| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Visual Studio Code Spoofing Vulnerability |
| Windows iSCSI Target Service Information Disclosure Vulnerability |
| Windows Hyper-V Shared Virtual Hard Disks Information Disclosure Vulnerability |
| Microsoft Defender Denial of Service Vulnerability |
| Windows Cluster Shared Volume (CSV) Denial of Service Vulnerability |
| Input verification vulnerability in the compression and decompression module. Impact: Successful exploitation of this vulnerability may affect app data integrity. |
| Permission control vulnerability in the media library module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. |
| Permission control vulnerability in the package management module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. |
| Permission control vulnerability in the window management module. Impact: Successful exploitation of this vulnerability may affect availability. |
| Nextcloud Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. Prior to 1.14.6 and 1.15.2, a bug in the permission logic allowed users with "Can share" permission to modify the permissions of other recipients. This vulnerability is fixed in 1.14.6 and 1.15.2. |
| App lock verification bypass vulnerability in the file management app. Impact: Successful exploitation of this vulnerability may affect service confidentiality. |
| Denial of service (DoS) vulnerability in the office service. Impact: Successful exploitation of this vulnerability may affect availability. |
| Denial of service (DoS) vulnerability in the office service. Impact: Successful exploitation of this vulnerability may affect availability. |
| Denial of service (DoS) vulnerability in the office service. Impact: Successful exploitation of this vulnerability may affect availability. |
| Denial of service (DoS) vulnerability in the office service. Impact: Successful exploitation of this vulnerability may affect availability. |
| In preparePackage of InstallPackageHelper.java, there is a possible way for an app to appear hidden upon installation without a mechanism to uninstall it due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. |
| Inappropriate implementation in WebRTC in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: Low) |
| Improper access control in Galaxy Wearable prior to version 2.2.63.25042861 allows local attackers to access sensitive information. |
| Exposure of Environmental Variables and arbitrary INI file values to an Unauthorized Actor vulnerability in The Document Foundation LibreOffice.
URLs could be constructed which expanded environmental variables or INI file values, so potentially sensitive information could be exfiltrated to a remote server on opening a document containing such links.
This issue affects LibreOffice: from 24.8 before < 24.8.4. |
| Double fetch in sandbox kernel driver in Avast/AVG Antivirus <25.3 on windows allows local attacker to escalate privelages via pool overflow. |
