31 matches found
CVE-2018-10172
7-Zip through 18.01 on Windows implements the "Large memory pages" option by calling the LsaAddAccountRights function to add the SeLockMemoryPrivilege privilege to the user's account, which makes it easier for attackers to bypass intended access restrictions by using this privilege in the context...
Windows BitLocker Security Feature Bypass Vulnerability
Improper enforcement of behavioral workflow in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack...
EUVD-2020-12000
Malware in sbrugna...
EUVD-2019-1396
Malware in sbrugna...
EUVD-2018-1737
Malware in sbrugna...
EUVD-2020-12138
Malware in sbrugna...
EUVD-2020-2447
Malware in sbrugna...
EUVD-2018-2250
Malware in sbrugna...
EUVD-2018-20170
Malware in sbrugna...
EUVD-2025-27766
Malicious code in bioql PyPI...
EUVD-2025-6332
Malicious code in bioql PyPI...
CVE-2025-30038
The vulnerability consists of a session ID leak when saving a file downloaded from CGM CLININET. The identifier is exposed through a built-in Windows security feature that stores additional metadata in an NTFS alternate data stream ADS for all files downloaded from potentially untrusted sources...
CVE-2025-30038 Session ID leakage in Zone.Identifier of downloaded files
The vulnerability consists of a session ID leak when saving a file downloaded from CGM CLININET. The identifier is exposed through a built-in Windows security feature that stores additional metadata in an NTFS alternate data stream ADS for all files downloaded from potentially untrusted sources...
CVE-2025-30038 Session ID leakage in Zone.Identifier of downloaded files
The vulnerability consists of a session ID leak when saving a file downloaded from CGM CLININET. The identifier is exposed through a built-in Windows security feature that stores additional metadata in an NTFS alternate data stream ADS for all files downloaded from potentially untrusted sources...
CVE-2025-27472 Windows Mark of the Web Security Feature Bypass Vulnerability
...
Windows Mark of the Web Security Feature Bypass Vulnerability
Protection mechanism failure in Windows Mark of the Web MOTW allows an unauthorized attacker to bypass a security feature over a network...
CVE-2025-21247
CVE-2025-21247 is a MapUrlToZone security bypass in Windows. Description: Improper resolution of path equivalence allows a network attacker to bypass a security feature. CVSS: 3.1, Network attack, Low complexity, No privileges required, User interaction required, Confidentiality impact Low; Integ...
Windows Mark of the Web Security Feature Bypass Vulnerability
Protection mechanism failure in Windows Mark of the Web MOTW allows an unauthorized attacker to bypass a security feature locally...
7-Zip bug could allow a bypass of a Windows security feature. Update now
A patch is available for a vulnerability in 7-Zip that could have allowed attackers to bypass the Mark-of-the-Web MotW security feature in Windows. The MotW is an attribute added to files by Windows when they have been sourced from an untrusted location, like the internet or a restricted zone. Th...
CVE-2024-38217
CVE-2024-38217 is a security feature bypass in Microsoft Windows Mark of the Web (MOTW). The vulnerability allows bypassing MOTW protections when opening booby-trapped Office files, as discussed in multiple sources. Exploitation details are not fully disclosed in the provided documents, but the C...