4930 matches found
Windows Core Messaging Elevation of Privileges Vulnerability
...
PT-2025-6311 · Microsoft · Windows Core Messaging +1
Name of the Vulnerable Software and Affected Versions: Windows Core Messaging affected versions not specified Description: An elevation-of-privilege issue affects the system, allowing attackers to elevate their privileges. Recommendations: At the moment, there is no information about a newer...
PT-2025-6291 · Microsoft · Windows Core Messaging +1
Name of the Vulnerable Software and Affected Versions: Windows Core Messaging affected versions not specified Description: The issue is related to an elevation of privileges in Windows Core Messaging, which is associated with a buffer overflow in dynamic memory. This could allow an attacker to...
PT-2025-6335 · Microsoft · Windows Core Messaging +1
Name of the Vulnerable Software and Affected Versions: Windows Core Messaging affected versions not specified Description: An elevation-of-privilege issue affects the system, allowing attackers to exploit it. No information is provided about the estimated number of potentially affected devices...
Azure Linux 3.0 Security Update: rabbitmq-server (CVE-2023-46118)
The version of rabbitmq-server installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-46118 advisory. - RabbitMQ is a multi-protocol messaging and streaming broker. HTTP API did not enforce an HTTP reque...
CVE-2025-22894
Unprotected Windows messaging channel 'Shatter' issue exists in Defense Platform Home Edition Ver.3.9.51.x and earlier. If an attacker sends a specially crafted message to the specific process of the Windows system where the product is running, arbitrary files in the system may be altered. As a...
CVE-2025-20094
Unprotected Windows messaging channel 'Shatter' issue exists in Defense Platform Home Edition Ver.3.9.51.x and earlier. If an attacker sends a specially crafted message to the specific process of the Windows system where the product is running, arbitrary code may be executed with SYSTEM privilege...
GHSA-VR5F-PHP7-RG24 Pimcore Admin Classic Bundle allows user enumeration
pimcore/admin-ui-classic-bundle provides a Backend UI for Pimcore. In affected versions an error message discloses existing accounts and leads to user enumeration on the target via "Forgot password" function. No generic error message has been implemented. This issue has been addressed in version...
New scams could abuse brief USPS suspension of inbound packages from China, Hong Kong
I would be the last one to provide scammers with good ideas, but as a security provider, sometimes we need to think like criminals to stay ahead in the race. Recently, the US Postal Service USPS announced that it would suspend inbound packages from China and Hong Kong until further notice. That...
NULL Pointer Dereference
Overview Affected versions of this package are vulnerable to NULL Pointer Dereference in rtmpsrv.c, which takes a stream as input without validation of its playpath value. This allows an attacker to trigger a crash by convincing a user to open a malicious RTMP stream. Remediation There is no fixe...
CVE-2025-22894
Unprotected Windows messaging channel 'Shatter' issue exists in Defense Platform Home Edition Ver.3.9.51.x and earlier. If an attacker sends a specially crafted message to the specific process of the Windows system where the product is running, arbitrary files in the system may be altered. As a...
CVE-2025-22894
Unprotected Windows messaging channel 'Shatter' issue exists in Defense Platform Home Edition Ver.3.9.51.x and earlier. If an attacker sends a specially crafted message to the specific process of the Windows system where the product is running, arbitrary files in the system may be altered. As a...
CVE-2025-20094
Unprotected Windows messaging channel 'Shatter' issue exists in Defense Platform Home Edition Ver.3.9.51.x and earlier. If an attacker sends a specially crafted message to the specific process of the Windows system where the product is running, arbitrary code may be executed with SYSTEM privilege...
CVE-2025-20094
Unprotected Windows messaging channel 'Shatter' issue exists in Defense Platform Home Edition Ver.3.9.51.x and earlier. If an attacker sends a specially crafted message to the specific process of the Windows system where the product is running, arbitrary code may be executed with SYSTEM privilege...
CVE-2025-20094
Defense Platform Home Edition (Version 3.9.51.x and earlier) is affected by CVE-2025-20094 due to an unprotected Windows messaging channel (“Shatter”). The issue allows an attacker to send a specially crafted message to a specific Windows process, potentially executing arbitrary code with SYSTEM ...
CVE-2025-20094
Unprotected Windows messaging channel 'Shatter' issue exists in Defense Platform Home Edition Ver.3.9.51.x and earlier. If an attacker sends a specially crafted message to the specific process of the Windows system where the product is running, arbitrary code may be executed with SYSTEM privilege...
CVE-2025-22894
Unprotected Windows messaging channel 'Shatter' issue exists in Defense Platform Home Edition Ver.3.9.51.x and earlier. If an attacker sends a specially crafted message to the specific process of the Windows system where the product is running, arbitrary files in the system may be altered. As a...
CVE-2025-22894
Unprotected Windows messaging channel 'Shatter' issue exists in Defense Platform Home Edition Ver.3.9.51.x and earlier. If an attacker sends a specially crafted message to the specific process of the Windows system where the product is running, arbitrary files in the system may be altered. As a...
CVE-2025-22894
CVE-2025-22894 involves an unprotected Windows messaging channel, named ‘Shatter’, in Defense Platform Home Edition (DPHE) v3.9.51.x and earlier. The issue allows a local attacker who can send a crafted message to a specific Windows process to alter system files and cause the execution of an arbi...
PT-2025-5803
Name of the Vulnerable Software and Affected Versions: Defense Platform Home Edition versions 3.9.51.x and earlier Description: The issue exists due to an unprotected Windows messaging channel, also known as 'Shatter'. If an attacker sends a specially crafted message to the specific process of th...