Authenticated users can exploit a race condition in GitHub Copilot and Visual Studio Code to execute arbitrary code remotely by manipulating file state between verification and use. This vulnerability affects users with network access to these development tools and requires user interaction to trigger. No patch is currently available to address this high-severity flaw.
Race condition for some TDX Module within Ring 0: Hypervisor may allow an escalation of privilege. System software adversary with a privileged user combined with a low complexity attack may enable escalation of privilege. [CVSS 7.9 HIGH]
Local code execution in Windows Notepad stems from inadequate sanitization of command metacharacters, enabling authenticated users to execute arbitrary commands through specially crafted input. The vulnerability requires user interaction and local access, making it exploitable by attackers with limited system privileges. No patch is currently available.
An inconsistent interpretation of http requests ('http request smuggling') vulnerability in Fortinet FortiOS 7.6.0, FortiOS 7.4.0 through 7.4.9, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4.3 through 6.4.16 may allow an unauthenticated attacker to smuggle an unlogged http request through the firewall policies via a specially crafted header [CVSS 5.8 MEDIUM]
Arbitrary code execution in Adobe Lightroom Desktop 15.1 and earlier via an out-of-bounds write vulnerability when users open malicious files. Local exploitation requires user interaction but executes with the privileges of the current user. No patch is currently available.
Arbitrary code execution in DNG SDK 1.7.1 build 2410 and earlier via out-of-bounds write when processing malicious DNG files. An attacker can achieve code execution with user privileges by tricking a victim into opening a specially crafted file. No patch is currently available for this vulnerability.
Arbitrary code execution in Bridge 15.1.3, 16.0.1 and earlier through an out-of-bounds write vulnerability triggered when users open malicious files. An attacker can execute commands with the privileges of the affected user, though exploitation requires social engineering to convince a victim to open a crafted file. No patch is currently available.
Arbitrary code execution in Substance 3D Stager 3.1.6 and earlier via an out-of-bounds write vulnerability allows local attackers to execute arbitrary code with user privileges when a victim opens a malicious file. The vulnerability requires user interaction but no special privileges, making it practical to exploit through social engineering. No patch is currently available.
Arbitrary code execution in DNG SDK 1.7.1 2410 and earlier stems from an integer overflow vulnerability that executes with user privileges when a victim opens a crafted file. The local attack vector requires user interaction but carries high impact across confidentiality, integrity, and availability with no patch currently available.
Arbitrary code execution in Bridge versions 15.1.3, 16.0.1 and earlier results from an integer overflow vulnerability that executes with user privileges when a victim opens a malicious file. The flaw requires user interaction but carries a high severity rating with no available patch, leaving affected systems vulnerable to immediate compromise.
Code execution in Substance 3D Stager 3.1.6 and earlier through a crafted file that triggers an out-of-bounds memory read during parsing. An attacker can exploit this vulnerability by tricking a user into opening a malicious file, achieving arbitrary code execution with the victim's privileges. No patch is currently available for this vulnerability.
Substance 3D Stager 3.1.6 and earlier contains an out-of-bounds read vulnerability in file parsing that allows arbitrary code execution when a victim opens a malicious crafted file. The vulnerability affects local users and requires user interaction to exploit, making social engineering a viable attack vector. No patch is currently available for this high-severity flaw.
Code execution in Substance 3D Stager 3.1.6 and earlier results from an out-of-bounds read vulnerability in malformed file parsing that allows attackers to corrupt memory and execute arbitrary code within the user's context. The vulnerability requires user interaction, as victims must open a specially crafted file to trigger exploitation. No patch is currently available for this high-severity flaw.
Privilege escalation in the Windows Ancillary Function Driver for WinSock affects Windows 11 and Windows Server 2022/2019, allowing authenticated local users to gain elevated system privileges. The vulnerability stems from improper access control mechanisms and currently lacks a patch. An authenticated attacker with local access can exploit this to achieve full system compromise.
Privilege escalation in Windows Cluster Client Failover exploits a use-after-free memory vulnerability, enabling authenticated local users to gain elevated system privileges. The flaw affects Windows Server 2016, 2019, and 2025 installations where an attacker with existing local access can trigger the vulnerability through the failover clustering component. No patch is currently available for this high-severity vulnerability.
Windows HTTP.sys contains an unsafe pointer dereference vulnerability that enables authenticated local attackers to escalate privileges on affected systems including Windows 11, Windows Server 2025, and related versions. An attacker with local user access can exploit this flaw to gain system-level privileges with high confidence in successful exploitation. No patch is currently available for this vulnerability.
Windows Kernel heap overflow in Windows 11 25h2 and Windows Server 2025 enables authenticated local attackers to achieve privilege escalation with high impact on confidentiality, integrity, and availability. The vulnerability requires local access and user privileges but no user interaction, making it a practical attack vector for lateral movement within systems. No patch is currently available, leaving affected systems exposed until remediation is released.
Privilege escalation via heap buffer overflow in Windows Kernel (Windows 10 21H2, Windows Server 2016) allows authenticated local users to gain elevated system privileges. The vulnerability requires local access and user-level permissions, making it exploitable by authorized account holders to bypass security boundaries. No patch is currently available for this issue.
Windows Ancillary Function Driver for WinSock contains a heap buffer overflow vulnerability that enables authenticated local users to achieve privilege escalation on affected Windows 10 and Server 2012 systems. An attacker with valid user credentials can exploit this memory corruption flaw to execute arbitrary code with elevated privileges. No patch is currently available for this vulnerability.
Windows HTTP.sys contains an untrusted pointer dereference vulnerability that enables authenticated local users to escalate privileges on Windows 11 and Windows Server 2022/2025 systems. An attacker with valid credentials can exploit this flaw to gain elevated access without user interaction. No patch is currently available for this HIGH severity issue affecting multiple Windows versions.
Privilege escalation in Microsoft Office Excel (including 365 Apps and Long Term Servicing Channel) via heap-based buffer overflow allows local attackers with user interaction to gain elevated system privileges. The vulnerability affects multiple Office product lines and currently lacks a security patch. With a CVSS score of 7.8, this poses a significant risk to organizations using affected Excel versions.
Windows Kernel privilege escalation vulnerability in Windows 10 21H2 and Windows Server 2012 stems from improper synchronization of concurrent access to shared resources, enabling local authenticated users to gain elevated system privileges. The race condition can be triggered without user interaction and impacts confidentiality, integrity, and availability of the affected system. No patch is currently available.
Windows HTTP.sys contains a race condition between privilege checks and resource access that enables local authenticated users to escalate privileges on Windows 10 21H2, Windows 11 23H2, and Windows Server 2025. An attacker with valid credentials can exploit this timing vulnerability to gain system-level access. No patch is currently available for this vulnerability.
Cryptographic key disclosure and credential forgery in MUNGE 0.5 through 0.5.17 lets a local user extract munged's MAC subkey from process memory and forge arbitrary credentials. By sending a crafted message with an oversized address-length field, an attacker triggers an out-of-bounds write that corrupts munged's internal state and leaks the key used to validate credentials, enabling impersonation of any user including root across every service that trusts MUNGE for authentication. EPSS is very low (0.02%) and there is no public exploit identified at time of analysis, but MUNGE's role as a cluster trust anchor makes the impact severe wherever it is deployed.
Privilege escalation in Microsoft Graphics Component on Windows 11 24H2 and Windows 10 21H2 exploits a heap buffer overflow to allow authenticated local attackers to gain system-level access. The vulnerability requires local access and user interaction is not required, presenting a significant risk in multi-user environments. No patch is currently available.
Arbitrary code execution in Adobe After Effects 25.6 and earlier results from an out-of-bounds read vulnerability triggered when parsing specially crafted files. An attacker can exploit this by tricking users into opening a malicious file, gaining execution privileges within the victim's user context. No patch is currently available for this vulnerability.
Code execution in Adobe After Effects 25.6 and earlier through out-of-bounds memory reads when processing malicious files. An attacker can exploit this vulnerability to execute arbitrary code with user privileges by tricking victims into opening a crafted file. No patch is currently available for this vulnerability.
Out-of-bounds memory reads in Adobe After Effects 25.6 and earlier enable arbitrary code execution when users open specially crafted files. An attacker can exploit this parsing vulnerability by delivering a malicious file that triggers a read past allocated buffer boundaries, executing code with the privileges of the affected user. No patch is currently available for this high-severity vulnerability that requires user interaction to exploit.
Arbitrary code execution in Adobe After Effects 25.6 and earlier through a use-after-free memory vulnerability requires user interaction to open a specially crafted file. An attacker can exploit this flaw to execute malicious code with the privileges of the affected user. No patch is currently available.
Arbitrary code execution in Adobe After Effects 25.6 and earlier via a use-after-free memory vulnerability that executes with user privileges when opening a malicious file. The vulnerability requires user interaction but has no available patch, leaving affected systems at risk from social engineering attacks delivering weaponized project files.
Arbitrary code execution in Adobe After Effects 25.6 and earlier through a use-after-free memory vulnerability requires victims to open a malicious file. An attacker can execute commands with the privileges of the affected user without requiring special permissions. No patch is currently available for this high-severity vulnerability.
Arbitrary code execution in Adobe After Effects versions 25.6 and earlier through a use-after-free vulnerability that requires a user to open a malicious file. An attacker can execute arbitrary code with the privileges of the affected user by crafting a specially designed file. No patch is currently available.
Arbitrary code execution in Adobe After Effects 25.6 and earlier through a use-after-free flaw allows attackers to execute commands with user privileges when a victim opens a crafted file. The vulnerability requires user interaction but poses high risk to creative professionals and design teams. No patch is currently available.
Arbitrary code execution in Substance 3D Stager 3.1.6 and earlier results from an out-of-bounds write vulnerability that executes with user privileges. An attacker can exploit this by crafting a malicious file that, when opened by a victim, triggers the memory corruption and executes arbitrary code. No patch is currently available, making user education about untrusted files critical for mitigation.
Arbitrary code execution in Substance 3D Designer 15.1.0 and earlier via an out-of-bounds write vulnerability that triggers when users open a crafted malicious file. This local attack requires user interaction but executes with the privileges of the affected user, and no patch is currently available.
Arbitrary code execution in Substance 3D Designer 15.1.0 and earlier through an out-of-bounds write vulnerability that requires a user to open a malicious file. An attacker can execute code with the privileges of the targeted user by crafting a specially designed file. No patch is currently available for this high-severity vulnerability.
Arbitrary code execution in Adobe After Effects 25.6 and earlier via out-of-bounds write vulnerability when users open malicious files. This local attack requires user interaction but grants the attacker full execution privileges within the victim's session. No patch is currently available.
Arbitrary code execution in Adobe After Effects 25.6 and earlier through out-of-bounds write vulnerability (CWE-787) when processing malicious files. An attacker can execute code with user privileges by convincing a victim to open a specially crafted file, with no patch currently available.
Arbitrary code execution in Adobe After Effects 25.6 and earlier via out-of-bounds write when processing malicious files. An attacker can achieve code execution with user privileges by tricking a victim into opening a crafted file. No patch is currently available.
Arbitrary code execution in Adobe Audition 25.3 and earlier through a local out-of-bounds write vulnerability that requires victims to open a specially crafted file. The vulnerability impacts all users running affected versions and allows attackers to execute code with the privileges of the current user. No patch is currently available.
Arbitrary code execution in Adobe InDesign versions 21.1, 20.5.1, and earlier through a heap buffer overflow vulnerability triggered by opening a malicious file. The vulnerability requires user interaction and executes with the privileges of the current user, with no patch currently available. Local attackers can leverage this to achieve code execution on affected systems.
Arbitrary code execution in Adobe After Effects 25.6 and earlier through type confusion allows attackers to execute malicious code with user privileges when a victim opens a crafted file. The vulnerability requires user interaction but poses a significant risk to creative professionals and organizations using affected versions. No patch is currently available.
Arbitrary code execution in Adobe After Effects 25.6 and earlier through an integer overflow vulnerability affecting file processing. An attacker can exploit this by crafting a malicious file that, when opened by a user, executes code with the privileges of the current user. No patch is currently available for this high-severity vulnerability.
Arbitrary code execution in Siemens SINEC NMS versions prior to V4.0 SP2 can be achieved when a low-privileged user modifies configuration files to load malicious DLLs, resulting in administrative privilege execution. This local vulnerability affects all current deployments and currently has no available patch. An authenticated attacker with local access can exploit this to gain full system compromise.
Arbitrary code execution in Simcenter Femap and Nastran versions prior to V2512 results from an out-of-bounds write flaw triggered by parsing malicious XDB files. Local attackers with user interaction can exploit this vulnerability to execute arbitrary code with the privileges of the affected application. No patch is currently available for this high-severity vulnerability.
Endpoint Configuration Toolset Solution is affected by improper link resolution before file access (CVSS 7.8).
Nx versions prior to V2512 contain an insufficient input validation flaw in the PDF export functionality that permits local attackers to corrupt internal data structures and achieve arbitrary code execution. An attacker with local file system access can exploit this vulnerability to manipulate the export process and gain code execution privileges. No patch is currently available for this vulnerability.
AXIS Camera Station Pro contained a flaw to perform a privilege escalation attack on the server as a non-admin user. [CVSS 7.8 HIGH]
Code execution in Simcenter Femap and Nastran versions prior to V2512 results from an out-of-bounds read flaw triggered when parsing malicious NDB files. A local attacker with user interaction can exploit this vulnerability to execute arbitrary code with the privileges of the affected application. No patch is currently available for this vulnerability.
Heap-based buffer overflow in Simcenter Femap and Nastran versions prior to V2512 allows local attackers to achieve arbitrary code execution by crafting malicious NDB files. The vulnerability requires user interaction to trigger and affects all current versions of both products. No patch is currently available, leaving affected systems at risk of privilege escalation and system compromise.