Security Bulletin: IBM Sterling Connect:Direct for Microsoft Windows is vulnerable to issues in Jetty

Summary There are vulnerabilities in Jetty used by IBM Sterling Connect:Direct for Microsoft Windows. IBM Sterling Connect:Direct for Microsoft Windows has addressed the applicable CVEs CVE-2025-11143, CVE-2026-2332. Vulnerability Details CVEID:CVE-2025-11143 DESCRIPTION: The Jetty URI parser has...

CVE-2026-32996

This vulnerability in Veeam Agent for Microsoft Windows allows for Local Privilege Escalation...

CVE-2026-32996

This vulnerability in Veeam Agent for Microsoft Windows allows for Local Privilege Escalation...

CVE-2026-32996

This vulnerability in Veeam Agent for Microsoft Windows allows for Local Privilege Escalation...

PT-2026-44174

This vulnerability in Veeam Agent for Microsoft Windows allows for Local Privilege Escalation...

EUVD-2026-29684

Heap-based buffer overflow in Microsoft Windows DNS allows an unauthorized attacker to execute code over a network...

CVE-2026-34339

Technical details about CVE-2026-34339 (Windows LDAP denial of service) are not publicly available in the provided connected documents. Monitor for updates from Microsoft/NVD for affected products, vectors, and fixes.

CVE-2026-41096

Heap-based buffer overflow in Microsoft Windows DNS allows an unauthorized attacker to execute code over a network...

CVE-2026-40380 Windows Volume Manager Extension Driver Remote Code Execution Vulnerability

...

CVE-2026-34330

Technical details about CVE-2026-34330 (Win32K GRFX integer overflow leading to local privilege elevation) are not publicly provided in the supplied connected documents. Please monitor official advisories (MSRC/NVD) for affected products, impact, and fixes.

Microsoft Windows Telephony Server 资源管理错误漏洞

Microsoft Windows Telephony Server is a component of the American company Microsoft. It supports the Telephone Application Programming Interface TAPI, allowing computer programs to communicate with shared telephone services. There is a resource management vulnerability in Microsoft Windows...

Microsoft Windows 竞争条件问题漏洞

Microsoft Windows is an operating system used by personal devices by the American company Microsoft. Microsoft Windows has vulnerabilities that can lead to competitive conditions. Attackers can exploit these vulnerabilities to execute code remotely. The following products and versions are affecte...

Microsoft Windows Cryptographic Services 安全漏洞

Microsoft Windows Cryptographic Services are encryption services provided by Microsoft Corporation. There are security vulnerabilities associated with Microsoft Windows Cryptographic Services. Attackers can exploit these vulnerabilities to gain higher privileges. The following products and versio...

Microsoft Windows Kernel Information Disclosure Vulnerability (CNVD-2026-20171)

The Microsoft Windows Kernel is the kernel of the Windows operating system from the American company Microsoft. An information disclosure vulnerability exists in Microsoft Windows Kernel, which can be exploited by attackers to obtain sensitive information...

Microsoft Windows Shell Elevation of Privilege Vulnerability

The Microsoft Windows Shell is the graphical user interface for the Windows operating system from Microsoft.The easily recognizable elements of the Windows shell include features such as the desktop, the taskbar, the start menu, the task switcher, and autoplay. An elevation of privilege...

Microsoft Windows Kernel Elevation of Privilege Vulnerability (CNVD-2026-20169)

The Microsoft Windows Kernel is the kernel of the Windows operating system from the American company Microsoft. An elevation of privilege vulnerability exists in Microsoft Windows Kernel, which can be exploited by an attacker to elevate privileges...

Microsoft Windows TCP/IP Remote Code Execution Vulnerability

Microsoft Windows TCP/IP is a Microsoft component that provides TCP/IP configuration capabilities for Windows. A remote code execution vulnerability exists in Microsoft Windows TCP/IP, which can be exploited by an attacker to execute code...

CVE-2026-32153

Use after free in Microsoft Windows Speech allows an authorized attacker to elevate privileges locally...

EUVD-2026-22538

Use after free in Microsoft Windows Speech allows an authorized attacker to elevate privileges locally...

EUVD-2026-22563

Improper privilege management in Microsoft Windows allows an authorized attacker to deny service locally...