Latest microsoft windows Vulnerabilities

NaiboWang EasySpider HTTP GET Request server.js path traversal
Easyspider Easyspider=0.6.2
Microsoft Windows
In Docker Desktop before v4.29.0 an attacker who has gained access to the Docker Desktop VM through a container breakout can further escape to the host by passing extensions and dashboard related IPC ...
Docker Desktop<4.29.0
Apple macOS
Linux Linux kernel
Microsoft Windows
Microsoft Windows MSHTML Platform Spoofing Vulnerability
Microsoft Windows 10
Microsoft Windows Server 2008
Microsoft Windows 10=22H2
Microsoft Windows Server 2012 R2
Microsoft Windows 11=22H2
Microsoft Windows 10=21H2
and 41 more
Microsoft Windows Hyper-V Privilege Escalation Vulnerability
Microsoft Windows Server 2022, 23H2 Edition
Microsoft Windows 11=23H2
Microsoft Windows Server 2022
Microsoft Windows 11=21H2
Microsoft Windows 11=23H2
Microsoft Windows 11=21H2
and 9 more
Elevation of Privelage via symlinked file in Avast Antivirus
Avast AntiVirus<24.2
Microsoft Windows
Microsoft Windows MSHTML Platform Security Feature Bypass Vulnerability
Microsoft Windows Server 2019
Microsoft Windows 10=21H2
Microsoft Windows Server 2019
Microsoft Windows Server 2022, 23H2 Edition
Microsoft Windows 10=22H2
Microsoft Windows 10=22H2
and 34 more
IBM Integration Bus for z/OS cross-site request forgery
IBM Integration Bus for z/OS<=10.1 - 10.1.0.3
IBM Integration Bus>=10.1<=10.1.0.3
Ibm Z\/os
Linux Linux kernel
Microsoft Windows
Microsoft Windows Error Reporting Service Improper Privilege Management Vulnerability
Microsoft Windows 10
Microsoft Windows 11=22H2
Microsoft Windows 11=21H2
Microsoft Windows 11=22H2
Microsoft Windows Server 2016
Microsoft Windows 10=1809
and 39 more
Adobe FrameMaker Publishing Server Authentication Bypass Vulnerability | CVE-2023-44324 bypass
Adobe FrameMaker Publishing Server<2022
Adobe FrameMaker Publishing Server=2022
Adobe FrameMaker Publishing Server=2022-update1
Microsoft Windows
[TianfuCup] JP2K Image Parsing Out-Of-Bounds Write
Adobe Acrobat Dc>=15.008.20082<23.008.20533
Adobe Acrobat Reader DC>=15.008.20082<23.008.20533
Apple macOS
Microsoft Windows
Adobe Acrobat Reader>=20.001.30005<20.005.30574
Adobe Acrobat Reader>=20.001.30005<20.005.30574
and 2 more
TALOS-2023-1906 - Adobe Acrobat Reader Font CPAL integer overflow vulnerability
Adobe Acrobat Dc>=15.008.20082<23.008.20533
Adobe Acrobat Reader DC>=15.008.20082<23.008.20533
Apple macOS
Microsoft Windows
Adobe Acrobat Reader>=20.001.30005<20.005.30574
Adobe Acrobat Reader>=20.001.30005<20.005.30574
and 2 more
TALOS-2023-1901 - Adobe Acrobat Reader FileAttachment PDAnnot destroy use-after-free vulnerability
Adobe Acrobat Dc>=15.008.20082<23.008.20533
Adobe Acrobat Reader DC>=15.008.20082<23.008.20533
Apple macOS
Microsoft Windows
Adobe Acrobat Reader>=20.001.30005<20.005.30574
Adobe Acrobat Reader>=20.001.30005<20.005.30574
and 2 more
[TianfuCup] out-of-bounds access vulnerability when parsing jpeg2000
Adobe Acrobat Dc>=15.008.20082<23.008.20533
Adobe Acrobat Reader DC>=15.008.20082<23.008.20533
Apple macOS
Microsoft Windows
Adobe Acrobat Reader>=20.001.30005<20.005.30574
Adobe Acrobat Reader>=20.001.30005<20.005.30574
and 2 more
TALOS-2023-1908 - Adobe Acrobat Reader Font CharStrings INDEX out-of-bounds read vulnerability
Adobe Acrobat Dc>=15.008.20082<23.008.20533
Adobe Acrobat Reader DC>=15.008.20082<23.008.20533
Apple macOS
Microsoft Windows
Adobe Acrobat Reader>=20.001.30005<20.005.30574
Adobe Acrobat Reader>=20.001.30005<20.005.30574
and 2 more
[ZS-VR-23-360] Adobe Acrobat Reader Parsing OTF font Denial-of-Service Vulnerability
Adobe Acrobat Dc>=15.008.20082<23.008.20533
Adobe Acrobat Reader DC>=15.008.20082<23.008.20533
Apple macOS
Microsoft Windows
Adobe Acrobat Reader>=20.001.30005<20.005.30574
Adobe Acrobat Reader>=20.001.30005<20.005.30574
and 2 more
ZDI-CAN-22516: Adobe Acrobat Pro DC AcroForm Use-After-Free Information Disclosure Vulnerability
Adobe Acrobat Dc>=15.008.20082<23.008.20533
Adobe Acrobat Reader DC>=15.008.20082<23.008.20533
Apple macOS
Microsoft Windows
Adobe Acrobat Reader>=20.001.30005<20.005.30574
Adobe Acrobat Reader>=20.001.30005<20.005.30574
and 2 more
TALOS-2023-1909 - Adobe Acrobat Reader Font avar SegmentMaps out-of-bounds read vulnerability
Adobe Acrobat Dc>=15.008.20082<23.008.20533
Adobe Acrobat Reader DC>=15.008.20082<23.008.20533
Apple macOS
Microsoft Windows
Adobe Acrobat Reader>=20.001.30005<20.005.30574
Adobe Acrobat Reader>=20.001.30005<20.005.30574
and 2 more
ZDI-CAN-22727: Adobe Acrobat Pro DC Annotation Out-Of-Bounds Write Remote Code Execution Vulnerability
Adobe Acrobat Dc>=15.008.20082<23.008.20533
Adobe Acrobat Reader DC>=15.008.20082<23.008.20533
Apple macOS
Microsoft Windows
Adobe Acrobat Reader>=20.001.30005<20.005.30574
Adobe Acrobat Reader>=20.001.30005<20.005.30574
and 2 more
ZDI-CAN-22822: Adobe Acrobat Pro DC AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability
Adobe Acrobat Dc>=15.008.20082<23.008.20533
Adobe Acrobat Reader DC>=15.008.20082<23.008.20533
Apple macOS
Microsoft Windows
Adobe Acrobat Reader>=20.001.30005<20.005.30574
Adobe Acrobat Reader>=20.001.30005<20.005.30574
and 2 more
TALOS-2023-1910 - Adobe Acrobat Reader Font CharStrings CharStringsOffset out-of-bounds read vulnerability
Adobe Acrobat Dc>=15.008.20082<23.008.20533
Adobe Acrobat Reader DC>=15.008.20082<23.008.20533
Apple macOS
Microsoft Windows
Adobe Acrobat Reader>=20.001.30005<20.005.30574
Adobe Acrobat Reader>=20.001.30005<20.005.30574
and 2 more
TALOS-2023-1905 - Adobe Acrobat Reader Font CPAL numColorRecords out-of-bounds read vulnerability
Adobe Acrobat Dc>=15.008.20082<23.008.20533
Adobe Acrobat Reader DC>=15.008.20082<23.008.20533
Apple macOS
Microsoft Windows
Adobe Acrobat Reader>=20.001.30005<20.005.30574
Adobe Acrobat Reader>=20.001.30005<20.005.30574
and 2 more
TALOS-2023-1890 - Adobe Acrobat Reader Annot3D object zoom event use-after-free vulnerability
Adobe Acrobat Dc>=15.008.20082<23.008.20533
Adobe Acrobat Reader DC>=15.008.20082<23.008.20533
Apple macOS
Microsoft Windows
Adobe Acrobat Reader>=20.001.30005<20.005.30574
Adobe Acrobat Reader>=20.001.30005<20.005.30574
and 2 more
Microsoft Windows Kernel Exposed IOCTL with Insufficient Access Control Vulnerability
Microsoft Windows 10=1809
Microsoft Windows 10=22H2
Microsoft Windows Server 2019
Microsoft Windows Server 2022
Microsoft Windows 11=23H2
Microsoft Windows 10=21H2
and 24 more
Microsoft Windows SmartScreen Security Feature Bypass Vulnerability
Microsoft Windows Server 2016
Microsoft Windows 10=21H2
Microsoft Windows 10=21H2
Microsoft Windows 10=1809
Microsoft Windows Server 2022
Microsoft Windows 10=1607
and 32 more
Microsoft Windows Internet Shortcut Files Security Feature Bypass Vulnerability
Microsoft Windows
Microsoft Windows 10=21H2
Microsoft Windows Server 2022, 23H2 Edition
Microsoft Windows 10=21H2
Microsoft Windows 10=1809
Microsoft Windows 11=21H2
and 29 more
Improper validation of update packages
Snowsoftware Snow Inventory Agent<6.7.2
Snowsoftware Snow Inventory Agent>=6.14.0<6.14.5
Snowsoftware Snow Inventory Agent=6.12.0
Apple macOS
Linux Linux kernel
Microsoft Windows
Improper privilege control for the named pipe in Samsung Magician PC Software 8.0.0 (for Windows) allows a local attacker to read privileged data.
Samsung Magician=8.0.0
Microsoft Windows
Dell Encryption, Dell Endpoint Security Suite Enterprise, and Dell Security Management Server versions prior to 11.9.0 contain privilege escalation vulnerability due to improper ACL of the non-defaul...
Dell Encryption<11.9.0
Dell Endpoint Security Suite Enterprise<11.9.0
Dell Security Management Server<11.9.0
Microsoft Windows
A default installation of RustDesk 1.2.3 on Windows places a WDKTestCert certificate under Trusted Root Certification Authorities with Enhanced Key Usage of Code Signing (1.3.6.1.5.5.7.3.3), valid fro...
Rustdesk Rustdesk=1.2.3
Microsoft Windows
Automation Studio and PVI Multiple unquoted service path vulnerabilities
Br-automation Automation Studio<4.7.7.74
Br-automation Automation Studio>=4.8<4.8.6.30
Br-automation Automation Studio>=4.9<4.9.4.92
Microsoft Windows
Br-automation Automation Net\/pvi>=4.0<4.7.7
Br-automation Automation Net\/pvi>=4.8<4.8.6
and 2 more
Automation Studio and PVI Multiple incorrect permission assignments for services
Br-automation Automation Studio>=4.0<4.7.7.74
Br-automation Automation Studio>=4.8<4.8.6.30
Br-automation Automation Studio>=4.9<4.9.4.92
Microsoft Windows
Aprktool before 2.9.3 on Windows allows ../ and /.. directory traversal.
Apktool Apktool<2.9.3
Microsoft Windows
Cross-site scripting (XSS) vulnerability in the entry overview tab in Devolutions Remote Desktop Manager 2023.3.36 and earlier on Windows allows an attacker with access to a data source to inject a ma...
Devolutions Remote Desktop Manager<=2023.3.36.0
Microsoft Windows
XML External Entity (XXE) Processing
OpenText AppBuilder>=21.2<23.2
Linux Linux kernel
Microsoft Windows
Unauthenticated Access to AppBuilder Configuration Files
OpenText AppBuilder>=21.2<23.2
Linux Linux kernel
Microsoft Windows
Java Database Connectivity (JDBC) URL Manipulation
OpenText AppBuilder>=21.2<23.2
Linux Linux kernel
Microsoft Windows
Command Injection via Task Scheduler
OpenText AppBuilder>=21.2<23.2
Linux Linux kernel
Microsoft Windows
Unauthenticated Arbitrary File Read
OpenText AppBuilder>=21.2<23.2
Linux Linux kernel
Microsoft Windows
Trend Micro uiAirSupport, included in the Trend Micro Security 2023 family of consumer products, version 6.0.2092 and below is vulnerable to a DLL hijacking/proxying vulnerability, which if exploited ...
Trendmicro Air Support<6.0.2103
Trendmicro Antivirus \+ Security<6.0.2103
Trendmicro Internet Security<6.0.2103
Trendmicro Maximum Security<6.0.2103
Trendmicro Premium Security<6.0.2103
Microsoft Windows
Vba32 Antivirus v3.36.0 - Denial of Service (DoS)
Anti-virus Vba32=3.36.0
Microsoft Windows
Insecure Permissions in Splashtop Software Updater
Splashtop Software Updater<=1.5.6.21
Microsoft Windows
Vite dev server option `server.fs.deny` can be bypassed when hosted on case-insensitive filesystem
npm/vite>=5.0.0<=5.0.11
npm/vite>=4.0.0<=4.5.1
npm/vite>=3.0.0<=3.2.7
npm/vite>=2.7.0<=2.9.16
Vitejs Vite>=2.7.0<2.9.17
Vitejs Vite>=3.0.0<3.2.8
and 3 more
ProSSHD denial of service
=1.2_20090726
Binary Planting Attack on Windows Platforms in Creditcoin
Gluwa Creditcoin
Microsoft Windows
Improper Link Resolution Before File Access ('Link Following') vulnerability in HYPR Workforce Access on Windows allows User-Controlled Filename.This issue affects Workforce Access: before 8.7.
HYPR Workforce Access<8.7
Microsoft Windows
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in HYPR Workforce Access on Windows allows Overflow Buffers.This issue affects Workforce Access: before 8.7.
HYPR Workforce Access<8.7
Microsoft Windows
Improper Input Validation vulnerability in HYPR Workforce Access on Windows allows Path Traversal.This issue affects Workforce Access: before 8.7.
HYPR Workforce Access<8.7
Microsoft Windows
Generation of Error Message Containing Sensitive Information Vulnerability in Hitachi Device Manager
Hitachi Device Manager<8.8.5-04
Linux Linux kernel
Microsoft Windows
Missing Password Field Masking Vulnerability in Hitachi Device Manager
Hitachi Device Manager<8.8.5-04
Linux Linux kernel
Microsoft Windows
IBM Sterling Control Center directory traversal
IBM Sterling Control Center<=6.3.0
IBM Sterling Control Center=6.3.0
IBM AIX
Ibm Linux On Ibm Z
Linux Linux kernel
Microsoft Windows

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203