443 matches found
Stable Channel Update for Desktop
The Stable channel has been updated to 134.0.6998.177/.178 for Windows which will roll out over the coming days/weeks. A full list of changes in this build is available in the Log. Extended stable channel has been updated to 134.0.6998.178 for Windows and will roll out over coming days/weeks...
Palo Alto GlobalProtect App Windows 6.0.x / 6.1.x / 6.2.x < 6.2.6 / 6.3.x < 6.3.3 Local Privilege Escalation (CVE-2025-0117)
The version of Palo Alto GlobalProtect App installed on the remote Windows host is 6.0.x, 6.1.x, 6.2.x prior to 6.2.6, or 6.3.x prior to 6.3.3. It is, therefore, affected by a local privilege escalation vulnerability: - A reliance on untrusted input for a security decision in the GlobalProtect ap...
JVN#24992507: Multiple vulnerabilities in RemoteView Agent (for Windows)
RemoteView allows a local PC to connect and control remote PCs through the cloud service provided by RSUPPORT Co.,Ltd. On the remote PCs should be installed RemoteView Agent. The following vulnerabilities are reported on RemoteView Agent installation. Incorrect access permission of a specific...
Mozilla Firefox ESR Security Update (mfsa_2025-15) - Windows
Mozilla Firefox ESR is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefoxesr";...
CVE-2024-32942
CVE-2024-32942 affects Intel® DSA (Driver & Support Assistant) installer for Windows. The vulnerability arises from incorrect default permissions (misconfiguration of default privileges) in Intel DSA installers prior to version 24.2.19.5, which may allow an authenticated user to escalate privileg...
PT-2025-6640 · Intel · Intel Mpi Library
Name of the Vulnerable Software and Affected Versions: IntelR MPI Library for Windows versions prior to 2021.13 Description: The issue concerns an uncontrolled search path in some IntelR MPI Library for Windows software. This could potentially allow an authenticated user to enable escalation of...
Microsoft Windows 缓冲区错误漏洞
Microsoft Windows is a suite of operating systems for use on personal devices from Microsoft Corporation USA. A buffer error vulnerability exists in Microsoft Windows. An attacker could exploit this vulnerability to cause a denial of service. The following products and editions are affected:Windo...
Drupal Information Disclosure Vulnerability (GHSA-mg8j-w93w-xjgc) - Windows - Version Check
Drupal is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:drupal:drupal";...
CVE-2024-54540
CVE-2024-54540 affects Apple Music for Windows. The issue allows processing maliciously crafted web content to disclose internal app states. Root cause: insufficient input sanitization; fix applied in Apple Music 1.5.0.152 for Windows. Affected: Apple Music (Windows 10/11 platforms). Status: patc...
Microsoft Windows Telephony Server 安全漏洞
Microsoft Windows Telephony Server is a component of Microsoft Corporation USA that supports the Telephony Application Programming Interface TAPI, which allows computer programs to communicate with shared telephony services. A security vulnerability exists in Microsoft Windows Telephony Server. A...
Malicious code in windows-version-check (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 613ba7ede540f232f2e844b88d0e3dbdee0806c83dfbf4cf4bf4ca7a5430aa33 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-11497 Malicious code in windowsversioncheck (npm)
--- -= Per source details. Do not edit below this line.=-...
Microsoft Windows Package Manager 安全漏洞
Microsoft Windows Package Manager is a comprehensive package manager solution from Microsoft Corporation USA. A system or set of tools used to automate the installation, upgrade, configuration, and use of software. Most package managers are designed to discover and install developer tools. A...
Fortinet FortiClient Privilege escalation via lua auto patch function (FG-IR-24-144)
The version of FortiClient installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-24-144 advisory. - A privilege context switching error vulnerability CWE-270 in FortiClient Windows version 7.2.4 and below, version 7.0.12...
Microsoft Windows Mobile Broadband Driver 代码问题漏洞
Microsoft Windows Mobile Broadband Driver is a Microsoft driver that allows Windows operating systems to communicate with mobile broadband devices. A code issue vulnerability exists in Microsoft Windows Mobile Broadband Driver. An attacker exploiting this vulnerability could remotely execute code...
CVE-2024-8752
The Windows version of WebIQ 2.15.9 is affected by a directory traversal vulnerability that allows remote attackers to read any file on the system...
Microsoft KernelStream 安全漏洞
Microsoft KernelStream is a service from Microsoft Corporation USA for supporting streaming data in the kernel. A security vulnerability exists in Microsoft KernelStream. An attacker could exploit the vulnerability to elevate privileges. The following products and versions are affected:Windows 10...
Microsoft Windows Kernel Mode Drivers 安全漏洞
Microsoft Windows Kernel Mode Drivers is a Windows kernel mode driver from Microsoft Corporation USA. A security vulnerability exists in Microsoft Windows Kernel Mode Drivers. An attacker could exploit the vulnerability to elevate privileges. The following products and versions are affected:Windo...
Microsoft Windows 安全漏洞
Microsoft Windows is a suite of operating systems for use on personal devices from Microsoft USA. A security vulnerability exists in Microsoft Windows. An attacker can exploit the vulnerability to elevate privileges. The following products and versions are affected:Windows 10 Version 1809 for...
Microsoft Windows Network Virtualization 安全漏洞
Microsoft Windows Network Virtualization is a Microsoft technology that allows multiple virtual networks to run on the same physical network while maintaining logical independence. A security vulnerability exists in Microsoft Windows Network Virtualization. An attacker could exploit the...