The vulnerability of the Core Messaging service in Windows operating systems allows attackers to escalate their privileges.

The vulnerability of the Core Messaging service in Windows operating systems is related to buffer overflows in dynamic memory. Exploiting this vulnerability can allow an attacker to gain increased privileges...

thunderbird: Unsanitized address book fields

A flaw was found in Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: The Thunderbird Address Book URI fields contained unsanitized links. This could be used by an attacker to create and export an address book containing a malicious payload in a field. For...

CVE-2025-21414

Windows Core Messaging Elevation of Privileges Vulnerability...

CVE-2025-21414

Windows Core Messaging Elevation of Privileges Vulnerability...

CVE-2025-21358

Windows Core Messaging Elevation of Privileges Vulnerability...

CVE-2025-21358

Windows Core Messaging Elevation of Privileges Vulnerability...

CVE-2025-21184

Windows Core Messaging Elevation of Privileges Vulnerability...

CVE-2025-21184

Windows Core Messaging Elevation of Privileges Vulnerability...

CVE-2025-21414 Windows Core Messaging Elevation of Privileges Vulnerability

...

CVE-2025-21414 Windows Core Messaging Elevation of Privileges Vulnerability

...

CVE-2025-21414

CVE-2025-21414 is associated with Windows Core Messaging and is listed in a vulnerability roundup as an Elevation of Privilege risk, with the AVLEONOV source explicitly grouping it under EoP for Windows Core Messaging. The connected materials confirm the affected component (Windows Core Messaging...

CVE-2025-21184 Windows Core Messaging Elevation of Privileges Vulnerability

...

CVE-2025-21184 Windows Core Messaging Elevation of Privileges Vulnerability

...

CVE-2025-21184

CVE-2025-21184 is an Elevation of Privilege issue affecting Windows Core Messaging. The connected AVLEONOV article identifies it as EoP in Windows Core Messaging and lists it among February Patch Tuesday CVEs. Provided documents do not include a vendor/product version, root cause, exploit details...

CVE-2025-21358

Technical details about CVE-2025-21358 are not provided in the supplied documents. No affected products, vectors, or fixes are specified here; monitor for updates from official advisories.

CVE-2025-21358 Windows Core Messaging Elevation of Privileges Vulnerability

...

CVE-2025-21358 Windows Core Messaging Elevation of Privileges Vulnerability

...

thunderbird: Unsanitized address book fields

A flaw was found in Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: The Thunderbird Address Book URI fields contained unsanitized links. This could be used by an attacker to create and export an address book containing a malicious payload in a field. For...

CVE-2025-0513

In affected versions of Octopus Server error messages were handled unsafely on the error page. If an adversary could control any part of the error message they could embed code which may impact the user viewing the error message...

Windows Core Messaging Elevation of Privileges Vulnerability

...