Humming Heads Defense Platform 安全漏洞

Humming Heads Defense Platform is a network security software from Humming Heads, Inc. A security vulnerability exists in Humming Heads Defense Platform Ver.3.9.51.x and earlier versions, which stems from the presence of a buffer overflow that could allow an attacker to gain SYSTEM privileges on ...

CVE-2020-13347

A command injection vulnerability was discovered in Gitlab runner versions prior to 13.2.4, 13.3.2 and 13.4.1. When the runner is configured on a Windows system with a docker executor, which allows the attacker to run arbitrary commands on Windows host, via DOCKERAUTHCONFIG build variable...

CVE-2024-7479

Improper verification of cryptographic signature during installation of a VPN driver via the TeamViewerservice.exe component of TeamViewer Remote Clients prior version 15.58.4 for Windows allows an attacker with local unprivileged access on a Windows system to elevate their privileges and install...

The vulnerability of the SAP GUI graphical user interface for Windows involves unauthorized access to system data within the controlled area. This allows attackers to gain unauthorized access to protected information.

The vulnerability of the SAP GUI graphical user interface for Windows relates to the disclosure of system data by unauthorized parties in the controlled area. Exploiting this vulnerability can allow attackers to gain unauthorized access to protected information...

CVE-2025-23007

A vulnerability in the NetExtender Windows client log export function allows unauthorized access to sensitive Windows system files, potentially leading to privilege escalation...

CVE-2025-23007

A vulnerability in the NetExtender Windows client log export function allows unauthorized access to sensitive Windows system files, potentially leading to privilege escalation...

SonicWall NetExtender Local Privilege Escalation via Arbitrary SYSTEM File Read

A vulnerability in the NetExtender Windows client log export function allows unauthorized access to sensitive Windows system files, potentially leading to privilege escalation. CVE: CVE-2025-23007 Last updated: March 24, 2025, 5:22 a.m...

PT-2025-4763 · Sonicwall · Sonicwall Netextender

Name of the Vulnerable Software and Affected Versions: SonicWall NetExtender versions up to 10.3.0 Description: A vulnerability in the NetExtender Windows client log export function allows unauthorized access to sensitive Windows system files, potentially leading to privilege escalation...

CVE-2025-0065

Improper Neutralization of Argument Delimiters in the TeamViewerservice.exe component of TeamViewer Clients prior version 15.62 for Windows allows an attacker with local unprivileged access on a Windows system to elevate privileges via argument injection...

CVE-2025-0065 Improper Neutralization of Argument Delimiters in TeamViewer Clients

Improper Neutralization of Argument Delimiters in the TeamViewerservice.exe component of TeamViewer Clients prior version 15.62 for Windows allows an attacker with local unprivileged access on a Windows system to elevate privileges via argument injection...

Google Chrome Security Update (stable-channel-update-for-desktop_14-2025-01) - Windows

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...

PT-2025-37303

Name of the Vulnerable Software and Affected Versions: Zabbix Agent 2 affected versions not specified Description: The Zabbix Agent 2 smartctl plugin does not properly sanitize smart.disk.get parameters, which allows an attacker to inject unexpected arguments into the smartctl command. This can b...

Ivanti Security Controls Installed (Windows)

Binary data ivantisecuritycontrolsdetectwin.nbin...

IBM Db2 安全漏洞

IBM Db2 is a relational database management system from International Business Machines IBM. The system's execution environments are mainly UNIX, Linux, IBMi, z/OS, and Windows server versions. IBM Db2 suffers from a denial-of-service vulnerability that can be exploited by an attacker to cause a...

PT-2024-35976 · Samsung · Samsung Magician

Name of the Vulnerable Software and Affected Versions: Samsung Magician version 8.1.0 Description: An issue was discovered in the installer of Samsung Magician on Windows, allowing an attacker to create arbitrary folders in the system permission directory via a symbolic link during the installati...

CVE-2024-45731 Potential Remote Command Execution (RCE) through arbitrary file write to Windows system root directory when Splunk Enterprise for Windows is installed on a separate disk

In Splunk Enterprise for Windows versions below 9.3.1, 9.2.3, and 9.1.6, a low-privileged user that does not hold the "admin" or "power" Splunk roles could write a file to the Windows system root directory, which has a default location in the Windows System32 folder, when Splunk Enterprise for...

CVE-2024-45731

Summary: CVE-2024-45731 affects Splunk Enterprise for Windows prior to 9.3.1, 9.2.3, and 9.1.6. A low-privileged user (not admin/power roles) could write a file to the Windows system root (default System32 location) when Splunk is installed on a separate drive. Root cause / impact: arbitrary file...

CVE-2024-45731 Potential Remote Command Execution (RCE) through arbitrary file write to Windows system root directory when Splunk Enterprise for Windows is installed on a separate disk

In Splunk Enterprise for Windows versions below 9.3.1, 9.2.3, and 9.1.6, a low-privileged user that does not hold the "admin" or "power" Splunk roles could write a file to the Windows system root directory, which has a default location in the Windows System32 folder, when Splunk Enterprise for...

CVE-2024-7481 Improper signature verification of Printer driver installation in TeamViewer Remote Clients

Improper verification of cryptographic signature during installation of a Printer driver via the TeamViewerservice.exe component of TeamViewer Remote Clients prior version 15.58.4 for Windows allows an attacker with local unprivileged access on a Windows system to elevate their privileges and...

CVE-2024-7481 Improper signature verification of Printer driver installation in TeamViewer Remote Clients

Improper verification of cryptographic signature during installation of a Printer driver via the TeamViewerservice.exe component of TeamViewer Remote Clients prior version 15.58.4 for Windows allows an attacker with local unprivileged access on a Windows system to elevate their privileges and...