menu. [CVSS 7.8 HIGH]

Authentication Bypass
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-2169 HIGH This Week

WordPress Currency Switcher Professional versions up to 1.2.0.4. is affected by code injection (CVSS 7.3).

WordPress PHP
NVD
CVSS 3.1
7.3
EPSS
1.9%
CVE-2025-26634 HIGH This Week

Heap-based buffer overflow in Windows Core Messaging allows an authorized attacker to elevate privileges over a network. [CVSS 7.5 HIGH]

Windows Buffer Overflow
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2025-24043 HIGH PATCH This Week

Improper verification of cryptographic signature in .NET allows an authorized attacker to execute code over a network. [CVSS 7.5 HIGH]

Information Disclosure
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2025-2196 LOW POC Monitor

A vulnerability was found in MRCMS 3.1.2. It has been declared as problematic. [CVSS 3.5 LOW]

XSS
NVD VulDB GitHub
CVSS 3.1
3.5
EPSS
0.1%
CVE-2025-2195 LOW POC Monitor

A vulnerability was found in MRCMS 3.1.2. It has been classified as problematic. [CVSS 3.5 LOW]

XSS
NVD GitHub VulDB
CVSS 3.1
3.5
EPSS
0.1%
CVE-2025-2194 LOW POC Monitor

A vulnerability was found in MRCMS 3.1.2 and classified as problematic. This issue affects the function list of the file /admin/file/list.do of the component org.marker.mushroom.controller.FileController. [CVSS 3.5 LOW]

XSS
NVD GitHub VulDB
CVSS 3.1
3.5
EPSS
0.1%
CVE-2024-13615 LOW POC Monitor

The Social Snap WordPress plugin fails to properly clean user input in its settings, allowing administrators to inject malicious code that gets stored and executed in the browser. This affects websites using the plugin version 1.3.6 and earlier, particularly in multisite setups where admin accounts shouldn't normally have permission to run unfiltered code. An attacker with admin access could inject JavaScript code that runs for all site visitors, potentially stealing credentials or performing unauthorized actions.

WordPress XSS
NVD WPScan
CVSS 3.1
3.5
EPSS
0.1%
CVE-2023-48790 HIGH CERT-EU This Week

through 7.2.1 and 7.1.0 versions up to 7.1.1 is affected by cross-site request forgery (csrf) (CVSS 7.5).

Fortinet
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2024-54084 HIGH This Week

APTIOV contains a vulnerability in BIOS where an attacker may cause a Time-of-check Time-of-use (TOCTOU) Race Condition by local means. Successful exploitation of this vulnerability may lead to arbitrary code execution. [CVSS 7.5 HIGH]

Race Condition RCE
NVD
CVSS 3.1
7.5
EPSS
0.0%
Prev Page 3 of 7 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy