4562 matches found
CVE-2022-35803
Windows Common Log File System Driver Elevation of Privilege Vulnerability...
CVE-2022-35803
Windows Common Log File System Driver Elevation of Privilege Vulnerability...
CVE-2022-35803
Windows Common Log File System Driver Elevation of Privilege Vulnerability...
CVE-2022-37969 Windows Common Log File System Driver Elevation of Privilege Vulnerability
...
CVE-2022-37969 Windows Common Log File System Driver Elevation of Privilege Vulnerability
...
CVE-2022-37969
CVE-2022-37969 is a local privilege escalation in Windows CLFS (clfs.sys). The provided connected exploit discussion describes an out-of-bounds/memory-spraying chain that corrupts CLFS kernel structures (notably pContainer in a CLFS container) via crafted .blf files and memory spraying, enabling ...
CVE-2022-35803 Windows Common Log File System Driver Elevation of Privilege Vulnerability
...
CVE-2022-35803
CVE-2022-35803 affects the Windows Common Log File System Driver. The vulnerability is a local elevation-of-privilege in CLFS that could allow an attacker with low privileges to gain SYSTEM-level access, with impact to confidentiality, integrity, and availability rated high. The entry notes a CVS...
Windows Common Log File System Driver Elevation of Privilege Vulnerability
...
VulnCheck KEV: CVE-2022-37969
Microsoft Windows Common Log File System CLFS driver contains an unspecified vulnerability that allows for privilege escalation...
PT-2022-5571 · Microsoft · Windows
Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to a buffer overflow in memory in the Windows Common Log File System Driver, which can allow an attacker to execute arbitrary code with system privileges. It is a...
CVE-2022-37969
Windows Common Log File System Driver Elevation of Privilege Vulnerability Recent assessments: cbeek-r7 at November 22, 2024 9:17am UTC reported: The vulnerability arises due to insufficient input validation in the CLFS driver. Specifically, CLFS mishandles certain crafted input, allowing an...
Microsoft Windows Common Log File System Driver 缓冲区错误漏洞
The Microsoft Windows Common Log File System Driver is Microsoft's Common Log File System CLFS API that provides a high-performance, general-purpose log file subsystem that can be used by specialized client applications and shared by multiple clients to optimize logging and access. access. A...
PT-2022-4788 · Microsoft · Windows Common Log File System Driver +1
Name of the Vulnerable Software and Affected Versions: Windows Common Log File System Driver versions prior to 10.0.10240.19444 Windows Common Log File System Driver versions prior to 10.0.14393.5356 Windows Common Log File System Driver versions prior to the fixed version Description: The issue ...
KLA19245 Multiple vulnerabilities in Microsoft Windows
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, cause denial of service, obtain sensitive information, bypass security restrictions. Below is a complete list of vulnerabilities: 1. A remote cod...
ovirt-log-collector: RHVM admin password is logged unfiltered
A flaw was found in the ovirt-log-collector, which led to the logging of plaintext passwords in the log file. This flaw allows an attacker with sufficient privileges to read the log file, leading to a loss of confidentiality...
CVE-2022-2438
The Broken Link Checker plugin for WordPress is vulnerable to deserialization of untrusted input via the '$logfile' value in versions up to, and including 1.11.16. This makes it possible for authenticated attackers with administrative privileges and above to call files using a PHAR wrapper that...
PT-2022-4704 · Cognex · Cognex 3D-A1000 Dimensioning System
Name of the Vulnerable Software and Affected Versions: Cognex 3D-A1000 Dimensioning System versions 1.0.3 3354 and prior Description: The issue is related to improper output neutralization for logs, which can be exploited by a remote attacker to create arbitrary log files. This can lead to the...
PT-2022-16657 · WordPress · Broken Link Checker
Name of the Vulnerable Software and Affected Versions: Broken Link Checker plugin for WordPress versions up to, and including 1.11.16 Description: The Broken Link Checker plugin for WordPress is vulnerable to deserialization of untrusted input via the $log file value. This allows authenticated...
PT-2022-22148 · Dell · Dell Powerscale Onefs
Name of the Vulnerable Software and Affected Versions: Dell PowerScale OneFS versions 9.0.0 up to and including 9.1.0.20 Dell PowerScale OneFS version 9.2.1.13 Dell PowerScale OneFS version 9.3.0.6 Dell PowerScale OneFS version 9.4.0.3 Description: The issue concerns the insertion of sensitive...