Improper control of generation of code ('code injection') in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
An elevation of privilege vulnerability exists due to the Application Identity kernel module allowing untrusted pointer dereference. The vulnerability could allow an attacker to run code with elevated privileges.
CrushFTP, when the DMZ proxy feature is not used, mishandles AS2 validation and consequently allows remote attackers to obtain admin access via HTTPS, as exploited in the wild in July 2025.
A memory corruption vulnerability in the Windows IPv6 stack allows remote Denial of Service via maliciously crafted IPv6 Fragment Header packets, leading to kernel-level compromise. Exploitation requires no authentication or user interaction-attackers need only send specially designed packets to vulnerable hosts. Impacts all Windows versions with IPv6 enabled (default since Windows 10).
CVE-2025-7388 is an OS command injection vulnerability in Progress OpenEdge that allows authenticated remote attackers to execute system commands in the context of NT AUTHORITY/SYSTEM. This module can also use CVE-2024-1403, an authentication bypass vulnerability that allow access to the adminServer classes so can chain it with CVE-2025-7388 OS command injection.
Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network. A user would need to be tricked into opening a folder that contains a specially crafted file.
A denial of service vulnerability exists in the Local Session Manager (LSM) service when an authenticated attacker connects to the target system and sends specially crafted requests.
The Windows Disk Cleanup tool (cleanmgr.exe) has a DLL side-loading vulnerability. A crafted DLL could be loaded by the Disk Cleanup tool, hijacking its execution path. This could allow an attacker to gain system privileges on a vulnerable system.
Wing FTP Server version 7.4.3 and prior is prone to a remote code execution due to improper handling of null bytes in both the user and admin web interfaces. This flaw allows attackers to execute arbitrary Lua command into session files, which is executed by the server with the privileges of the FTP service.
This module exploits a privilege escalation vulnerability in the way sudo handles the chroot parameter.