CVE-2019-17019

When Python was installed on Windows, a python file being served with the MIME type of text/plain could be executed by Python instead of being opened as a text file when the Open option was selected upon download. Note: this issue only occurs on Windows. Other operating systems are unaffected...

CVE-2019-13546

In IntelliSpace Perinatal, Versions K and prior, a vulnerability within the IntelliSpace Perinatal application environment could enable an unauthorized attacker with physical access to a locked application screen, or an authorized remote desktop session host application user to break-out from the...

The vulnerability of the Remote Desktop Gateway (RD Gateway) for Windows operating systems allows a hacker to trigger a service failure.

The vulnerability of Remote Desktop Gateway RD Gateway for Windows operating systems relates to an uncontrolled resource consumption. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...

The vulnerability of the Windows RRAS operating system’s routing and remote access service allows a hacker to disclose protected information.

The vulnerability of the Windows RRAS operating system’s routing and remote access service is related to the execution of operations beyond the buffer in memory. Exploiting this vulnerability can allow a malicious actor to disclose sensitive information...

The vulnerability of the UrlMon component in Windows operating systems allows attackers to circumvent existing security restrictions.

The vulnerability of the UrlMon component in Windows operating systems relates to the loading of unreliable external data alongside reliable data. Exploiting this vulnerability allows a malicious actor to circumvent existing security restrictions remotely...

The vulnerability of the Windows RRAS operating system’s routing and remote access service allows a hacker to disclose protected information.

The vulnerability of the Windows RRAS operating system’s routing and remote access service is related to the use of an uninitialized resource. Exploiting this vulnerability can allow a malicious actor to disclose sensitive information...

The vulnerability of the Windows RRAS operating system’s routing and remote access service allows a hacker to disclose protected information.

The vulnerability of the Windows RRAS operating system’s routing and remote access service is related to the execution of operations beyond the buffer in memory. Exploiting this vulnerability can allow a malicious actor to disclose sensitive information...

The vulnerability of the Windows operating system’s deployment process allows a perpetrator to trigger a service failure.

The vulnerability of the Windows operating system’s deployment process exists due to the lack of measures taken to neutralize specific elements. Exploiting this vulnerability can allow a perpetrator to cause service failures...

Automating Security Audit Using Large Language Model Based Agent: an Exploration Experiment

In the current rapidly changing digital environment, businesses are under constant stress to ensure that their systems are secured. Security audits help to maintain a strong security posture by ensuring that policies are in place, controls are implemented, gaps are identified for cybersecurity...

The vulnerability of the Scripting Engine component in browsers Edge and Internet Explorer on Windows operating systems allows a perpetrator to execute arbitrary code.

The vulnerability of the Scripting Engine component in Edge and Internet Explorer browsers on Windows operating systems is related to data type mixing errors. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending a specially crafted link...

The vulnerability of the Windows Common Log File System (CLFS) driver in Windows operating systems allows a hacker to elevate their privileges to the SYSTEM level.

The vulnerability of the Windows Common Log File System CLFS driver in Windows operating systems is related to deficiencies in the mechanism for checking input data. Exploiting this vulnerability can allow an attacker to elevate their privileges to the SYSTEM level...

PT-2025-29485 · Мартин Прикрыл · Winscp

Уязвимость графического клиента протоколов SFTP и SCP WinSCP операционной системы Windows связана с неверным ограничением имени пути к каталогу с ограниченным доступом. Эксплуатация уязвимости может позволить нарушителю создать специальный файл и контролировать его путь на удаленном сервере...

CVE-2025-32701

Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally...

Microsoft Win32k 安全漏洞

Microsoft Win32k is a system file for Windows multi-user management from Microsoft USA. A security vulnerability exists in Microsoft Win32k. An attacker exploiting this vulnerability could remotely execute code. The following products and versions are affected:Microsoft Office LTSC for Mac...

Improper access permission settings in multiple SEIKO EPSON printer drivers for Windows OS

Overview Multiple SEIKO EPSON printer drivers for Windows OS are configured with an improper access permission settings when installed or used in a language other than English. Incorrect default permissions CWE-276 - CVE-2025-42598 Private security researcher Erkan Ekici reported this vulnerabili...

CVE-2025-42598

Multiple SEIKO EPSON printer drivers for Windows OS are configured with an improper access permission settings when installed or used in a language other than English. If a user is directed to place a crafted DLL file in a location of an attacker's choosing, the attacker may execute arbitrary cod...

CVE-2025-42598

CVE-2025-42598 affects multiple SEIKO EPSON printer drivers for Windows. The issue stems from improper access permission settings in non‑English environments, enabling a user‑driven attack to place a crafted DLL in an attacker‑controlled location and execute arbitrary code with SYSTEM privileges ...

CVE-2025-42598

Multiple SEIKO EPSON printer drivers for Windows OS are configured with an improper access permission settings when installed or used in a language other than English. If a user is directed to place a crafted DLL file in a location of an attacker's choosing, the attacker may execute arbitrary cod...

Mozilla Thunderbird Security Update (mfsa_2025-26) - Windows

Mozilla Thunderbird is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:thunderbird";...

The vulnerability of the Microsoft DWM Core Library in the Windows operating system allows attackers to escalate their privileges.

The vulnerability of the Microsoft DWM Core Library in the Windows operating system is related to insufficient validation of input data. Exploiting this vulnerability can allow attackers to gain increased privileges...