CVE-2003-1521

Sun Java Plug-In 1.4 through 1.4.202 allows remote attackers to repeatedly access the floppy drive via the createXmlDocument method in the org.apache.crimson.tree.XmlDocument class, which violates the Java security model...

CVE-2022-31468

OX App Suite through 8.2 allows XSS via an attachment or OX Drive content when a client uses the len or off parameter...

CVE-2019-18630

On Xerox AltaLink B8045/B8055/B8065/B8075/B8090 and C8030/C8035/C8045/C8055/C8070 multifunction printers with software releases before 101.00x.099.28200, portions of the drive containing executable code were not encrypted thus leaving it open to potential cryptographic information disclosure...

CVE-2019-20833

An issue was discovered in Foxit PhantomPDF before 8.3.10. It has mishandling of cloud credentials, as demonstrated by Google Drive...

CVE-2023-49769

Cross-Site Request Forgery CSRF vulnerability in SoftLab Integrate Google Drive.This issue affects Integrate Google Drive: from n/a through 1.3.4...

CVE-2018-10622

Medtronic MyCareLink Patient Monitor uses per-product credentials that are stored in a recoverable format. An attacker can use these credentials to modify encrypted drive data...

CVE-2025-23084

A vulnerability has been identified in Node.js, specifically affecting the handling of drive names in the Windows environment. Certain Node.js functions do not treat drive names as special on Windows. As a result, although Node.js assumes a relative path, it actually refers to the root directory...

CVE-2023-31199

Improper access control in the IntelR Solid State Drive ToolboxTM before version 3.4.5 may allow a privileged user to potentially enable escalation of privilege via local access...

CVE-2021-31853

DLL Search Order Hijacking Vulnerability in McAfee Drive Encryption MDE prior to 7.3.0 HF2 7.3.0.183 allows local users to execute arbitrary code and escalate privileges via execution from a compromised folder...

CVE-2025-1878

A vulnerability has been found in i-Drive i11 and i12 up to 20250227 and classified as problematic. This vulnerability affects unknown code of the component WiFi. The manipulation leads to use of default password. Access to the local network is required for this attack to succeed. The complexity ...

CVE-2025-1882

A vulnerability was found in i-Drive i11 and i12 up to 20250227. It has been rated as critical. Affected by this issue is some unknown functionality of the component Device Setting Handler. The manipulation leads to improper access control for register interface. The attack needs to be done withi...

CVE-2025-1879

A vulnerability was found in i-Drive i11 and i12 up to 20250227 and classified as problematic. This issue affects some unknown processing of the component APK. The manipulation leads to hard-coded credentials. It is possible to launch the attack on the physical device. It was not possible to...

CVE-2025-1880

A vulnerability was found in i-Drive i11 and i12 up to 20250227. It has been classified as problematic. Affected is an unknown function of the component Device Pairing. The manipulation leads to authentication bypass by primary weakness. It is possible to launch the attack on the physical device...

CVE-2022-27905

In ControlUp Real-Time Agent before 8.6, an unquoted path can result in privilege escalation. An attacker would require write permissions to the root level of the OS drive C:\ to exploit this...

CVE-1999-0594

A Windows NT system does not restrict access to removable media drives such as a floppy disk drive or CDROM drive...

PT-2026-2932

Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.20.1 Description A heap-buffer-overflow can occur in drive read when a server-controlled read length is used to read file data into an IRP output stream buffer without a hard upper bound. This allows an oversized re...

PT-2026-24117

Name of the Vulnerable Software and Affected Versions node-tar versions prior to 7.5.11 Description The node-tar software contains a flaw where it can be manipulated into creating a symbolic link that points outside the intended extraction directory. This is achieved by utilizing a drive-relative...

CVE-2023-54256

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2025-14405

PDFsam Enhanced Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows phyiscally-present attackers to escalate privileges on affected installations of PDFsam Enhanced. An attacker must first obtain the ability to mount a malicious drive onto the targ...

EUVD-2025-205001

PDFsam Enhanced Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows phyiscally-present attackers to escalate privileges on affected installations of PDFsam Enhanced. An attacker must first obtain the ability to mount a malicious drive onto the targ...