882 matches found
Microsoft Windows Push Notifications 资源管理错误漏洞
Microsoft Windows Push Notifications is a push notification service provided by Microsoft Corporation. It provides a reliable way to deliver new updates. There is a resource management vulnerability in Microsoft Windows Push Notifications. Attackers can exploit this vulnerability to gain elevated...
Microsoft Windows 安全漏洞
Microsoft Windows is an operating system used by personal devices by the American company Microsoft. There are security vulnerabilities in Microsoft Windows OLE. Attackers can exploit these vulnerabilities to gain higher privileges. The following products and versions are affected: Windows 11...
Microsoft Windows COM 安全漏洞
Microsoft Windows COM is a technology developed by Microsoft Corporation in the United States, aimed at reusing software. COM is described as a platform-independent, distributed, object-oriented system used for creating interactive binary software components. There are security vulnerabilities in...
Microsoft Projected File System 资源管理错误漏洞
The Microsoft Projected File System is an application system developed by Microsoft Corporation. It projects hierarchical data into the file system, making it appear as files and directories within the file system. The Microsoft Projected File System has a resource management vulnerability...
Microsoft Windows Cloud Files Mini Filter Driver 资源管理错误漏洞
The Microsoft Windows Cloud Files Mini Filter Driver is a cloud file filter driver developed by Microsoft Corporation. There is a resource management vulnerability present in the Microsoft Windows Cloud Files Mini Filter Driver. Attackers can exploit this vulnerability to gain higher privileges...
Microsoft Windows Remote Desktop Services 安全漏洞
Microsoft Windows Remote Desktop Services is a set of features provided by Microsoft that allow users to access graphical desktops and Windows applications remotely. There are security vulnerabilities in Microsoft Windows Remote Desktop Services. Attackers can exploit these vulnerabilities to car...
CVE-2026-30902
Improper Privilege Management in certain Zoom Clients for Windows may allow an authenticated user to conduct an escalation of privilege via local access...
CVE-2026-1995
CVE-2026-1995 – IDrive for Windows privilege escalation : The id_service.exe process runs with SYSTEM privileges and reads UTF-16LE files under C:\ProgramData\IDrive. Any standard user can edit these files, enabling an attacker to overwrite or point the file contents to an arbitrary executable. T...
CVE-2026-1995 IDrive Cloud Backup Client for Windows contains a privilege escalation vulnerability
IDrive’s idservice.exe process runs with elevated privileges and regularly reads from several files under the C:\ProgramData\IDrive\ directory. The UTF16-LE encoded contents of these files are used as arguments for starting a process, but they can be edited by any standard user logged into the...
IDrive for Windows contains local privilege escalation vulnerability
Overview The IDrive Cloud Backup Client for Windows, versions 7.0.0.63 and earlier, contains a privilege escalation vulnerability that allows any authenticated user to run arbitrary executables with NT AUTHORITY\SYSTEM permissions. Description IDrive is a cloud backup service that allows users to...
CVE-2026-2809 Endpoint DLP Driver DLL
Netskope was notified about a potential gap in its Endpoint DLP Module for Netskope Client on Windows systems. The successful exploitation of the gap can potentially allow a privileged user to trigger an integer overflow within the DLL Injector, leading to a Blue-Screen-of-Death BSOD. Successful...
CVE-2026-2809
CVE-2026-2809 concerns Netskope’s Endpoint DLP Driver DLL Injector on Windows. Reported as a potential integer overflow in the DLL Injector, exploiting it may cause a local BSOD and denial of service, with exploitation requiring the Endpoint DLP module to be enabled in the client configuration. C...
CVE-2025-15584
The CVE-2025-15584 entry concerns the Windows Netskope Client Endpoint DLP Module, where an integer overflow in the filter communication port is possible when the module is enabled. Successful exploitation could cause a BSOD and local denial-of-service. The description does not specify affected v...
CVE-2026-30903
External Control of File Name or Path in the Mail feature of Zoom Workplace for Windows before 6.6.0 may allow an unauthenticated user to conduct an escalation of privilege via network access...
CVE-2026-30902
Improper Privilege Management in certain Zoom Clients for Windows may allow an authenticated user to conduct an escalation of privilege via local access...
Zoom Clients for Windows 安全漏洞
Zoom Clients for Windows is a video conferencing software developed by the American company Zoom. There is a security vulnerability in Zoom Clients for Windows, which stems from improper permission management. This vulnerability could allow authenticated users to elevate their permissions through...
Zoom Clients for Windows 安全漏洞
Zoom Clients for Windows is a video conferencing software developed by the American company Zoom. There is a security vulnerability in Zoom Clients for Windows, which stems from improper version checking in the update function. This vulnerability could allow authenticated users to gain elevated...
Microsoft Windows Routing and Remote Access Service 输入验证错误漏洞
The Microsoft Windows Routing and Remote Access Service is a network service provided by Microsoft that enables features such as network routing, virtual private networks VPNs, and dial-up connections. There is an input validation vulnerability in the Microsoft Windows Routing and Remote Access...
Zoom Workplace VDI Client < 6.4.15 Vulnerability (ZSB-26004)
The version of Zoom Workplace VDI Client installed on the remote host is prior to 6.4.15. It is, therefore, affected by a vulnerability as referenced in the ZSB-26004 advisory. - Improper Privilege Management in certain Zoom Clients for Windows may allow an authenticated user to conduct an...
Microsoft Active Directory Domain Services 安全漏洞
Microsoft Active Directory Domain Services is a key service provided by Microsoft Corporation, used to manage and organize resources, users, computers, and other security objects within a network. There are security vulnerabilities in Microsoft Active Directory Domain Services. Attackers can...