| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| When a particular process flow is initiated, an attacker may be able to gain unauthorized elevated privileges on the affected system when having control over a specific file. |
| A vulnerability exists on all versions of the Ivanti Secure Access Client below 22.6R1.1, which could allow a locally authenticated attacker to exploit a vulnerable configuration, potentially leading to a denial of service (DoS) condition on the user machine. |
| A vulnerability has been identified in the Ivanti Secure Access Windows client, which could allow a locally authenticated attacker to exploit a vulnerable configuration, potentially leading to various security risks, including the escalation of privileges, denial of service, or information disclosure. |
| VMware Tools for Windows (12.x.y prior to 12.1.5, 11.x.y and 10.x.y) contains a denial-of-service vulnerability in the VM3DMP driver. A malicious actor with local user privileges in the Windows guest OS, where VMware Tools is installed, can trigger a PANIC in the VM3DMP driver leading to a denial-of-service condition in the Windows guest OS. |
| IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. |
| Windows 7 is vulnerable to a full blind TCP/IP hijacking attack. The vulnerability exists in Windows 7 (any Windows until Windows 8) and in any implementation of TCP/IP, which is vulnerable to the Idle scan attack (including many IoT devices). NOTE: The vendor considers this a low severity issue. |
| A potential security vulnerability has been identified with a version of the HP Softpaq installer that can lead to arbitrary code execution. |
| In WhatsUp Gold versions released before 2024.0.2, an attacker can gain access to the WhatsUp Gold server via the public API. |
| Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability |
| .NET Framework Information Disclosure Vulnerability |
| Windows Graphics Component Elevation of Privilege Vulnerability |
| Win32k Elevation of Privilege Vulnerability |
| Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability |
| Web Account Manager Information Disclosure Vulnerability |
| Windows Server Service Elevation of Privilege Vulnerability |
| Windows Security Support Provider Interface Information Disclosure Vulnerability |
| Active Directory Domain Services Elevation of Privilege Vulnerability |
| Windows Secure Channel Denial of Service Vulnerability |
| Microsoft ODBC Driver Remote Code Execution Vulnerability |
| Windows Kernel Elevation of Privilege Vulnerability |
