🔥 Trending CVEs - Last 30 Days

CVE-2019-25435 is a local buffer overflow vulnerability in Sricam DeviceViewer 3.12.0.1 that allows authenticated attackers to execute arbitrary code ...

This vulnerability allows remote attackers to execute arbitrary code on Xmind installations by tricking users into opening malicious attachments. The ...

CVE-2026-26101 is an incorrect permission assignment vulnerability in Owl opds 2.2.0.4 that allows attackers to manipulate files through crafted netwo...

This vulnerability allows attackers to execute arbitrary code with administrative privileges by exploiting insecure DLL loading in the RICOH job log a...

ADB Explorer versions 0.9.26020 and below fail to validate the ADB binary path before execution, allowing arbitrary code execution with current user p...

This CVE describes a heap buffer overflow vulnerability in HDF5 software that allows attackers to trigger denial-of-service conditions through special...

This vulnerability allows local attackers to achieve privilege escalation to SYSTEM level by placing a malicious executable in a world-writable direct...

This vulnerability allows attackers to execute arbitrary code by tricking users into opening malicious CATPART files in affected Autodesk products. Us...

A race condition vulnerability in the Linux kernel's ksmbd (SMB server) component allows use-after-free attacks in multi-channel SMB sessions. This af...

CVE-2025-33252 is a deserialization vulnerability in NVIDIA's NeMo Framework that allows remote attackers to execute arbitrary code. This affects orga...

A deserialization vulnerability in the OPC.Testclient utility within Rexroth IndraWorks allows attackers to execute arbitrary code by tricking users i...

This vulnerability in Rexroth IndraWorks allows attackers to execute arbitrary code on a user's system by tricking them into opening a malicious file,...

The NVIDIA NeMo Framework vulnerability allows remote code execution in distributed environments, enabling attackers to execute arbitrary code, escala...

CVE-2025-33246 is a command injection vulnerability in NVIDIA's NeMo Framework ASR Evaluator utility that allows attackers to execute arbitrary comman...

CVE-2025-33250 is a remote code execution vulnerability in NVIDIA's NeMo Framework that allows attackers to execute arbitrary code on affected systems...

The NVIDIA NeMo Framework vulnerability allows attackers to inject malicious code through crafted data inputs. Successful exploitation could lead to r...

NVIDIA Megatron Bridge contains a code injection vulnerability in a data shuffling tutorial component. Successful exploitation could allow attackers t...

This vulnerability in Softland FBackup allows local attackers to exploit a link following weakness (CWE-59) in the HID.dll library during backup/resto...

CVE-2025-65715 is a remote code execution vulnerability in Visual Studio Code's Code Runner extension that allows attackers to execute arbitrary code ...

A Use of Uninitialized Variable vulnerability in SOLIDWORKS eDrawings allows attackers to execute arbitrary code when users open specially crafted EPR...

An Out-Of-Bounds Write vulnerability in SOLIDWORKS eDrawings allows an attacker to execute arbitrary code by tricking a user into opening a malicious ...

Calero VeraSMART versions before 2026 R1 contain hardcoded AES encryption keys in the Veramark.Framework.dll file. This allows attackers with local sy...

CVE-2019-25345 is an unquoted service path vulnerability in Realtek IIS Codec Service that allows local attackers to execute arbitrary code with eleva...

NextVPN 4.10 has insecure file permissions that allow local users to modify executable files with full access rights. Attackers can replace system exe...

The M-Track Duo HD installer version 1.0.0 has a DLL hijacking vulnerability where attackers can place malicious DLLs in directories searched by the i...

A memory corruption vulnerability in Apple operating systems allows attackers with memory write capability to execute arbitrary code. This affects wat...

A package validation vulnerability in macOS allows malicious applications to gain root privileges. This affects macOS systems running versions before ...

This vulnerability allows a malicious application to gain root privileges on affected Apple devices. It affects macOS, iOS, iPadOS, and visionOS syste...

A path validation vulnerability in Apple operating systems allows malicious applications to gain root privileges through improper path handling. This ...

A macOS vulnerability allows malicious applications to gain root privileges through improper symlink handling. This affects macOS systems before versi...

This CVE describes a path handling vulnerability in macOS that allows an application to gain root privileges through improper validation. It affects m...

A stack buffer overflow vulnerability in OpenSatKit 2.2.1 allows remote attackers to execute arbitrary code by sending specially crafted telecommands ...

A race condition vulnerability in AMD Secure Processor (ASP) allows attackers to corrupt memory by exploiting timing differences between checking and ...

This CVE describes a Time-of-check time-of-use (TOCTOU) race condition vulnerability in AMD Secure Processor (ASP) that could allow attackers to modif...

CVE-2019-25306 is an unquoted service path vulnerability in BlackMoon FTP Server that allows local attackers to execute arbitrary code with LocalSyste...

CVE-2019-25308 is an unquoted service path vulnerability in Mikogo's Windows service that allows attackers with local access to execute arbitrary code...

ActiveFax Server 6.92 Build 0316 has an unquoted service path vulnerability in its ActiveFaxServiceNT service. This allows local attackers with write ...

Lightroom Desktop versions 15.1 and earlier contain an out-of-bounds write vulnerability that could allow attackers to execute arbitrary code when use...

CVE-2026-21352 is an out-of-bounds write vulnerability in Adobe DNG SDK versions 1.7.1 2410 and earlier that could allow arbitrary code execution when...

CVE-2026-21345 is an out-of-bounds read vulnerability in Substance3D Stager that could allow arbitrary code execution when a user opens a malicious fi...

CVE-2026-21346 is an out-of-bounds write vulnerability in Adobe Bridge that could allow arbitrary code execution when a user opens a malicious file. T...

Adobe Bridge versions 15.1.3, 16.0.1 and earlier contain an integer overflow vulnerability that could allow arbitrary code execution when a user opens...

Substance3D Stager versions 3.1.6 and earlier contain an out-of-bounds read vulnerability when parsing malicious files. An attacker could exploit this...

CVE-2026-21341 is an out-of-bounds write vulnerability in Substance3D Stager that could allow arbitrary code execution when a user opens a malicious f...

This vulnerability allows an authorized attacker with valid Remote Desktop credentials to elevate privileges on a Windows system. It affects Windows s...

This vulnerability in Microsoft Office Word allows attackers to bypass local security features by manipulating untrusted inputs. It affects users runn...

This CVE describes a heap-based buffer overflow vulnerability in Adobe InDesign that could allow an attacker to execute arbitrary code with the privil...

Adobe After Effects versions 25.6 and earlier contain a use-after-free vulnerability that could allow attackers to execute arbitrary code on a victim'...

Substance3D Designer versions 15.1.0 and earlier contain an out-of-bounds write vulnerability that allows arbitrary code execution when a user opens a...

CVE-2026-21324 is an out-of-bounds read vulnerability in Adobe After Effects that could allow an attacker to execute arbitrary code in the context of ...