Lucene search
K

1953 matches found

NVD
NVD
added 2025/11/11 5:15 p.m.9 views

CVE-2025-20065

Uncontrolled search path for some Display Virtualization for Windows OS software before version 1797 within Ring 2: Device Drivers may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable escalation of...

6.7CVSS0.00115EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/11/11 4:49 p.m.3 views

CVE-2025-20065

Uncontrolled search path for some Display Virtualization for Windows OS software before version 1797 within Ring 2: Device Drivers may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable escalation of...

6.7CVSS6.1AI score0.00115EPSS
Exploits0References1
EUVD
EUVD
added 2025/11/11 9:30 a.m.5 views

EUVD-2025-74038

AXIS Optimizer was vulnerable to an unquoted search path vulnerability, which could potentially lead to privilege escalation within Microsoft Windows operating system. This vulnerability can only be exploited if the attacker has access to the local Windows machine and sufficient access rights...

8.4CVSS8.4AI score0.00117EPSS
Exploits0References2
CVE
CVE
added 2025/11/11 7:16 a.m.11 views

CVE-2025-10714

AXIS Optimizer is affected by an unquoted search path vulnerability that could enable privilege escalation on Windows. Exploitation requires local access and administrator rights to write in the AXIS Optimizer installation directory. CVSSv3.1 base metrics indicate a HIGH severity (8.4) with LOCAL...

8.4CVSS8.3AI score0.00117EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/11/11 7:16 a.m.8 views

CVE-2025-10714

AXIS Optimizer was vulnerable to an unquoted search path vulnerability, which could potentially lead to privilege escalation within Microsoft Windows operating system. This vulnerability can only be exploited if the attacker has access to the local Windows machine and sufficient access rights...

8.4CVSS0.00117EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/11/11 12:0 a.m.5 views

Microsoft Windows 资源管理错误漏洞

Microsoft Windows is a suite of operating systems for use on personal devices from Microsoft Corporation USA. A resource management error vulnerability exists in Microsoft Windows. An attacker could exploit this vulnerability to gain elevated privileges. The following products and editions are...

7CVSS5.4AI score0.0032EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/11/11 12:0 a.m.7 views

Microsoft Windows 访问控制错误漏洞

Microsoft Windows is a suite of operating systems for use on personal devices from Microsoft Corporation USA. An access control error vulnerability exists in Microsoft Windows. An attacker could exploit this vulnerability to gain elevated privileges. The following products and editions are...

7.8CVSS5.4AI score0.0289EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/11/11 12:0 a.m.11 views

Microsoft Windows Ancillary Function Driver for WinSock 竞争条件问题漏洞

Microsoft Windows Ancillary Function Driver for WinSock is a helper function driver for Winsock from Microsoft Corporation USA. A competitive condition issue vulnerability exists in Microsoft Windows Ancillary Function Driver for WinSock. An attacker could exploit the vulnerability to elevate...

7CVSS5.2AI score0.00245EPSS
Exploits0References1
Intel
Intel
added 2025/11/11 12:0 a.m.9 views

Display Virtualization for Windows OS Advisory

Summary: A potential security vulnerability in some Display Virtualization for Windows OS software may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2025-20065 Description: Uncontrolled search path fo...

6.7CVSS6.3AI score0.00115EPSS
Exploits0
Debian CVE
Debian CVE
added 2025/11/10 8:0 p.m.4 views

CVE-2025-12726

Inappropriate implementation in Views in Google Chrome on Windows prior to 142.0.7444.137 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page. Chromium security severity: High...

7.5CVSS5.3AI score0.00225EPSS
Exploits0
OSV
OSV
added 2025/10/16 2:15 p.m.4 views

CVE-2025-53950

An Exposure of Private Personal Information 'Privacy Violation' vulnerability CWE-359 in Fortinet FortiDLP Agent's Outlookproxy plugin for MacOS and Windows 11.5.1 and 11.4.2 through 11.4.6 and 11.3.2 through 11.3.4 and 11.2.0 through 11.2.3 and 11.1.1. through 11.1.2 and 11.0.1 and 10.5.1 and...

6CVSS5.8AI score0.00165EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/14 6:30 p.m.5 views

EUVD-2025-34296

Insertion of sensitive information into log file in Windows ETL Channel allows an authorized attacker to disclose information locally...

5.5CVSS8.8AI score0.0042EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/14 6:30 p.m.4 views

EUVD-2025-34343

Improper enforcement of behavioral workflow in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack...

6.1CVSS8.8AI score0.00533EPSS
Exploits0References2
NVD
NVD
added 2025/10/14 5:16 p.m.7 views

CVE-2025-59255

Heap-based buffer overflow in Windows DWM Core Library allows an authorized attacker to elevate privileges locally...

7.8CVSS0.00396EPSS
Exploits0References1
CVE
CVE
added 2025/10/14 5:1 p.m.474 views

CVE-2025-55695

CVE-2025-55695 describes an out-of-bounds read vulnerability in the Windows WLAN Auto Config Service that enables an authorized local attacker to disclose information. The description in the initial document confirms the root cause (out-of-bounds read) and the impact (local information disclosure...

5.5CVSS6.1AI score0.00381EPSS
Exploits0References1Affected Software16
CVE
CVE
added 2025/10/14 5:0 p.m.32 views

CVE-2025-24052

CVE-2025-24052 concerns vulnerabilities in the Agere modem driver (ltmdm64.sys) shipped with Windows. The connected Microsoft KBs confirm that the ltmdm64.sys driver is removed in October 2025 updates, and that fax-modem hardware relying on this driver will no longer function on Windows after the...

7.8CVSS6.5AI score0.02366EPSS
Exploits0References1Affected Software16
Positive Technologies
Positive Technologies
added 2025/10/14 12:0 a.m.4 views

PT-2025-42115

Name of the Vulnerable Software and Affected Versions Microsoft Windows versions prior to KB5065813 Description An improper access control issue exists in the Windows Remote Access Connection Manager RasMan. This allows a local attacker to elevate privileges, potentially gaining SYSTEM-level...

7.8CVSS8.9AI score0.02675EPSS
Exploits1References88
CNNVD
CNNVD
added 2025/10/14 12:0 a.m.5 views

Microsoft Data Sharing Service 竞争条件问题漏洞

Microsoft Data Sharing Service is a built-in data sharing service component of the Windows operating system from Microsoft Corporation USA. A competitive condition vulnerability exists in Microsoft Data Sharing Service, which can be exploited by an attacker to perform spoofing attacks...

7.7CVSS8.9AI score0.00751EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/10/14 12:0 a.m.3 views

PT-2025-41972

Name of the Vulnerable Software and Affected Versions Windows operating systems affected versions not specified Description A security issue exists that allows for privilege escalation, potentially impacting the system. This relates to the third-party Agere Modem driver, specifically the...

7.8CVSS9.2AI score0.02366EPSS
Exploits0References21
Positive Technologies
Positive Technologies
added 2025/10/14 12:0 a.m.4 views

PT-2025-41973

Name of the Vulnerable Software and Affected Versions Windows Agere Modem Driver ltmdm64.sys versions prior to the October 2025 cumulative update Description The Agere Modem Driver, a component used for dial-up or fax connections in Windows, contains a flaw related to the handling of untrusted...

7.8CVSS8.5AI score0.06003EPSS
Exploits0References81
Rows per page
Query Builder