CVE-2024-23594

A buffer overflow vulnerability was reported in a system recovery bootloader that was part of the Lenovo preloaded Windows 7 and 8 operating systems from 2012 to 2014 that could allow a privileged attacker with local access to execute arbitrary code...

CVE-2023-35077

An out-of-bounds write vulnerability on windows operating systems causes the Ivanti AntiVirus Product to crash. Update to Ivanti AV Product version 7.9.1.285 or above...

CVE-2021-37938

It was discovered that on Windows operating systems specifically, Kibana was not validating a user supplied path, which would load .pbf files. Because of this, a malicious user could arbitrarily traverse the Kibana host to load internal files ending in the .pbf extension. Thanks to Dominic Coutur...

CVE-2025-46714

Sandboxie is affected by a pool-buffer overflow in SbieDrv.sys via API_GET_SECURE_PARAM. The issue originates from an arithmetic overflow that causes a too-small memory allocation followed by an extremely large copy, affecting versions 1.3.0 through before 1.15.12. Version 1.15.12 contains the fi...

CVE-2019-17640

In Eclipse Vert.x 3.4.x up to 3.9.4, 4.0.0.milestone1, 4.0.0.milestone2, 4.0.0.milestone3, 4.0.0.milestone4, 4.0.0.milestone5, 4.0.0.Beta1, 4.0.0.Beta2, and 4.0.0.Beta3, StaticHandler doesn't correctly processes back slashes on Windows Operating systems, allowing, escape the webroot folder to the...

The vulnerability of the Windows Media component in Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the Windows Media component in Windows operating systems is related to overflowing buffers in dynamic memory. Exploiting this vulnerability can allow a remote attacker to execute arbitrary code...

Microsoft Lightweight Directory Access Protocol（LDAP） 资源管理错误漏洞

Microsoft Lightweight Directory Access Protocol LDAP is a directory services protocol from Microsoft Corporation USA that runs on a layer above the TCP/IP stack. A resource management error vulnerability exists in Microsoft Lightweight Directory Access Protocol LDAP. An attacker could exploit thi...

Microsoft/Windows Defender Detection (Windows SMB Login)

Detects and gathers information of Microsoft/Windows Defender on Windows operating systems. Supports Windows 7 and Server 2008 onwards. The information is retrieved via Powershell. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and a...

The vulnerability of Remote Desktop Services (RDS) for Windows operating systems allows attackers to escalate their privileges.

The vulnerability of Remote Desktop Services RDS for Windows operating systems relates to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to gain increased privileges remotely...

The vulnerability of Windows operating systems, related to the swapping of a non-trusted pointer, allows attackers to escalate their privileges.

The vulnerability of Windows operating systems is related to the use of a non-trusted pointer. Exploiting this vulnerability can allow an attacker to gain increased privileges...

The vulnerability of Windows Defender Application Control (WDAC) in Windows operating systems allows attackers to circumvent existing security restrictions.

The vulnerability of Windows Defender Application Control WDAC on Windows operating systems is related to errors in access control. Exploiting this vulnerability can allow a hacker to bypass existing security restrictions...

The vulnerability in the implementation of the LDAP service protocol for Windows operating systems allows a perpetrator to cause a service failure.

The vulnerability of the LDAP Lightweight Directory Access Protocol implementation in Windows operating systems is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service failures...

The vulnerability of the Kerberos Key Distribution Proxy Service in Windows operating systems allows a perpetrator to cause a service failure.

The vulnerability of the Kerberos Key Distribution Proxy Service in Windows operating systems is related to insufficient resources. Exploiting this vulnerability can allow a malicious actor to cause service failures...

The vulnerability of Remote Desktop Services (RDS) for Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of Remote Desktop Services RDS for Windows operating systems lies in the use of insecure mechanisms for processing authentication data in the operating system’s memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

Microsoft Active Directory Domain Services 访问控制错误漏洞

Microsoft Active Directory Domain Services is a key service from Microsoft Corporation USA that is used to manage and organize resources, users, computers, and other security objects in a network. An access control error vulnerability exists in Microsoft Active Directory Domain Services. An...

CVE-2024-11037

A path traversal vulnerability exists in binary-husky/gptacademic at commit 679352d, which allows an attacker to bypass the blockedpaths protection and read the config.py file containing sensitive information such as the OpenAI API key. This vulnerability is exploitable on Windows operating syste...

CVE-2024-11037

A path traversal vulnerability exists in binary-husky/gptacademic at commit 679352d, which allows an attacker to bypass the blockedpaths protection and read the config.py file containing sensitive information such as the OpenAI API key. This vulnerability is exploitable on Windows operating syste...

CVE-2024-11037 Path Traversal in binary-husky/gpt_academic

A path traversal vulnerability exists in binary-husky/gptacademic at commit 679352d, which allows an attacker to bypass the blockedpaths protection and read the config.py file containing sensitive information such as the OpenAI API key. This vulnerability is exploitable on Windows operating syste...

CVE-2024-11037

CVE-2024-11037 affects binary-husky/gpt_academic. A path traversal flaw at commit 679352d allows bypassing blocked_paths and reading config.py containing sensitive data (e.g., OpenAI API key). Exploitation is described as Windows-specific via a URL containing the project’s absolute path. No mitig...

CVE-2024-11037 Path Traversal in binary-husky/gpt_academic

A path traversal vulnerability exists in binary-husky/gptacademic at commit 679352d, which allows an attacker to bypass the blockedpaths protection and read the config.py file containing sensitive information such as the OpenAI API key. This vulnerability is exploitable on Windows operating syste...