279 matches found
CVE-2023-5727
The executable file warning was not presented when downloading .msix, .msixbundle, .appx, and .appxbundle files, which can run commands on a user's computer. Note: This issue only affected Windows operating systems. Other operating systems are unaffected. This vulnerability affects Firefox 119,...
Mozilla Firefox Security Vulnerability
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox version 119, which originates from downloading .msix, .msixbundle, .appx, and .appxbundle files without an executable warning...
June 13, 2023—KB5027222 (OS Build 17763.4499) - EXPIRED
None None...
February 21, 2023—KB5022905 (OS Build 22000.1641) Preview
None None...
The vulnerability of the Windows AppX Package Manager component in Windows operating systems, related to deficiencies in access control, allows attackers to escalate their privileges.
The vulnerability of the Windows AppX Package Manager component in operating systems related to Windows is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...
Microsoft Windows AppX Deployment Service Privilege Escalation Vulnerability
A privilege escalation vulnerability exists when Windows AppX Deployment Service AppXSVC improperly handles hard links...
Microsoft Windows AppX Deployment Extensions Privilege Escalation Vulnerability
A privilege escalation vulnerability exists when the Windows AppX Deployment Extensions improperly performs privilege management, resulting in access to system files...
CVE-2022-24549
Windows AppX Package Manager Elevation of Privilege Vulnerability...
CVE-2022-24549
Windows AppX Package Manager Elevation of Privilege Vulnerability...
Privilege escalation
Windows AppX Package Manager Elevation of Privilege Vulnerability...
CVE-2022-24549
CVE-2022-24549 is a Windows AppX Package Manager Elevation of Privilege vulnerability. The connected documents provide concrete details: affected component is Windows AppX Package Manager; root cause and exact vulnerable versions are not specified in the provided sources. CVSS data: CVSS v3.1 bas...
CVE-2022-24549 Windows AppX Package Manager Elevation of Privilege Vulnerability
...
Windows AppX Package Manager Elevation of Privilege Vulnerability
...
PT-2022-2813 · Microsoft · Windows Appx Package Manager +1
Name of the Vulnerable Software and Affected Versions: Windows AppX Package Manager affected versions not specified Description: The issue is related to insufficient access restrictions in the Windows AppX Package Manager, which can be exploited to elevate privileges. This allows an attacker to...
KLA12502 Multiple vulnerabilities in Microsoft Windows
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, cause denial of service, obtain sensitive information. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in...
VulnCheck KEV: CVE-2019-1385
A privilege escalation vulnerability exists when the Windows AppX Deployment Extensions improperly performs privilege management, resulting in access to system files...
VulnCheck KEV: CVE-2019-1253
A privilege escalation vulnerability exists when the Windows AppX Deployment Server improperly handles junctions...
Microsoft Windows AppX Deployment Server Privilege Escalation Vulnerability
A privilege escalation vulnerability exists when the Windows AppX Deployment Server improperly handles junctions...
Microsoft Windows AppX Deployment Service (AppXSVC) Privilege Escalation Vulnerability
A privilege escalation vulnerability exists when Windows AppXSVC improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context...
Microsoft Windows AppX Deployment Service (AppXSVC) Privilege Escalation Vulnerability
A privilege escalation vulnerability exists when Windows AppXSVC improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context...