IBM DB2 Buffer Error Vulnerability

IBM DB2 is a set of relational database management system from IBM in the United States. The main execution environments for this system are UNIX, Linux, IBMi, z/OS, and Windows server versions. A buffer overflow vulnerability exists in db2pdcfg in IBM Db2, which stems from the program's failure ...

Microsoft Windows 10.0.17134.648 - HTTP - SMB NTLM Reflection Leads to Privilege Elevation

Microsoft Windows 10.0.17134.648 - HTTP - SMB NTLM Reflection Leads to Privilege Elevation VULNERABILITY DETAILS It's possible to use the NTLM reflection attack to escape a browser sandbox in the case where the sandboxed process is allowed to create TCP sockets. In particular, I was able to combi...

The vulnerability of the Windows Operating System’s User Profile Service allows attackers to escalate their privileges.

The vulnerability of the User Profile Service ProfSvc in Windows operating systems is related to deficiencies in handling symbolic links. Exploiting this vulnerability can allow an attacker to increase their privileges...

Microsoft win32k Privilege Vulnerability

Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation, U.S.A. Microsoft Windows is a set of operating systems for use on personal devices.Microsoft Windows Server is a set of server operating systems. win32k is the kernel part of one of the Windows subsystems, ...

Microsoft Windows power lifting vulnerability (CNVD-2019-22218)

Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation.Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system. An elevation of privilege vulnerability exists in Microsoft Windows that stems from a...

The vulnerability of the Netlogon service in the Windows operating system allows a hacker to circumvent existing security restrictions.

The vulnerability of the Netlogon service in the Windows operating system is related to security configuration errors. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions through a specially crafted request...

The vulnerability of the DirectX component of the Windows operating system, which allows a hacker to execute arbitrary code in kernel mode

The vulnerability of the DirectX component of the Windows operating system is related to errors in object handling in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code in kernel mode using a specially created program...

The vulnerability of the Hyper-V hardware virtualization system in the Windows operating system allows a hacker to execute arbitrary code in the host operating system.

The vulnerability of the Hyper-V hardware virtualization technology in the Windows operating system exists due to insufficient verification of input data on the host server. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the host operating system using a...

The vulnerability of the Hyper-V hardware virtualization system in the Windows operating system allows a hacker to trigger a service failure.

The vulnerability of the Hyper-V hardware virtualization system in the Windows operating system exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service interruptions through a specially created application...

The vulnerability of the Hyper-V hardware virtualization system in the Windows operating system allows a hacker to trigger a service failure.

The vulnerability of the Hyper-V hardware virtualization system in the Windows operating system exists due to insufficient verification of input data on the host server. Exploiting this vulnerability can allow a malicious actor to cause service failures through a specially created application...

The vulnerability of the Win32k component of the Windows operating system allows a hacker to increase their privileges and execute arbitrary code in kernel mode.

The vulnerability of the Win32k component of the Windows operating system is related to errors in memory object handling. Exploiting this vulnerability can allow an attacker to enhance their privileges and execute arbitrary code in kernel mode through a specially created application...

The vulnerability of Microsoft Hyper-V hardware virtualization system in the Windows operating system allows a hacker to execute arbitrary code.

The vulnerability of Microsoft Hyper-V hardware virtualization technology in the Windows operating system is related to errors during the validation of input data on the host server. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially created...

Design/Logic Flaw

A vulnerability in the exacqVision Enterprise System Manager ESM v5.12.2 application whereby unauthorized privilege escalation can potentially be achieved. This vulnerability impacts exacqVision ESM v5.12.2 and all prior versions of ESM running on a Windows operating system. This issue does not...

The vulnerability of the Windows GDI interface on Windows operating systems allows attackers to disclose protected information.

The vulnerability of Windows GDI graphical device interfaces on Windows operating systems is related to errors in object handling in memory. Exploiting this vulnerability can allow a remote attacker to disclose sensitive information through a specially crafted document or web page...

The vulnerability of the Win32k component of the Windows operating system, which allows a hacker to execute arbitrary code in kernel mode

The vulnerability of the Win32k component of the Windows operating system is related to deficiencies in access control. Exploiting this vulnerability allows an attacker to execute arbitrary code in kernel mode using a specially created application...

The vulnerability of the Jet Database Engine component of the Windows operating system, which allows a hacker to execute arbitrary code.

The vulnerability of the Jet Database Engine component of the Windows operating system arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created file...

The vulnerability of the GDI component in Windows operating systems allows a perpetrator to execute arbitrary code.

The vulnerability of the Jet Database Engine database management system for Windows operating systems relates to operations that go beyond the buffer in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

Vulnerability of the Jet Database Engine component of the Windows operating system, allowing attackers to execute arbitrary code

The vulnerability of the Jet Database Engine component of the Windows operating system arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created file...

The vulnerability of the Kerberos protocol for Windows operating systems is related to authentication mechanism errors, which allow attackers to escalate their privileges.

The vulnerability of the Kerberos protocol for Windows operating systems is related to errors in the authentication mechanism. Exploiting this vulnerability can allow attackers to enhance their privileges...

Microsoft Windows Hyper-V Remote Code Execution Vulnerability (CNVD-2019-38767)

Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation, U.S.A. Microsoft Windows is a set of operating systems for personal devices.Microsoft Windows Server is a set of server operating systems. Windows Hyper-V is one of the virtualization products that supports...