Microsoft Windows Redirected Drive Buffering 信息泄露漏洞

Microsoft Windows Redirected Drive Buffering is a Redirected Drive Buffering Subsystem RDBSS from Microsoft Corporation USA provided as the kernel-mode file system driver rdbss.sys, which is included in the operating system, and as the static library rdbsslib.lib provided as the kernel-mode file...

Microsoft Windows Redirected Drive Buffering 权限许可和访问控制问题漏洞

Microsoft Windows Redirected Drive Buffering is a Redirected Drive Buffering Subsystem RDBSS from Microsoft Corporation USA provided as the kernel-mode file system driver rdbss.sys, which is included in the operating system, and as the static library rdbsslib.lib provided as the kernel-mode file...

PT-2021-6329 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to insufficient access control in the Win32k component of the Windows operating system. It allows an attacker to elevate their privileges. Recommendations: At the momen...

The vulnerability in the implementation of the user account profile picture service, User Profile Service (ProfSvc) of the Windows User Profile Service, on Microsoft Windows operating systems, allows a perpetrator to escalate their privileges.

The vulnerability of the User Account Profile Picture implementation in the Windows User Profile Service ProfSvc on Microsoft Windows operating systems is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to increase their privileges...

The vulnerability of the MSHTML platform on Microsoft Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the MSHTML platform in Microsoft Windows operating systems is related to improper code generation management. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using a specially created file...

Microsoft Windows 信息泄露漏洞

Microsoft Windows is a suite of operating systems used by Microsoft Corporation USA for personal devices. An information disclosure vulnerability exists in Microsoft Windows Services for NFS ONCRPC XDR Driver. The following products and versions are affected:Windows 10 Version 1809 for 32-bit...

The vulnerability of the Compositing component in the Google Chrome web browser for Windows operating systems allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Compositing component in the Google Chrome web browser for Windows operating systems is related to improperly implemented security checks for standard elements. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information throug...

New PetitPotam NTLM Relay Attack Lets Hackers Take Over Windows Domains

A newly uncovered security flaw in the Windows operating system can be exploited to coerce remote Windows servers, including Domain Controllers, to authenticate with a malicious destination, thereby allowing an adversary to stage an NTLM relay attack and completely take over a Windows domain. The...

Nvidia GPU Display Driver 后置链接漏洞

Nvidia GPU Display Driver is a driver software from Nvidia, Inc. that is used for interactive support of graphics card display modules in operating systems. The Nvidia GPU Display Driver suffers from a backlink vulnerability that stems from the product's mishandling of hard links, which could all...

Microsoft Office security feature bypass vulnerability

Microsoft Office is a suite of office software developed by Microsoft Corporation based on the Windows operating system.Microsoft Office suffers from a security feature bypass vulnerability. An attacker can exploit this vulnerability to perform certain illegal operations...

CVE-2021-34446

Windows HTML Platforms Security Feature Bypass Vulnerability...

CVE-2021-33772

Windows TCP/IP Driver Denial of Service Vulnerability...

CVE-2021-22000

VMware Thinapp version 5.x prior to 5.2.10 contain a DLL hijacking vulnerability due to insecure loading of DLLs. A malicious actor with non-administrative privileges may exploit this vulnerability to elevate privileges to administrator level on the Windows operating system having VMware ThinApp...

Design/Logic Flaw

VMware Thinapp version 5.x prior to 5.2.10 contain a DLL hijacking vulnerability due to insecure loading of DLLs. A malicious actor with non-administrative privileges may exploit this vulnerability to elevate privileges to administrator level on the Windows operating system having VMware ThinApp...

CVE-2021-22000

VMware Thinapp version 5.x prior to 5.2.10 contain a DLL hijacking vulnerability due to insecure loading of DLLs. A malicious actor with non-administrative privileges may exploit this vulnerability to elevate privileges to administrator level on the Windows operating system having VMware ThinApp...

Microsoft Windows Console Driver 权限许可和访问控制问题漏洞

Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation USA, Microsoft Windows is an operating system for personal devices, and Microsoft Windows Server is a server operating system. An elevation of privilege vulnerability exists in the Windows Console Driver in...

Microsoft Win32k 输入验证错误漏洞

Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation USA.Microsoft Windows is a set of operating systems for personal devices.Microsoft Windows Server is a set of server operating systems. An elevation of privilege vulnerability exists in Win32k in Microsoft...

PT-2021-5227 · Microsoft · Windows Remote Access Connection Manager +1

Name of the Vulnerable Software and Affected Versions: Windows Remote Access Connection Manager affected versions not specified Description: The issue is related to information disclosure in the Remote Access Connection Manager RASMan service of the Microsoft Windows operating system. It allows a...

PT-2021-5715 · Microsoft · Windows Dns Server +1

Name of the Vulnerable Software and Affected Versions: Windows DNS Server affected versions not specified Description: The issue is related to incorrect code generation management in the DNS Server component of the Microsoft Windows operating system. It allows a remote attacker to execute arbitra...

PT-2021-5647 · Microsoft · Gdi+ +1

Name of the Vulnerable Software and Affected Versions: Microsoft Windows affected versions not specified Description: The issue is related to insufficient protection of internal data in the GDI+ graphics library of Microsoft Windows operating systems. This can allow an attacker to gain unauthoriz...