🔥 Trending CVEs - Last 90 Days

This CVE describes a remote code execution vulnerability in PHPUnit's PHPT test execution when code coverage instrumentation is enabled. Attackers wit...

An integer overflow vulnerability in yoyofr modizer allows attackers to cause memory corruption by providing specially crafted input. This affects all...

An out-of-bounds read vulnerability in Rinnegatamante's lpp-vita software allows attackers to read memory beyond allocated buffers. This affects PlayS...

This vulnerability allows attackers to cause denial-of-service or memory corruption by exhausting the ThreadX RTOS counter pool. When the pool is depl...

This vulnerability allows a local low-privileged attacker to bypass authentication in the Device Manager user interface, enabling them to perform priv...

CVE-2026-1361 is a stack-based buffer overflow vulnerability in Delta Electronics' ASDA-Soft software that allows attackers to execute arbitrary code ...

This vulnerability in Microsoft Office allows an attacker to bypass local security features by manipulating untrusted inputs. It affects users running...

An out-of-bounds write vulnerability in SOLIDWORKS eDrawings allows attackers to execute arbitrary code when users open malicious EPRT files. This aff...

A heap-based buffer overflow vulnerability in SOLIDWORKS eDrawings allows attackers to execute arbitrary code when users open malicious EPRT files. Th...

A use-after-free vulnerability in the Linux kernel's Tegra ADMA driver allows memory corruption when audio streams terminate during XRUN conditions. T...

A local OS command injection vulnerability in the com.sprd.engineermode component on Doogee Note59 series devices allows attackers with ADB shell acce...

Epson USB Display 1.6.0.0 contains an unquoted service path vulnerability in the EMP_UDSA service, which runs with LocalSystem privileges. Attackers c...

CVE-2021-47896 is an unquoted service path vulnerability in PDF Complete Corporate Edition's pdfcDispatcher service. Local attackers can exploit this ...

Softros LAN Messenger 9.6.4 contains an unquoted service path vulnerability in the SoftrosSpellChecker service that allows local attackers to execute ...

LogonExpert 8.1 contains an unquoted service path vulnerability in the LogonExpertSvc service. Attackers can place malicious executables in intermedia...

A race condition in the Linux kernel's ublk driver allows use-after-free when partition scanning occurs during device teardown. This vulnerability cou...

This CVE describes a race condition vulnerability in the Linux kernel's NFS server (nfsd) that can lead to use-after-free memory corruption. The issue...

This Linux kernel vulnerability in the DSA (Distributed Switch Architecture) subsystem mishandles reference counting for conduit network devices, pote...

This CVE addresses a memory corruption vulnerability in the KVM (Kernel-based Virtual Machine) subsystem for s390 architecture in the Linux kernel. Mi...

A race condition vulnerability in the Linux kernel's gve (Google Virtual Ethernet) driver where interrupts could fire before NAPI (New API) context in...

A reference counting vulnerability in the Linux kernel's RDMA subsystem could lead to resource exhaustion or kernel instability. The issue occurs when...

A use-after-free vulnerability in the Linux kernel's USB PHY driver (isp1301) allows potential kernel memory corruption when handling non-OF (Open Fir...

This is a command injection vulnerability in the mcp-server-siri-shortcuts software that allows local attackers to escalate privileges. Attackers with...

This vulnerability allows remote attackers to execute arbitrary code by tricking users into opening malicious SKP files in Trimble SketchUp. Attackers...

This vulnerability allows remote attackers to execute arbitrary code on Anritsu ShockLine systems by tricking users into opening malicious CHX files. ...

A deserialization vulnerability in Anritsu VectorStar's CHX file parser allows remote attackers to execute arbitrary code when a user opens a maliciou...

This vulnerability allows remote attackers to execute arbitrary code by tricking users into opening malicious CHX files or visiting malicious pages. I...

A directory traversal vulnerability in 7-Zip's ZIP file parsing allows remote attackers to execute arbitrary code by crafting malicious ZIP archives c...

This vulnerability allows remote attackers to execute arbitrary code by tricking users into opening malicious PSP files in GIMP. The heap-based buffer...

This vulnerability allows arbitrary file write through path traversal in archive extraction functions. Attackers can place malicious archives that ext...

CVE-2026-1260 is an invalid memory access vulnerability in Sentencepiece versions before 0.2.1 that occurs when processing specially crafted model fil...

CVE-2021-47887 is an unquoted service path vulnerability in OKI Print Job Accounting 4.4.10 that allows local attackers to execute arbitrary code with...

FreeLAN 2.2 on Windows contains an unquoted service path vulnerability that allows local attackers to execute arbitrary code with LocalSystem privileg...

CVE-2021-47883 is an unquoted service path vulnerability in Sandboxie Plus's SbieSvc service that allows local attackers to execute arbitrary code wit...

CVE-2021-47884 is an unquoted service path vulnerability in OKI Configuration Tool 1.6.53 that allows local attackers to execute arbitrary code with e...

CVE-2021-47886 is an unquoted service path vulnerability in Pingzapper 2.3.1 that allows local attackers to execute arbitrary code with elevated privi...

CVE-2021-47879 is an unquoted service path vulnerability in eBeam Interactive Suite 3.6's eBeam Stylus Driver service. Local attackers can place malic...

CVE-2021-47880 is an unquoted service path vulnerability in Realtek Wireless LAN Utility that allows local attackers to execute arbitrary code with SY...

CVE-2021-47878 is an unquoted service path vulnerability in eBeam Education Suite's Device Service that allows local attackers to execute arbitrary co...

CVE-2021-47874 is an unquoted service path vulnerability in VFS for Git's GVFS.Service Windows service that allows local attackers to execute arbitrar...

CVE-2021-47868 is an unquoted service path vulnerability in WIN-PACK PRO 4.8's WPCommandFileService that allows local attackers to execute arbitrary c...

CVE-2021-47869 is an unquoted service path vulnerability in Brother BRAdmin Professional 3.75's BRA_Scheduler service. This allows local attackers to ...

CVE-2021-47864 is an unquoted service path vulnerability in OSAS Traverse Extension 11's TravExtensionHostSvc service. Attackers with local access can...

WIN-PACK PRO 4.8 contains an unquoted service path vulnerability in GuardTourService that allows local attackers to execute arbitrary code with SYSTEM...

CVE-2021-47867 is an unquoted service path vulnerability in WIN-PACK PRO 4.8's ScheduleService that allows local attackers to execute arbitrary code w...

Event Log Explorer 4.9.3 has an unquoted service path vulnerability that allows local attackers to execute arbitrary code with SYSTEM privileges. Atta...

CVE-2021-47862 is an unquoted service path vulnerability in Hi-Rez Studios' HiPatchService that allows local attackers to execute arbitrary code with ...

CVE-2021-47863 is an unquoted service path vulnerability in MacPaw Encrypto that allows local attackers to execute arbitrary code with elevated privil...

CVE-2021-47859 is an unquoted service path vulnerability in ActivIdentity 8.2's ac.sharedstore service that allows local attackers to execute arbitrar...

This vulnerability allows attackers to execute arbitrary code with administrator privileges by exploiting insecure DLL loading in the ServerView Agent...