CVE-2025-50154 Microsoft Windows File Explorer Spoofing Vulnerability

...

CVE-2025-50154

CVE-2025-50154 is a Windows File Explorer spoofing vulnerability where Explorer may disclose NTLMv2-SSP hashes by rendering a remote icon for a .LNK or Library-MS that's hosted on SMB, triggering authentication. Multiple connected documents describe attacker-controlled .LNK/.library-ms payloads a...

Microsoft Windows File Explorer Spoofing Vulnerability

Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network...

KLA86584 Multiple vulnerabilities in Microsoft Products (ESU)

Multiple vulnerabilities were found in Microsoft Products Extended Security Update. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, obtain sensitive information, spoof user interface, cause denial of service. Below is a complete list of vulnerabilitie...

PT-2025-32777

Name of the Vulnerable Software and Affected Versions Microsoft Windows versions affected versions not specified Description This issue involves a security flaw in Windows File Explorer that allows an attacker to extract NTLM hashes without user interaction, even on systems with the latest securi...

Microsoft Windows File Explorer 信息泄露漏洞

Microsoft Windows File Explorer is a file manager application from Microsoft USA. A spoofing vulnerability exists in Microsoft Windows File Explorer that is caused by the exposure of sensitive information to unauthorized participants in File Explorer. An attacker could exploit the vulnerability t...

CVE-2025-7618

A stored Cross-Site Scripting XSS vulnerability vulnerability was found in the File Explorer and Text Editor of ADM. An attacker could exploit this vulnerability to inject malicious scripts into the applications, which may then access cookies or other sensitive information retained by the browser...

CVE-2025-7618

A stored Cross-Site Scripting XSS vulnerability vulnerability was found in the File Explorer and Text Editor of ADM. An attacker could exploit this vulnerability to inject malicious scripts into the applications, which may then access cookies or other sensitive information retained by the browser...

CVE-2025-7618

CVE-2025-7618 describes a stored Cross-Site Scripting (XSS) vulnerability in the ADM File Explorer and Text Editor. Affected products and versions include: ADM 4.1.0–4.3.3.RH61 and ADM 5.0.0.RIN1 and earlier, and Text Editor 1.0.0.r112 and earlier. The vulnerability allows injected scripts to pot...

CVE-2025-7618 A stored Cross-Site Scripting (XSS) vulnerability exists in the File Explorer and Text Editor of ADM

A stored Cross-Site Scripting XSS vulnerability vulnerability was found in the File Explorer and Text Editor of ADM. An attacker could exploit this vulnerability to inject malicious scripts into the applications, which may then access cookies or other sensitive information retained by the browser...

CVE-2025-7618 A stored Cross-Site Scripting (XSS) vulnerability exists in the File Explorer and Text Editor of ADM

A stored Cross-Site Scripting XSS vulnerability vulnerability was found in the File Explorer and Text Editor of ADM. An attacker could exploit this vulnerability to inject malicious scripts into the applications, which may then access cookies or other sensitive information retained by the browser...

Windows File Explorer Windows 10 Pro x64 - TAR Extraction

import os import tarfile def main: filename = input"Enter your file name: " ipaddress = input"Enter IP EX: 192.168.1.162: " librarycontent = f""" \\ipaddress\IT """ libraryfilename = f"filename.library-ms" with openlibraryfilename, "w", encoding="utf-8" as f: f.writelibrarycontent tarname =...

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Microsoft

CVE-2025-24071 - Windows File Explorer Spoofing Vulnerability...

CVE-2023-51751

ScaleFusion 10.5.2 does not properly limit users to the Edge application because Alt-F4 can be used. This is fixed in 10.5.7 by preventing the launching of the file explorer in Agent-based Multi-App and Single App Kiosk mode...

CVE-2023-51748

ScaleFusion 10.5.2 does not properly limit users to the Edge application because Ctrl-O and Ctrl-S can be used. This is fixed in 10.5.7 by preventing the launching of the file explorer in Agent-based Multi-App and Single App Kiosk mode...

CVE-2023-3784

A vulnerability was found in Dooblou WiFi File Explorer 1.13.3. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation of the argument search/order/download/mode leads to cross site scripting. The attack can be launched remotely. The...

CVE-2019-8345

The Help feature in the ES File Explorer File Manager application 4.1.9.7.4 for Android allows session hijacking by a Man-in-the-middle attacker on the local network because HTTPS is not used, and an attacker's web site is displayed in a WebView with no information about the URL...

CVE-2012-0322

The EStrongs ES File Explorer application 1.6.0.2 through 1.6.1.1 for Android does not properly restrict access, which allows remote attackers to read arbitrary files via vectors involving an unspecified function...

PT-2025-17846 · Undefined · Undefined

We added the following vulnerabilities to our feed: - UNDISCLOSED: Microsoft Management Console - CVE-2025-24054: Windows File Explorer NTLM Leak - CVE-2025-24985: Windows FAT DoS - CVE-2023-36205: Zemana AntiMalware LPE - CVE-2021-21551: Dell Driver LPE https://t.co/iKW6swSCtZ...

April 22, 2025—KB5055629 (OS Builds 22621.5262 and 22631.5262) Preview

April 22, 2025—KB5055629 OS Builds 22621.5262 and 22631.5262 Preview For information about Windows update terminology, see types of Windows updates and the monthly quality update types. To find an overview of Windows 11, version 23H2, see its update history page. Be sure to follow @WindowsUpdate ...