13 matches found
EUVD-2015-0113
Malware in sbrugna...
SUSE CVE-2015-1170
The NVIDIA Display Driver R304 before 309.08, R340 before 341.44, R343 before 345.20, and R346 before 347.52 does not properly validate local client impersonation levels when performing a "kernel administrator check," which allows local users to gain administrator privileges via unspecified API...
January 23, 2020—KB4534324 (Preview of Monthly Rollup)
January 23, 2020—KB4534324 Preview of Monthly Rollup Improvements and fixes This non-security update includes improvements and fixes that were a part of KB4534297released January 14, 2020 and also includes these new quality improvements as a preview of the next Monthly Rollup update: Addresses an...
August 17, 2019—KB4517276 (OS Build 10240.18308)
August 17, 2019—KB4517276 OS Build 10240.18308 For more information about the various types of Windows updates, such as critical, security, driver, service packs, etc., please see the following article. Improvements and fixes This non-security update includes quality improvements. Key changes...
Update for Windows Server 2012 and Windows Embedded 8 Standard: June 21, 2019
Update for Windows Server 2012 and Windows Embedded 8 Standard: June 21, 2019 Summary This update for Windows Server 2012 and Windows Embedded 8 Standard includes the quality improvements from KB4503263 released June 11, 2019, in addition to these key changes: Addresses an issue that may display...
CVE-2018-0902
The Cryptography Next Generation CNG kernel-mode driver cng.sys in Windows 10 Gold, 1511, 1607, 1703, and 1709. Windows Server 2016 and Windows Server, version 1709 allows a security feature bypass vulnerability due to the way the kernel-mode driver validates and enforces impersonation levels, ak...
Microsoft Windows - NtImpersonateAnonymousToken AC to Non-AC Privilege Escalation
Microsoft Windows - NtImpersonateAnonymousToken AC to Non-AC Privilege Escalation Windows: NtImpersonateAnonymousToken AC to Non-AC EoP Platform: Windows 10 1703 and 1709 Class: Elevation of Privilege Summary: The check for an AC token when impersonating the anonymous token doesn’t check...
Microsoft Windows - NtImpersonateAnonymousToken AC to Non-AC Privilege Escalation
Windows: NtImpersonateAnonymousToken AC to Non-AC EoP Platform: Windows 10 1703 and 1709 Class: Elevation of Privilege Summary: The check for an AC token when impersonating the anonymous token doesn’t check impersonation token’s security level leading to impersonating a non-AC anonymous token...
Microsoft Windows 78.12008 R22012 R22016 R2 - EternalBlue SMB Remote Code Execution (MS17-010)
Microsoft Windows 78.12008 R22012 R22016 R2 - EternalBlue SMB Remote Code Execution MS17-010 !/usr/bin/python from impacket import smb, smbconnection from mysmb import MYSMB from struct import pack, unpack, unpackfrom import sys import socket import time ''' MS17-010 exploit for Windows 2000 and...
MS15-015: Vulnerability in Microsoft Windows could allow elevation of privilege: February 10, 2015
MS15-015: Vulnerability in Microsoft Windows could allow elevation of privilege: February 10, 2015 Summary This security update resolves a vulnerability in Microsoft Windows that could allow an attacker to take advantage of the lack of impersonation-level security checks to elevate privileges...
CVE-2015-0075
CVE-2015-0075 is scoped to Windows kernel privilege escalation via improper handling of impersonation levels. Affects Windows XP-era server/desktop SKUs listed in the CVE description (Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1). Root cause: i...
MS15-025: Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (3038680)
The remote Windows host is affected by multiple privilege escalation vulnerabilities : - An elevation of privilege vulnerability exists due to Windows Registry Virtualization improperly allowing a user to modify the virtual store of another user. A local attacker, with a specially crafted...
Microsoft Windows SeAssignPrimaryTokenPrivilege Local Elevation of Privilege Vulnerability
Microsoft Windows is a popular operating system. Microsoft Windows fails to properly verify and enforce the Impersonation level, and local users can bypass the Impersonation level security check and elevate privileges using a process that uses SeAssignPrimaryTokenPrivileg...