| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| This vulnerability of SecureGate is SQL-Injection using login without password. A path traversal vulnerability is also identified during file transfer. An attacker can take advantage of these vulnerabilities to perform various attacks such as obtaining privileges and executing remote code, thereby taking over the victim’s system. |
| Samsung Magician 8.0.0 on Windows allows an admin to escalate privileges by tampering with the directory and DLL files used during the installation process. This occurs because of an Untrusted Search Path. |
| An issue was discovered in the installer in Samsung Magician 8.1.0 on Windows. An attacker can create arbitrary folders in the system permission directory via a symbolic link during the installation process. |
| A vulnerability, which was classified as critical, has been found in Wondershare Filmora 14.5.16. Affected by this issue is some unknown functionality in the library CRYPTBASE.dll of the file NFWCHK.exe of the component Installer. The manipulation leads to uncontrolled search path. Attacking locally is a requirement. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. |
| Win32k Elevation of Privilege Vulnerability |
| Windows Kernel Elevation of Privilege Vulnerability |
| Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability |
| Windows TCP/IP Information Disclosure Vulnerability |
| Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability |
| NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability |
| Windows HTML Platforms Security Feature Bypass Vulnerability |
| Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability |
| Windows Message Queuing Client (MSMQC) Information Disclosure |
| Windows Server Key Distribution Service Security Feature Bypass |
| Windows Subsystem for Linux Elevation of Privilege Vulnerability |
| JPress through 5.1.1 on Windows has an arbitrary file upload vulnerability that could cause arbitrary code execution via ::$DATA to AttachmentController, such as a .jsp::$DATA file to io.jpress.web.commons.controller.AttachmentController#upload. NOTE: this is unrelated to the attack vector for CVE-2024-32358. |
| Improper access control in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom SDKs for Windows before version 5.16.10 may allow an authenticated user to conduct an escalation of privilege via local access. |
|
IBM InfoSphere Information Server 11.7 could allow a remote attacker to cause a denial of service due to improper input validation. IBM X-Force ID: 265161.
|
| Generation of Error Message Containing Sensitive Information vulnerability in Hitachi Device Manager on Windows, Linux (Device Manager Agent modules).This issue affects Hitachi Device Manager: before 8.8.5-04.
|
| Improper Link Resolution Before File Access ('Link Following') vulnerability in HYPR Workforce Access on Windows allows User-Controlled Filename.This issue affects Workforce Access: before 8.7.
|
