85 matches found
CVE-2025-49679
Numeric truncation error in Windows Shell allows an authorized attacker to elevate privileges locally...
CVE-2025-49679
Technical details about CVE-2025-49679 (affected product/module, root cause, impact, and remediation) are not publicly provided in the supplied documents. Monitor for official updates from Microsoft (KB/SSU) and ENISA EUVD for specifics.
Windows Shell Elevation of Privilege Vulnerability
Numeric truncation error in Windows Shell allows an authorized attacker to elevate privileges locally...
PT-2025-28577 · Microsoft · Windows Shell +1
Name of the Vulnerable Software and Affected Versions: Windows Shell affected versions not specified Description: A numeric truncation error in Windows Shell allows an authorized attacker to elevate privileges locally. Recommendations: At the moment, there is no information about a newer version...
CVE-2023-36641
A numeric truncation error in Fortinet FortiProxy version 7.2.0 through 7.2.4, FortiProxy version 7.0.0 through 7.0.10, FortiProxy 2.0 all versions, FortiProxy 1.2 all versions, FortiProxy 1.1, all versions, FortiProxy 1.0 all versions, FortiOS version 7.4.0, FortiOS version 7.2.0 through 7.2.5,...
The vulnerability of the Kerberos Key Distribution Center (KDC) Proxy Protocol implementation in Windows operating systems allows a perpetrator to execute arbitrary code.
The vulnerability of the Kerberos Key Distribution Center KDC Proxy Protocol implementation in Windows operating systems is related to numerical truncation errors. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
PT-2024-6359 · Microsoft · Sql Server
Name of the Vulnerable Software and Affected Versions: Microsoft SQL Server affected versions not specified Description: The issue is related to errors in numerical truncation in the Microsoft SQL Server system, which can allow a remote attacker to gain unauthorized access to protected informatio...
Numeric Truncation Error
Overview Affected versions of this package are vulnerable to Numeric Truncation Error through the handling of specially crafted inputs. An attacker can execute arbitrary code on the target system by sending a malformed data packet. Remediation Upgrade Microsoft.Azure.Kinect.Sensor to version or...
CVE-2023-32143
D-Link DAP-1360 webupg UPGCGICheckAuth Numeric Truncation Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. The...
CVE-2023-32143
D-Link DAP-1360 webupg UPGCGICheckAuth Numeric Truncation Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. The...
CVE-2023-32143 D-Link DAP-1360 webupg UPGCGI_CheckAuth Numeric Truncation Remote Code Execution Vulnerability
D-Link DAP-1360 webupg UPGCGICheckAuth Numeric Truncation Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. The...
Fortinet FortiOS and FortiProxy Denial of Service Vulnerabilities
Fortinet FortiOS is a set of security operating system dedicated to FortiGate network security platform from American Fita Fortinet. The system provides users with firewall, anti-virus, IPSec/SSLVPN, Web content filtering and anti-spam and other security features. FortiProxy is a web proxy soluti...
CVE-2023-36641
A numeric truncation error in Fortinet FortiProxy version 7.2.0 through 7.2.4, FortiProxy version 7.0.0 through 7.0.10, FortiProxy 2.0 all versions, FortiProxy 1.2 all versions, FortiProxy 1.1, all versions, FortiProxy 1.0 all versions, FortiOS version 7.4.0, FortiOS version 7.2.0 through 7.2.5,...
CVE-2023-36641
A numeric truncation error in Fortinet FortiProxy version 7.2.0 through 7.2.4, FortiProxy version 7.0.0 through 7.0.10, FortiProxy 2.0 all versions, FortiProxy 1.2 all versions, FortiProxy 1.1, all versions, FortiProxy 1.0 all versions, FortiOS version 7.4.0, FortiOS version 7.2.0 through 7.2.5,...
Code injection
A numeric truncation error in Fortinet FortiProxy version 7.2.0 through 7.2.4, FortiProxy version 7.0.0 through 7.0.10, FortiProxy 2.0 all versions, FortiProxy 1.2 all versions, FortiProxy 1.1, all versions, FortiProxy 1.0 all versions, FortiOS version 7.4.0, FortiOS version 7.2.0 through 7.2.5,...
CVE-2023-36641
CVE-2023-36641 is a DoS vulnerability caused by a numeric truncation error in Fortinet FortiProxy/FortiOS. Affected products include FortiProxy 1.0–2.0 and FortiOS 6.x–7.x, with exploits triggered by specially crafted HTTP requests. Red Hat, CNVD, and other sources corroborate the DoS impact and ...
Fortinet FortiProxy 安全漏洞
Fortinet FortiOS is a set of security operating system dedicated to FortiGate network security platform from American Fita Fortinet. The system provides users with firewall, anti-virus, IPSec/SSLVPN, Web content filtering and anti-spam and other security features. FortiProxy is a web proxy soluti...
Fortinet Fortigate DOS in headers management (FG-IR-23-151)
The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-23-151 advisory. - A numeric truncation error in Fortinet FortiProxy version 7.2.0 through 7.2.4, FortiProxy version 7.0.0 through 7.0.10,...
X.Org Server ProcXIChangeProperty Numeric Truncation Information Disclosure Vulnerability
This vulnerability allows local attackers to disclose sensitive information on affected installations of X.Org Server. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling...
Oracle VirtualBox NAT Numeric Truncation Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the...