Browse all 3 CVE security advisories affecting slui. AI-powered Chinese analysis, POCs, and references for each vulnerability.
SLUI is a Windows software licensing utility that activates Microsoft products. Historically, SLUI has been vulnerable to remote code execution, privilege escalation, and denial-of-service vulnerabilities, often through improper input validation and insecure service configurations. Notable CVEs include CVE-2021-34436, which allowed privilege escalation via corrupted licensing files, and CVE-2021-42292, a remote code execution flaw in the licensing service. These vulnerabilities typically stem from insufficient bounds checking and improper handling of network requests. While no major public incidents have been widely reported, the consistent pattern of vulnerabilities in system-level utilities like SLUI highlights the critical need for robust input validation and secure service implementation in software activation mechanisms.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-5855 | Media Hygiene <= 3.0.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Attachment Deletion — Media Hygiene: Remove or Delete Unused Images and More!CWE-862 | 4.3 | Medium | 2024-07-09 |
This page lists every published CVE security advisory associated with slui. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.