CVE-2019-25352 Genivia Crystal Live HTTP Server 6.01 - 'Crystal Live HTTP Server' Path Traversal

Crystal Live HTTP Server 6.01 contains a directory traversal vulnerability that allows remote attackers to access system files by manipulating URL path segments. Attackers can use multiple '../' sequences to navigate outside the web root and retrieve sensitive configuration files like Windows...

CVE-2019-25352

Crystal Live HTTP Server 6.01 exposes a directory traversal vulnerability allowing remote attackers to access sensitive files by manipulating URL path segments with multiple ../ sequences. Affected component is the server’s handling of URL paths, enabling navigation outside the web root and poten...

CVE-2019-25352 Genivia Crystal Live HTTP Server 6.01 - 'Crystal Live HTTP Server' Path Traversal

Crystal Live HTTP Server 6.01 contains a directory traversal vulnerability that allows remote attackers to access system files by manipulating URL path segments. Attackers can use multiple '../' sequences to navigate outside the web root and retrieve sensitive configuration files like Windows...

CVE-2025-23007

A vulnerability in the NetExtender Windows client log export function allows unauthorized access to sensitive Windows system files, potentially leading to privilege escalation...

CVE-2025-23007

A vulnerability in the NetExtender Windows client log export function allows unauthorized access to sensitive Windows system files, potentially leading to privilege escalation...

SonicWall NetExtender Local Privilege Escalation via Arbitrary SYSTEM File Read

A vulnerability in the NetExtender Windows client log export function allows unauthorized access to sensitive Windows system files, potentially leading to privilege escalation. CVE: CVE-2025-23007 Last updated: March 24, 2025, 5:22 a.m...

PT-2025-4763 · Sonicwall · Sonicwall Netextender

Name of the Vulnerable Software and Affected Versions: SonicWall NetExtender versions up to 10.3.0 Description: A vulnerability in the NetExtender Windows client log export function allows unauthorized access to sensitive Windows system files, potentially leading to privilege escalation...

Windows Secure Kernel Mode Elevation of Privilege Vulnerability

Summary: As of July 10, 2025 Microsoft has completed mitigations to address this vulnerability. See KB5042562: Guidance for blocking rollback of virtualization-based security related updates and the Recommended Actions section of this CVE for guidance on how to protect your systems from this...

CVE-2022-48483

3CX before 18 Hotfix 1 build 18.0.3.461 on Windows allows unauthenticated remote attackers to read %WINDIR%\system32 files via /Electron/download directory traversal in conjunction with a path component that has a drive letter and uses backslash characters. NOTE: this issue exists because of an...