28 matches found
Windows Mark of the Web Security Feature Bypass Vulnerability
Protection mechanism failure in Windows Mark of the Web MOTW allows an unauthorized attacker to bypass a security feature over a network...
PT-2026-47984
Name of the Vulnerable Software and Affected Versions Windows affected versions not specified Description A failure in the Mark of the Web MOTW protection mechanism allows an unauthorized attacker to bypass a security feature over a network, which can affect the system. Recommendations At the...
B1FREE 安全漏洞
B1FREE is a one-click backup and recovery tool developed by Andrew as an individual developer. Version B1FREE 1.5.86 contains a security vulnerability. This vulnerability arises from the failure to propagate the Zone.Identifier alternate data stream when extracting files from the downloaded...
EUVD-2025-209592
A vulnerability in B1 Free Archiver v1.5.86 allows files extracted from downloaded archives to bypass Windows Mark of the Web MotW protections. When an archive is downloaded from the internet and extracted using B1 Free Archiver, the software fails to propagate the 'Zone.Identifier' alternate dat...
CVE-2025-50328
A vulnerability in B1 Free Archiver v1.5.86 allows files extracted from downloaded archives to bypass Windows Mark of the Web MotW protections. When an archive is downloaded from the internet and extracted using B1 Free Archiver, the software fails to propagate the 'Zone.Identifier' alternate dat...
Microsoft Edge Mark-Of-The-Web Removal Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Edge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...
EUVD-2025-203807
When using the attachment interaction functionality, Canary Mail 5.1.40 and below saves documents to a file system without a Mark-of-the-Web tag, which allows attackers to bypass the built-in file protection mechanisms of both Windows OS and third-party software...
CVE-2025-65318
When using the attachment interaction functionality, Canary Mail 5.1.40 and below saves documents to a file system without a Mark-of-the-Web tag, which allows attackers to bypass the built-in file protection mechanisms of both Windows OS and third-party software...
Mozilla Firefox < 61.0
The version of Firefox installed on the remote Windows host is prior to 61.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2018-15 advisory. - Mozilla developers and community members Alex Gaynor, Christoph Diehl, Christian Holler, Jason Kratzer, David Major, Jo...
CVE-2025-12905
Inappropriate implementation in Downloads in Google Chrome allowed a remote attacker to bypass Mark of the Web via a crafted HTML page...
CVE-2025-12905
Inappropriate implementation in Downloads in Google Chrome on Windows prior to 140.0.7339.80 allowed a remote attacker to bypass Mark of the Web via a crafted HTML page. Chromium security severity: Low...
PT-2025-45514
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 140.0.7339.80 Description A flaw exists in Google Chrome’s Downloads functionality on Windows. This issue allows a remote attacker to bypass the Mark of the Web security feature using a specially crafted HTML...
PT-2025-51553
Name of the Vulnerable Software and Affected Versions Blue Mail versions 1.140.103 and below Description Blue Mail’s attachment interaction functionality saves documents to the file system without a Mark-of-the-Web tag. This bypasses file protection mechanisms in Windows OS and third-party...
SUSE CVE-2025-33026
In PeaZip through 10.4.0, there is a Mark-of-the-Web Bypass Vulnerability. This vulnerability allows attackers to bypass the Mark-of-the-Web protection mechanism on affected installations of PeaZip. User interaction is required to exploit this vulnerability in that the target must visit a malicio...
The vulnerability of the MOTW mechanism of the WinRAR file archiver allows a hacker to execute arbitrary code.
The vulnerability of the Mark of the Web MOTW file archiver WinRAR is related to the lack of a warning message for users regarding unsafe actions related to the user interface when processing symbolic links that point to executable files. Exploiting this vulnerability allows a malicious actor to...
SUSE CVE-2025-0411
7-Zip Mark-of-the-Web Bypass Vulnerability. This vulnerability allows remote attackers to bypass the Mark-of-the-Web protection mechanism on affected installations of 7-Zip. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicio...
The vulnerability of the Mark of the Web mechanism in Windows operating systems allows attackers to circumvent existing security restrictions.
The vulnerability of the Mark of the Web mechanism in Windows operating systems is related to the breach of data protection mechanisms. Exploiting this vulnerability allows a remote attacker to circumvent existing security restrictions...
PT-2024-6052
Name of the Vulnerable Software and Affected Versions Microsoft Windows affected versions not specified Description The issue concerns a security feature bypass vulnerability in the Mark of the Web MOTW protection mechanism of Microsoft Windows. This vulnerability can be exploited by an attacker ...
VulnCheck KEV: CVE-2024-38217
Microsoft Windows Mark of the Web MOTW contains a protection mechanism failure vulnerability that allows an attacker to bypass MOTW-based defenses. This can result in a limited loss of integrity and availability of security features such as Protected View in Microsoft Office, which rely on MOTW...
Microsoft Windows 安全漏洞
Microsoft Windows is a suite of operating systems for use on personal devices from the U.S.-based Microsoft Corporation Microsoft. A security vulnerability exists in Microsoft Windows Mark of the Web MOTW. The following products and versions are affected: Windows Server 2022 Server Core...