Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network. A user would need to be tricked into opening a folder that contains a specially crafted file.
A denial of service vulnerability exists in the Local Session Manager (LSM) service when an authenticated attacker connects to the target system and sends specially crafted requests.
The Windows Disk Cleanup tool (cleanmgr.exe) has a DLL side-loading vulnerability. A crafted DLL could be loaded by the Disk Cleanup tool, hijacking its execution path. This could allow an attacker to gain system privileges on a vulnerable system.
Wing FTP Server version 7.4.3 and prior is prone to a remote code execution due to improper handling of null bytes in both the user and admin web interfaces. This flaw allows attackers to execute arbitrary Lua command into session files, which is executed by the server with the privileges of the FTP service.
The vulnerability relates to the use of Windows .URL files to execute a remote binary via a UNC path. When the targeted user opens or previews the .URL file (for example, from an email), the system attempts to access the specified path (for example, a WebDAV or SMB share), resulting in the execution of arbitrary code. Depending on the email client used, the vulnerability could be exploited as zero-click by simply displaying the attachment in the preview window or by clicking on it, or it could be blocked based on the target system's policies.
A vulnerability in the Microsoft Management Console (MMC) allows remote code execution via social engineering. The attack uses malicious HTML content in .msc file via an embedded ActiveX, exploiting the rendering of Windows' internal Internet Explorer. This update removes the one-link tag
A vulnerability in the Microsoft Management Console (MMC) allows remote code execution via social engineering. The attack uses malicious HTML content in .msc file via an embedded ActiveX, exploiting the rendering of Windows' internal Internet Explorer.
External control of file name or path in Windows NTLMv2 allows an unauthorized attacker to perform spoofing over a network.
The IMF ForceDelete Filter Driver (IMFForceDelete.sys) present in IObit Malware Fighter v12.1.0 allows attackers to arbitrarily delete files. This module allows a local unprivileged user to delete an arbitrary file, regardless of the current user privileges.
A XML External Entity vulnerability combined with an authenticated OS command injection in SysAid on-prem allows unauthenticated remote attackers to leak arbitrary files wich may lead to the execution of OS system commands.