CVE-2025-12052

The drivers in the tool packages use RTLQUERYREGISTRYDIRECT flag to read a registry value to which an untrusted user-mode application may be able to cause a buffer overflow...

CVE-2025-12052

The drivers in the tool packages use RTLQUERYREGISTRYDIRECT flag to read a registry value to which an untrusted user-mode application may be able to cause a buffer overflow...

CVE-2025-12051 H2OFFT64.sys is potentially vulnerable to a buffer overflow.

The drivers in the tool packages use RTLQUERYREGISTRYDIRECT flag to read a registry value to which an untrusted user-mode application may be able to cause a buffer overflow...

CVE-2025-12050

The drivers in the tool packages use RTLQUERYREGISTRYDIRECT flag to read a registry value to which an untrusted user-mode application may be able to cause a buffer overflow...

PT-2026-2440

Name of the Vulnerable Software and Affected Versions Windows Kernel Driver affected versions not specified Description The drivers within the tool packages utilize the RTL QUERY REGISTRY DIRECT flag when reading a registry value. This process is susceptible to a buffer overflow if an untrusted...

PT-2026-2439

Name of the Vulnerable Software and Affected Versions Windows Kernel Driver affected versions not specified Description The drivers within the tool packages utilize the RTL QUERY REGISTRY DIRECT flag when reading a registry value. This process is susceptible to a buffer overflow if an untrusted...

EUVD-2006-1202

Malware in sbrugna...

EUVD-2006-0533

Malware in sbrugna...

ASUSTOR Backup Plan 安全漏洞

ASUSTOR Backup Plan ABP is a Windows backup tool from Hua Yun Technology ASUSTOR Inc. of Taipei, China. A security vulnerability exists in ASUSTOR Backup Plan version 2.0.7.6130 and earlier and AES version 1.0.6.6133 and earlier, which stems from an unquoted ImagePath registry value that could le...

How to Register a Service Provider’s Veeam Data Cloud Vault on a Tenant's VBR Server

Legacy Functionality This article explains a method relevant only to Veeam Backup& Replication 13.0.1.1071 and older. Starting in Veeam Backup & Replication 13.0.1.2067, the backup server authorization now communicates directly with Veeam Data Cloud VDC, removing the need to be a License Admin...

CVE-2025-46716 Sandboxie Arbitrary Kernel Read in SbieDrv.sys API (API_SET_SECURE_PARAM)

Sandboxie is a sandbox-based isolation software for 32-bit and 64-bit Windows NT-based operating systems. Starting in version 1.3.0 and prior to version 1.15.12, ApiSetSecureParam fails to sanitize incoming pointers, and implicitly trusts that the pointer the user has passed in is safe to read...

uberAgent service stops after a few seconds

Windows' Services console shows that uberAgent service is not running. When manually started, the service starts and stops after a few seconds. uberAgent log file located in C:\Windows\Temp default location shows the issue with network driver startup. Example: 2025-03-01 17:28:33.013 +0200,INFO...

How to Disable Boot Prompt in Veeam Agent for Windows Recovery Media

Version Requirement Requires Veeam Agent for Microsoft Windows version 6.3, which is included with Veeam Backup & Replication 12.3. Purpose This article documents how to disable the 'Press any key to boot from CD or DVD... " prompt that appears when booting from the Veeam Agent for Microsoft...

CVE-2024-8785

In WhatsUp Gold versions released before 2024.0.1, a remote unauthenticated attacker could leverage NmAPI.exe to create or change an existing registry value in registry path HKEYLOCALMACHINE\SOFTWARE\WOW6432Node\Ipswitch...

Restore to EC2 Error: "Failed to validate machine: Cannot find a suitable image for the restored machine."

Issue Resolved in Veeam Backup & Replication 12.1 The issue documented in this article was resolved starting in Veeam Backup & Replication 12.1. Veeam strongly encourages all customers to update to the latest version. Challenge A Restore to Amazon EC2 fails with the error: Failed to validate...

KB5004442: Windows DCOM Server Security Feature Bypass Registry Check (CVE-2021-26414)

The remote Windows DCOM Server may be in a vulnerable state to exploitation by having the HKLM\Software\Microsoft\Ole\AppCompat\RequireIntegrityActivationAuthenticationLevel registry value set to 0. Hardening changes in DCOM were required for CVE-2021-26414 and were implemented in 2 phases on Jun...

Exploit for CVE-2022-21907

This is a PoC exploit for CVE-2022-21907, a HTTP Protocol Stack...

Windows HTTP Protocol Stack CVE-2022-21907 Mitigation (EnableTrailerSupport)

The remote system may be in a vulnerable state to CVE-2022-21907 by having the following registry key set: - HKLM\System\CurrentControlSet\Services\HTTP\Parameters\EnableTrailerSupport An unauthenticated, remote attacker could exploit this, by sending specially crafted requests, to execute...

Using Restore to Microsoft Azure with ExpressRoute or site-to-site VPN connectivity to Azure

Challenge You may use Restore to Microsoft Azure for environments with ExpressRoute or site-to-site VPN connectivity to Azure. When using Azure Restore Proxy Appliance and helper appliances to perform the restore, they must have private IP addresses only. Solution Starting with Veeam Backup &...

Windows Lockscreen Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists when Windows Lockscreen fails to properly load spotlight images from a secure location. An attacker who successfully exploited the vulnerability could execute commands with elevated permissions. An authenticated attacker could modify a registry value...