Windows Security Vulnerabilities
6.7AI Score
0.0004EPSS
7.5AI Score
0.001EPSS
7.9AI Score
0.0005EPSS
6.7AI Score
0.0004EPSS
7.3AI Score
0.001EPSS
7.3AI Score
0.0004EPSS
7.2AI Score
0.0004EPSS
7.7AI Score
0.001EPSS
7.2AI Score
0.0004EPSS
7.7AI Score
0.001EPSS
An Incorrect Regular Expression vulnerability in Bitdefender GravityZone Update Server allows an attacker to cause a Server Side Request Forgery and reconfigure the relay. This issue affects the following products that include the vulnerable component: Bitdefender Endpoint Security for Linux...
8.1CVSS
7.3AI Score
0.0004EPSS
Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability in the UpdateServer component of Bitdefender GravityZone allows an attacker to execute arbitrary code on vulnerable instances. This issue affects the following products that include the vulnerable...
8.1CVSS
8.3AI Score
0.0004EPSS
IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.5, 11.1, and 11.5 federated server is vulnerable to denial of service with a specially crafted query under certain conditions. IBM X-Force ID: ...
5.3CVSS
6.6AI Score
0.0004EPSS
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 is vulnerable to a denial of service by an authenticated user using a specially crafted query. IBM X-Force ID: ...
5.3CVSS
6.5AI Score
0.0004EPSS
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: ...
6.2CVSS
5.8AI Score
0.0004EPSS
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 is vulnerable to a denial of service with a specially crafted query on certain columnar tables. IBM X-Force ID: ...
5.3CVSS
6.6AI Score
0.0004EPSS
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server)10.5, 11.1, and 11.5 is vulnerable to sensitive information disclosure when using ADMIN_CMD with IMPORT or EXPORT. IBM X-Force ID: ...
6.8CVSS
6.2AI Score
0.0004EPSS
IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 is vulnerable to denial of service when querying a specific UDF built-in function concurrently. IBM X-Force ID: ...
5.3CVSS
6.6AI Score
0.0004EPSS
The Auto-update service for Okta Verify for Windows is vulnerable to two flaws which in combination could be used to execute arbitrary...
8.1AI Score
0.0004EPSS
Dell Grab for Windows, versions up to and including 5.0.4, contain Weak Application Folder Permissions vulnerability. A local authenticated attacker could potentially exploit this vulnerability, leading to privilege escalation, unauthorized access to application data, unauthorized modification of.....
6.7CVSS
7.1AI Score
0.0004EPSS
Dell Grab for Windows, versions 5.0.4 and below, contains an improper file permissions vulnerability. A locally authenticated attacker could potentially exploit this vulnerability, leading to the information disclosure of certain system...
5.5CVSS
6.8AI Score
0.0004EPSS
Dell Grab for Windows, versions 5.0.4 and below, contains a cleartext storage of sensitive information vulnerability in its appsync module. An authenticated local attacker could potentially exploit this vulnerability, leading to information disclosure that could be used to access the appsync...
4.8CVSS
6.4AI Score
0.0004EPSS
Kaspersky has fixed a security issue in Kaspersky Password Manager (KPM) for Windows that allowed a local user to recover the auto-filled credentials from a memory dump when the KPM extension for Google Chrome is used. To exploit the issue, an attacker must trick a user into visiting a login form.....
2.2CVSS
6.9AI Score
0.0004EPSS
A logic issue was addressed with improved checks. This issue is fixed in iTunes 12.13.1 for Windows. A local attacker may be able to elevate their...
6.3AI Score
0.0004EPSS
A potential DLL hijacking vulnerability in the SanDisk PrivateAccess application for Windows that could lead to arbitrary code execution in the context of the system user. This vulnerability is only exploitable locally if an attacker has access to a copy of the user's vault or has already gained...
7.9CVSS
8.1AI Score
0.0004EPSS
Race condition in the installer for Zoom Rooms Client for Windows before version 5.17.5 may allow an authenticated user to conduct a denial of service via local...
4.7CVSS
7AI Score
0.0004EPSS
Improper access control in the installer for Zoom Rooms Client for Windows before version 5.17.5 may allow an authenticated user to conduct a denial of service via local...
5.5CVSS
7AI Score
0.0004EPSS
8AI Score
0.0004EPSS
7.3AI Score
0.0005EPSS
6.6AI Score
0.0004EPSS
7.9AI Score
0.0004EPSS
6.6AI Score
0.0004EPSS
7.9AI Score
0.0004EPSS
6.6AI Score
0.0004EPSS
8AI Score
0.0004EPSS
7.9AI Score
0.0004EPSS
8.4AI Score
0.001EPSS
8AI Score
0.0004EPSS
8.4AI Score
0.001EPSS
6.7AI Score
0.0004EPSS
8.4AI Score
0.0004EPSS
8AI Score
0.0004EPSS
7.9AI Score
0.0004EPSS
8.6AI Score
0.001EPSS
8AI Score
0.0004EPSS
7.5AI Score
0.0004EPSS
7.5AI Score
0.0004EPSS
8AI Score
0.0004EPSS
7.8AI Score
0.001EPSS
8.2AI Score
0.001EPSS