CVE-2025-47761

An Exposed IOCTL with Insufficient Access Control vulnerability CWE-782 vulnerability in Fortinet FortiClientWindows 7.4.0 through 7.4.3, FortiClientWindows 7.2.0 through 7.2.9 may allow an authenticated local user to execute unauthorized code via fortips driver. Success of the attack would requi...

SAP GUI for Windows 安全漏洞

SAP GUI for Windows is an interface graphics software for Windows from SAP, Germany. A security vulnerability exists in SAP GUI for Windows that originates from an elevated privilege user being able to locally access sensitive information in the process memory at runtime, potentially resulting in...

EUVD-2019-1513

Malware in sbrugna...

CVE-2025-8061

A potential insufficient access control vulnerability was reported in the Lenovo Dispatcher 3.0 and Dispatcher 3.1 drivers used by some Lenovo consumer notebooks that could allow an authenticated local user to execute code with elevated privileges. The Lenovo Dispatcher 3.2 driver is not affected...

CVE-2025-8061

CVE-2025-8061 affects Lenovo Dispatcher drivers 3.0 and 3.1 via the LnvMSRIO.sys driver, enabling local privilege escalation due to insufficient access control. The vulnerability allows an authenticated local user to execute code with elevated privileges; Lenovo Dispatcher 3.2 is not affected. Wi...

CVE-2024-23912

Out-of-bounds Read vulnerability in Merge DICOM Toolkit C/C++ on Windows. When MCOpenFile function is used to read a malformed DICOM data, it might result in over-reading memory buffer and could cause memory access violation...

The vulnerability of Windows operating systems relates to the use of memory after it is freed, allowing an attacker to increase their privileges.

Vulnerabilities of Windows operating systems are related to the use of memory after it is freed. Exploiting these vulnerabilities can allow attackers to increase their privileges...

The vulnerability of the SPNEGO security mechanism for Windows operating systems allows a perpetrator to disclose protected information.

The vulnerability of the SPNEGO security mechanism for Windows operating systems is related to reading data beyond the allowed range in memory. Exploiting this vulnerability can allow an attacker to disclose protected information...

PT-2025-1269 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to the Microsoft Digest authentication mechanism in Windows operating systems, which uses insecure methods for handling authentication data in the operating system's...

K15893: Apache HTTP server vulnerabilities CVE-2014-0117, CVE-2014-0118, CVE-2014-0226, CVE-2014-0231, and CVE-2014-3523

Security Advisory Description CVE-2014-0117 The modproxy module in the Apache HTTP Server 2.4.x before 2.4.10, when a reverse proxy is enabled, allows remote attackers to cause a denial of service child-process crash via a crafted HTTP Connection header. CVE-2014-0118 The deflateinfilter function...

CVE-2020-14999

A logic bug in system monitoring driver of Acronis Agent after 12.5.21540 and before 12.5.23094 allowed to bypass Windows memory protection and access sensitive data...

CVE-2020-14999

CVE-2020-14999 affects Acronis Agent’s system monitoring driver, where a logic bug allowed bypassing Windows memory protection and accessing sensitive data. Publicly documented affected range is 12.5.21540 through 12.5.23093; a fix appears in 12.5.23094. The issue is described across multiple sou...

The vulnerability of the win32k component of the Windows operating system, which allows a hacker to increase their privileges

The vulnerability of the win32k component in the Windows operating system is related to incorrect handling of objects in memory. Exploiting this vulnerability can allow an attacker to enhance their privileges through a specially created application...

The vulnerability in the implementation of the NetBIOS protocol on Windows operating systems allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the NetBIOS protocol implementation in Windows operating systems is related to errors in object memory handling. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

Avast Antivirus Password Management Vulnerability

Avast Antivirus is a suite of antivirus software from the Czech company Avast. version 20.1.5069.562 of Avast Antivirus contains a password management vulnerability that could be exploited by an attacker to continue storing entered passwords in the Windows main memory...

CVE-2020-15024

An issue was discovered in the Login Password feature of the Password Manager component in Avast Antivirus 20.1.5069.562. An entered password continues to be stored in Windows main memory after a logout, and after a Lock Vault operation...

CVE-2020-1430

An elevation of privilege vulnerability exists when the Windows UPnP Device Host improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows UPnP Device Host Elevation of Privilege Vulnerability'. This CVE ID is unique...

The vulnerability of VBScript script handlers in Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of VBScript script handlers in Windows operating systems is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely, using a specially crafted web page or document...

The vulnerability of the DirectWrite programming interface in Windows operating systems allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the DirectWrite programming interface in Windows operating systems is related to errors in object handling in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information through a specially crafted document or web page...

The vulnerability of the Win32k component in Windows operating systems, which allows attackers to escalate their privileges

The vulnerability of the Win32k component in Windows operating systems is related to errors in memory object handling. Exploiting this vulnerability can allow an attacker to enhance their privileges through a specially created application...