Skip to main content

Windows

1584 CVEs product

Monthly

CVE-2026-20826 HIGH PATCH This Week

Privilege escalation in Windows Tablet UI (TWINUI) subsystem on Windows 10, Windows Server 2022, and Windows Server 2025 stems from improper synchronization of shared resources, enabling authenticated local attackers to gain elevated privileges. The race condition vulnerability affects multiple Windows versions and currently has no available patch.

Windows Race Condition Windows Server 2022 23h2 Windows Server 2025 Windows 10 21h2 +10
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-20825 MEDIUM PATCH This Month

Improper access control in Windows Hyper-V enables privileged local users to read sensitive system information without authorization. The vulnerability affects Windows 10 (versions 21H2 and 22H2), Windows Server 2025, and Hyper-V implementations where an authenticated attacker with high privileges can bypass security controls to access confidential data. Currently no patch is available for this medium-severity issue.

Windows Hyper-V Windows 10 21h2 Windows Server 2025 Windows 10 22h2 +8
NVD
CVSS 3.1
4.4
EPSS
0.0%
CVE-2026-20824 MEDIUM PATCH This Month

Windows Remote Assistance contains a protection mechanism bypass that allows local attackers to circumvent a security feature without user interaction, affecting Windows 11 24h2, Windows Server 2012, 2022, and 2025. The vulnerability requires local access and user interaction to exploit, with potential impact limited to information disclosure. No patch is currently available for this medium-severity issue.

Windows Windows Server 2012 Windows Server 2025 Windows 11 24h2 Windows Server 2022 23h2 +10
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-20823 MEDIUM PATCH This Month

Information disclosure in Windows File Explorer enables local authenticated users to read sensitive data on affected Windows systems including Windows 10 and Windows Server 2025. An attacker with valid local credentials can exploit this vulnerability to access confidential information without requiring user interaction. No patch is currently available for this issue.

Windows Windows Server 2025 Windows 10 22h2 Windows 10 21h2 Windows Server 2022 +9
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-20821 MEDIUM PATCH This Month

Windows RPC implementation leaks sensitive information to local attackers on Windows 10, Windows 11, and Windows Server 2022. An unauthenticated local attacker can exploit this information disclosure vulnerability without user interaction to access confidential data. No patch is currently available for this medium-severity vulnerability.

Windows Windows 11 25h2 Windows 10 1809 Windows 10 21h2 Windows Server 2022 +11
NVD
CVSS 3.1
6.2
EPSS
0.0%
CVE-2026-20820 HIGH PATCH This Week

Heap buffer overflow in Windows Common Log File System Driver (affecting Windows 10 1607, Server 2016, and Server 2022 23h2) enables authenticated local users to achieve complete system compromise through privilege escalation. The vulnerability requires valid credentials but no user interaction, making it a direct path to administrative control for insiders or attackers with initial access. No patch is currently available, leaving affected systems at elevated risk pending remediation.

Windows Buffer Overflow Heap Overflow Windows Server 2016 Windows Server 2022 23h2 +13
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-20819 MEDIUM PATCH This Month

Improper pointer validation in Windows VBS Enclave allows authenticated local users to read sensitive information on Windows 11 systems across multiple versions. An attacker with local access and valid credentials can exploit this memory safety flaw to bypass enclave protections and disclose confidential data. No patch is currently available.

Windows Windows 11 25h2 Windows 11 23h2 Windows 11 24h2 Microsoft
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-20818 MEDIUM PATCH This Month

Windows Kernel inadvertently logs sensitive information to accessible log files, enabling local attackers to read confidential data on affected Windows and Linux systems. This information disclosure vulnerability requires no privileges or user interaction to exploit and impacts Windows Server 2016, 2022, and 2025 along with standard Windows installations. No patch is currently available for this medium-severity issue.

Linux Windows Windows Server 2016 Windows Server 2025 Windows Server 2022 23h2 +3
NVD
CVSS 3.1
6.2
EPSS
0.0%
CVE-2026-20816 HIGH PATCH This Week

Windows Installer contains a time-of-check time-of-use race condition that allows authenticated local attackers to escalate privileges on Windows 10 1809, Windows 11 25h2, and Windows Server 2022 23h2. An attacker with local access can exploit the window between permission validation and file operation execution to gain elevated system access. No patch is currently available for this vulnerability.

Windows Race Condition Windows 11 25h2 Windows 10 1809 Windows Server 2022 23h2 +12
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-20812 MEDIUM PATCH This Month

Windows LDAP input validation bypass in Windows 10 21H2, Windows 11 24H2, and Windows Server 2022 23H2 enables authenticated network attackers to modify data integrity without detection. The vulnerability requires valid credentials and network access but does not provide elevation of privilege or confidentiality breaches. No patch is currently available for this medium-severity issue.

Windows LDAP Windows 10 21h2 Windows 11 24h2 Windows Server 2022 23h2 +10
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2026-20811 HIGH PATCH This Week

Local privilege escalation in Windows Win32K (ICOMP) via type confusion allows authenticated users to gain system-level access on Windows 11 and Windows Server 2025. The vulnerability affects multiple recent Windows versions with no available patch, requiring immediate mitigation strategies for at-risk environments. Exploitation requires local access but no user interaction, making it a significant risk for multi-user systems.

Windows Windows Server 2025 Windows 11 23h2 Windows Server 2022 23h2 Windows 11 24h2 +3
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-20810 HIGH PATCH This Week

The Windows Ancillary Function Driver for WinSock contains an improper memory deallocation vulnerability (CWE-590) that allows authenticated local attackers to achieve privilege escalation on affected Windows 10 and Windows Server 2019 systems. An attacker with local user privileges can exploit this flaw to gain SYSTEM-level access without user interaction. No patch is currently available for this vulnerability.

Windows Windows Server 2019 Windows 10 21h2 Windows 10 22h2 Windows 10 1809 +1
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-20809 HIGH PATCH This Week

Privilege escalation in Windows Kernel Memory affects Windows 10 21h2 and Windows Server 2022 23h2, exploitable by local authenticated users through a race condition between permission checks and memory access. An attacker with local access can leverage this window to gain elevated system privileges. No patch is currently available.

Linux Windows Race Condition Windows Server 2022 23h2 Windows 10 21h2 +12
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-20805 MEDIUM KEV PATCH THREAT Act Now

Desktop Windows Manager on Windows 10, Windows 11, and Windows Server 2022 leaks sensitive information to local authenticated users, enabling disclosure of confidential data without modifying or disrupting system functionality. This vulnerability is confirmed actively exploited and affects multiple Windows versions with no patch currently available. An authorized attacker can exploit this with minimal complexity to extract sensitive information from the system.

Windows Windows 11 23h2 Windows Server 2022 23h2 Windows 10 1809 Windows 11 25h2 +10
NVD VulDB
CVSS 3.1
5.5
EPSS
4.8%
CVE-2026-20804 HIGH PATCH This Week

Windows Hello privilege elevation flaw in Windows 10 21h2, Windows Server 2019, 2022, and 2022 23h2 enables local attackers to modify system data without authorization. The vulnerability stems from improper privilege assignment that bypasses access controls, allowing an unauthenticated attacker with local access to tamper with protected resources. Currently no patch is available and exploitation requires only local access with no special conditions or user interaction.

Windows Windows Server 2022 23h2 Windows Server 2022 Windows 10 21h2 Windows Server 2019 +9
NVD
CVSS 3.1
7.7
EPSS
0.0%
CVE-2026-0386 HIGH PATCH This Week

Windows Deployment Services contains improper access control that enables unauthenticated attackers on an adjacent network to execute arbitrary code with high privileges on affected Windows and Windows Server systems. The vulnerability affects multiple Windows versions including Server 2012, 2019, and 2022 variants, with no patch currently available. An adjacent network attacker requires only network proximity to exploit this vulnerability, making lateral movement within networked environments a significant risk.

Windows Windows Server 2019 Windows Server 2022 23h2 Windows Server 2012 Windows Server 2022 +4
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-36640 HIGH This Week

A vulnerability has been identified in the installation/uninstallation of the Nessus Agent Tray App on Windows Hosts which could lead to escalation of privileges. [CVSS 8.8 HIGH]

Windows Privilege Escalation
NVD
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-22781 CRITICAL PATCH Act Now

TinyWeb HTTP Server before 1.98 has OS command injection via CGI ISINDEX query parameters. The query string is passed as command-line arguments to CGI executables through Windows CreateProcess(), allowing unauthenticated RCE. Patch available.

Windows Command Injection Tinyweb
NVD GitHub
CVSS 3.1
9.8
EPSS
0.6%
CVE-2025-69276 HIGH This Week

Deserialization of Untrusted Data vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Object Injection.This issue affects DX NetOps Spectrum: 24.3.13 and earlier. [CVSS 8.8 HIGH]

Broadcom Linux Windows Deserialization Dx Netops Spectrum
NVD
CVSS 3.1
8.8
EPSS
0.2%
CVE-2025-69275 MEDIUM This Month

Dependency on Vulnerable Third-Party Component vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows DOM-Based XSS.This issue affects DX NetOps Spectrum: 24.3.9 and earlier. [CVSS 6.1 MEDIUM]

Broadcom Linux Windows Dx Netops Spectrum XSS
NVD
CVSS 3.1
6.1
EPSS
0.0%
CVE-2025-69274 HIGH This Week

Authorization Bypass Through User-Controlled Key vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Privilege Escalation.This issue affects DX NetOps Spectrum: 24.3.10 and earlier. [CVSS 8.8 HIGH]

Broadcom Linux Windows Privilege Escalation Dx Netops Spectrum
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-69273 HIGH This Week

Improper Authentication vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Authentication Bypass.This issue affects DX NetOps Spectrum: 24.3.10 and earlier. [CVSS 7.5 HIGH]

Broadcom Linux Windows Authentication Bypass Dx Netops Spectrum
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-69272 HIGH This Week

Cleartext Transmission of Sensitive Information vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Sniffing Attacks.This issue affects DX NetOps Spectrum: 21.2.1 and earlier. [CVSS 7.5 HIGH]

Broadcom Linux Windows Dx Netops Spectrum
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-69271 HIGH This Week

Insufficiently Protected Credentials vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Sniffing Attacks.This issue affects DX NetOps Spectrum: 24.3.13 and earlier. [CVSS 7.5 HIGH]

Broadcom Linux Windows Dx Netops Spectrum
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-69270 CRITICAL Act Now

Broadcom DX NetOps Spectrum (24.3.8 and earlier) exposes session tokens in URL query strings, enabling session hijacking through browser history, referer headers, or proxy logs.

Broadcom Linux Windows Information Disclosure Dx Netops Spectrum
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-69269 CRITICAL Act Now

Broadcom DX NetOps Spectrum (23.3.6 and earlier) has unauthenticated OS command injection on both Windows and Linux platforms. As a network management system, compromise gives attackers visibility and control over the entire monitored infrastructure.

Broadcom Linux Windows Command Injection Dx Netops Spectrum
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-69268 MEDIUM This Month

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Reflected XSS.This issue affects DX NetOps Spectrum: 24.3.8 and earlier. [CVSS 6.1 MEDIUM]

Broadcom Linux Windows XSS Dx Netops Spectrum
NVD
CVSS 3.1
6.1
EPSS
0.0%
CVE-2025-69267 MEDIUM This Month

Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Path Traversal.This issue affects DX NetOps Spectrum: 24.3.8 and earlier. [CVSS 6.5 MEDIUM]

Broadcom Linux Windows Path Traversal Dx Netops Spectrum
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2026-22584 PyPI CRITICAL PATCH Act Now

Salesforce Uni2TS time series forecasting library (through 1.2.0) has a code injection vulnerability that allows leveraging executable code in non-executable files across all platforms.

Linux Windows macOS Code Injection Uni2ts
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-0747 LOW Monitor

Exposure of sensitive information in the TeamViewer entry dashboard component in Devolutions Remote Desktop Manager 2025.3.24.0 through 2025.3.28.0 on Windows allows an external observer to view a password on screen via a defective masking feature, for example during physical observation or screen sharing. [CVSS 3.3 LOW]

Windows
NVD
CVSS 3.1
3.3
EPSS
0.0%
CVE-2026-21860 PyPI MEDIUM PATCH This Month

Werkzeug versions prior to 3.1.5 fail to properly validate Windows reserved device names in the safe_join function, allowing attackers to bypass path restrictions by using device names with file extensions or trailing spaces (e.g., CON.txt, AUX ). This denial of service vulnerability affects Windows systems running vulnerable Werkzeug versions and could allow an unauthenticated remote attacker to access restricted files or cause application crashes. A patch is available in version 3.1.5 and later.

Windows Werkzeug Suse
NVD GitHub
CVSS 3.1
5.3
EPSS
0.0%
CVE-2025-67825 MEDIUM This Month

An issue was discovered in Nitro PDF Pro for Windows before 14.42.0.34. In certain cases, it displays signer information from a non-verified PDF field rather than from the verified certificate subject. [CVSS 5.5 MEDIUM]

Windows Nitro Pdf Pro
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-22035 HIGH POC PATCH This Week

Arbitrary command execution in Greenshot 1.3.310 and earlier stems from insufficient input validation in filename processing, where unsanitized user-supplied filenames are passed directly to shell commands. An attacker can exploit this through a malicious filename containing shell metacharacters to achieve local code execution with user privileges. Public exploit code exists for this vulnerability; users should upgrade to version 1.3.311 or later.

Windows Command Injection Greenshot
NVD GitHub
CVSS 3.1
7.7
EPSS
0.0%
CVE-2025-15479 MEDIUM This Month

Stored cross-site scripting (XSS, CWE-79) in the survey content and administration functionality in Data Illusion Zumbrunn NGSurvey Enterprise Edition 3.6.4 on all supported platforms ( on Windows and Linux servers ) allows authenticated remote users with survey creation or edit privileges to execute arbitrary JavaScript in other users’ browsers, steal session information and perform unauthorized actions on their behalf via crafted survey content that is rendered without proper output encoding. [CVSS 5.4 MEDIUM]

Linux Windows XSS Ngsurvey
NVD
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-20893 HIGH This Week

Fujitsu Security Solution AuthConductor Client Basic V2 version 2.0.25.0 and earlier contains an origin validation flaw that allows authenticated local attackers to execute arbitrary code with SYSTEM privileges and modify registry values. An attacker with login access to an affected Windows system can exploit this vulnerability to achieve complete system compromise. No patch is currently available.

Windows
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2025-14625 MEDIUM This Month

Uncontrolled Search Path Element vulnerability in Altera Quartus Prime Standard on Windows (Nios II Command Shell modules), Altera Quartus Prime Lite on Windows (Nios II Command Shell modules) allows Search Order Hijacking.This issue affects Quartus Prime Standard: from 19.1 through 24.1; Quartus Prime Lite: from 19.1 through 24.1. [CVSS 6.7 MEDIUM]

Windows Quartus Prime
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2025-14614 MEDIUM This Month

Insecure Temporary File vulnerability in Altera Quartus Prime Standard  Installer (SFX) on Windows, Altera Quartus Prime Lite  Installer (SFX) on Windows allows Explore for Predictable Temporary File Names.This issue affects Quartus Prime Standard: from 23.1 through 24.1; Quartus Prime Lite: from 23.1 through 24.1. [CVSS 6.7 MEDIUM]

Windows Quartus Prime
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2025-11235 LOW Monitor

Unverified Password Change vulnerability in Progress MOVEit Transfer on Windows (REST API modules).This issue affects MOVEit Transfer: from 2023.1.0 before 2023.1.3, from 2023.0.0 before 2023.0.8, from 2022.1.0 before 2022.1.11, from 2022.0.0 before 2022.0.10. [CVSS 3.7 LOW]

Windows
NVD VulDB
CVSS 3.1
3.7
EPSS
0.0%
CVE-2025-14612 MEDIUM This Month

Insecure Temporary File vulnerability in Altera Quartus Prime Pro  Installer (SFX) on Windows allows : Use of Predictable File Names.This issue affects Quartus Prime Pro: from 24.1 through 25.1.1. [CVSS 6.7 MEDIUM]

Windows Quartus Prime
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2025-14605 MEDIUM This Month

Uncontrolled Search Path Element vulnerability in Altera Quartus Prime Pro on Windows (System Console modules) allows Search Order Hijacking.This issue affects Quartus Prime Pro: from 17.0 through 25.1.1. [CVSS 6.7 MEDIUM]

Windows Quartus Prime
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2025-14599 MEDIUM This Month

Uncontrolled Search Path Element vulnerability in Altera Quartus Prime Standard Installer (SFX) on Windows, Altera Quartus Prime Lite  Installer (SFX) on Windows allows Search Order Hijacking.This issue affects Quartus Prime Standard: from 23.1 through 24.1; Quartus Prime Lite: from 23.1 through 24.1. [CVSS 6.7 MEDIUM]

Windows Quartus Prime
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2025-14596 MEDIUM This Month

Uncontrolled Search Path Element vulnerability in Altera Quartus Prime Pro Installer (SFX) on Windows allows Search Order Hijacking.This issue affects Quartus Prime Pro: from 24.1 through 24.3.1. [CVSS 6.7 MEDIUM]

Windows Quartus Prime
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2025-57836 HIGH This Week

An issue was discovered in Samsung Magician 6.3.0 through 8.3.2 on Windows. The installer creates a temporary folder with weak permissions during installation, allowing a non-admin user to perform DLL hijacking and escalate privileges. [CVSS 7.8 HIGH]

Samsung Windows Magician
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-66461 MEDIUM This Month

A remote code execution vulnerability (CVSS 6.7). Remediation should follow standard vulnerability management procedures.

Microsoft RCE Windows
NVD
CVSS 3.0
6.7
EPSS
0.0%
CVE-2025-40271 POC PATCH CISA Monitor

In the Linux kernel, the following vulnerability has been resolved: fs/proc: fix uaf in proc_readdir_de() Pde is erased from subdir rbtree through rb_erase(), but not set the node to EMPTY, which may result in uaf access. We should use RB_CLEAR_NODE() set the erased node to EMPTY, then pde_subdir_next() will return NULL to avoid uaf access. We found an uaf issue while using stress-ng testing, need to run testcase getdent and tun in the same time. The steps of the issue is as follows: 1) use getdent to traverse dir /proc/pid/net/dev_snmp6/, and current pde is tun3; 2) in the [time windows] unregister netdevice tun3 and tun2, and erase them from rbtree. erase tun3 first, and then erase tun2. the pde(tun2) will be released to slab; 3) continue to getdent process, then pde_subdir_next() will return pde(tun2) which is released, it will case uaf access. CPU 0 | CPU 1 ------------------------------------------------------------------------- traverse dir /proc/pid/net/dev_snmp6/ | unregister_netdevice(tun->dev) //tun3 tun2 sys_getdents64() | iterate_dir() | proc_readdir() | proc_readdir_de() | snmp6_unregister_dev() pde_get(de); | proc_remove() read_unlock(&proc_subdir_lock); | remove_proc_subtree() | write_lock(&proc_subdir_lock); [time window] | rb_erase(&root->subdir_node, &parent->subdir); | write_unlock(&proc_subdir_lock); read_lock(&proc_subdir_lock); | next = pde_subdir_next(de); | pde_put(de); | de = next; //UAF | rbtree of dev_snmp6 | pde(tun3) / \ NULL pde(tun2)

Microsoft Information Disclosure Linux Ubuntu Debian +2
NVD Exploit-DB VulDB
EPSS
0.1%
CVE-2025-59775 HIGH POC PATCH This Week

Server-Side Request Forgery (SSRF) vulnerability  in Apache HTTP Server on Windows with AllowEncodedSlashes On and MergeSlashes Off  allows to potentially leak NTLM hashes to a malicious server via SSRF and malicious requests or content Users are recommended to upgrade to version 2.4.66, which fixes the issue.

Microsoft Apache SSRF Ubuntu Debian +5
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-1910 MEDIUM This Month

The WatchGuard Mobile VPN with SSL Client on Windows allows a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY/SYSTEM on the Windows machine where the VPN Client is installed.This issue affects the Mobile VPN with SSL Client 12.0 up to and including 12.11.2.

Microsoft Command Injection Windows
NVD
CVSS 4.0
6.3
EPSS
0.0%
CVE-2025-12385 HIGH PATCH This Week

Allocation of Resources Without Limits or Throttling, Improper Validation of Specified Quantity in Input vulnerability in The Qt Company Qt on Windows, MacOS, Linux, iOS, Android, x86, ARM, 64 bit, 32 bit allows Excessive Allocation. This issue affects users of the Text component in Qt Quick. Missing validation of the width and height in the <img> tag could cause an application to become unresponsive. This issue affects Qt: from 5.0.0 through 6.5.10, from 6.6.0 through 6.8.5, from 6.9.0 through 6.10.0.

Microsoft Apple Google Denial Of Service Ubuntu +4
NVD
CVSS 4.0
8.7
EPSS
0.1%
CVE-2025-20387 HIGH PATCH This Week

In Splunk Universal Forwarder for Windows versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, a new installation of or an upgrade to an affected version can result in incorrect permissions assignment in the Universal Forwarder for Windows Installation directory. This lets non-administrator users on the machine access the directory and all its contents.

Microsoft Information Disclosure Splunk Windows
NVD
CVSS 3.1
8.0
EPSS
0.0%
CVE-2025-20386 HIGH PATCH This Week

In Splunk Enterprise for Windows versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, a new installation of or an upgrade to an affected version can result in incorrect permissions assignment in the Splunk Enterprise for Windows Installation directory. This lets non-administrator users on the machine access the directory and all its contents.

Microsoft Information Disclosure Splunk Windows
NVD
CVSS 3.1
8.0
EPSS
0.0%
CVE-2025-13751 MEDIUM PATCH This Month

Interactive service agent in OpenVPN version 2.5.0 through 2.6.16 and 2.7_alpha1 through 2.7_rc2 on Windows allows a local authenticated user to connect to the service and trigger an error causing a local denial of service.

Microsoft Denial Of Service Debian Openvpn Red Hat +1
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-53841 HIGH PATCH This Week

The GC-AGENTS-SERVICE running as part of Akamai´s Guardicore Platform Agent for Windows versions prior to v49.20.1, v50.15.0, v51.12.0, v52.2.0 is affected by a local privilege escalation vulnerability. The service will attempt to read an OpenSSL configuration file from a non-existent location that standard Windows users have default write access to. This allows an unprivileged local user to create a crafted "openssl.cnf" file in that location and, by specifying the path to a custom DLL file in a custom OpenSSL engine definition, execute arbitrary commands with the privileges of the Guardicore Agent process. Since Guardicore Agent runs with SYSTEM privileges, this permits an unprivileged user to fully elevate privileges to SYSTEM level in this manner.

Microsoft Privilege Escalation OpenSSL Windows
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-29864 MEDIUM PATCH This Month

A security vulnerability in ESTsoft ALZip on Windows allows SmartScreen bypass (CVSS 6.2). Remediation should follow standard vulnerability management procedures.

Microsoft Authentication Bypass Windows
NVD
CVSS 4.0
6.2
EPSS
0.0%
CVE-2025-66476 HIGH PATCH This Week

Vim is an open source, command line text editor. Prior to version 9.1.1947, an uncontrolled search path vulnerability on Windows allows Vim to execute malicious executables placed in the current working directory for the current edited file. On Windows, when using cmd.exe as a shell, Vim resolves external commands by searching the current working directory before system paths. When Vim invokes tools such as findstr for :grep, external commands or filters via :!, or compiler/:make commands, it may inadvertently run a malicious executable present in the same directory as the file being edited. The issue affects Vim for Windows prior to version 9.1.1947.

Information Disclosure Microsoft Ubuntu Debian Vim +2
NVD GitHub
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-64298 HIGH PATCH This Week

NMIS/BioDose V22.02 and previous version installations where the embedded Microsoft SQLServer Express is used are exposed in the Windows share accessed by clients in networked installs. By default, this directory has insecure directory paths that allow access to the SQL Server database and configuration files, which can contain sensitive data.

Information Disclosure Microsoft Windows
NVD
CVSS 3.1
8.4
EPSS
0.0%
CVE-2025-61940 HIGH PATCH This Week

CVE-2025-61940 is a security vulnerability (CVSS 8.3). High severity vulnerability requiring prompt remediation.

Information Disclosure Microsoft Windows
NVD
CVSS 3.1
8.3
EPSS
0.1%
CVE-2025-34352 HIGH PATCH This Week

JumpCloud Remote Assist for Windows versions prior to 0.317.0 include an uninstaller that is invoked by the JumpCloud Windows Agent as NT AUTHORITY\SYSTEM during agent uninstall or update operations. The Remote Assist uninstaller performs privileged create, write, execute, and delete actions on predictable files inside a user-writable %TEMP% subdirectory without validating that the directory is trusted or resetting its ACLs when it already exists. A local, low-privileged attacker can pre-create the directory with weak permissions and leverage mount-point or symbolic-link redirection to (a) coerce arbitrary file writes to protected locations, leading to denial of service (e.g., by overwriting sensitive system files), or (b) win a race to redirect DeleteFileW() to attacker-chosen targets, enabling arbitrary file or folder deletion and local privilege escalation to SYSTEM. This issue is fixed in JumpCloud Remote Assist 0.317.0 and affects Windows systems where Remote Assist is installed and managed through the Agent lifecycle.

Privilege Escalation Denial Of Service Microsoft Windows
NVD
CVSS 4.0
8.5
EPSS
0.0%
CVE-2025-13634 MEDIUM PATCH This Month

Inappropriate implementation in Downloads in Google Chrome on Windows prior to 143.0.7499.41 allowed a local attacker to bypass mark of the web via a crafted HTML page. (Chromium security severity: Medium)

Google Authentication Bypass Microsoft Ubuntu Debian +3
NVD
CVSS 3.1
4.4
EPSS
0.0%
CVE-2025-7007 HIGH POC This Week

NULL Pointer Dereference vulnerability in Avast Antivirus on MacOS, Avast Anitvirus on Linux when scanning a malformed Windows PE file causes the antivirus process to crash.This issue affects Antivirus: 16.0.0; Anitvirus: 3.0.3.

Microsoft Denial Of Service Null Pointer Dereference Apple Windows +1
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-3500 CRITICAL PATCH Act Now

Integer Overflow or Wraparound vulnerability in Avast Antivirus (25.1.981.6) on Windows allows Privilege Escalation.This issue affects Antivirus: from 25.1.981.6 before 25.3.

Privilege Escalation Integer Overflow Microsoft Antivirus Windows
NVD
CVSS 3.1
9.0
EPSS
0.0%
CVE-2025-66221 PyPI MEDIUM PATCH This Month

Werkzeug is a comprehensive WSGI web application library. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Microsoft Werkzeug Windows Red Hat +1
NVD GitHub
CVSS 4.0
6.3
EPSS
0.0%
CVE-2025-13683 MEDIUM This Month

Exposure of credentials in unintended requests in Devolutions Server, Remote Desktop Manager on Windows.3.8.0; Remote Desktop Manager: through 2025.3.23.0. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Microsoft Devolutions Server Remote Desktop Manager Windows
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-11156 MEDIUM This Month

Netskope was notified about a potential gap in its agent (NS Client) on Windows systems. Rated medium severity (CVSS 5.9), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Null Pointer Dereference Microsoft Windows
NVD
CVSS 4.0
5.9
EPSS
0.0%
CVE-2025-26155 CRITICAL POC Act Now

NCP Secure Enterprise Client 13.18 and NCP Secure Entry Windows Client 13.19 have an Untrusted Search Path vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Microsoft Ncp Secure Entry Client Secure Enterprise Client Windows
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-34350 HIGH This Week

UnForm Server versions < 10.1.15 contain an unauthenticated arbitrary file read and SMB coercion vulnerability in the Doc Flow feature’s 'arc' endpoint. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Information Disclosure Microsoft Windows
NVD
CVSS 4.0
8.7
EPSS
0.5%
CVE-2025-64693 CRITICAL Act Now

Security Point (Windows) of MaLion and MaLionCloud contains a heap-based buffer overflow vulnerability in processing Content-Length. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Microsoft Heap Overflow Windows
NVD
CVSS 4.0
9.3
EPSS
0.4%
CVE-2025-62691 CRITICAL Act Now

Security Point (Windows) of MaLion and MaLionCloud contains a stack-based buffer overflow vulnerability in processing HTTP headers. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Stack Overflow RCE Buffer Overflow Microsoft Windows
NVD
CVSS 4.0
9.3
EPSS
0.4%
CVE-2025-59485 MEDIUM This Month

Incorrect default permissions issue exists in Security Point (Windows) of MaLion prior to Ver.5.3.4. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Microsoft Privilege Escalation Windows
NVD
CVSS 4.0
4.8
EPSS
0.0%
CVE-2025-12893 LOW Monitor

Clients may successfully perform a TLS handshake with a MongoDB server despite presenting a client certificate not aligning with the documented Extended Key Usage (EKU) requirements. Rated low severity (CVSS 2.3), this vulnerability is remotely exploitable. No vendor patch available.

Apple Microsoft Information Disclosure MongoDB Windows
NVD
CVSS 4.0
2.3
EPSS
0.0%
CVE-2024-47856 CRITICAL Act Now

In RSA Authentication Agent before 7.4.7, service paths and shortcut paths may be vulnerable to path interception if the path has one or more spaces and is not surrounded by quotation marks. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Microsoft Authentication Agent For Windows Windows
NVD
CVSS 3.1
9.8
EPSS
0.2%
CVE-2025-65947 Cargo HIGH PATCH This Month

thread-amount is a tool that gets the amount of threads in the current process. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Apple Microsoft Windows
NVD GitHub
CVSS 4.0
8.7
EPSS
0.1%
CVE-2025-13524 MEDIUM This Month

Improper resource release in the call termination process in AWS Wickr before version 6.62.13 on Windows, macOS and Linux may allow a call participant to continue receiving audio input from another. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Apple Microsoft Information Disclosure Windows macOS
NVD
CVSS 4.0
6.8
EPSS
0.1%
CVE-2025-64695 HIGH This Month

Uncontrolled search path element issue exists in the installer of LogStare Collector (for Windows). Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Microsoft Logstare Collector Windows
NVD
CVSS 4.0
8.4
EPSS
0.0%
CVE-2025-13433 HIGH This Month

A security flaw has been discovered in Muse Group MuseHub 2.1.0.1567. Rated high severity (CVSS 7.3). No vendor patch available.

Information Disclosure Microsoft Windows
NVD GitHub VulDB
CVSS 4.0
7.3
EPSS
0.0%
CVE-2025-13316 HIGH POC THREAT Act Now

Twonky Server 8.5.2 uses hard-coded cryptographic keys for encrypting the administrator password. Combined with the credential exposure vulnerability (CVE-2025-13315), this allows attackers to decrypt the admin password from the leaked log file and gain full administrative control of the media server.

Information Disclosure Microsoft Twonky Server Windows
NVD
CVSS 4.0
8.2
EPSS
72.7%
Threat
5.3
CVE-2025-13315 CRITICAL POC THREAT Emergency

Twonky Server 8.5.2 on Linux and Windows allows unauthenticated access to the admin log file through a web service API bypass. The exposed log contains the administrator's username and encrypted password, which can be decrypted using hard-coded keys (CVE-2025-13316) to gain full administrative control.

Information Disclosure Microsoft Twonky Server Windows
NVD
CVSS 4.0
9.3
EPSS
82.4%
Threat
5.8
CVE-2025-34332 HIGH POC This Week

AudioCodes Fax Server and Auto-Attendant IVR appliances versions up to and including 2.6.23 include a web administration component that controls back-end Windows services using helper batch scripts. Rated high severity (CVSS 8.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

PHP Microsoft Privilege Escalation Fax Server Interactive Voice Response +2
NVD
CVSS 4.0
8.5
EPSS
0.0%
CVE-2025-34329 CRITICAL POC Act Now

AudioCodes Fax Server and Auto-Attendant IVR appliances versions up to and including 2.6.23 expose an unauthenticated backup upload endpoint at AudioCodes_files/ajaxBackupUploadFile.php in the. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

File Upload PHP Microsoft Fax Server Interactive Voice Response +2
NVD
CVSS 4.0
9.3
EPSS
3.1%
CVE-2025-34328 CRITICAL POC Act Now

AudioCodes Fax Server and Auto-Attendant IVR appliances versions up to and including 2.6.23 include a web administration component (F2MAdmin) that exposes an unauthenticated script-management. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

File Upload PHP Microsoft Fax Server Interactive Voice Response +2
NVD
CVSS 4.0
9.3
EPSS
0.6%
CVE-2025-54660 MEDIUM This Month

An active debug code vulnerability in Fortinet FortiClientWindows 7.4.0 through 7.4.3, FortiClientWindows 7.2.0 through 7.2.10, FortiClientWindows 7.0 all versions may allow a local attacker to run. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Fortinet Information Disclosure Forticlient Windows
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-47761 HIGH This Month

An Exposed IOCTL with Insufficient Access Control vulnerability [CWE-782] vulnerability in Fortinet FortiClientWindows 7.4.0 through 7.4.3, FortiClientWindows 7.2.0 through 7.2.9 may allow an. Rated high severity (CVSS 7.8). No vendor patch available.

Fortinet Microsoft Authentication Bypass Forticlient Windows
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-46373 HIGH This Month

A Heap-based Buffer Overflow vulnerability [CWE-122] vulnerability in Fortinet FortiClientWindows 7.4.0 through 7.4.3, FortiClientWindows 7.2.0 through 7.2.8 may allow an authenticated local IPSec. Rated high severity (CVSS 7.8). No vendor patch available.

Buffer Overflow RCE Microsoft Heap Overflow Fortinet +2
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-34324 HIGH POC This Month

GoSign Desktop versions 2.4.0 and earlier use an unsigned update manifest for distributing application updates. Rated high severity (CVSS 7.0), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Jwt Attack RCE Apple Microsoft Gosign +2
NVD
CVSS 4.0
7.0
EPSS
0.0%
CVE-2025-40549 CRITICAL PATCH This Week

A Path Restriction Bypass vulnerability exists in Serv-U that when abused, could give a malicious actor with access to admin privileges the ability to execute code on a directory. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal Microsoft Serv U Windows
NVD
CVSS 3.1
9.1
EPSS
0.3%
CVE-2025-40548 CRITICAL PATCH This Week

A missing validation process exists in Serv U when abused, could give a malicious actor with access to admin privileges the ability to execute code. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Microsoft Privilege Escalation Serv U Windows
NVD
CVSS 3.1
9.1
EPSS
0.1%
CVE-2025-40547 CRITICAL This Week

A logic error vulnerability exists in Serv-U which when abused could give a malicious actor with access to admin privileges the ability to execute code. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Microsoft Serv U Windows
NVD
CVSS 3.1
9.1
EPSS
0.2%
CVE-2025-4617 LOW Monitor

An insufficient policy enforcement vulnerability in Palo Alto Networks Prisma® Browser on Windows allows a locally authenticated non-admin user to bypass the screenshot control feature of the. Rated low severity (CVSS 1.1), this vulnerability is low attack complexity. No vendor patch available.

Paloalto Microsoft Authentication Bypass Windows
NVD
CVSS 4.0
1.1
EPSS
0.0%
CVE-2024-7021 MEDIUM Monitor

Inappropriate implementation in Autofill in Google Chrome on Windows prior to 124.0.6367.60 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Information Disclosure Microsoft Chrome Windows
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2025-4619 MEDIUM This Month

A denial-of-service (DoS) vulnerability in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to reboot a firewall by sending a specially crafted packet through the dataplane. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Paloalto Information Disclosure Microsoft Windows
NVD
CVSS 4.0
6.6
EPSS
0.1%
CVE-2025-64740 HIGH This Month

Improper verification of cryptographic signature in the installer for Zoom Workplace VDI Client for Windows may allow an authenticated user to conduct an escalation of privilege via local access. Rated high severity (CVSS 7.5). No vendor patch available.

Jwt Attack Microsoft Privilege Escalation Workplace Virtual Desktop Infrastructure Windows
NVD
CVSS 3.1
7.5
EPSS
0.0%
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Privilege escalation in Windows Tablet UI (TWINUI) subsystem on Windows 10, Windows Server 2022, and Windows Server 2025 stems from improper synchronization of shared resources, enabling authenticated local attackers to gain elevated privileges. The race condition vulnerability affects multiple Windows versions and currently has no available patch.

Windows Race Condition Windows Server 2022 23h2 +12
NVD
EPSS 0% CVSS 4.4
MEDIUM PATCH This Month

Improper access control in Windows Hyper-V enables privileged local users to read sensitive system information without authorization. The vulnerability affects Windows 10 (versions 21H2 and 22H2), Windows Server 2025, and Hyper-V implementations where an authenticated attacker with high privileges can bypass security controls to access confidential data. Currently no patch is available for this medium-severity issue.

Windows Hyper-V Windows 10 21h2 +10
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Windows Remote Assistance contains a protection mechanism bypass that allows local attackers to circumvent a security feature without user interaction, affecting Windows 11 24h2, Windows Server 2012, 2022, and 2025. The vulnerability requires local access and user interaction to exploit, with potential impact limited to information disclosure. No patch is currently available for this medium-severity issue.

Windows Windows Server 2012 Windows Server 2025 +12
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Information disclosure in Windows File Explorer enables local authenticated users to read sensitive data on affected Windows systems including Windows 10 and Windows Server 2025. An attacker with valid local credentials can exploit this vulnerability to access confidential information without requiring user interaction. No patch is currently available for this issue.

Windows Windows Server 2025 Windows 10 22h2 +11
NVD
EPSS 0% CVSS 6.2
MEDIUM PATCH This Month

Windows RPC implementation leaks sensitive information to local attackers on Windows 10, Windows 11, and Windows Server 2022. An unauthenticated local attacker can exploit this information disclosure vulnerability without user interaction to access confidential data. No patch is currently available for this medium-severity vulnerability.

Windows Windows 11 25h2 Windows 10 1809 +13
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Heap buffer overflow in Windows Common Log File System Driver (affecting Windows 10 1607, Server 2016, and Server 2022 23h2) enables authenticated local users to achieve complete system compromise through privilege escalation. The vulnerability requires valid credentials but no user interaction, making it a direct path to administrative control for insiders or attackers with initial access. No patch is currently available, leaving affected systems at elevated risk pending remediation.

Windows Buffer Overflow Heap Overflow +15
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Improper pointer validation in Windows VBS Enclave allows authenticated local users to read sensitive information on Windows 11 systems across multiple versions. An attacker with local access and valid credentials can exploit this memory safety flaw to bypass enclave protections and disclose confidential data. No patch is currently available.

Windows Windows 11 25h2 Windows 11 23h2 +2
NVD
EPSS 0% CVSS 6.2
MEDIUM PATCH This Month

Windows Kernel inadvertently logs sensitive information to accessible log files, enabling local attackers to read confidential data on affected Windows and Linux systems. This information disclosure vulnerability requires no privileges or user interaction to exploit and impacts Windows Server 2016, 2022, and 2025 along with standard Windows installations. No patch is currently available for this medium-severity issue.

Linux Windows Windows Server 2016 +5
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Windows Installer contains a time-of-check time-of-use race condition that allows authenticated local attackers to escalate privileges on Windows 10 1809, Windows 11 25h2, and Windows Server 2022 23h2. An attacker with local access can exploit the window between permission validation and file operation execution to gain elevated system access. No patch is currently available for this vulnerability.

Windows Race Condition Windows 11 25h2 +14
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Windows LDAP input validation bypass in Windows 10 21H2, Windows 11 24H2, and Windows Server 2022 23H2 enables authenticated network attackers to modify data integrity without detection. The vulnerability requires valid credentials and network access but does not provide elevation of privilege or confidentiality breaches. No patch is currently available for this medium-severity issue.

Windows LDAP Windows 10 21h2 +12
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Local privilege escalation in Windows Win32K (ICOMP) via type confusion allows authenticated users to gain system-level access on Windows 11 and Windows Server 2025. The vulnerability affects multiple recent Windows versions with no available patch, requiring immediate mitigation strategies for at-risk environments. Exploitation requires local access but no user interaction, making it a significant risk for multi-user systems.

Windows Windows Server 2025 Windows 11 23h2 +5
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

The Windows Ancillary Function Driver for WinSock contains an improper memory deallocation vulnerability (CWE-590) that allows authenticated local attackers to achieve privilege escalation on affected Windows 10 and Windows Server 2019 systems. An attacker with local user privileges can exploit this flaw to gain SYSTEM-level access without user interaction. No patch is currently available for this vulnerability.

Windows Windows Server 2019 Windows 10 21h2 +3
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Privilege escalation in Windows Kernel Memory affects Windows 10 21h2 and Windows Server 2022 23h2, exploitable by local authenticated users through a race condition between permission checks and memory access. An attacker with local access can leverage this window to gain elevated system privileges. No patch is currently available.

Linux Windows Race Condition +14
NVD
EPSS 5% CVSS 5.5
MEDIUM KEV PATCH THREAT Act Now

Desktop Windows Manager on Windows 10, Windows 11, and Windows Server 2022 leaks sensitive information to local authenticated users, enabling disclosure of confidential data without modifying or disrupting system functionality. This vulnerability is confirmed actively exploited and affects multiple Windows versions with no patch currently available. An authorized attacker can exploit this with minimal complexity to extract sensitive information from the system.

Windows Windows 11 23h2 Windows Server 2022 23h2 +12
NVD VulDB
EPSS 0% CVSS 7.7
HIGH PATCH This Week

Windows Hello privilege elevation flaw in Windows 10 21h2, Windows Server 2019, 2022, and 2022 23h2 enables local attackers to modify system data without authorization. The vulnerability stems from improper privilege assignment that bypasses access controls, allowing an unauthenticated attacker with local access to tamper with protected resources. Currently no patch is available and exploitation requires only local access with no special conditions or user interaction.

Windows Windows Server 2022 23h2 Windows Server 2022 +11
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Windows Deployment Services contains improper access control that enables unauthenticated attackers on an adjacent network to execute arbitrary code with high privileges on affected Windows and Windows Server systems. The vulnerability affects multiple Windows versions including Server 2012, 2019, and 2022 variants, with no patch currently available. An adjacent network attacker requires only network proximity to exploit this vulnerability, making lateral movement within networked environments a significant risk.

Windows Windows Server 2019 Windows Server 2022 23h2 +6
NVD
EPSS 0% CVSS 8.8
HIGH This Week

A vulnerability has been identified in the installation/uninstallation of the Nessus Agent Tray App on Windows Hosts which could lead to escalation of privileges. [CVSS 8.8 HIGH]

Windows Privilege Escalation
NVD
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

TinyWeb HTTP Server before 1.98 has OS command injection via CGI ISINDEX query parameters. The query string is passed as command-line arguments to CGI executables through Windows CreateProcess(), allowing unauthenticated RCE. Patch available.

Windows Command Injection Tinyweb
NVD GitHub
EPSS 0% CVSS 8.8
HIGH This Week

Deserialization of Untrusted Data vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Object Injection.This issue affects DX NetOps Spectrum: 24.3.13 and earlier. [CVSS 8.8 HIGH]

Broadcom Linux Windows +2
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

Dependency on Vulnerable Third-Party Component vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows DOM-Based XSS.This issue affects DX NetOps Spectrum: 24.3.9 and earlier. [CVSS 6.1 MEDIUM]

Broadcom Linux Windows +2
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Authorization Bypass Through User-Controlled Key vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Privilege Escalation.This issue affects DX NetOps Spectrum: 24.3.10 and earlier. [CVSS 8.8 HIGH]

Broadcom Linux Windows +2
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Improper Authentication vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Authentication Bypass.This issue affects DX NetOps Spectrum: 24.3.10 and earlier. [CVSS 7.5 HIGH]

Broadcom Linux Windows +2
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Cleartext Transmission of Sensitive Information vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Sniffing Attacks.This issue affects DX NetOps Spectrum: 21.2.1 and earlier. [CVSS 7.5 HIGH]

Broadcom Linux Windows +1
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Insufficiently Protected Credentials vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Sniffing Attacks.This issue affects DX NetOps Spectrum: 24.3.13 and earlier. [CVSS 7.5 HIGH]

Broadcom Linux Windows +1
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

Broadcom DX NetOps Spectrum (24.3.8 and earlier) exposes session tokens in URL query strings, enabling session hijacking through browser history, referer headers, or proxy logs.

Broadcom Linux Windows +2
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

Broadcom DX NetOps Spectrum (23.3.6 and earlier) has unauthenticated OS command injection on both Windows and Linux platforms. As a network management system, compromise gives attackers visibility and control over the entire monitored infrastructure.

Broadcom Linux Windows +2
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Reflected XSS.This issue affects DX NetOps Spectrum: 24.3.8 and earlier. [CVSS 6.1 MEDIUM]

Broadcom Linux Windows +2
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Path Traversal.This issue affects DX NetOps Spectrum: 24.3.8 and earlier. [CVSS 6.5 MEDIUM]

Broadcom Linux Windows +2
NVD
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

Salesforce Uni2TS time series forecasting library (through 1.2.0) has a code injection vulnerability that allows leveraging executable code in non-executable files across all platforms.

Linux Windows macOS +2
NVD
EPSS 0% CVSS 3.3
LOW Monitor

Exposure of sensitive information in the TeamViewer entry dashboard component in Devolutions Remote Desktop Manager 2025.3.24.0 through 2025.3.28.0 on Windows allows an external observer to view a password on screen via a defective masking feature, for example during physical observation or screen sharing. [CVSS 3.3 LOW]

Windows
NVD
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Werkzeug versions prior to 3.1.5 fail to properly validate Windows reserved device names in the safe_join function, allowing attackers to bypass path restrictions by using device names with file extensions or trailing spaces (e.g., CON.txt, AUX ). This denial of service vulnerability affects Windows systems running vulnerable Werkzeug versions and could allow an unauthenticated remote attacker to access restricted files or cause application crashes. A patch is available in version 3.1.5 and later.

Windows Werkzeug Suse
NVD GitHub
EPSS 0% CVSS 5.5
MEDIUM This Month

An issue was discovered in Nitro PDF Pro for Windows before 14.42.0.34. In certain cases, it displays signer information from a non-verified PDF field rather than from the verified certificate subject. [CVSS 5.5 MEDIUM]

Windows Nitro Pdf Pro
NVD
EPSS 0% CVSS 7.7
HIGH POC PATCH This Week

Arbitrary command execution in Greenshot 1.3.310 and earlier stems from insufficient input validation in filename processing, where unsanitized user-supplied filenames are passed directly to shell commands. An attacker can exploit this through a malicious filename containing shell metacharacters to achieve local code execution with user privileges. Public exploit code exists for this vulnerability; users should upgrade to version 1.3.311 or later.

Windows Command Injection Greenshot
NVD GitHub
EPSS 0% CVSS 5.4
MEDIUM This Month

Stored cross-site scripting (XSS, CWE-79) in the survey content and administration functionality in Data Illusion Zumbrunn NGSurvey Enterprise Edition 3.6.4 on all supported platforms ( on Windows and Linux servers ) allows authenticated remote users with survey creation or edit privileges to execute arbitrary JavaScript in other users’ browsers, steal session information and perform unauthorized actions on their behalf via crafted survey content that is rendered without proper output encoding. [CVSS 5.4 MEDIUM]

Linux Windows XSS +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Fujitsu Security Solution AuthConductor Client Basic V2 version 2.0.25.0 and earlier contains an origin validation flaw that allows authenticated local attackers to execute arbitrary code with SYSTEM privileges and modify registry values. An attacker with login access to an affected Windows system can exploit this vulnerability to achieve complete system compromise. No patch is currently available.

Windows
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Uncontrolled Search Path Element vulnerability in Altera Quartus Prime Standard on Windows (Nios II Command Shell modules), Altera Quartus Prime Lite on Windows (Nios II Command Shell modules) allows Search Order Hijacking.This issue affects Quartus Prime Standard: from 19.1 through 24.1; Quartus Prime Lite: from 19.1 through 24.1. [CVSS 6.7 MEDIUM]

Windows Quartus Prime
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Insecure Temporary File vulnerability in Altera Quartus Prime Standard  Installer (SFX) on Windows, Altera Quartus Prime Lite  Installer (SFX) on Windows allows Explore for Predictable Temporary File Names.This issue affects Quartus Prime Standard: from 23.1 through 24.1; Quartus Prime Lite: from 23.1 through 24.1. [CVSS 6.7 MEDIUM]

Windows Quartus Prime
NVD
EPSS 0% CVSS 3.7
LOW Monitor

Unverified Password Change vulnerability in Progress MOVEit Transfer on Windows (REST API modules).This issue affects MOVEit Transfer: from 2023.1.0 before 2023.1.3, from 2023.0.0 before 2023.0.8, from 2022.1.0 before 2022.1.11, from 2022.0.0 before 2022.0.10. [CVSS 3.7 LOW]

Windows
NVD VulDB
EPSS 0% CVSS 6.7
MEDIUM This Month

Insecure Temporary File vulnerability in Altera Quartus Prime Pro  Installer (SFX) on Windows allows : Use of Predictable File Names.This issue affects Quartus Prime Pro: from 24.1 through 25.1.1. [CVSS 6.7 MEDIUM]

Windows Quartus Prime
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Uncontrolled Search Path Element vulnerability in Altera Quartus Prime Pro on Windows (System Console modules) allows Search Order Hijacking.This issue affects Quartus Prime Pro: from 17.0 through 25.1.1. [CVSS 6.7 MEDIUM]

Windows Quartus Prime
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Uncontrolled Search Path Element vulnerability in Altera Quartus Prime Standard Installer (SFX) on Windows, Altera Quartus Prime Lite  Installer (SFX) on Windows allows Search Order Hijacking.This issue affects Quartus Prime Standard: from 23.1 through 24.1; Quartus Prime Lite: from 23.1 through 24.1. [CVSS 6.7 MEDIUM]

Windows Quartus Prime
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Uncontrolled Search Path Element vulnerability in Altera Quartus Prime Pro Installer (SFX) on Windows allows Search Order Hijacking.This issue affects Quartus Prime Pro: from 24.1 through 24.3.1. [CVSS 6.7 MEDIUM]

Windows Quartus Prime
NVD
EPSS 0% CVSS 7.8
HIGH This Week

An issue was discovered in Samsung Magician 6.3.0 through 8.3.2 on Windows. The installer creates a temporary folder with weak permissions during installation, allowing a non-admin user to perform DLL hijacking and escalate privileges. [CVSS 7.8 HIGH]

Samsung Windows Magician
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

A remote code execution vulnerability (CVSS 6.7). Remediation should follow standard vulnerability management procedures.

Microsoft RCE Windows
NVD
EPSS 0%
POC PATCH Monitor

In the Linux kernel, the following vulnerability has been resolved: fs/proc: fix uaf in proc_readdir_de() Pde is erased from subdir rbtree through rb_erase(), but not set the node to EMPTY, which may result in uaf access. We should use RB_CLEAR_NODE() set the erased node to EMPTY, then pde_subdir_next() will return NULL to avoid uaf access. We found an uaf issue while using stress-ng testing, need to run testcase getdent and tun in the same time. The steps of the issue is as follows: 1) use getdent to traverse dir /proc/pid/net/dev_snmp6/, and current pde is tun3; 2) in the [time windows] unregister netdevice tun3 and tun2, and erase them from rbtree. erase tun3 first, and then erase tun2. the pde(tun2) will be released to slab; 3) continue to getdent process, then pde_subdir_next() will return pde(tun2) which is released, it will case uaf access. CPU 0 | CPU 1 ------------------------------------------------------------------------- traverse dir /proc/pid/net/dev_snmp6/ | unregister_netdevice(tun->dev) //tun3 tun2 sys_getdents64() | iterate_dir() | proc_readdir() | proc_readdir_de() | snmp6_unregister_dev() pde_get(de); | proc_remove() read_unlock(&proc_subdir_lock); | remove_proc_subtree() | write_lock(&proc_subdir_lock); [time window] | rb_erase(&root->subdir_node, &parent->subdir); | write_unlock(&proc_subdir_lock); read_lock(&proc_subdir_lock); | next = pde_subdir_next(de); | pde_put(de); | de = next; //UAF | rbtree of dev_snmp6 | pde(tun3) / \ NULL pde(tun2)

Microsoft Information Disclosure Linux +4
NVD Exploit-DB VulDB
EPSS 0% CVSS 7.5
HIGH POC PATCH This Week

Server-Side Request Forgery (SSRF) vulnerability  in Apache HTTP Server on Windows with AllowEncodedSlashes On and MergeSlashes Off  allows to potentially leak NTLM hashes to a malicious server via SSRF and malicious requests or content Users are recommended to upgrade to version 2.4.66, which fixes the issue.

Microsoft Apache SSRF +7
NVD GitHub
EPSS 0% CVSS 6.3
MEDIUM This Month

The WatchGuard Mobile VPN with SSL Client on Windows allows a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY/SYSTEM on the Windows machine where the VPN Client is installed.This issue affects the Mobile VPN with SSL Client 12.0 up to and including 12.11.2.

Microsoft Command Injection Windows
NVD
EPSS 0% CVSS 8.7
HIGH PATCH This Week

Allocation of Resources Without Limits or Throttling, Improper Validation of Specified Quantity in Input vulnerability in The Qt Company Qt on Windows, MacOS, Linux, iOS, Android, x86, ARM, 64 bit, 32 bit allows Excessive Allocation. This issue affects users of the Text component in Qt Quick. Missing validation of the width and height in the <img> tag could cause an application to become unresponsive. This issue affects Qt: from 5.0.0 through 6.5.10, from 6.6.0 through 6.8.5, from 6.9.0 through 6.10.0.

Microsoft Apple Google +6
NVD
EPSS 0% CVSS 8.0
HIGH PATCH This Week

In Splunk Universal Forwarder for Windows versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, a new installation of or an upgrade to an affected version can result in incorrect permissions assignment in the Universal Forwarder for Windows Installation directory. This lets non-administrator users on the machine access the directory and all its contents.

Microsoft Information Disclosure Splunk +1
NVD
EPSS 0% CVSS 8.0
HIGH PATCH This Week

In Splunk Enterprise for Windows versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, a new installation of or an upgrade to an affected version can result in incorrect permissions assignment in the Splunk Enterprise for Windows Installation directory. This lets non-administrator users on the machine access the directory and all its contents.

Microsoft Information Disclosure Splunk +1
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Interactive service agent in OpenVPN version 2.5.0 through 2.6.16 and 2.7_alpha1 through 2.7_rc2 on Windows allows a local authenticated user to connect to the service and trigger an error causing a local denial of service.

Microsoft Denial Of Service Debian +3
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

The GC-AGENTS-SERVICE running as part of Akamai´s Guardicore Platform Agent for Windows versions prior to v49.20.1, v50.15.0, v51.12.0, v52.2.0 is affected by a local privilege escalation vulnerability. The service will attempt to read an OpenSSL configuration file from a non-existent location that standard Windows users have default write access to. This allows an unprivileged local user to create a crafted "openssl.cnf" file in that location and, by specifying the path to a custom DLL file in a custom OpenSSL engine definition, execute arbitrary commands with the privileges of the Guardicore Agent process. Since Guardicore Agent runs with SYSTEM privileges, this permits an unprivileged user to fully elevate privileges to SYSTEM level in this manner.

Microsoft Privilege Escalation OpenSSL +1
NVD
EPSS 0% CVSS 6.2
MEDIUM PATCH This Month

A security vulnerability in ESTsoft ALZip on Windows allows SmartScreen bypass (CVSS 6.2). Remediation should follow standard vulnerability management procedures.

Microsoft Authentication Bypass Windows
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Vim is an open source, command line text editor. Prior to version 9.1.1947, an uncontrolled search path vulnerability on Windows allows Vim to execute malicious executables placed in the current working directory for the current edited file. On Windows, when using cmd.exe as a shell, Vim resolves external commands by searching the current working directory before system paths. When Vim invokes tools such as findstr for :grep, external commands or filters via :!, or compiler/:make commands, it may inadvertently run a malicious executable present in the same directory as the file being edited. The issue affects Vim for Windows prior to version 9.1.1947.

Information Disclosure Microsoft Ubuntu +4
NVD GitHub
EPSS 0% CVSS 8.4
HIGH PATCH This Week

NMIS/BioDose V22.02 and previous version installations where the embedded Microsoft SQLServer Express is used are exposed in the Windows share accessed by clients in networked installs. By default, this directory has insecure directory paths that allow access to the SQL Server database and configuration files, which can contain sensitive data.

Information Disclosure Microsoft Windows
NVD
EPSS 0% CVSS 8.3
HIGH PATCH This Week

CVE-2025-61940 is a security vulnerability (CVSS 8.3). High severity vulnerability requiring prompt remediation.

Information Disclosure Microsoft Windows
NVD
EPSS 0% CVSS 8.5
HIGH PATCH This Week

JumpCloud Remote Assist for Windows versions prior to 0.317.0 include an uninstaller that is invoked by the JumpCloud Windows Agent as NT AUTHORITY\SYSTEM during agent uninstall or update operations. The Remote Assist uninstaller performs privileged create, write, execute, and delete actions on predictable files inside a user-writable %TEMP% subdirectory without validating that the directory is trusted or resetting its ACLs when it already exists. A local, low-privileged attacker can pre-create the directory with weak permissions and leverage mount-point or symbolic-link redirection to (a) coerce arbitrary file writes to protected locations, leading to denial of service (e.g., by overwriting sensitive system files), or (b) win a race to redirect DeleteFileW() to attacker-chosen targets, enabling arbitrary file or folder deletion and local privilege escalation to SYSTEM. This issue is fixed in JumpCloud Remote Assist 0.317.0 and affects Windows systems where Remote Assist is installed and managed through the Agent lifecycle.

Privilege Escalation Denial Of Service Microsoft +1
NVD
EPSS 0% CVSS 4.4
MEDIUM PATCH This Month

Inappropriate implementation in Downloads in Google Chrome on Windows prior to 143.0.7499.41 allowed a local attacker to bypass mark of the web via a crafted HTML page. (Chromium security severity: Medium)

Google Authentication Bypass Microsoft +5
NVD
EPSS 0% CVSS 7.5
HIGH POC This Week

NULL Pointer Dereference vulnerability in Avast Antivirus on MacOS, Avast Anitvirus on Linux when scanning a malformed Windows PE file causes the antivirus process to crash.This issue affects Antivirus: 16.0.0; Anitvirus: 3.0.3.

Microsoft Denial Of Service Null Pointer Dereference +3
NVD GitHub
EPSS 0% CVSS 9.0
CRITICAL PATCH Act Now

Integer Overflow or Wraparound vulnerability in Avast Antivirus (25.1.981.6) on Windows allows Privilege Escalation.This issue affects Antivirus: from 25.1.981.6 before 25.3.

Privilege Escalation Integer Overflow Microsoft +2
NVD
EPSS 0% CVSS 6.3
MEDIUM PATCH This Month

Werkzeug is a comprehensive WSGI web application library. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Microsoft Werkzeug +3
NVD GitHub
EPSS 0% CVSS 6.5
MEDIUM This Month

Exposure of credentials in unintended requests in Devolutions Server, Remote Desktop Manager on Windows.3.8.0; Remote Desktop Manager: through 2025.3.23.0. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Microsoft Devolutions Server +2
NVD
EPSS 0% CVSS 5.9
MEDIUM This Month

Netskope was notified about a potential gap in its agent (NS Client) on Windows systems. Rated medium severity (CVSS 5.9), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Null Pointer Dereference Microsoft +1
NVD
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

NCP Secure Enterprise Client 13.18 and NCP Secure Entry Windows Client 13.19 have an Untrusted Search Path vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Microsoft Ncp Secure Entry Client +2
NVD
EPSS 0% CVSS 8.7
HIGH This Week

UnForm Server versions < 10.1.15 contain an unauthenticated arbitrary file read and SMB coercion vulnerability in the Doc Flow feature’s 'arc' endpoint. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Information Disclosure Microsoft +1
NVD
EPSS 0% CVSS 9.3
CRITICAL Act Now

Security Point (Windows) of MaLion and MaLionCloud contains a heap-based buffer overflow vulnerability in processing Content-Length. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Microsoft +2
NVD
EPSS 0% CVSS 9.3
CRITICAL Act Now

Security Point (Windows) of MaLion and MaLionCloud contains a stack-based buffer overflow vulnerability in processing HTTP headers. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Stack Overflow RCE Buffer Overflow +2
NVD
EPSS 0% CVSS 4.8
MEDIUM This Month

Incorrect default permissions issue exists in Security Point (Windows) of MaLion prior to Ver.5.3.4. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Microsoft Privilege Escalation +1
NVD
EPSS 0% CVSS 2.3
LOW Monitor

Clients may successfully perform a TLS handshake with a MongoDB server despite presenting a client certificate not aligning with the documented Extended Key Usage (EKU) requirements. Rated low severity (CVSS 2.3), this vulnerability is remotely exploitable. No vendor patch available.

Apple Microsoft Information Disclosure +2
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

In RSA Authentication Agent before 7.4.7, service paths and shortcut paths may be vulnerable to path interception if the path has one or more spaces and is not surrounded by quotation marks. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Microsoft Authentication Agent For Windows +1
NVD
EPSS 0% CVSS 8.7
HIGH PATCH This Month

thread-amount is a tool that gets the amount of threads in the current process. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Apple Microsoft +1
NVD GitHub
EPSS 0% CVSS 6.8
MEDIUM This Month

Improper resource release in the call termination process in AWS Wickr before version 6.62.13 on Windows, macOS and Linux may allow a call participant to continue receiving audio input from another. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Apple Microsoft Information Disclosure +2
NVD
EPSS 0% CVSS 8.4
HIGH This Month

Uncontrolled search path element issue exists in the installer of LogStare Collector (for Windows). Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Microsoft Logstare Collector +1
NVD
EPSS 0% CVSS 7.3
HIGH This Month

A security flaw has been discovered in Muse Group MuseHub 2.1.0.1567. Rated high severity (CVSS 7.3). No vendor patch available.

Information Disclosure Microsoft Windows
NVD GitHub VulDB
EPSS 73% 5.3 CVSS 8.2
HIGH POC THREAT Act Now

Twonky Server 8.5.2 uses hard-coded cryptographic keys for encrypting the administrator password. Combined with the credential exposure vulnerability (CVE-2025-13315), this allows attackers to decrypt the admin password from the leaked log file and gain full administrative control of the media server.

Information Disclosure Microsoft Twonky Server +1
NVD
EPSS 82% 5.8 CVSS 9.3
CRITICAL POC THREAT Emergency

Twonky Server 8.5.2 on Linux and Windows allows unauthenticated access to the admin log file through a web service API bypass. The exposed log contains the administrator's username and encrypted password, which can be decrypted using hard-coded keys (CVE-2025-13316) to gain full administrative control.

Information Disclosure Microsoft Twonky Server +1
NVD
EPSS 0% CVSS 8.5
HIGH POC This Week

AudioCodes Fax Server and Auto-Attendant IVR appliances versions up to and including 2.6.23 include a web administration component that controls back-end Windows services using helper batch scripts. Rated high severity (CVSS 8.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

PHP Microsoft Privilege Escalation +4
NVD
EPSS 3% CVSS 9.3
CRITICAL POC Act Now

AudioCodes Fax Server and Auto-Attendant IVR appliances versions up to and including 2.6.23 expose an unauthenticated backup upload endpoint at AudioCodes_files/ajaxBackupUploadFile.php in the. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

File Upload PHP Microsoft +4
NVD
EPSS 1% CVSS 9.3
CRITICAL POC Act Now

AudioCodes Fax Server and Auto-Attendant IVR appliances versions up to and including 2.6.23 include a web administration component (F2MAdmin) that exposes an unauthenticated script-management. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

File Upload PHP Microsoft +4
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

An active debug code vulnerability in Fortinet FortiClientWindows 7.4.0 through 7.4.3, FortiClientWindows 7.2.0 through 7.2.10, FortiClientWindows 7.0 all versions may allow a local attacker to run. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Fortinet Information Disclosure Forticlient +1
NVD
EPSS 0% CVSS 7.8
HIGH This Month

An Exposed IOCTL with Insufficient Access Control vulnerability [CWE-782] vulnerability in Fortinet FortiClientWindows 7.4.0 through 7.4.3, FortiClientWindows 7.2.0 through 7.2.9 may allow an. Rated high severity (CVSS 7.8). No vendor patch available.

Fortinet Microsoft Authentication Bypass +2
NVD
EPSS 0% CVSS 7.8
HIGH This Month

A Heap-based Buffer Overflow vulnerability [CWE-122] vulnerability in Fortinet FortiClientWindows 7.4.0 through 7.4.3, FortiClientWindows 7.2.0 through 7.2.8 may allow an authenticated local IPSec. Rated high severity (CVSS 7.8). No vendor patch available.

Buffer Overflow RCE Microsoft +4
NVD
EPSS 0% CVSS 7.0
HIGH POC This Month

GoSign Desktop versions 2.4.0 and earlier use an unsigned update manifest for distributing application updates. Rated high severity (CVSS 7.0), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Jwt Attack RCE Apple +4
NVD
EPSS 0% CVSS 9.1
CRITICAL PATCH This Week

A Path Restriction Bypass vulnerability exists in Serv-U that when abused, could give a malicious actor with access to admin privileges the ability to execute code on a directory. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal Microsoft Serv U +1
NVD
EPSS 0% CVSS 9.1
CRITICAL PATCH This Week

A missing validation process exists in Serv U when abused, could give a malicious actor with access to admin privileges the ability to execute code. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Microsoft Privilege Escalation Serv U +1
NVD
EPSS 0% CVSS 9.1
CRITICAL This Week

A logic error vulnerability exists in Serv-U which when abused could give a malicious actor with access to admin privileges the ability to execute code. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Microsoft Serv U +1
NVD
EPSS 0% CVSS 1.1
LOW Monitor

An insufficient policy enforcement vulnerability in Palo Alto Networks Prisma® Browser on Windows allows a locally authenticated non-admin user to bypass the screenshot control feature of the. Rated low severity (CVSS 1.1), this vulnerability is low attack complexity. No vendor patch available.

Paloalto Microsoft Authentication Bypass +1
NVD
EPSS 0% CVSS 4.3
MEDIUM Monitor

Inappropriate implementation in Autofill in Google Chrome on Windows prior to 124.0.6367.60 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Information Disclosure Microsoft +2
NVD
EPSS 0% CVSS 6.6
MEDIUM This Month

A denial-of-service (DoS) vulnerability in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to reboot a firewall by sending a specially crafted packet through the dataplane. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Paloalto Information Disclosure Microsoft +1
NVD
EPSS 0% CVSS 7.5
HIGH This Month

Improper verification of cryptographic signature in the installer for Zoom Workplace VDI Client for Windows may allow an authenticated user to conduct an escalation of privilege via local access. Rated high severity (CVSS 7.5). No vendor patch available.

Jwt Attack Microsoft Privilege Escalation +2
NVD
Prev Page 5 of 18 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy