1953 matches found
CVE-2025-20065
Uncontrolled search path for some Display Virtualization for Windows OS software before version 1797 within Ring 2: Device Drivers may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable escalation of...
CVE-2025-20065
Uncontrolled search path for some Display Virtualization for Windows OS software before version 1797 within Ring 2: Device Drivers may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable escalation of...
EUVD-2025-74038
AXIS Optimizer was vulnerable to an unquoted search path vulnerability, which could potentially lead to privilege escalation within Microsoft Windows operating system. This vulnerability can only be exploited if the attacker has access to the local Windows machine and sufficient access rights...
CVE-2025-10714
AXIS Optimizer is affected by an unquoted search path vulnerability that could enable privilege escalation on Windows. Exploitation requires local access and administrator rights to write in the AXIS Optimizer installation directory. CVSSv3.1 base metrics indicate a HIGH severity (8.4) with LOCAL...
CVE-2025-10714
AXIS Optimizer was vulnerable to an unquoted search path vulnerability, which could potentially lead to privilege escalation within Microsoft Windows operating system. This vulnerability can only be exploited if the attacker has access to the local Windows machine and sufficient access rights...
Microsoft Windows 资源管理错误漏洞
Microsoft Windows is a suite of operating systems for use on personal devices from Microsoft Corporation USA. A resource management error vulnerability exists in Microsoft Windows. An attacker could exploit this vulnerability to gain elevated privileges. The following products and editions are...
Microsoft Windows 访问控制错误漏洞
Microsoft Windows is a suite of operating systems for use on personal devices from Microsoft Corporation USA. An access control error vulnerability exists in Microsoft Windows. An attacker could exploit this vulnerability to gain elevated privileges. The following products and editions are...
Microsoft Windows Ancillary Function Driver for WinSock 竞争条件问题漏洞
Microsoft Windows Ancillary Function Driver for WinSock is a helper function driver for Winsock from Microsoft Corporation USA. A competitive condition issue vulnerability exists in Microsoft Windows Ancillary Function Driver for WinSock. An attacker could exploit the vulnerability to elevate...
Display Virtualization for Windows OS Advisory
Summary: A potential security vulnerability in some Display Virtualization for Windows OS software may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2025-20065 Description: Uncontrolled search path fo...
CVE-2025-12726
Inappropriate implementation in Views in Google Chrome on Windows prior to 142.0.7444.137 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page. Chromium security severity: High...
CVE-2025-53950
An Exposure of Private Personal Information 'Privacy Violation' vulnerability CWE-359 in Fortinet FortiDLP Agent's Outlookproxy plugin for MacOS and Windows 11.5.1 and 11.4.2 through 11.4.6 and 11.3.2 through 11.3.4 and 11.2.0 through 11.2.3 and 11.1.1. through 11.1.2 and 11.0.1 and 10.5.1 and...
EUVD-2025-34296
Insertion of sensitive information into log file in Windows ETL Channel allows an authorized attacker to disclose information locally...
EUVD-2025-34343
Improper enforcement of behavioral workflow in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack...
CVE-2025-59255
Heap-based buffer overflow in Windows DWM Core Library allows an authorized attacker to elevate privileges locally...
CVE-2025-55695
CVE-2025-55695 describes an out-of-bounds read vulnerability in the Windows WLAN Auto Config Service that enables an authorized local attacker to disclose information. The description in the initial document confirms the root cause (out-of-bounds read) and the impact (local information disclosure...
CVE-2025-24052
CVE-2025-24052 concerns vulnerabilities in the Agere modem driver (ltmdm64.sys) shipped with Windows. The connected Microsoft KBs confirm that the ltmdm64.sys driver is removed in October 2025 updates, and that fax-modem hardware relying on this driver will no longer function on Windows after the...
PT-2025-42115
Name of the Vulnerable Software and Affected Versions Microsoft Windows versions prior to KB5065813 Description An improper access control issue exists in the Windows Remote Access Connection Manager RasMan. This allows a local attacker to elevate privileges, potentially gaining SYSTEM-level...
Microsoft Data Sharing Service 竞争条件问题漏洞
Microsoft Data Sharing Service is a built-in data sharing service component of the Windows operating system from Microsoft Corporation USA. A competitive condition vulnerability exists in Microsoft Data Sharing Service, which can be exploited by an attacker to perform spoofing attacks...
PT-2025-41972
Name of the Vulnerable Software and Affected Versions Windows operating systems affected versions not specified Description A security issue exists that allows for privilege escalation, potentially impacting the system. This relates to the third-party Agere Modem driver, specifically the...
PT-2025-41973
Name of the Vulnerable Software and Affected Versions Windows Agere Modem Driver ltmdm64.sys versions prior to the October 2025 cumulative update Description The Agere Modem Driver, a component used for dial-up or fax connections in Windows, contains a flaw related to the handling of untrusted...