350 matches found
CVE-2025-29803
Uncontrolled search path element in Visual Studio Tools for Applications and SQL Server Management Studio allows an authorized attacker to elevate privileges locally...
CVE-2025-29803
CVE-2025-29803 affects Microsoft Visual Studio Tools for Applications (VSTA) 2019 (before 16.0.35907.0) and VSTA 2022 (before 17.0.35906.0) and SQL Server Management Studio. The vulnerability is due to an uncontrolled search path element, enabling an authorized attacker to escalate privileges loc...
CVE-2025-29803 Visual Studio Tools for Applications and SQL Server Management Studio Elevation of Privilege Vulnerability
...
CVE-2025-29803 Visual Studio Tools for Applications and SQL Server Management Studio Elevation of Privilege Vulnerability
...
Security Updates for SQL Server Management Studio (April 2025)
The SQL Server Management Studio installation on the remote host is missing a security update. It is, therefore, affected by the following vulnerability: - An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges. CVE-2025-29803 %NASLMINLEVEL 70300 C Tenab...
Visual Studio Tools for Applications and SQL Server Management Studio Elevation of Privilege Vulnerability
Uncontrolled search path element in Visual Studio Tools for Applications and SQL Server Management Studio allows an authorized attacker to elevate privileges locally...
PT-2025-15719 · Microsoft · Sql Server Management Studio +1
Name of the Vulnerable Software and Affected Versions: Visual Studio Tools for Applications version 16.0 SQL Server Management Studio affected versions not specified Description: The issue is related to an uncontrolled search path element in Visual Studio Tools for Applications and SQL Server...
KLA82405 Multiple vulnerabilities in Microsoft Developer Tools
Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to spoof user interface, cause denial of service, gain privileges. Below is a complete list of vulnerabilities: 1. A denial of service vulnerability in ASP.NET Core and Visual Studi...
KLA82402 PE vulnerability in Microsoft SQL Server
An elevation of privilege vulnerability was found in Microsoft SQL Server. Malicious users can exploit this vulnerability to gain privileges. Original advisories CVE-2025-29803 Related products Microsoft-SQL-Server Microsoft-SQL-Server-Management-Studio CVE list CVE-2025-29803 high Solution Insta...
The vulnerability of the Xerox Workplace Suite server management interface allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the Xerox Workplace Suite print server management interface is related to deficiencies in the authentication process when processing Host headers. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...
IBM Power Hardware Management Console 路径遍历漏洞
The IBM Power Hardware Management Console HMC is a suite of graphical interface software from International Business Machines IBM for configuring and managing the Power System family of servers. The software is primarily used to manage hardware such as servers. A path traversal vulnerability exis...
CVE-2024-23616
A buffer overflow vulnerability exists in Symantec Server Management Suite version 7.9 and before. A remote, anonymous attacker can exploit this vulnerability to achieve remote code execution as SYSTEM...
CVE-2025-24025
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0.0-beta.380, the tags page allows users to search for tags. If the search does not return any results, the query gets reflected on the error modal, which leads to cross-site...
CVE-2025-22607
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0.0-beta.361, the missing authorization allows any authenticated user to fetch the details page for any GitHub / GitLab configuration on a Coolify instance by only knowing the UU...
CVE-2025-22607
CVE-2025-22607 concerns Coolify. Before 4.0.0-beta.361, an authenticated user could fetch the details page for any GitHub/GitLab configuration by knowing only the UUID, exposing the client id , client secret , and webhook secret . The issue is fixed in version 4.0.0-beta.361 . Connected sources c...
Ivanti Desktop & Server Management (DSM) Installed (Windows)
Binary data ivantidesktopservermanagementwininstalled.nbin...
Ivanti Desktop and Server Management Privilege Issues Vulnerability
Ivanti Desktop and Server Management Ivanti DSM is a multi-platform, unified endpoint management solution from Ivanti Corporation. Ivanti Desktop and Server Management suffers from a privilege issue vulnerability that stems from insufficient privileges. An attacker could exploit this vulnerabilit...
Ivanti Releases Security Updates for Multiple Products
Ivanti released security updates to address vulnerabilities in Ivanti Cloud Service Application, Ivanti Desktop and Server Management DSM, Ivanti Connect Secure and Police Secure, Ivanti Sentry, and Ivanti Patch SDK. CISA encourages users and administrators to review the following Ivanti security...
Ivanti Desktop and Server Management 安全漏洞
Ivanti Desktop and Server Management Ivanti DSM is a multi-platform, unified endpoint management solution from Ivanti Corporation, USA. A security vulnerability exists in Ivanti Desktop and Server Management versions prior to 2024.2. An attacker could exploit the vulnerability to elevate privileg...
Ivanti Desktop and Server Management 安全漏洞
Ivanti Desktop and Server Management Ivanti DSM is a multi-platform, unified endpoint management solution from Ivanti Corporation, USA. A security vulnerability exists in Ivanti Desktop and Server Management versions prior to 2024.2. An attacker could exploit the vulnerability to elevate privileg...