25953 matches found
CVE-2025-64658 Windows File Explorer Elevation of Privilege Vulnerability
...
CVE-2025-64658 Windows File Explorer Elevation of Privilege Vulnerability
...
CVE-2025-64658
CVE-2025-64658 is a Windows Shell elevation-of-privilege vulnerability described as a race condition caused by concurrent execution using a shared resource. The available connected documents confirm impact as local privilege escalation for an attacker with local access and low privileges, requiri...
Windows File Explorer Elevation of Privilege Vulnerability
Use after free in Windows Shell allows an authorized attacker to elevate privileges locally...
Windows File Explorer Elevation of Privilege Vulnerability
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Shell allows an authorized attacker to elevate privileges locally...
๐ Microsoft Windows File Explorer NTLM Hash Disclosure
Microsoft Windows File Explorer in Windows 10 and 11 contains a critical NTLM hash disclosure vulnerability that allows attackers to capture user authentication credentials by exploiting the automatic parsing of .library-ms files from ZIP archives, leading to potential domain compromise through...
Adobe Experience Manager (AEM) CRX Content Explorer
This plugin detects the presence of the Adobe Experience Manager AEM CRX Content Explorer interface. The CRX Content Explorer is a web-based interface used to manage and interact with the content repository of Adobe Experience Manager. No source data...
Liferay Portal API Explorer Detected
This is an informational plugin to inform the user that the scanner has detected that the target Liferay instance publicly expose the API explorer. No source data...
Exploit for External Control of File Name or Path in Microsoft
CVE-2025-2405...
November 20, 2025โKB5070312 (OS Build 22631.6276) Preview
November 20, 2025โKB5070312 OS Build 22631.6276 Preview โโโโโThis non-security update for Windows 11, version 23H2 KB5070312, improves functionality, performance, and reliability. To learn more about differences between security updates, optional non-security preview updates, Out-of-band OOB...
CVE-2025-63694
DzzOffice v2.3.7 and before is vulnerable to SQL Injection in explorer/groupmanage...
CVE-2025-63694
DzzOffice v2.3.7 and before is vulnerable to SQL Injection in explorer/groupmanage...
CVE-2025-63694
DzzOffice v2.3.7 and before is vulnerable to SQL Injection in explorer/groupmanage...
CVE-2025-63694
DzzOffice v2.3.7 and before is vulnerable to SQL Injection in explorer/groupmanage...
PT-2025-47371
Name of the Vulnerable Software and Affected Versions DzzOffice versions prior to 2.3.8 Description DzzOffice versions 2.3.7 and before have a SQL Injection issue in the 'explorer/groupmanage' component. The issue allows for potential manipulation of database queries through the...
EUVD-2025-198055
DzzOffice v2.3.7 and before is vulnerable to SQL Injection in explorer/groupmanage...
CVE-2025-63694
DzzOffice v2.3.7 and before is vulnerable to SQL Injection in explorer/groupmanage...
DzzOffice ๅฎๅ จๆผๆด
DzzOffice is a platform from Big Desk DzzOffice that provides online collaborative office suite functionality. It provides online documents, forms, webstores, presentations and other features. A security vulnerability exists in DzzOffice v2.3.7 and earlier versions, which stems from...
D-Link DIR-816L Buffer Overflow Vulnerability
DIR-816L is a wireless router product from D-Link. A stack buffer overflow vulnerability exists in the D-Link DIR-816L version 206b09beta, which stems from failure to properly validate the input length when manipulating the en parameter of the scandirmain function in the /portal/ajaxexporer.sgi...
CVE-2025-63694
DzzOffice v2.3.7 and earlier are affected by an SQL Injection vulnerability in the explorer/groupmanage component. The issue, documented across multiple feeds (CVE-2025-63694 and related advisories), affects versions prior to 2.3.8 and could allow manipulation of database queries via that functio...