Lucene search
K

25207 matches found

NVD
NVD
added 2025/11/11 6:15 p.m.3 views

CVE-2025-59515

Use after free in Windows Broadcast DVR User Service allows an authorized attacker to elevate privileges locally...

7CVSS0.00309EPSS
Exploits0References1
OSV
OSV
added 2025/11/11 6:15 p.m.2 views

CVE-2025-59515

Use after free in Windows Broadcast DVR User Service allows an authorized attacker to elevate privileges locally...

7CVSS5.8AI score0.00309EPSS
Exploits0References1
Microsoft Security Update
Microsoft Security Update
added 2025/11/11 6:0 p.m.35 views

2025-11 Cumulative Update for Microsoft server operating system version 21H2 for x64-based Systems (KB5068787)

Install this update to resolve issues in Windows. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article for more information. After you install this item, you may have to restart your computer...

7AI score
Exploits0
Microsoft Security Update
Microsoft Security Update
added 2025/11/11 6:0 p.m.21 views

2025-11 Cumulative Update for Microsoft server operating system version 21H2 for x64-based Systems (KB5068787)

Install this update to resolve issues in Windows. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article for more information. After you install this item, you may have to restart your computer...

7AI score
Exploits0
EUVD
EUVD
added 2025/11/11 5:59 p.m.6 views

EUVD-2025-93418

Use after free in Windows Broadcast DVR User Service allows an authorized attacker to elevate privileges locally...

7CVSS5.5AI score0.00309EPSS
Exploits0References2
CVE
CVE
added 2025/11/11 5:59 p.m.27 views

CVE-2025-62452

Technical details about CVE-2025-62452 (heap-based buffer overflow in RRAS) are not publicly provided in the supplied documents. The connected KB/MS documents do not specify affected products/versions, exploit details, or mitigations. Monitor for updates.

8CVSS6AI score0.00782EPSS
Exploits0References1Affected Software14
Cvelist
Cvelist
added 2025/11/11 5:59 p.m.5 views

CVE-2025-59507 Windows Speech Runtime Elevation of Privilege Vulnerability

...

7CVSS0.00237EPSS
Exploits0References1
NVD
NVD
added 2025/11/11 5:15 p.m.8 views

CVE-2025-20065

Uncontrolled search path for some Display Virtualization for Windows OS software before version 1797 within Ring 2: Device Drivers may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable escalation of...

6.7CVSS0.00103EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/11/11 4:49 p.m.1 views

CVE-2025-20065

Uncontrolled search path for some Display Virtualization for Windows OS software before version 1797 within Ring 2: Device Drivers may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable escalation of...

6.7CVSS6.1AI score0.00103EPSS
Exploits0References1
Hacker One
Hacker One
added 2025/11/11 3:25 p.m.24 views

AWS VDP: AWS Auto Scaling Service Reporting "AWS Internal" for CloudTrail Events Generated from Specific Endpoints

A vulnerability was discovered in the AWS Auto Scaling service, where 6 API endpoints incorrectly reported the user-agent and network information as "AWS Internal" in CloudTrail logs. This allowed the adversary to perform API calls using these endpoints and evade the logging of their IP address a...

6.8AI score
Exploits0
EUVD
EUVD
added 2025/11/11 9:30 a.m.3 views

EUVD-2025-74038

AXIS Optimizer was vulnerable to an unquoted search path vulnerability, which could potentially lead to privilege escalation within Microsoft Windows operating system. This vulnerability can only be exploited if the attacker has access to the local Windows machine and sufficient access rights...

8.4CVSS8.4AI score0.00107EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/11/11 7:16 a.m.7 views

CVE-2025-10714

AXIS Optimizer was vulnerable to an unquoted search path vulnerability, which could potentially lead to privilege escalation within Microsoft Windows operating system. This vulnerability can only be exploited if the attacker has access to the local Windows machine and sufficient access rights...

8.4CVSS0.00107EPSS
Exploits0References1
CVE
CVE
added 2025/11/11 7:16 a.m.11 views

CVE-2025-10714

AXIS Optimizer is affected by an unquoted search path vulnerability that could enable privilege escalation on Windows. Exploitation requires local access and administrator rights to write in the AXIS Optimizer installation directory. CVSSv3.1 base metrics indicate a HIGH severity (8.4) with LOCAL...

8.4CVSS8.3AI score0.00107EPSS
Exploits0References1
NVD
NVD
added 2025/11/11 1:15 a.m.7 views

CVE-2025-42892

Due to an OS Command Injection vulnerability in SAP Business Connector, an authenticated attacker with administrative access and adjacent network access could upload specially crafted content to the server. If processed by the application, this content enables execution of arbitrary operating...

6.8CVSS0.00832EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/11/11 12:19 a.m.7 views

CVE-2025-42894 Path Traversal vulnerability in SAP Business Connector

Due to a Path Traversal vulnerability in SAP Business Connector, an attacker authenticated as an administrator with adjacent access could read, write, overwrite, and delete arbitrary files on the host system. Successful exploitation could enable the attacker to execute arbitrary operating system...

6.8CVSS0.00247EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/11/11 12:19 a.m.3 views

CVE-2025-42894 Path Traversal vulnerability in SAP Business Connector

Due to a Path Traversal vulnerability in SAP Business Connector, an attacker authenticated as an administrator with adjacent access could read, write, overwrite, and delete arbitrary files on the host system. Successful exploitation could enable the attacker to execute arbitrary operating system...

6.8CVSS6.6AI score0.00247EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/11/11 12:17 a.m.4 views

CVE-2025-42892 OS Command Injection vulnerability in SAP Business Connector

Due to an OS Command Injection vulnerability in SAP Business Connector, an authenticated attacker with administrative access and adjacent network access could upload specially crafted content to the server. If processed by the application, this content enables execution of arbitrary operating...

6.8CVSS6.8AI score0.00832EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/11/11 12:0 a.m.5 views

AXIS OS 安全漏洞

AXIS OS is an edge device operating system from Axis Sweden. AXIS OS suffers from a security vulnerability that stems from a symbolic link attack that could lead to elevation of privilege...

6.8CVSS6.7AI score0.00309EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/11/11 12:0 a.m.5 views

Microsoft Windows 资源管理错误漏洞

Microsoft Windows is a suite of operating systems for use on personal devices from Microsoft Corporation USA. A resource management error vulnerability exists in Microsoft Windows. An attacker could exploit this vulnerability to gain elevated privileges. The following products and editions are...

7CVSS5.4AI score0.00309EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/11/11 12:0 a.m.4 views

Microsoft Windows Ancillary Function Driver for WinSock 竞争条件问题漏洞

Microsoft Windows Ancillary Function Driver for WinSock is a helper function driver for Winsock from Microsoft Corporation USA. A competitive condition issue vulnerability exists in Microsoft Windows Ancillary Function Driver for WinSock. An attacker could exploit the vulnerability to elevate...

7CVSS5.2AI score0.00252EPSS
Exploits0References1
Rows per page
Query Builder