The vulnerability of the biometric authentication function in Windows Hello on Windows operating systems allows a intruder to gain unauthorized access to protected information.

The vulnerability of the biometric authentication function in Windows Hello on Windows operating systems is related to errors in information processing. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

The vulnerability of the Windows DWM library in Windows operating systems allows attackers to gain unauthorized access to protected information.

The vulnerability of the Windows DWM library in Windows operating systems is related to the use of an uninitialized resource. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

The vulnerability of the Local Security Authority (LSA) service on Windows operating systems allows a perpetrator to trigger a service failure.

The vulnerability of the Local Security Authority LSA service on Windows operating systems is related to deficiencies in access control. Exploiting this vulnerability can allow a malicious actor to cause a service failure...

The vulnerability of the Netlogon service in Microsoft Windows operating systems allows attackers to escalate their privileges.

The vulnerability of the Netlogon service in Microsoft Windows operating systems is related to the use of an uninitialized resource. Exploiting this vulnerability could allow a malicious actor to gain increased privileges remotely...

The vulnerability of the NTFS file system of the Windows operating system, which allows a hacker to execute arbitrary code

The vulnerability of the NTFS file system in Windows operating systems is related to buffer overflow in the stack. Exploiting this vulnerability allows an attacker to execute arbitrary code...

The vulnerability of software products for conducting Zoom Workplace video conferences on the Windows operating system, related to insecure resource initialization, allows a perpetrator to influence the integrity of protected information.

The vulnerability of software products for conducting Zoom Workplace video conferences on the Windows operating system is related to an insecure initialization of resources. Exploiting this vulnerability could allow an attacker to influence the integrity of protected information...

CVE-2025-0732

A vulnerability, which was classified as problematic, has been found in Discord up to 1.0.9177 on Windows. Affected by this issue is some unknown functionality in the library profapi.dll. The manipulation leads to untrusted search path. The attack needs to be approached locally. The complexity of...

CVE-2024-52012

Relative Path Traversal vulnerability in Apache Solr. Solr instances running on Windows are vulnerable to arbitrary filepath write-access, due to a lack of input-sanitation in the "configset upload" API. Commonly known as a "zipslip", maliciously constructed ZIP files can use relative filepaths t...

CVE-2024-45077

IBM Maximo Asset Management 7.6.1.3 MXAPIASSET API is vulnerable to unrestricted file upload which allows authenticated low privileged user to upload restricted file types with a simple method of adding a dot to the end of the file name if Maximo is installed on Windows operating system...

CVE-2023-38402

A vulnerability in the HPE Aruba Networking Virtual Intranet Access VIA client could allow malicious users to overwrite arbitrary files as NT AUTHORITY\SYSTEM. A successful exploit could allow these malicious users to create a Denial-of-Service DoS condition affecting the Microsoft Windows...

CVE-2023-41151

An uncaught exception issue discovered in Softing OPC UA C++ SDK before 6.30 for Windows operating system may cause the application to crash when the server wants to send an error packet, while socket is blocked on writing...

The vulnerability of the Windows Routing and Remote Access service (RRAS) on the Windows operating system allows a perpetrator to disclose protected information.

The vulnerability of the Windows Routing and Remote Access service RRAS on Windows operating systems is related to the use of an uninitialized resource. Exploiting this vulnerability can allow a malicious actor to disclose sensitive information...

OpenSSL x509 Vulnerability (20250522) - Windows

OpenSSL is prone to a vulnerability in the x509 application. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:openssl:openssl";...

Node.js < 20.19.2, 21.x < 22.15.1, 23.x < 23.11.1, 24.x < 24.0.2 DoS Vulnerability - Windows

Node.js is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:nodejs:node.js";...

CVE-2021-1075

NVIDIA Windows GPU Display Driver for Windows, all versions, contains a vulnerability in the kernel mode layer nvlddmkm.sys handler for DxgkDdiEscape where the program dereferences a pointer that contains a location for memory that is no longer valid, which may lead to code execution, denial of...

CVE-2021-29968

When drawing text onto a canvas with WebRender disabled, an out of bounds read could occur. This bug only affects Firefox on Windows. Other operating systems are unaffected.. This vulnerability affects Firefox 89.0.1...

CVE-2025-3942

Improper Output Neutralization for Logs vulnerability in Tridium Niagara Framework on Windows, Linux, QNX, Tridium Niagara Enterprise Security on Windows, Linux, QNX allows Input Data Manipulation. This issue affects Niagara Framework: before 4.14.2, before 4.15.1, before 4.10.11; Niagara...

CVE-2025-3940

Improper Use of Validation Framework vulnerability in Tridium Niagara Framework on Windows, Linux, QNX, Tridium Niagara Enterprise Security on Windows, Linux, QNX allows Input Data Manipulation. This issue affects Niagara Framework: before 4.14.2, before 4.15.1, before 4.10.11; Niagara Enterprise...

CVE-2019-3633

Buffer overflow in McAfee Data Loss Prevention DLPe for Windows 11.x prior to 11.3.2.8 allows local user to cause the Windows operating system to "blue screen" via a carefully constructed message sent to DLPe which bypasses DLPe internal checks and results in DLPe reading unallocated memory...

CVE-2019-3634

Buffer overflow in McAfee Data Loss Prevention DLPe for Windows 11.x prior to 11.3.2.8 allows local user to cause the Windows operating system to "blue screen" via an encrypted message sent to DLPe which when decrypted results in DLPe reading unallocated memory...