KLA90811 Multiple vulnerabilities in Microsoft Product (ESU)

Multiple vulnerabilities were found in Microsoft Products Extended Security Update. Malicious users can exploit these vulnerabilities to gain privileges, cause denial of service, spoof user interface, obtain sensitive information, bypass security restrictions, execute arbitrary code. Below is a...

EUVD-2025-17791

Malicious code in bioql PyPI...

EUVD-2024-43737

Malicious code in bioql PyPI...

EUVD-2022-27154

Malicious code in bioql PyPI...

CVE-2025-32713

Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally...

Windows Common Log File System Driver Elevation of Privilege Vulnerability

Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally...

PT-2025-24827 · Microsoft · Windows Common Log File System Driver +1

Name of the Vulnerable Software and Affected Versions: Windows Common Log File System Driver affected versions not specified Description: A heap-based buffer overflow issue in the Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally. Recommendations: A...

CVE-2025-30385 Windows Common Log File System Driver Elevation of Privilege Vulnerability

...

CVE-2025-30385

Technical details about CVE-2025-30385 are not provided in the connected documents. The initial description mentions a Windows use-after-free in the CLFS driver that could elevate privileges, but no vendor/version specifics or fixes are disclosed here. Monitor for authoritative updates.

CVE-2025-32706

CVE-2025-32706 is an elevation-of-privilege flaw in Windows CLFS Driver (heap-based buffer overflow) that enables local privilege escalation. Affected product: Windows Common Log File System Driver. Base CVSS v3.1: 7.8 (HIGH); attack vector LOCAL, requires LOW privileges, no user interaction. Pub...

CVE-2025-32701

CVE-2025-32701 is a Windows CLFS driver use-after-free vulnerability that can allow an authorized attacker to elevate privileges locally. The weakness affects the Windows Common Log File System Driver and has a base CVSS v3.1 score of 7.8 (HIGH) with LOCAL attack vector, LOW attack complexity, an...

CVE-2025-32706

Improper input validation in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...

PT-2025-20995 · Microsoft · Windows Common Log File System Driver +1

Name of the Vulnerable Software and Affected Versions: Windows Common Log File System Driver versions prior to the fixed version Description: The issue is related to a use-after-free flaw in the Windows Common Log File System Driver, which allows an authorized attacker to elevate privileges...

PT-2025-21003

Name of the Vulnerable Software and Affected Versions Windows Common Log File System Driver affected versions not specified Description The issue is related to a use-after-free vulnerability in the Windows Common Log File System Driver, which allows an authorized attacker to elevate privileges...

PT-2025-21008 · Microsoft · Windows Common Log File System Driver +1

Name of the Vulnerable Software and Affected Versions: Windows Common Log File System Driver affected versions not specified Description: The issue is related to improper input validation in the Windows Common Log File System Driver, which allows an authorized attacker to elevate privileges...

CVE-2025-29824

Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally...

Windows Common Log File System Driver Elevation of Privilege Vulnerability

Incorrect conversion between numeric types in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally...

PT-2025-10810 · Microsoft · Windows Common Log File System Driver +1

Name of the Vulnerable Software and Affected Versions: Windows Common Log File System Driver affected versions not specified Description: The issue is related to an incorrect conversion between numeric types in the Windows Common Log File System Driver, which allows an authorized attacker to...

CVE-2024-49138

Windows Common Log File System Driver Elevation of Privilege Vulnerability...

PT-2024-9321

Name of the Vulnerable Software and Affected Versions Windows Common Log File System Driver affected versions not specified Description The vulnerability is an elevation-of-privilege issue in the Windows Common Log File System Driver. It allows attackers to gain SYSTEM privileges on Windows...