| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability |
| Windows Resource Manager PSM Service Extension Elevation of Privilege Vulnerability |
| Windows TCP/IP Driver Denial of Service Vulnerability |
| Windows GDI+ Information Disclosure Vulnerability |
| Microsoft Windows Codecs Library Information Disclosure Vulnerability |
| Windows WLAN AutoConfig Service Security Feature Bypass Vulnerability |
| Windows Media Video Decoder Remote Code Execution Vulnerability |
| Windows Hyper-V Elevation of Privilege Vulnerability |
| Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability |
| Windows NTFS Denial of Service Vulnerability |
| Windows Application Compatibility Cache Denial of Service Vulnerability |
| Windows Kernel Information Disclosure Vulnerability |
| Dr.Web Firewall 12.5.2.4160 on Windows incorrectly restricts applications signed by Dr.Web. A DLL for a custom payload within a legitimate binary (e.g., frwl_svc.exe) bypasses firewall filters. |
| SSH Tectia Client and Server before 6.4.19 on Windows allow local privilege escalation in nonstandard conditions. ConnectSecure on Windows is affected. |
| SSH Tectia Client and Server before 6.4.19 on Windows allow local privilege escalation. ConnectSecure on Windows is affected. |
| SSH Tectia Client and Server before 6.4.19 on Windows have weak key generation. ConnectSecure on Windows is affected. |
| Products with Unified Automation .NET based OPC UA Client/Server SDK Bundle: Versions V3.0.7 and prior (.NET 4.5, 4.0, and 3.5 Framework versions only) are vulnerable to an uncontrolled recursion, which may allow an attacker to trigger a stack overflow. |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 10.1.0.37527. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U3D objects embedded in PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in an out-of-bounds read condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-12438. |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 10.1.0.37527. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JPEG2000 images. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-12230. |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 10.1.0.37527. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U3D objects in PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process Was ZDI-CAN-12390. |
