CVE-2016-0036

The Remote Desktop Protocol RDP implementation in Microsoft Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 allows remote authenticated users to execute arbitrary code via crafted data, aka "Remote Desktop Protocol RDP Elevation of Privilege Vulnerability."...

CURL-CVE-2016-0754 remote filename path traversal in curl tool for Windows

curl does not sanitize colons in a remote filename that is used as the local filename. This may lead to a vulnerability on systems where the colon is a special path character. Currently Windows is the only OS where this vulnerability applies. curl offers command line options --remote-name also...

The vulnerability of the Windows operating system, which allows a hacker to increase their privileges

The vulnerability of the Windows operating system’s RPC implementation is related to deficiencies in access control for certain functions. Exploiting this vulnerability can allow a local attacker to enhance their privileges by using a specially crafted application...

The vulnerability of the Windows operating system, which allows a hacker to increase their privileges

The vulnerability of the LoadLibrary function in Windows operating systems is due to unreliable searching mechanisms. Exploiting this vulnerability can allow an attacker, operating locally, to increase their privileges...

The vulnerability of the Windows operating system, which allows a perpetrator to gain access to protected information

The vulnerability of the win32k.sys driver in the Windows operating system is related to the lack of protection for service data. Exploiting this vulnerability can allow a local attacker to gain access to protected information through a specially crafted application...

The vulnerability of the Windows operating system, which allows a hacker to gain access to user accounts

The vulnerability of the Netlogon service in the Windows operating system is related to the lack of protection for service data. Exploiting this vulnerability can allow an attacker to gain access to user accounts due to configuration errors in the domain controller...

The vulnerability of the Windows operating system, which allows a hacker to bypass the ASLR protection mechanism

The vulnerability of graphical device interfaces in the Windows operating system is related to the lack of protection for service data. Exploiting this vulnerability allows a malicious actor to bypass the ASLR protection mechanism...

The vulnerability of the Windows operating system, which allows a hacker to increase their privileges

The vulnerability of the Windows operating system application implementation is related to the incorrect use of retry points. Exploiting this vulnerability allows a local attacker to enhance their privileges through a specially created application...

The vulnerability of the Windows operating system, which allows a perpetrator to gain access to protected information

The vulnerability of the Windows operating system in the XML Core Services component, related to the ability to access data during document type declarations, allows attackers to gain access to sensitive user data such as names, passwords, or files on the hard drive...

The vulnerability of the Windows operating system, which allows a perpetrator to increase their privileges or cause service failures

The vulnerability of the Windows operating system is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker, operating locally, to increase their privileges or cause service failures by using a special application known as “Win32k Null Pointer...

The vulnerability of the Windows operating system allows a remote attacker to execute arbitrary code with privileges of the current user.

The Windows operating system contains a vulnerability related to the incorrect processing of specially crafted graphic files in the EMF format. Exploiting this vulnerability can allow an unauthorized intruder to execute arbitrary code with privileges of the current user...

The vulnerability of the Windows operating system, which allows a perpetrator to increase their privileges or cause a service failure (memory corruption).

The vulnerability of the Win32k.sys subsystem in the Windows operating system is related to resource management errors. Exploiting this vulnerability can allow an attacker to increase their privileges or cause a service failure memory corruption by using a specially crafted application...

The vulnerability of the Windows operating system allows a perpetrator to execute arbitrary code or cause malfunctions in the host operating system.

The vulnerability of the Hyper-V service in the Windows operating system arises due to an overflow in the buffer of dynamic memory. Exploiting this vulnerability allows a local attacker to execute arbitrary code or cause a failure in the host operating system by elevating the privileges of the ho...

The vulnerability of the Windows operating system, which allows a perpetrator to gain access to protected information

The vulnerability of the Schannel component in the Windows operating system exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain access to protected information through an X.509 protocol error-based...

Vulnerability of the Windows operating system, allowing a perpetrator to execute arbitrary code

The vulnerability of the Windows operating system’s DNS server relates to the use of memory after it is freed. Exploiting this vulnerability allows a malicious actor to execute arbitrary code through specially crafted requests from a remote location...

The vulnerability of the Windows operating system, which allows a hacker to increase their privileges

The vulnerability of the Windows operating system’s kernel is related to the handling of objects in memory. Exploiting this vulnerability can allow a local attacker to increase their privileges through a specially created application...

CVE-2016-0015

DirectShow in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted file, aka "DirectShow Heap Corruption Remote Code...

CVE-2016-0014

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandle DLL loading, which allows local users to gain privileges via a crafted application, aka "DLL...

Microsoft Windows DLL Load Privilege Elevation Vulnerability

Microsoft Windows is a series of operating systems released by the American company Microsoft. An elevation of privilege vulnerability exists in Microsoft Windows. Due to the program failing to properly validate input before loading a dynamic link library DLL file. A local attacker could exploit...

Microsoft Internet Explorer Memory Corruption Vulnerability (CNVD-2015-08061)

Microsoft Internet Explorer IE is a Web browser developed by the American company Microsoft and is the default browser that comes with the Windows operating system. A memory corruption vulnerability exists when Microsoft IE versions 8 through 11 do not properly access objects in memory. An attack...