Microsoft Windows Common Log File System Driver Security Vulnerability

The Microsoft Windows Common Log File System Driver is Microsoft's Common Log File System CLFS API that provides a high-performance, general-purpose log file subsystem that can be used by specialized client applications and shared by multiple clients to optimize logging and access. access. A...

PT-2023-4368 · Microsoft · Message Queuing +1

Name of the Vulnerable Software and Affected Versions: Microsoft Message Queuing MSMQ affected versions not specified Description: The issue is related to incorrect cleanup or release of resources in the Windows operating system's message queuing component. This can be exploited by a remote...

The vulnerability of the Local Security Authority (LSA) service in the Windows operating system allows a perpetrator to trigger a service failure.

The vulnerability of the Local Security Authority LSA service in the Microsoft Windows operating system is related to insufficient input validation. Exploiting this vulnerability can allow a malicious actor to trigger a service failure through a specially crafted request...

The vulnerability of the linking technology and its implementation of objects within other documents and OLE objects of the Windows operating system allows a perpetrator to perform a denial-of-service attack.

The vulnerability of the object linking and embedding technology in other documents and objects within the OLE object system of the Windows operating system is related to insufficient validation of input data. Exploiting this vulnerability can allow attackers to perform unauthorized access attemp...

The vulnerability of the DNS Server component of the Windows operating system, which allows a hacker to execute arbitrary code.

The vulnerability of the DNS Server component of the Windows operating system is related to synchronization errors when using a shared resource. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the Remote Desktop Client on the Microsoft Windows operating system allows attackers to circumvent existing security restrictions.

The vulnerability of the Remote Desktop Client on the Microsoft Windows operating system relates to security configuration errors. Exploiting this vulnerability can allow a malicious actor to circumvent existing security restrictions remotely...

The vulnerability of the DNS Server component of the Windows operating system, which allows a hacker to execute arbitrary code.

The vulnerability of the DNS Server component of the Windows operating system is related to synchronization errors when using a shared resource. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

Software driver for D-Link Wi-Fi USB Adapter vulnerable to service path privilege escalation

Overview The software driver for D-Link DWA-117 AC600 MU-MIMO Wi-Fi USB Adapter contains a unquoted service path privilege escalation vulnerability. In certain conditions, this flaw can lead to a local privilege escalation. Description D-Link DWA-117 AC600 MU-MIMO is a Wi-Fi USB Adapter that...

Beyond File Search: A Novel Method

Beyond File Search: A Novel Method for Exploiting the "search-ms" URI Protocol Handler By Mathanraj Thangaraju and Sijo Jacob · July 26, 2023 Threat Summary In the ever-evolving landscape of cyber threats, malware authors continuously explore new avenues to exploit unsuspecting users. The Windows...

The vulnerability of the PostScript Printer Driver (Pscript) and PCL6 Class Printer drivers for Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the PostScript Printer Driver PScript and PCL6 Class Printer operating systems for Windows is related to insufficient validation of input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the MSHTML platform in Windows operating systems allows attackers to circumvent security restrictions.

The vulnerability of the MSHTML platform in Windows operating systems is related to security configuration errors. Exploiting this vulnerability can allow a malicious actor to bypass security restrictions remotely...

The vulnerability of the CNG Key Isolation service in the Windows operating system allows a hacker to gain elevated privileges within the system.

The vulnerability of the CNG Key Isolation service in the Windows operating system is related to the state of the game. Exploiting this vulnerability can allow an attacker to gain elevated privileges within the system...

The vulnerability of the file system driver of the Windows operating system allows a hacker to escalate their privileges.

The vulnerability of the file system driver of the Windows operating system is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker to enhance their privileges...

The vulnerability of the Image component of the Windows operating system, which allows a hacker to increase their privileges

The vulnerability of the Image component in the Windows operating system is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker to enhance their privileges...

The vulnerability of the PostScript Printer Driver (Pscript) and PCL6 Class Printer operating systems for Windows allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the PostScript Printer Driver PScript and PCL6 Class Printer operating systems for Windows is related to the disclosure of information. Exploiting this vulnerability can allow an intruder to gain unauthorized access to protected information...

The vulnerability in the implementation of the Peer Name Resolution protocol in the Windows operating system allows a perpetrator to carry out a DoS attack.

The vulnerability of the Windows operating system’s Peer Name Resolution protocol is related to insufficient validation of input data. Exploiting this vulnerability allows a remote attacker to execute a DoS Denial-of-Service attack...

The vulnerability of the Microsoft Message Queuing (MSMQ) queue service on Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the Microsoft Message Queuing MSMQ service on Windows operating systems is related to insufficient input validation. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

The vulnerability of the MSHTML platform in Microsoft Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the MSHTML platform in Microsoft Windows operating systems is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

The vulnerability of the Windows Installer installer on Windows operating systems allows a hacker to gain elevated privileges within the system.

The vulnerability of the Windows Installer installer on Windows operating systems is related to synchronization errors when using a common resource. Exploiting this vulnerability can allow an attacker to increase their privileges within the system...

The vulnerability of the Remote Procedure Call (RPC) technology in Windows operating systems allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Remote Procedure Call RPC technology in Windows operating systems relates to operations that go beyond buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...