Microsoft
Monthly
Privilege escalation in Windows Win32K ICOMP component via use-after-free memory corruption affects Windows 11 (24h2, 25h2) and Windows Server 2025. An authenticated local attacker can exploit this vulnerability to gain SYSTEM-level privileges with no user interaction required. Currently no patch is available and exploitation requires local access with user-level permissions.
Local privilege escalation in Windows Local Session Manager (LSM) across Windows 11 23h2, Windows Server 2012, and 2019 stems from improper synchronization in shared resource handling, enabling authenticated attackers to elevate privileges on affected systems. The vulnerability requires local access and specific timing conditions to exploit, with no patch currently available. This affects systems running the impacted Windows and Server editions where authenticated users may achieve system-level privileges.
Remote code execution in Windows RRAS affects Windows 10 21h2 and Windows Server 2022 variants through a heap-based buffer overflow triggered over the network without authentication. An attacker can exploit this vulnerability to execute arbitrary code with high privileges, though a user interaction is required to trigger the flaw. No patch is currently available, making this a critical risk for exposed systems.
Local privilege escalation in Windows Management Services affects Windows Server 2019, Windows 11 24h2, and Windows Server 2025 through improper synchronization of shared resources, enabling authenticated users to gain elevated system privileges. The vulnerability exploits a race condition that an attacker can trigger without user interaction, though no patch is currently available.
Windows Management Services on Windows 10 and Windows Server 2019 contains a race condition in shared resource synchronization that enables local privilege escalation for authenticated users. An attacker with local access can exploit improper locking mechanisms to gain elevated system privileges. No patch is currently available for this vulnerability.
Privilege escalation in Windows Management Services affects Windows 11 24H2, Windows Server 2022, and 2025 through a use-after-free memory vulnerability that allows authenticated local attackers to gain elevated system privileges. The vulnerability requires local access and manual user interaction is not required, making it exploitable by any authorized account on the system. Currently no patch is available to remediate this issue.
Windows Server and Windows 10/11 Connected Devices Platform Service (Cdpsvc) contains a heap buffer overflow that allows authenticated local users to escalate privileges to system level. The vulnerability requires low complexity exploitation with no user interaction, affecting multiple recent Windows versions including Server 2022, Windows 10 21h2, and Windows 11 23h2. No patch is currently available for this high-severity flaw.
Double free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally. [CVSS 7.0 HIGH]
Windows Management Services on Windows 10, 11, and Server 2022 expose sensitive information through an information disclosure vulnerability that allows authenticated local users to read confidential data. An attacker with valid credentials can exploit this to access information they should not be authorized to view, though no remote exploitation or system modification is possible. No patch is currently available for affected systems.
Windows Management Services on Windows 10 and Windows Server 2022 contain a race condition in shared resource handling that permits authenticated local attackers to escalate privileges to system level. The vulnerability stems from improper synchronization during concurrent operations and affects multiple Windows versions including Windows 10 22H2 and 1809. No patch is currently available for this high-severity issue (CVSS 7.8).
Windows 10 1607 is affected by access of resource using incompatible type (type confusion) (CVSS 7.8).
Kernel-mode driver use-after-free vulnerabilities in Windows 11 24H2 and Windows Server 2025 enable authenticated local attackers to achieve privilege escalation. An attacker with standard user privileges can exploit memory corruption in kernel drivers to gain SYSTEM-level access without user interaction. No patch is currently available.
Privilege escalation in Windows Management Services affects Windows 10, Windows 11, and Windows Server 2022 through a use-after-free memory vulnerability. An authenticated local attacker can exploit this flaw to gain elevated system privileges. Currently no patch is available and exploitation requires specific conditions to trigger.
Windows Cloud Files Mini Filter Driver contains an unsafe pointer dereference vulnerability that enables authenticated local users to achieve privilege escalation on affected Windows versions including Windows 10 1809, Windows 11, and Windows Server 2022. An attacker with valid credentials can exploit this flaw to gain elevated system privileges without user interaction. No patch is currently available for this high-severity vulnerability.
Remote code execution in Windows Server Update Service affects Windows 11 25h2, Windows Server 2025, 2022, and 2016 due to inadequate input validation, enabling unauthenticated network-based attackers to execute arbitrary code with high impact. The vulnerability requires specific conditions to exploit (high complexity) but carries significant risk across widely-deployed server infrastructure with no patch currently available.
Remote code execution in Windows LSASS (Local Security Authority Subsystem Service) on Windows 11 and Windows Server 2025 stems from a use-after-free memory vulnerability exploitable by authenticated attackers over the network. An attacker with valid credentials can trigger the flaw to execute arbitrary code with SYSTEM privileges, achieving complete system compromise. No patch is currently available, leaving affected systems vulnerable until Microsoft releases a security update.
Windows WalletService contains a race condition that permits local privilege escalation on Windows 10 and Windows 11 systems. An unauthenticated attacker with local access can exploit improper synchronization of shared resources to gain elevated privileges. No patch is currently available for this vulnerability.
Windows Hello privilege escalation on Windows 10, 11, and Server 2019 allows local attackers without credentials to tamper with system integrity through incorrect privilege assignment. The vulnerability requires local access but no user interaction, enabling unauthorized modifications to protected resources. No patch is currently available for this HIGH severity issue affecting multiple Windows versions.
Information disclosure in Windows Capability Access Management Service (camsvc) enables local attackers to read sensitive data from memory without authentication on Windows 11 24h2, Windows 11 25h2, and Windows Server 2025. The out-of-bounds read vulnerability requires local access but no special privileges or user interaction to trigger. No patch is currently available for this issue.
Windows Kerberos authentication in multiple Windows versions accepts untrusted input during security decisions, enabling authenticated network attackers to escalate privileges without user interaction. The vulnerability affects Windows 10 (versions 1607 and 1809), Windows Server 2012, and Windows Server 2025, with no patch currently available. An attacker with valid credentials can exploit this to gain elevated system access across the network.
Privilege escalation via race condition in Windows SMB Server affects Windows 10 21h2, Windows 11 25h2, and Windows Server 2022 23h2, allowing authenticated attackers to gain elevated privileges over the network. The vulnerability stems from improper synchronization when handling concurrent access to shared resources, and no patch is currently available. With a CVSS score of 7.5, this poses a significant risk to organizations using affected Windows versions.
Windows Shell information disclosure in Windows 10, 11, and Server 2019/2022 permits authenticated network attackers to conduct spoofing attacks by accessing sensitive data. The vulnerability requires valid credentials and network access, with no active exploits currently documented. No patch is available at this time.
Windows Clipboard Server contains a use-after-free vulnerability affecting Windows 10 (versions 21H2 and 1809) and Windows Server 2022 (23H2) that enables local privilege escalation without requiring user interaction. An attacker with local access can exploit this memory safety flaw to gain elevated system privileges. No patch is currently available for this vulnerability.
Local privilege escalation in Windows RRAS affects Windows 10, Windows 11, and Windows Server 2022, allowing authenticated users to gain system-level access through improper access control mechanisms. An attacker with local user credentials can exploit this vulnerability to obtain elevated privileges on the affected system. No patch is currently available, leaving vulnerable systems at risk until Microsoft releases a security update.
Use after free in Windows DWM allows an authorized attacker to elevate privileges locally. [CVSS 7.0 HIGH]
Heap-based buffer overflow in Windows NTFS allows an authorized attacker to execute code locally. [CVSS 7.8 HIGH]
Information disclosure in Windows Client-Side Caching Service allows authenticated local users to read sensitive data on affected systems including Windows 10, Windows 11, and Windows Server editions. An attacker with valid credentials can exploit improper access controls to access cached information without additional user interaction. No patch is currently available for this vulnerability.
Sensitive information disclosure in the Windows Kernel error message handling allows local authenticated users to read confidential data they shouldn't have access to. The vulnerability affects Windows and Windows Server 2022/2025 platforms and requires valid credentials to exploit, limiting its attack surface. No patch is currently available for this medium-severity issue.
Local code execution in Windows Media affects Windows 11 25h2, Windows Server 2019, and Windows Server 2025 through a heap buffer overflow that requires user interaction to trigger. An attacker with local access can exploit this vulnerability to achieve arbitrary code execution with full system privileges. No patch is currently available for this vulnerability.
Privilege escalation in the Graphics Kernel on Windows 11 and Linux systems results from improper synchronization of concurrent access to shared resources, allowing authenticated local attackers to gain elevated privileges. The vulnerability requires specific timing conditions to exploit but impacts multiple Windows versions and Linux distributions. No patch is currently available for this race condition vulnerability.
Information disclosure in Windows Capability Access Management Service (camsvc) allows authenticated local users to read out-of-bounds memory and access sensitive data on Windows 11 24h2, Windows 11 25h2, Windows Server 2022 23h2, and Windows Server 2025. The vulnerability requires valid user credentials and local system access, posing a risk to multi-user environments where privilege escalation chains could amplify the impact. No patch is currently available.
Windows Shell path traversal vulnerability affecting Windows 10 21H2, Windows Server 2016, 2019, and 2022 allows an attacker with physical access to spoof system resources without requiring user interaction. The vulnerability has no patch available and poses a confidentiality risk through unauthorized information disclosure.
Windows Server 2008 versions up to - is affected by use of a broken or risky cryptographic algorithm (CVSS 5.5).
Privileged local attackers can exploit a use-after-free vulnerability in the Windows RPC IDL subsystem to gain system-level code execution on affected Windows 10, Windows 11, Windows Server 2016, and Windows Server 2022 systems. The vulnerability requires local access and valid credentials but allows complete compromise of the target system with no user interaction required. No patch is currently available, leaving vulnerable systems at risk.
Windows Ancillary Function Driver for WinSock contains a race condition that enables local privilege escalation on affected Windows systems including Server 2008, Server 2019, and Windows 10 22H2. An authenticated attacker can exploit this timing vulnerability to gain elevated privileges with high impact to confidentiality, integrity, and availability. No patch is currently available for this vulnerability.
Privilege escalation in Windows Server 2025 Capability Access Management Service stems from improper synchronization of shared resources, enabling authenticated local users to gain elevated privileges. The race condition requires specific timing conditions but no patch is currently available, leaving affected systems vulnerable to privilege escalation attacks by authorized local users.
Out-of-bounds read in Windows TPM allows an authorized attacker to disclose information locally. [CVSS 5.5 MEDIUM]
Windows Internet Connection Sharing (ICS) contains an out-of-bounds read vulnerability affecting Windows 7 through Windows 11 24H2 and Windows Server 2008-2019, enabling information disclosure through physical access to an affected system. An attacker with direct hardware access can exploit this flaw to read sensitive data from memory, though no patch is currently available. The attack requires physical presence and does not provide code execution or availability impact.
Information disclosure in Windows Tablet UI (TWINUI) subsystem allows authenticated local users to read sensitive data on affected Windows 11 and Windows Server systems. An attacker with local access can exploit this to retrieve confidential information without requiring user interaction. No patch is currently available for this medium-severity vulnerability.
Privilege escalation in Windows Tablet UI (TWINUI) subsystem on Windows 10, Windows Server 2022, and Windows Server 2025 stems from improper synchronization of shared resources, enabling authenticated local attackers to gain elevated privileges. The race condition vulnerability affects multiple Windows versions and currently has no available patch.
Improper access control in Windows Hyper-V enables privileged local users to read sensitive system information without authorization. The vulnerability affects Windows 10 (versions 21H2 and 22H2), Windows Server 2025, and Hyper-V implementations where an authenticated attacker with high privileges can bypass security controls to access confidential data. Currently no patch is available for this medium-severity issue.
Windows Remote Assistance contains a protection mechanism bypass that allows local attackers to circumvent a security feature without user interaction, affecting Windows 11 24h2, Windows Server 2012, 2022, and 2025. The vulnerability requires local access and user interaction to exploit, with potential impact limited to information disclosure. No patch is currently available for this medium-severity issue.
Information disclosure in Windows File Explorer enables local authenticated users to read sensitive data on affected Windows systems including Windows 10 and Windows Server 2025. An attacker with valid local credentials can exploit this vulnerability to access confidential information without requiring user interaction. No patch is currently available for this issue.
Privilege escalation in Microsoft Graphics Component on Windows 11 25h2 and Windows Server 2019 exploits a use-after-free condition, enabling authenticated local attackers to gain elevated system privileges. The vulnerability requires moderate complexity to exploit and affects confidentiality, integrity, and availability of affected systems. No patch is currently available.
Windows RPC implementation leaks sensitive information to local attackers on Windows 10, Windows 11, and Windows Server 2022. An unauthenticated local attacker can exploit this information disclosure vulnerability without user interaction to access confidential data. No patch is currently available for this medium-severity vulnerability.
Heap buffer overflow in Windows Common Log File System Driver (affecting Windows 10 1607, Server 2016, and Server 2022 23h2) enables authenticated local users to achieve complete system compromise through privilege escalation. The vulnerability requires valid credentials but no user interaction, making it a direct path to administrative control for insiders or attackers with initial access. No patch is currently available, leaving affected systems at elevated risk pending remediation.
Improper pointer validation in Windows VBS Enclave allows authenticated local users to read sensitive information on Windows 11 systems across multiple versions. An attacker with local access and valid credentials can exploit this memory safety flaw to bypass enclave protections and disclose confidential data. No patch is currently available.
Windows Kernel inadvertently logs sensitive information to accessible log files, enabling local attackers to read confidential data on affected Windows and Linux systems. This information disclosure vulnerability requires no privileges or user interaction to exploit and impacts Windows Server 2016, 2022, and 2025 along with standard Windows installations. No patch is currently available for this medium-severity issue.
Windows Error Reporting on Windows 10, Windows 11, and Windows Server 2022 fails to properly validate user privileges, enabling local authenticated users to escalate to system-level access. An attacker with valid credentials can exploit this permission handling flaw to gain full control over the affected system. Currently no patch is available for this high-severity vulnerability (CVSS 7.8).
Windows Installer contains a time-of-check time-of-use race condition that allows authenticated local attackers to escalate privileges on Windows 10 1809, Windows 11 25h2, and Windows Server 2022 23h2. An attacker with local access can exploit the window between permission validation and file operation execution to gain elevated system access. No patch is currently available for this vulnerability.
Privilege escalation in Windows 11 and Windows Server 2025 Capability Access Management Service stems from improper synchronization of shared resources, enabling a local authenticated attacker to gain elevated privileges. The vulnerability exploits a race condition that can be triggered without user interaction, though successful exploitation requires specific timing and system conditions. No patch is currently available for this high-severity issue.
Privilege escalation in the Graphics Kernel affects Linux, Windows Server 2016, and Windows 10 1607 through a race condition in shared resource synchronization. A local authenticated attacker can exploit this vulnerability to gain elevated privileges on the affected system. No patch is currently available for this vulnerability.
Windows LDAP input validation bypass in Windows 10 21H2, Windows 11 24H2, and Windows Server 2022 23H2 enables authenticated network attackers to modify data integrity without detection. The vulnerability requires valid credentials and network access but does not provide elevation of privilege or confidentiality breaches. No patch is currently available for this medium-severity issue.
Local privilege escalation in Windows Win32K (ICOMP) via type confusion allows authenticated users to gain system-level access on Windows 11 and Windows Server 2025. The vulnerability affects multiple recent Windows versions with no available patch, requiring immediate mitigation strategies for at-risk environments. Exploitation requires local access but no user interaction, making it a significant risk for multi-user systems.
The Windows Ancillary Function Driver for WinSock contains an improper memory deallocation vulnerability (CWE-590) that allows authenticated local attackers to achieve privilege escalation on affected Windows 10 and Windows Server 2019 systems. An attacker with local user privileges can exploit this flaw to gain SYSTEM-level access without user interaction. No patch is currently available for this vulnerability.
Privilege escalation in Windows Kernel Memory affects Windows 10 21h2 and Windows Server 2022 23h2, exploitable by local authenticated users through a race condition between permission checks and memory access. An attacker with local access can leverage this window to gain elevated system privileges. No patch is currently available.
Privilege escalation in Windows Printer Association Object affects Windows 11 and Windows Server 2022/2025 through a race condition in shared resource access. An authenticated local attacker can exploit improper synchronization to gain elevated system privileges. No patch is currently available for this vulnerability.
Desktop Windows Manager on Windows 10, Windows 11, and Windows Server 2022 leaks sensitive information to local authenticated users, enabling disclosure of confidential data without modifying or disrupting system functionality. This vulnerability is confirmed actively exploited and affects multiple Windows versions with no patch currently available. An authorized attacker can exploit this with minimal complexity to extract sensitive information from the system.
Windows Hello privilege elevation flaw in Windows 10 21h2, Windows Server 2019, 2022, and 2022 23h2 enables local attackers to modify system data without authorization. The vulnerability stems from improper privilege assignment that bypasses access controls, allowing an unauthenticated attacker with local access to tamper with protected resources. Currently no patch is available and exploitation requires only local access with no special conditions or user interaction.
Windows Deployment Services contains improper access control that enables unauthenticated attackers on an adjacent network to execute arbitrary code with high privileges on affected Windows and Windows Server systems. The vulnerability affects multiple Windows versions including Server 2012, 2019, and 2022 variants, with no patch currently available. An adjacent network attacker requires only network proximity to exploit this vulnerability, making lateral movement within networked environments a significant risk.
User interface (ui) misrepresentation of critical information in Microsoft Edge for Android allows an authorized attacker to perform spoofing over a network. [CVSS 5.5 MEDIUM]
Microsoft Playwright MCP Server versions up to 0.0.40 contains a vulnerability that allows attackers to perform a DNS rebinding attack via a victim’s web browser and send unauthorized.
A remote code execution vulnerability (CVSS 6.7). Remediation should follow standard vulnerability management procedures.
Denial of service (DoS) vulnerability in the office service. Impact: Successful exploitation of this vulnerability may affect availability.
Denial of service (DoS) vulnerability in the office service. Impact: Successful exploitation of this vulnerability may affect availability.
Denial of service (DoS) vulnerability in the office service. Impact: Successful exploitation of this vulnerability may affect availability.
Denial of service (DoS) vulnerability in the office service. Impact: Successful exploitation of this vulnerability may affect availability.
A security flaw has been discovered in code-projects Currency Exchange System 1.0. The affected element is an unknown function of the file /editotheraccount.php. Performing manipulation of the argument ID results in sql injection. It is possible to initiate the attack remotely. The exploit has been released to the public and may be exploited.
A vulnerability was identified in code-projects Currency Exchange System 1.0. Impacted is an unknown function of the file /edittrns.php. Such manipulation of the argument ID leads to sql injection. The attack may be performed from remote. The exploit is publicly available and might be used.
A vulnerability was determined in code-projects Currency Exchange System 1.0. This issue affects some unknown processing of the file /viewserial.php. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized.
A vulnerability was found in code-projects Currency Exchange System 1.0. This vulnerability affects unknown code of the file /edit.php. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploit has been made public and could be used.
In the Linux kernel, the following vulnerability has been resolved: fs/proc: fix uaf in proc_readdir_de() Pde is erased from subdir rbtree through rb_erase(), but not set the node to EMPTY, which may result in uaf access. We should use RB_CLEAR_NODE() set the erased node to EMPTY, then pde_subdir_next() will return NULL to avoid uaf access. We found an uaf issue while using stress-ng testing, need to run testcase getdent and tun in the same time. The steps of the issue is as follows: 1) use getdent to traverse dir /proc/pid/net/dev_snmp6/, and current pde is tun3; 2) in the [time windows] unregister netdevice tun3 and tun2, and erase them from rbtree. erase tun3 first, and then erase tun2. the pde(tun2) will be released to slab; 3) continue to getdent process, then pde_subdir_next() will return pde(tun2) which is released, it will case uaf access. CPU 0 | CPU 1 ------------------------------------------------------------------------- traverse dir /proc/pid/net/dev_snmp6/ | unregister_netdevice(tun->dev) //tun3 tun2 sys_getdents64() | iterate_dir() | proc_readdir() | proc_readdir_de() | snmp6_unregister_dev() pde_get(de); | proc_remove() read_unlock(&proc_subdir_lock); | remove_proc_subtree() | write_lock(&proc_subdir_lock); [time window] | rb_erase(&root->subdir_node, &parent->subdir); | write_unlock(&proc_subdir_lock); read_lock(&proc_subdir_lock); | next = pde_subdir_next(de); | pde_put(de); | de = next; //UAF | rbtree of dev_snmp6 | pde(tun3) / \ NULL pde(tun2)
Server-Side Request Forgery (SSRF) vulnerability in Apache HTTP Server on Windows with AllowEncodedSlashes On and MergeSlashes Off allows to potentially leak NTLM hashes to a malicious server via SSRF and malicious requests or content Users are recommended to upgrade to version 2.4.66, which fixes the issue.
A security vulnerability in the KDE Connect information-exchange protocol (CVSS 4.3). Remediation should follow standard vulnerability management procedures.
User interface (ui) misrepresentation of critical information in Microsoft Edge for iOS allows an unauthorized attacker to perform spoofing over a network.
The WatchGuard Mobile VPN with SSL Client on Windows allows a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY/SYSTEM on the Windows machine where the VPN Client is installed.This issue affects the Mobile VPN with SSL Client 12.0 up to and including 12.11.2.
A memory corruption vulnerability in WatchGuard Fireware OS may allow an unauthenticated attacker to trigger a Denial of Service (DoS) condition in the Mobile User VPN with IKEv2 and the Branch Office VPN using IKEv2 when configured with a dynamic gateway peer. This vulnerability affects Fireware OS 12.6.1 up to and including 12.11.4 and 2025.1 up to and including 2025.1.2.
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.6.37, a Server-Side Request Forgery (SSRF) vulnerability in Open WebUI allows any authenticated user to force the server to make HTTP requests to arbitrary URLs. This can be exploited to access cloud metadata endpoints (AWS/GCP/Azure), scan internal networks, access internal services behind firewalls, and exfiltrate sensitive information. No special permissions beyond basic authentication are required. This vulnerability is fixed in 0.6.37.
Allocation of Resources Without Limits or Throttling, Improper Validation of Specified Quantity in Input vulnerability in The Qt Company Qt on Windows, MacOS, Linux, iOS, Android, x86, ARM, 64 bit, 32 bit allows Excessive Allocation. This issue affects users of the Text component in Qt Quick. Missing validation of the width and height in the <img> tag could cause an application to become unresponsive. This issue affects Qt: from 5.0.0 through 6.5.10, from 6.6.0 through 6.8.5, from 6.9.0 through 6.10.0.
In Splunk Universal Forwarder for Windows versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, a new installation of or an upgrade to an affected version can result in incorrect permissions assignment in the Universal Forwarder for Windows Installation directory. This lets non-administrator users on the machine access the directory and all its contents.
In Splunk Enterprise for Windows versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, a new installation of or an upgrade to an affected version can result in incorrect permissions assignment in the Splunk Enterprise for Windows Installation directory. This lets non-administrator users on the machine access the directory and all its contents.
Interactive service agent in OpenVPN version 2.5.0 through 2.6.16 and 2.7_alpha1 through 2.7_rc2 on Windows allows a local authenticated user to connect to the service and trigger an error causing a local denial of service.
The GC-AGENTS-SERVICE running as part of Akamai´s Guardicore Platform Agent for Windows versions prior to v49.20.1, v50.15.0, v51.12.0, v52.2.0 is affected by a local privilege escalation vulnerability. The service will attempt to read an OpenSSL configuration file from a non-existent location that standard Windows users have default write access to. This allows an unprivileged local user to create a crafted "openssl.cnf" file in that location and, by specifying the path to a custom DLL file in a custom OpenSSL engine definition, execute arbitrary commands with the privileges of the Guardicore Agent process. Since Guardicore Agent runs with SYSTEM privileges, this permits an unprivileged user to fully elevate privileges to SYSTEM level in this manner.
A security vulnerability in ESTsoft ALZip on Windows allows SmartScreen bypass (CVSS 6.2). Remediation should follow standard vulnerability management procedures.
Vim is an open source, command line text editor. Prior to version 9.1.1947, an uncontrolled search path vulnerability on Windows allows Vim to execute malicious executables placed in the current working directory for the current edited file. On Windows, when using cmd.exe as a shell, Vim resolves external commands by searching the current working directory before system paths. When Vim invokes tools such as findstr for :grep, external commands or filters via :!, or compiler/:make commands, it may inadvertently run a malicious executable present in the same directory as the file being edited. The issue affects Vim for Windows prior to version 9.1.1947.
NMIS/BioDose V22.02 and previous version installations where the embedded Microsoft SQLServer Express is used are exposed in the Windows share accessed by clients in networked installs. By default, this directory has insecure directory paths that allow access to the SQL Server database and configuration files, which can contain sensitive data.
NMIS/BioDose V22.02 and previous versions rely on a Microsoft SQL Server database. The SQL user account 'nmdbuser' and other created accounts by default have the sysadmin role. This can lead to remote code execution through the use of certain built-in stored procedures.
CVE-2025-61940 is a security vulnerability (CVSS 8.3). High severity vulnerability requiring prompt remediation.
JumpCloud Remote Assist for Windows versions prior to 0.317.0 include an uninstaller that is invoked by the JumpCloud Windows Agent as NT AUTHORITY\SYSTEM during agent uninstall or update operations. The Remote Assist uninstaller performs privileged create, write, execute, and delete actions on predictable files inside a user-writable %TEMP% subdirectory without validating that the directory is trusted or resetting its ACLs when it already exists. A local, low-privileged attacker can pre-create the directory with weak permissions and leverage mount-point or symbolic-link redirection to (a) coerce arbitrary file writes to protected locations, leading to denial of service (e.g., by overwriting sensitive system files), or (b) win a race to redirect DeleteFileW() to attacker-chosen targets, enabling arbitrary file or folder deletion and local privilege escalation to SYSTEM. This issue is fixed in JumpCloud Remote Assist 0.317.0 and affects Windows systems where Remote Assist is installed and managed through the Agent lifecycle.
Inappropriate implementation in Downloads in Google Chrome on Windows prior to 143.0.7499.41 allowed a local attacker to bypass mark of the web via a crafted HTML page. (Chromium security severity: Medium)
Privilege escalation in Windows Win32K ICOMP component via use-after-free memory corruption affects Windows 11 (24h2, 25h2) and Windows Server 2025. An authenticated local attacker can exploit this vulnerability to gain SYSTEM-level privileges with no user interaction required. Currently no patch is available and exploitation requires local access with user-level permissions.
Local privilege escalation in Windows Local Session Manager (LSM) across Windows 11 23h2, Windows Server 2012, and 2019 stems from improper synchronization in shared resource handling, enabling authenticated attackers to elevate privileges on affected systems. The vulnerability requires local access and specific timing conditions to exploit, with no patch currently available. This affects systems running the impacted Windows and Server editions where authenticated users may achieve system-level privileges.
Remote code execution in Windows RRAS affects Windows 10 21h2 and Windows Server 2022 variants through a heap-based buffer overflow triggered over the network without authentication. An attacker can exploit this vulnerability to execute arbitrary code with high privileges, though a user interaction is required to trigger the flaw. No patch is currently available, making this a critical risk for exposed systems.
Local privilege escalation in Windows Management Services affects Windows Server 2019, Windows 11 24h2, and Windows Server 2025 through improper synchronization of shared resources, enabling authenticated users to gain elevated system privileges. The vulnerability exploits a race condition that an attacker can trigger without user interaction, though no patch is currently available.
Windows Management Services on Windows 10 and Windows Server 2019 contains a race condition in shared resource synchronization that enables local privilege escalation for authenticated users. An attacker with local access can exploit improper locking mechanisms to gain elevated system privileges. No patch is currently available for this vulnerability.
Privilege escalation in Windows Management Services affects Windows 11 24H2, Windows Server 2022, and 2025 through a use-after-free memory vulnerability that allows authenticated local attackers to gain elevated system privileges. The vulnerability requires local access and manual user interaction is not required, making it exploitable by any authorized account on the system. Currently no patch is available to remediate this issue.
Windows Server and Windows 10/11 Connected Devices Platform Service (Cdpsvc) contains a heap buffer overflow that allows authenticated local users to escalate privileges to system level. The vulnerability requires low complexity exploitation with no user interaction, affecting multiple recent Windows versions including Server 2022, Windows 10 21h2, and Windows 11 23h2. No patch is currently available for this high-severity flaw.
Double free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally. [CVSS 7.0 HIGH]
Windows Management Services on Windows 10, 11, and Server 2022 expose sensitive information through an information disclosure vulnerability that allows authenticated local users to read confidential data. An attacker with valid credentials can exploit this to access information they should not be authorized to view, though no remote exploitation or system modification is possible. No patch is currently available for affected systems.
Windows Management Services on Windows 10 and Windows Server 2022 contain a race condition in shared resource handling that permits authenticated local attackers to escalate privileges to system level. The vulnerability stems from improper synchronization during concurrent operations and affects multiple Windows versions including Windows 10 22H2 and 1809. No patch is currently available for this high-severity issue (CVSS 7.8).
Windows 10 1607 is affected by access of resource using incompatible type (type confusion) (CVSS 7.8).
Kernel-mode driver use-after-free vulnerabilities in Windows 11 24H2 and Windows Server 2025 enable authenticated local attackers to achieve privilege escalation. An attacker with standard user privileges can exploit memory corruption in kernel drivers to gain SYSTEM-level access without user interaction. No patch is currently available.
Privilege escalation in Windows Management Services affects Windows 10, Windows 11, and Windows Server 2022 through a use-after-free memory vulnerability. An authenticated local attacker can exploit this flaw to gain elevated system privileges. Currently no patch is available and exploitation requires specific conditions to trigger.
Windows Cloud Files Mini Filter Driver contains an unsafe pointer dereference vulnerability that enables authenticated local users to achieve privilege escalation on affected Windows versions including Windows 10 1809, Windows 11, and Windows Server 2022. An attacker with valid credentials can exploit this flaw to gain elevated system privileges without user interaction. No patch is currently available for this high-severity vulnerability.
Remote code execution in Windows Server Update Service affects Windows 11 25h2, Windows Server 2025, 2022, and 2016 due to inadequate input validation, enabling unauthenticated network-based attackers to execute arbitrary code with high impact. The vulnerability requires specific conditions to exploit (high complexity) but carries significant risk across widely-deployed server infrastructure with no patch currently available.
Remote code execution in Windows LSASS (Local Security Authority Subsystem Service) on Windows 11 and Windows Server 2025 stems from a use-after-free memory vulnerability exploitable by authenticated attackers over the network. An attacker with valid credentials can trigger the flaw to execute arbitrary code with SYSTEM privileges, achieving complete system compromise. No patch is currently available, leaving affected systems vulnerable until Microsoft releases a security update.
Windows WalletService contains a race condition that permits local privilege escalation on Windows 10 and Windows 11 systems. An unauthenticated attacker with local access can exploit improper synchronization of shared resources to gain elevated privileges. No patch is currently available for this vulnerability.
Windows Hello privilege escalation on Windows 10, 11, and Server 2019 allows local attackers without credentials to tamper with system integrity through incorrect privilege assignment. The vulnerability requires local access but no user interaction, enabling unauthorized modifications to protected resources. No patch is currently available for this HIGH severity issue affecting multiple Windows versions.
Information disclosure in Windows Capability Access Management Service (camsvc) enables local attackers to read sensitive data from memory without authentication on Windows 11 24h2, Windows 11 25h2, and Windows Server 2025. The out-of-bounds read vulnerability requires local access but no special privileges or user interaction to trigger. No patch is currently available for this issue.
Windows Kerberos authentication in multiple Windows versions accepts untrusted input during security decisions, enabling authenticated network attackers to escalate privileges without user interaction. The vulnerability affects Windows 10 (versions 1607 and 1809), Windows Server 2012, and Windows Server 2025, with no patch currently available. An attacker with valid credentials can exploit this to gain elevated system access across the network.
Privilege escalation via race condition in Windows SMB Server affects Windows 10 21h2, Windows 11 25h2, and Windows Server 2022 23h2, allowing authenticated attackers to gain elevated privileges over the network. The vulnerability stems from improper synchronization when handling concurrent access to shared resources, and no patch is currently available. With a CVSS score of 7.5, this poses a significant risk to organizations using affected Windows versions.
Windows Shell information disclosure in Windows 10, 11, and Server 2019/2022 permits authenticated network attackers to conduct spoofing attacks by accessing sensitive data. The vulnerability requires valid credentials and network access, with no active exploits currently documented. No patch is available at this time.
Windows Clipboard Server contains a use-after-free vulnerability affecting Windows 10 (versions 21H2 and 1809) and Windows Server 2022 (23H2) that enables local privilege escalation without requiring user interaction. An attacker with local access can exploit this memory safety flaw to gain elevated system privileges. No patch is currently available for this vulnerability.
Local privilege escalation in Windows RRAS affects Windows 10, Windows 11, and Windows Server 2022, allowing authenticated users to gain system-level access through improper access control mechanisms. An attacker with local user credentials can exploit this vulnerability to obtain elevated privileges on the affected system. No patch is currently available, leaving vulnerable systems at risk until Microsoft releases a security update.
Use after free in Windows DWM allows an authorized attacker to elevate privileges locally. [CVSS 7.0 HIGH]
Heap-based buffer overflow in Windows NTFS allows an authorized attacker to execute code locally. [CVSS 7.8 HIGH]
Information disclosure in Windows Client-Side Caching Service allows authenticated local users to read sensitive data on affected systems including Windows 10, Windows 11, and Windows Server editions. An attacker with valid credentials can exploit improper access controls to access cached information without additional user interaction. No patch is currently available for this vulnerability.
Sensitive information disclosure in the Windows Kernel error message handling allows local authenticated users to read confidential data they shouldn't have access to. The vulnerability affects Windows and Windows Server 2022/2025 platforms and requires valid credentials to exploit, limiting its attack surface. No patch is currently available for this medium-severity issue.
Local code execution in Windows Media affects Windows 11 25h2, Windows Server 2019, and Windows Server 2025 through a heap buffer overflow that requires user interaction to trigger. An attacker with local access can exploit this vulnerability to achieve arbitrary code execution with full system privileges. No patch is currently available for this vulnerability.
Privilege escalation in the Graphics Kernel on Windows 11 and Linux systems results from improper synchronization of concurrent access to shared resources, allowing authenticated local attackers to gain elevated privileges. The vulnerability requires specific timing conditions to exploit but impacts multiple Windows versions and Linux distributions. No patch is currently available for this race condition vulnerability.
Information disclosure in Windows Capability Access Management Service (camsvc) allows authenticated local users to read out-of-bounds memory and access sensitive data on Windows 11 24h2, Windows 11 25h2, Windows Server 2022 23h2, and Windows Server 2025. The vulnerability requires valid user credentials and local system access, posing a risk to multi-user environments where privilege escalation chains could amplify the impact. No patch is currently available.
Windows Shell path traversal vulnerability affecting Windows 10 21H2, Windows Server 2016, 2019, and 2022 allows an attacker with physical access to spoof system resources without requiring user interaction. The vulnerability has no patch available and poses a confidentiality risk through unauthorized information disclosure.
Windows Server 2008 versions up to - is affected by use of a broken or risky cryptographic algorithm (CVSS 5.5).
Privileged local attackers can exploit a use-after-free vulnerability in the Windows RPC IDL subsystem to gain system-level code execution on affected Windows 10, Windows 11, Windows Server 2016, and Windows Server 2022 systems. The vulnerability requires local access and valid credentials but allows complete compromise of the target system with no user interaction required. No patch is currently available, leaving vulnerable systems at risk.
Windows Ancillary Function Driver for WinSock contains a race condition that enables local privilege escalation on affected Windows systems including Server 2008, Server 2019, and Windows 10 22H2. An authenticated attacker can exploit this timing vulnerability to gain elevated privileges with high impact to confidentiality, integrity, and availability. No patch is currently available for this vulnerability.
Privilege escalation in Windows Server 2025 Capability Access Management Service stems from improper synchronization of shared resources, enabling authenticated local users to gain elevated privileges. The race condition requires specific timing conditions but no patch is currently available, leaving affected systems vulnerable to privilege escalation attacks by authorized local users.
Out-of-bounds read in Windows TPM allows an authorized attacker to disclose information locally. [CVSS 5.5 MEDIUM]
Windows Internet Connection Sharing (ICS) contains an out-of-bounds read vulnerability affecting Windows 7 through Windows 11 24H2 and Windows Server 2008-2019, enabling information disclosure through physical access to an affected system. An attacker with direct hardware access can exploit this flaw to read sensitive data from memory, though no patch is currently available. The attack requires physical presence and does not provide code execution or availability impact.
Information disclosure in Windows Tablet UI (TWINUI) subsystem allows authenticated local users to read sensitive data on affected Windows 11 and Windows Server systems. An attacker with local access can exploit this to retrieve confidential information without requiring user interaction. No patch is currently available for this medium-severity vulnerability.
Privilege escalation in Windows Tablet UI (TWINUI) subsystem on Windows 10, Windows Server 2022, and Windows Server 2025 stems from improper synchronization of shared resources, enabling authenticated local attackers to gain elevated privileges. The race condition vulnerability affects multiple Windows versions and currently has no available patch.
Improper access control in Windows Hyper-V enables privileged local users to read sensitive system information without authorization. The vulnerability affects Windows 10 (versions 21H2 and 22H2), Windows Server 2025, and Hyper-V implementations where an authenticated attacker with high privileges can bypass security controls to access confidential data. Currently no patch is available for this medium-severity issue.
Windows Remote Assistance contains a protection mechanism bypass that allows local attackers to circumvent a security feature without user interaction, affecting Windows 11 24h2, Windows Server 2012, 2022, and 2025. The vulnerability requires local access and user interaction to exploit, with potential impact limited to information disclosure. No patch is currently available for this medium-severity issue.
Information disclosure in Windows File Explorer enables local authenticated users to read sensitive data on affected Windows systems including Windows 10 and Windows Server 2025. An attacker with valid local credentials can exploit this vulnerability to access confidential information without requiring user interaction. No patch is currently available for this issue.
Privilege escalation in Microsoft Graphics Component on Windows 11 25h2 and Windows Server 2019 exploits a use-after-free condition, enabling authenticated local attackers to gain elevated system privileges. The vulnerability requires moderate complexity to exploit and affects confidentiality, integrity, and availability of affected systems. No patch is currently available.
Windows RPC implementation leaks sensitive information to local attackers on Windows 10, Windows 11, and Windows Server 2022. An unauthenticated local attacker can exploit this information disclosure vulnerability without user interaction to access confidential data. No patch is currently available for this medium-severity vulnerability.
Heap buffer overflow in Windows Common Log File System Driver (affecting Windows 10 1607, Server 2016, and Server 2022 23h2) enables authenticated local users to achieve complete system compromise through privilege escalation. The vulnerability requires valid credentials but no user interaction, making it a direct path to administrative control for insiders or attackers with initial access. No patch is currently available, leaving affected systems at elevated risk pending remediation.
Improper pointer validation in Windows VBS Enclave allows authenticated local users to read sensitive information on Windows 11 systems across multiple versions. An attacker with local access and valid credentials can exploit this memory safety flaw to bypass enclave protections and disclose confidential data. No patch is currently available.
Windows Kernel inadvertently logs sensitive information to accessible log files, enabling local attackers to read confidential data on affected Windows and Linux systems. This information disclosure vulnerability requires no privileges or user interaction to exploit and impacts Windows Server 2016, 2022, and 2025 along with standard Windows installations. No patch is currently available for this medium-severity issue.
Windows Error Reporting on Windows 10, Windows 11, and Windows Server 2022 fails to properly validate user privileges, enabling local authenticated users to escalate to system-level access. An attacker with valid credentials can exploit this permission handling flaw to gain full control over the affected system. Currently no patch is available for this high-severity vulnerability (CVSS 7.8).
Windows Installer contains a time-of-check time-of-use race condition that allows authenticated local attackers to escalate privileges on Windows 10 1809, Windows 11 25h2, and Windows Server 2022 23h2. An attacker with local access can exploit the window between permission validation and file operation execution to gain elevated system access. No patch is currently available for this vulnerability.
Privilege escalation in Windows 11 and Windows Server 2025 Capability Access Management Service stems from improper synchronization of shared resources, enabling a local authenticated attacker to gain elevated privileges. The vulnerability exploits a race condition that can be triggered without user interaction, though successful exploitation requires specific timing and system conditions. No patch is currently available for this high-severity issue.
Privilege escalation in the Graphics Kernel affects Linux, Windows Server 2016, and Windows 10 1607 through a race condition in shared resource synchronization. A local authenticated attacker can exploit this vulnerability to gain elevated privileges on the affected system. No patch is currently available for this vulnerability.
Windows LDAP input validation bypass in Windows 10 21H2, Windows 11 24H2, and Windows Server 2022 23H2 enables authenticated network attackers to modify data integrity without detection. The vulnerability requires valid credentials and network access but does not provide elevation of privilege or confidentiality breaches. No patch is currently available for this medium-severity issue.
Local privilege escalation in Windows Win32K (ICOMP) via type confusion allows authenticated users to gain system-level access on Windows 11 and Windows Server 2025. The vulnerability affects multiple recent Windows versions with no available patch, requiring immediate mitigation strategies for at-risk environments. Exploitation requires local access but no user interaction, making it a significant risk for multi-user systems.
The Windows Ancillary Function Driver for WinSock contains an improper memory deallocation vulnerability (CWE-590) that allows authenticated local attackers to achieve privilege escalation on affected Windows 10 and Windows Server 2019 systems. An attacker with local user privileges can exploit this flaw to gain SYSTEM-level access without user interaction. No patch is currently available for this vulnerability.
Privilege escalation in Windows Kernel Memory affects Windows 10 21h2 and Windows Server 2022 23h2, exploitable by local authenticated users through a race condition between permission checks and memory access. An attacker with local access can leverage this window to gain elevated system privileges. No patch is currently available.
Privilege escalation in Windows Printer Association Object affects Windows 11 and Windows Server 2022/2025 through a race condition in shared resource access. An authenticated local attacker can exploit improper synchronization to gain elevated system privileges. No patch is currently available for this vulnerability.
Desktop Windows Manager on Windows 10, Windows 11, and Windows Server 2022 leaks sensitive information to local authenticated users, enabling disclosure of confidential data without modifying or disrupting system functionality. This vulnerability is confirmed actively exploited and affects multiple Windows versions with no patch currently available. An authorized attacker can exploit this with minimal complexity to extract sensitive information from the system.
Windows Hello privilege elevation flaw in Windows 10 21h2, Windows Server 2019, 2022, and 2022 23h2 enables local attackers to modify system data without authorization. The vulnerability stems from improper privilege assignment that bypasses access controls, allowing an unauthenticated attacker with local access to tamper with protected resources. Currently no patch is available and exploitation requires only local access with no special conditions or user interaction.
Windows Deployment Services contains improper access control that enables unauthenticated attackers on an adjacent network to execute arbitrary code with high privileges on affected Windows and Windows Server systems. The vulnerability affects multiple Windows versions including Server 2012, 2019, and 2022 variants, with no patch currently available. An adjacent network attacker requires only network proximity to exploit this vulnerability, making lateral movement within networked environments a significant risk.
User interface (ui) misrepresentation of critical information in Microsoft Edge for Android allows an authorized attacker to perform spoofing over a network. [CVSS 5.5 MEDIUM]
Microsoft Playwright MCP Server versions up to 0.0.40 contains a vulnerability that allows attackers to perform a DNS rebinding attack via a victim’s web browser and send unauthorized.
A remote code execution vulnerability (CVSS 6.7). Remediation should follow standard vulnerability management procedures.
Denial of service (DoS) vulnerability in the office service. Impact: Successful exploitation of this vulnerability may affect availability.
Denial of service (DoS) vulnerability in the office service. Impact: Successful exploitation of this vulnerability may affect availability.
Denial of service (DoS) vulnerability in the office service. Impact: Successful exploitation of this vulnerability may affect availability.
Denial of service (DoS) vulnerability in the office service. Impact: Successful exploitation of this vulnerability may affect availability.
A security flaw has been discovered in code-projects Currency Exchange System 1.0. The affected element is an unknown function of the file /editotheraccount.php. Performing manipulation of the argument ID results in sql injection. It is possible to initiate the attack remotely. The exploit has been released to the public and may be exploited.
A vulnerability was identified in code-projects Currency Exchange System 1.0. Impacted is an unknown function of the file /edittrns.php. Such manipulation of the argument ID leads to sql injection. The attack may be performed from remote. The exploit is publicly available and might be used.
A vulnerability was determined in code-projects Currency Exchange System 1.0. This issue affects some unknown processing of the file /viewserial.php. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized.
A vulnerability was found in code-projects Currency Exchange System 1.0. This vulnerability affects unknown code of the file /edit.php. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploit has been made public and could be used.
In the Linux kernel, the following vulnerability has been resolved: fs/proc: fix uaf in proc_readdir_de() Pde is erased from subdir rbtree through rb_erase(), but not set the node to EMPTY, which may result in uaf access. We should use RB_CLEAR_NODE() set the erased node to EMPTY, then pde_subdir_next() will return NULL to avoid uaf access. We found an uaf issue while using stress-ng testing, need to run testcase getdent and tun in the same time. The steps of the issue is as follows: 1) use getdent to traverse dir /proc/pid/net/dev_snmp6/, and current pde is tun3; 2) in the [time windows] unregister netdevice tun3 and tun2, and erase them from rbtree. erase tun3 first, and then erase tun2. the pde(tun2) will be released to slab; 3) continue to getdent process, then pde_subdir_next() will return pde(tun2) which is released, it will case uaf access. CPU 0 | CPU 1 ------------------------------------------------------------------------- traverse dir /proc/pid/net/dev_snmp6/ | unregister_netdevice(tun->dev) //tun3 tun2 sys_getdents64() | iterate_dir() | proc_readdir() | proc_readdir_de() | snmp6_unregister_dev() pde_get(de); | proc_remove() read_unlock(&proc_subdir_lock); | remove_proc_subtree() | write_lock(&proc_subdir_lock); [time window] | rb_erase(&root->subdir_node, &parent->subdir); | write_unlock(&proc_subdir_lock); read_lock(&proc_subdir_lock); | next = pde_subdir_next(de); | pde_put(de); | de = next; //UAF | rbtree of dev_snmp6 | pde(tun3) / \ NULL pde(tun2)
Server-Side Request Forgery (SSRF) vulnerability in Apache HTTP Server on Windows with AllowEncodedSlashes On and MergeSlashes Off allows to potentially leak NTLM hashes to a malicious server via SSRF and malicious requests or content Users are recommended to upgrade to version 2.4.66, which fixes the issue.
A security vulnerability in the KDE Connect information-exchange protocol (CVSS 4.3). Remediation should follow standard vulnerability management procedures.
User interface (ui) misrepresentation of critical information in Microsoft Edge for iOS allows an unauthorized attacker to perform spoofing over a network.
The WatchGuard Mobile VPN with SSL Client on Windows allows a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY/SYSTEM on the Windows machine where the VPN Client is installed.This issue affects the Mobile VPN with SSL Client 12.0 up to and including 12.11.2.
A memory corruption vulnerability in WatchGuard Fireware OS may allow an unauthenticated attacker to trigger a Denial of Service (DoS) condition in the Mobile User VPN with IKEv2 and the Branch Office VPN using IKEv2 when configured with a dynamic gateway peer. This vulnerability affects Fireware OS 12.6.1 up to and including 12.11.4 and 2025.1 up to and including 2025.1.2.
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.6.37, a Server-Side Request Forgery (SSRF) vulnerability in Open WebUI allows any authenticated user to force the server to make HTTP requests to arbitrary URLs. This can be exploited to access cloud metadata endpoints (AWS/GCP/Azure), scan internal networks, access internal services behind firewalls, and exfiltrate sensitive information. No special permissions beyond basic authentication are required. This vulnerability is fixed in 0.6.37.
Allocation of Resources Without Limits or Throttling, Improper Validation of Specified Quantity in Input vulnerability in The Qt Company Qt on Windows, MacOS, Linux, iOS, Android, x86, ARM, 64 bit, 32 bit allows Excessive Allocation. This issue affects users of the Text component in Qt Quick. Missing validation of the width and height in the <img> tag could cause an application to become unresponsive. This issue affects Qt: from 5.0.0 through 6.5.10, from 6.6.0 through 6.8.5, from 6.9.0 through 6.10.0.
In Splunk Universal Forwarder for Windows versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, a new installation of or an upgrade to an affected version can result in incorrect permissions assignment in the Universal Forwarder for Windows Installation directory. This lets non-administrator users on the machine access the directory and all its contents.
In Splunk Enterprise for Windows versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, a new installation of or an upgrade to an affected version can result in incorrect permissions assignment in the Splunk Enterprise for Windows Installation directory. This lets non-administrator users on the machine access the directory and all its contents.
Interactive service agent in OpenVPN version 2.5.0 through 2.6.16 and 2.7_alpha1 through 2.7_rc2 on Windows allows a local authenticated user to connect to the service and trigger an error causing a local denial of service.
The GC-AGENTS-SERVICE running as part of Akamai´s Guardicore Platform Agent for Windows versions prior to v49.20.1, v50.15.0, v51.12.0, v52.2.0 is affected by a local privilege escalation vulnerability. The service will attempt to read an OpenSSL configuration file from a non-existent location that standard Windows users have default write access to. This allows an unprivileged local user to create a crafted "openssl.cnf" file in that location and, by specifying the path to a custom DLL file in a custom OpenSSL engine definition, execute arbitrary commands with the privileges of the Guardicore Agent process. Since Guardicore Agent runs with SYSTEM privileges, this permits an unprivileged user to fully elevate privileges to SYSTEM level in this manner.
A security vulnerability in ESTsoft ALZip on Windows allows SmartScreen bypass (CVSS 6.2). Remediation should follow standard vulnerability management procedures.
Vim is an open source, command line text editor. Prior to version 9.1.1947, an uncontrolled search path vulnerability on Windows allows Vim to execute malicious executables placed in the current working directory for the current edited file. On Windows, when using cmd.exe as a shell, Vim resolves external commands by searching the current working directory before system paths. When Vim invokes tools such as findstr for :grep, external commands or filters via :!, or compiler/:make commands, it may inadvertently run a malicious executable present in the same directory as the file being edited. The issue affects Vim for Windows prior to version 9.1.1947.
NMIS/BioDose V22.02 and previous version installations where the embedded Microsoft SQLServer Express is used are exposed in the Windows share accessed by clients in networked installs. By default, this directory has insecure directory paths that allow access to the SQL Server database and configuration files, which can contain sensitive data.
NMIS/BioDose V22.02 and previous versions rely on a Microsoft SQL Server database. The SQL user account 'nmdbuser' and other created accounts by default have the sysadmin role. This can lead to remote code execution through the use of certain built-in stored procedures.
CVE-2025-61940 is a security vulnerability (CVSS 8.3). High severity vulnerability requiring prompt remediation.
JumpCloud Remote Assist for Windows versions prior to 0.317.0 include an uninstaller that is invoked by the JumpCloud Windows Agent as NT AUTHORITY\SYSTEM during agent uninstall or update operations. The Remote Assist uninstaller performs privileged create, write, execute, and delete actions on predictable files inside a user-writable %TEMP% subdirectory without validating that the directory is trusted or resetting its ACLs when it already exists. A local, low-privileged attacker can pre-create the directory with weak permissions and leverage mount-point or symbolic-link redirection to (a) coerce arbitrary file writes to protected locations, leading to denial of service (e.g., by overwriting sensitive system files), or (b) win a race to redirect DeleteFileW() to attacker-chosen targets, enabling arbitrary file or folder deletion and local privilege escalation to SYSTEM. This issue is fixed in JumpCloud Remote Assist 0.317.0 and affects Windows systems where Remote Assist is installed and managed through the Agent lifecycle.
Inappropriate implementation in Downloads in Google Chrome on Windows prior to 143.0.7499.41 allowed a local attacker to bypass mark of the web via a crafted HTML page. (Chromium security severity: Medium)