CVE-2026-40404

Windows Universal Disk Format File System Driver UDFS Elevation of Privilege Vulnerability...

Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability

...

Microsoft Windows Universal Disk Format File System Driver 安全漏洞

The Microsoft Windows Universal Disk Format File System Driver is an open-source Windows file system driver developed by Microsoft. There is a security vulnerability in the Microsoft Windows Universal Disk Format File System Driver, which may allow authorized attackers to gain local privileges...

Microsoft Windows Universal Disk Format File System Driver 安全漏洞

The Microsoft Windows Universal Disk Format File System Driver is an open-source Windows file system driver developed by Microsoft. There is a security vulnerability in the Microsoft Windows Universal Disk Format File System Driver, which may allow authorized attackers to gain local privileges...

EUVD-2026-30111

External Control of File Name or Path in the Zoom Workplace VDI Plugin Windows Universal Installer before version 6.6.11 may allow an authenticated user to conduct an escalation of privilege via local access...

Zoom Workplace VDI Plugin Windows Universal Installer 安全漏洞

The Zoom Workplace VDI Plugin Windows Universal Installer is a Windows plugin provided by the US company Zoom, designed for use in virtual desktop infrastructure environments. Versions of the Zoom Workplace VDI Plugin Windows Universal Installer prior to version 6.6.11 contained security...

CVE-2026-27920

Untrusted pointer dereference in Windows Universal Plug and Play UPnP Device Host allows an authorized attacker to elevate privileges locally...

CVE-2026-27919

Untrusted pointer dereference in Windows Universal Plug and Play UPnP Device Host allows an authorized attacker to elevate privileges locally...

CVE-2026-32077

Untrusted pointer dereference in Windows Universal Plug and Play UPnP Device Host allows an authorized attacker to elevate privileges locally...

PT-2026-32803

Name of the Vulnerable Software and Affected Versions Windows Universal Plug and Play UPnP Device Host affected versions not specified Description An untrusted pointer dereference in the Windows Universal Plug and Play UPnP Device Host allows an authorized attacker to elevate privileges locally...

CVE-2026-23672

CVE-2026-23672 corresponds to a Privilege Elevation vulnerability in the Windows Universal Disk Format File System Driver (UDFS). The NVD entry confirms an Elevation of Privilege impact with a CVSS v3.1 base score of 7.8 (Local, Privileges Required: Low, No user interaction) and indicates a Windo...

CVE-2013-6773

Splunk 5.0.3 has an Unquoted Service Path in Windows for Universal Forwarder which can allow an attacker to escalate privileges...

CVE-2025-20387

CVE-2025-20387 affects Splunk Universal Forwarder for Windows. The issue, observed in versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, arises when installing or upgrading to an affected build, causing incorrect permissions in the Forwarder installation directory. This misconfiguration allows non-...

CVE-2025-48819

Sensitive data storage in improperly locked memory in Windows Universal Plug and Play UPnP Device Host allows an authorized attacker to elevate privileges over an adjacent network...

PT-2025-28552 · Microsoft · Windows Universal Plug/Play (Upnp) Device Host +1

Name of the Vulnerable Software and Affected Versions: Windows Universal Plug and Play UPnP Device Host affected versions not specified Description: The issue is related to a use after free condition in the Windows Universal Plug and Play UPnP Device Host, which allows an authorized attacker to...

PT-2025-28550 · Microsoft · Windows Universal Plug/Play (Upnp) Device Host +1

Name of the Vulnerable Software and Affected Versions: Windows Universal Plug and Play UPnP Device Host affected versions not specified Description: The issue concerns sensitive data storage in improperly locked memory, allowing an authorized attacker to elevate privileges over an adjacent networ...

CVE-2025-27484

Sensitive data storage in improperly locked memory in Windows Universal Plug and Play UPnP Device Host allows an authorized attacker to elevate privileges over a network...

Windows Universal Plug and Play (UPnP) Device Host Elevation of Privilege Vulnerability

Sensitive data storage in improperly locked memory in Windows Universal Plug and Play UPnP Device Host allows an authorized attacker to elevate privileges over a network...

KB4577070: Windows Server 2008 September 2020 Security Update

The remote Windows host is missing security update 4577070 or cumulative update 4577064. It is, therefore, affected by multiple vulnerabilities : - An elevation of privilege vulnerability exists when the Windows RSoP Service Application improperly handles memory. CVE-2020-0648 - An elevation of...

Xinfire TV Player 6.0.1.2 Buffer Overflow Exploit

This Metasploit module exploits a buffer overflow in Xinfire TV Player Pro and Standard version 6.0.1.2. When the application is used to import a specially crafted plf file, a buffer overflow occurs allowing arbitrary code execution. Tested successfully on Win7, Win10. This software is similar as...