🔥 Trending CVEs - Last 90 Days

A path validation vulnerability in Apple operating systems allows malicious applications to gain root privileges through improper path handling. This ...

A macOS vulnerability allows malicious applications to gain root privileges through improper symlink handling. This affects macOS systems before versi...

This CVE describes a path handling vulnerability in macOS that allows an application to gain root privileges through improper validation. It affects m...

A stack buffer overflow vulnerability in OpenSatKit 2.2.1 allows remote attackers to execute arbitrary code by sending specially crafted telecommands ...

A race condition vulnerability in AMD Secure Processor (ASP) allows attackers to corrupt memory by exploiting timing differences between checking and ...

This CVE describes a Time-of-check time-of-use (TOCTOU) race condition vulnerability in AMD Secure Processor (ASP) that could allow attackers to modif...

CVE-2019-25306 is an unquoted service path vulnerability in BlackMoon FTP Server that allows local attackers to execute arbitrary code with LocalSyste...

CVE-2019-25308 is an unquoted service path vulnerability in Mikogo's Windows service that allows attackers with local access to execute arbitrary code...

ActiveFax Server 6.92 Build 0316 has an unquoted service path vulnerability in its ActiveFaxServiceNT service. This allows local attackers with write ...

Lightroom Desktop versions 15.1 and earlier contain an out-of-bounds write vulnerability that could allow attackers to execute arbitrary code when use...

CVE-2026-21352 is an out-of-bounds write vulnerability in Adobe DNG SDK versions 1.7.1 2410 and earlier that could allow arbitrary code execution when...

CVE-2026-21345 is an out-of-bounds read vulnerability in Substance3D Stager that could allow arbitrary code execution when a user opens a malicious fi...

CVE-2026-21346 is an out-of-bounds write vulnerability in Adobe Bridge that could allow arbitrary code execution when a user opens a malicious file. T...

Adobe Bridge versions 15.1.3, 16.0.1 and earlier contain an integer overflow vulnerability that could allow arbitrary code execution when a user opens...

Substance3D Stager versions 3.1.6 and earlier contain an out-of-bounds read vulnerability when parsing malicious files. An attacker could exploit this...

CVE-2026-21341 is an out-of-bounds write vulnerability in Substance3D Stager that could allow arbitrary code execution when a user opens a malicious f...

This vulnerability allows an authorized attacker with valid Remote Desktop credentials to elevate privileges on a Windows system. It affects Windows s...

This vulnerability in Microsoft Office Word allows attackers to bypass local security features by manipulating untrusted inputs. It affects users runn...

This CVE describes a heap-based buffer overflow vulnerability in Adobe InDesign that could allow an attacker to execute arbitrary code with the privil...

Adobe After Effects versions 25.6 and earlier contain a use-after-free vulnerability that could allow attackers to execute arbitrary code on a victim'...

Substance3D Designer versions 15.1.0 and earlier contain an out-of-bounds write vulnerability that allows arbitrary code execution when a user opens a...

CVE-2026-21324 is an out-of-bounds read vulnerability in Adobe After Effects that could allow an attacker to execute arbitrary code in the context of ...

CVE-2026-21325 is an out-of-bounds read vulnerability in Adobe After Effects that could allow arbitrary code execution when a user opens a malicious f...

Adobe After Effects versions 25.6 and earlier contain a use-after-free vulnerability that could allow attackers to execute arbitrary code on a victim'...

Adobe After Effects versions 25.6 and earlier contain an out-of-bounds write vulnerability that could allow attackers to execute arbitrary code on a v...

CVE-2026-21329 is a use-after-free vulnerability in Adobe After Effects that could allow arbitrary code execution when a user opens a malicious file. ...

Adobe After Effects versions 25.6 and earlier contain a type confusion vulnerability that could allow arbitrary code execution when a user opens a mal...

CVE-2026-21318 is an out-of-bounds write vulnerability in Adobe After Effects that could allow arbitrary code execution when a user opens a malicious ...

Adobe After Effects versions 25.6 and earlier contain a use-after-free vulnerability that could allow an attacker to execute arbitrary code on a victi...

CVE-2026-21322 is an out-of-bounds read vulnerability in Adobe After Effects that could allow arbitrary code execution when a user opens a malicious f...

Adobe After Effects versions 25.6 and earlier contain a use-after-free vulnerability that could allow attackers to execute arbitrary code on a victim'...

Adobe Audition versions 25.3 and earlier contain an out-of-bounds write vulnerability that could allow attackers to execute arbitrary code when a user...

A heap-based buffer overflow vulnerability in Microsoft Office Excel allows local attackers to execute arbitrary code with elevated privileges. This a...

CVE-2026-21250 is a local privilege escalation vulnerability in Windows HTTP.sys driver where an authorized attacker can exploit untrusted pointer der...

A heap-based buffer overflow vulnerability in Microsoft Graphics Component allows authenticated attackers to execute arbitrary code with elevated priv...

A heap-based buffer overflow vulnerability in the Windows Kernel allows authenticated attackers to execute arbitrary code with elevated privileges. Th...

A heap-based buffer overflow vulnerability in the Windows Kernel allows authenticated attackers to execute arbitrary code with elevated privileges. Th...

CVE-2026-21232 is an untrusted pointer dereference vulnerability in Windows HTTP.sys that allows an authenticated attacker to escalate privileges loca...

This vulnerability allows attackers on the same local network to probe the TP-Link Tapo C260 v1 camera's filesystem to determine if specific files exi...

An out-of-bounds read vulnerability in Simcenter Femap and Simcenter Nastran allows attackers to execute arbitrary code by tricking users into opening...

A vulnerability in SINEC NMS allows low-privileged users to modify configuration files, enabling DLL hijacking attacks. This could lead to arbitrary c...

A low-privileged user can modify configuration files in SINEC NMS User Management Component, allowing malicious DLL loading. This leads to arbitrary c...

A data validation vulnerability in NX software versions before V2512 allows local attackers to manipulate internal data during PDF export, potentially...

An out-of-bounds write vulnerability in Simcenter Femap and Simcenter Nastran allows attackers to execute arbitrary code by tricking users into openin...

An out-of-bounds read vulnerability in Simcenter Femap and Simcenter Nastran allows attackers to execute arbitrary code by tricking users into opening...

An out-of-bounds read vulnerability in Simcenter Femap and Simcenter Nastran allows attackers to execute arbitrary code by tricking users into opening...

An out-of-bounds read vulnerability in Simcenter Femap and Simcenter Nastran allows attackers to execute arbitrary code by tricking users into opening...

A heap-based buffer overflow vulnerability in Simcenter Femap and Simcenter Nastran allows attackers to execute arbitrary code by tricking users into ...

CVE-2025-11547 is a privilege escalation vulnerability in AXIS Camera Station Pro that allows authenticated non-admin users to gain administrative pri...

CVE-2025-15310 is a local privilege escalation vulnerability in Tanium Patch Endpoint Tools that allows authenticated local users to gain elevated pri...