PT-2025-42061

Name of the Vulnerable Software and Affected Versions Windows affected versions not specified Description A heap-based buffer overflow exists in Windows COM. An authorized attacker with local access can exploit this flaw to elevate privileges. Successful exploitation could lead to code execution...

Microsoft Inbox COM Objects 资源管理错误漏洞

Microsoft Inbox COM Objects is a built-in COM component of the Windows operating system from the U.S. company Microsoft Microsoft. A code execution vulnerability exists in Microsoft Inbox COM Objects, which can be exploited by an attacker to execute arbitrary code on a system...

EUVD-2011-5253

Malware in sbrugna...

EUVD-2007-5625

Malware in sbrugna...

PT-2025-34284 · America Online · Phobos.Dll +3

Name of the Vulnerable Software and Affected Versions: AOL versions prior to 9.6 Description: AOL versions up to and including 9.5 include an ActiveX control Phobos.dll that exposes a method called Import via the Phobos.Playlist COM object. This method is vulnerable to a stack-based buffer overfl...

CVE-2011-10028 RealNetworks Arcade Games StubbyUtil.ProcessMgr ActiveX Arbitrary Code Execution

The RealNetworks RealArcade platform includes an ActiveX control InstallerDlg.dll, version 2.6.0.445 that exposes a method named Exec via the StubbyUtil.ProcessMgr COM object. This method allows remote attackers to execute arbitrary commands on a victim's Windows machine without proper validation...

CVE-2011-10028 RealNetworks Arcade Games StubbyUtil.ProcessMgr ActiveX Arbitrary Code Execution

The RealNetworks RealArcade platform includes an ActiveX control InstallerDlg.dll, version 2.6.0.445 that exposes a method named Exec via the StubbyUtil.ProcessMgr COM object. This method allows remote attackers to execute arbitrary commands on a victim's Windows machine without proper validation...

Razer Synapse 4 安全漏洞

Razer Synapse 4 is an application from the American company Razer, Inc. cloud-based unified hardware configuration tool. A security vulnerability exists in Razer Synapse 4 4.0.86.2502180127 and prior versions, which stems from a COM interface vulnerability that could lead to local elevation of...

HCL Traveler 代码问题漏洞

HCL Traveler is a software from HCL India. It is used to provide automatic, bi-directional, wireless synchronization between HCL Domino servers and wireless handheld devices. A security vulnerability exists in HCL Traveler for Microsoft Outlook that stems from vulnerability to COM hijacking attac...

CVE-2020-1311

An elevation of privilege vulnerability exists when Component Object Model COM client uses special case IIDs, aka 'Component Object Model Elevation of Privilege Vulnerability'...

The vulnerability of the Microsoft COM component in the Windows operating system, which allows a hacker to increase their privileges

The vulnerability of the Microsoft COM component in the Windows operating system is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to increase their privileges...

BeyondTrust Endpoint Privilege Management for Windows 安全漏洞

BeyondTrust Endpoint Privilege Management for Windows is a complete endpoint privilege management solution from BeyondTrust USA. A security vulnerability exists in BeyondTrust Endpoint Privilege Management for Windows prior to version 25.2 that originates from a local authentication attacker who...

The vulnerability of the Microsoft COM Server component of the Windows operating system, which allows a hacker to disclose protected information

The vulnerability of the Microsoft COM Server component of the Windows operating system is related to the use of an uninitialized resource. Exploiting this vulnerability could allow an attacker to disclose sensitive information that is protected by security measures...

CVE-2025-21288

Windows COM Server Information Disclosure Vulnerability...

Microsoft Windows COM 安全漏洞

Microsoft Windows COM is a technology for the purpose of reusing software from Microsoft Corporation USA.COM is described as a platform-independent, decentralized, object-oriented system for creating interactive binary software components. A security vulnerability exists in Microsoft Windows COM...

PT-2025-4194 · Microsoft · Com +1

Name of the Vulnerable Software and Affected Versions: Microsoft COM for Windows affected versions not specified Description: An elevation-of-privilege issue affects the system, allowing attackers to elevate their privileges. Recommendations: At the moment, there is no information about a newer...

The vulnerability of the DCOM Remote Cross-Session Activation component of the Windows operating system allows attackers to increase their privileges.

The vulnerability of the DCOM Remote Cross-Session Activation component in the Windows operating system is related to access control deficiencies. Exploiting this vulnerability can allow a malicious actor to increase their privileges remotely...

The vulnerability of the Windows operating system’s kernel allows attackers to enhance their privileges.

The vulnerability of Windows operating system kernels is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges through specially created malicious COM objects...

PT-2024-2101 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to insufficient access control in the Windows kernel, allowing an attacker to elevate their privileges using specially crafted malicious COM objects. This can affect th...

CVE-2023-25732

When encoding data from an inputStream in xpcom the size of the input being encoded was not correctly calculated potentially leading to an out of bounds memory write. This vulnerability affects Firefox 110, Thunderbird 102.8, and Firefox ESR 102.8...