CVE-2020-36169

An issue was discovered in Veritas NetBackup through 8.3.0.1 and OpsCenter through 8.3.0.1. Processes using OpenSSL attempt to load and execute libraries from paths that do not exist by default on the Windows operating system. By default, on Windows systems, users can create directories under the...

CVE-2024-52945

An issue was discovered in Veritas NetBackup before 10.5. This only applies to NetBackup components running on a Windows Operating System. If a user executes specific NetBackup commands or an attacker uses social engineering techniques to impel the user to execute the commands, a malicious DLL...

CVE-2024-24749

GeoServer is an open source server that allows users to share and edit geospatial data. Prior to versions 2.23.5 and 2.24.3, if GeoServer is deployed in the Windows operating system using an Apache Tomcat web application server, it is possible to bypass existing input validation in the GeoWebCach...

CVE-2025-0733

A vulnerability, which was classified as problematic, was found in Postman up to 11.20 on Windows. This affects an unknown part in the library profapi.dll. The manipulation leads to untrusted search path. An attack has to be approached locally. The complexity of an attack is rather high. The...

The vulnerability of the BitLocker component of the Windows operating system, which allows a perpetrator to gain unauthorized access to protected information

The vulnerability of the BitLocker component of the Windows operating system is related to competitive access to resources a state of competition. Exploiting this vulnerability can allow an intruder to gain unauthorized access to protected information...

CVE-2024-45077

IBM Maximo Asset Management 7.6.1.3 MXAPIASSET API is vulnerable to unrestricted file upload which allows authenticated low privileged user to upload restricted file types with a simple method of adding a dot to the end of the file name if Maximo is installed on Windows operating system...

CVE-2024-45077 IBM Maximo Asset Management file upload

IBM Maximo Asset Management 7.6.1.3 MXAPIASSET API is vulnerable to unrestricted file upload which allows authenticated low privileged user to upload restricted file types with a simple method of adding a dot to the end of the file name if Maximo is installed on Windows operating system...

CVE-2024-45077

CVE-2024-45077 affects IBM Maximo Asset Management 7.6.1.3 via the MXAPIASSET API. The issue is an unrestricted file upload vulnerability that lets an authenticated, low-privilege user upload restricted file types by appending a dot to the end of the filename when Maximo runs on Windows. CVSS v3....

CVE-2024-45077 IBM Maximo Asset Management file upload

IBM Maximo Asset Management 7.6.1.3 MXAPIASSET API is vulnerable to unrestricted file upload which allows authenticated low privileged user to upload restricted file types with a simple method of adding a dot to the end of the file name if Maximo is installed on Windows operating system...

The vulnerability of the kubelet utility, a management tool for clusters of virtual machines in Kubernetes, for Windows operating systems allows a hacker to execute arbitrary commands.

The vulnerability of the kubelet utility in the Kubernetes cluster management software for Windows operating systems is related to the lack of measures taken to clean data at the management level. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

The vulnerability of the Windows operating system’s Telephony Service allows a perpetrator to execute arbitrary code.

The vulnerability of the Windows operating system’s Telephony Service is related to overflowing buffers in the dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

PT-2025-15256 · Microsoft · Windows

Уязвимость операционной системы Windows 10 22H2 связана с разыменованием нулевого указателя. Эксплуатация уязвимости может позволить нарушителю вызвать отказ в обслуживании ядра операционной системы...

The vulnerability of the BitLocker component of the Windows operating system, which allows a hacker to disclose protected information

The vulnerability of the BitLocker component of the Windows operating system is related to insufficient protection of service data. Exploiting this vulnerability can allow an attacker to disclose the protected information...

ROS-20250120-01

Vulnerability of Mozilla Firefox, Firefox ESR and Thunderbird email client browsers of operating systems Windows is related to leaked video frames from different sources. Exploitation of the vulnerability could allow a remote attacker to gain access to potentially sensitive information...

The vulnerability of the SmartScreen security component against phishing and malicious software attacks in Windows operating systems allows attackers to carry out spear-phishing attacks.

The vulnerability of the SmartScreen security component against phishing and malicious programs in Windows operating systems is related to errors in information representation by the user interface. Exploiting this vulnerability allows a remote attacker to carry out phishing attacks...

The vulnerability of the Kerberos protocol for Windows operating systems allows attackers to disclose sensitive information that is protected by this mechanism.

The vulnerability of the Kerberos protocol for Windows operating systems is related to insufficient protection of service data. Exploiting this vulnerability can allow a malicious actor to disclose the protected information...

The vulnerability of the Digital Media component of Windows operating systems, which allows a perpetrator to elevate their privileges to a system-level level

The vulnerability of the Digital Media component of Windows operating systems relates to reading data beyond the allowed range in memory. Exploiting this vulnerability can allow an attacker to elevate their privileges to a system-level level...

The vulnerability of the Digital Media component of Windows operating systems, which allows attackers to enhance their privileges

The vulnerability of the Digital Media component of Windows operating systems relates to reading data beyond the allowed range in memory. Exploiting this vulnerability can allow an attacker to increase their privileges...

The vulnerability of the Security Account Manager (SAM) on Windows operating systems allows a perpetrator to trigger a service failure.

The vulnerability of the Security Account Manager SAM on Windows operating systems is related to mutual blocking of execution threads. Exploiting this vulnerability can allow a malicious actor to cause service failures...

The vulnerability of the MSHTML platform in Microsoft Windows operating systems allows attackers to circumvent security restrictions.

The vulnerability of the MSHTML platform in Microsoft Windows operating systems is related to improper handling of path equivalence. Exploiting this vulnerability can allow a remote attacker to bypass security restrictions...