Lucene search
K

8 matches found

The Hacker News
The Hacker News
added 2025/12/03 5:46 p.m.8 views

Microsoft Silently Patches Windows LNK Flaw After Years of Active Exploitation

Microsoft has silently plugged a security flaw that has been exploited by several threat actors since 2017 as part of the company's November 2025 Patch Tuesday updates, according to ACROS Security's 0patch. The vulnerability in question is CVE-2025-9491 CVSS score: 7.8/7.0, which has been describ...

7.8CVSS7.5AI score0.63102EPSS
Exploits3
RedhatCVE
RedhatCVE
added 2025/05/22 4:15 p.m.9 views

CVE-2020-1299

A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed.An attacker who successfully exploited this vulnerability could gain the same user rights as the local user, aka 'LNK Remote Code Execution Vulnerability'...

9.3CVSS8AI score0.14544EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 8:3 a.m.9 views

CVE-2019-1280

A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed.An attacker who successfully exploited this vulnerability could gain the same user rights as the local user, aka 'LNK Remote Code Execution Vulnerability'...

9.3CVSS8AI score0.18982EPSS
Exploits0References1
NVD
NVD
added 2020/06/09 8:15 p.m.16 views

CVE-2020-1299

A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed.An attacker who successfully exploited this vulnerability could gain the same user rights as the local user, aka 'LNK Remote Code Execution Vulnerability'...

9.3CVSS0.14544EPSS
Exploits0References1
OSV
OSV
added 2020/03/12 4:15 p.m.5 views

CVE-2020-0684

A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed.An attacker who successfully exploited this vulnerability could gain the same user rights as the local user, aka 'LNK Remote Code Execution Vulnerability'...

8.8CVSS8AI score0.08749EPSS
Exploits0References1
CNVD
CNVD
added 2020/02/14 12:0 a.m.3 views

Microsoft LNK Remote Code Execution Vulnerability

Microsoft Windows is a family of operating systems from Microsoft. Microsoft Windows has a remote code execution vulnerability in the handling of .LNK files, which can be exploited by an attacker to gain the same user rights as a local user...

8.8CVSS7.9AI score0.30863EPSS
Exploits0References1
CVE
CVE
added 2019/08/14 8:55 p.m.106 views

CVE-2019-1188

CVE-2019-1188 is a remote code execution vulnerability in Microsoft Windows involving processing of .LNK shortcut references. An attacker could trick a user into opening a removable drive or remote share containing a malicious .LNK file and an associated binary; when the user opens the drive or p...

9.3CVSS8.6AI score0.03766EPSS
Exploits0References1Affected Software3
Cvelist
Cvelist
added 2005/02/23 5:0 a.m.17 views

CVE-2005-0519

ArGoSoft FTP Server before 1.4.2.7 allows remote attackers to read arbitrary files by uploading a ZIP file containing a shortcut .LNK file, using SITE UNZIP to extract the .LNK file onto the server, then accessing the file, a different vulnerability than CVE-2005-0520...

6.6AI score0.03781EPSS
Exploits0References5
Rows per page
Query Builder