1559 matches found
Researcher Drops New Windows Zero-Day PoC Hours After Microsoft Patch Tuesday
Security researcher Chaotic Eclipse aka Nightmare-Eclipse has released a new proof-of-concept PoC exploit called LegacyHive. It has been described as a Windows User Profile Service arbitrary hive load elevation of privileges vulnerability. The Windows User Profile Service, also referred to as...
microsoft windows bitlocker 权限许可和访问控制问题漏洞
Microsoft Windows BitLocker is a security feature provided by Microsoft that ensures the recovery key is backed up and secure before it is activated. There is an access control vulnerability in Microsoft Windows BitLocker. Attackers can exploit this vulnerability to bypass certain features. The...
Microsoft Windows Universal Plug and Play 资源管理错误漏洞
Microsoft Windows is an operating system used by personal devices by the American company Microsoft. There are resource management vulnerabilities in Microsoft Windows. The following products and versions are affected: Windows Server 2025 Server Core installation, Windows 11 Version 25H2 for...
microsoft windows common log file system driver 资源管理错误漏洞
The Microsoft Windows Common Log File System Driver provides a high-performance, general-purpose log file subsystem. Dedicated client applications can utilize this subsystem, and multiple clients can share it to optimize log access. The Microsoft Windows Common Log File System Driver has a resour...
Microsoft Remote Desktop Client 缓冲区错误漏洞
Microsoft Remote Desktop Client is a remote desktop client developed by Microsoft Corporation. There are security vulnerabilities in Microsoft Remote Desktop Client. Attackers can exploit these vulnerabilities to execute code. The following products and versions are affected: Windows 10 Version...
Microsoft Windows Push Notifications 竞争条件问题漏洞
Microsoft Windows Push Notifications is a push notification service provided by the American company Microsoft. It provides a reliable way to deliver new updates. There are compatibility issues with Microsoft Windows Push Notifications. The following products and versions are affected: Windows...
Microsoft Remote Desktop Client 资源管理错误漏洞
Microsoft Remote Desktop Client is a remote desktop client developed by Microsoft Corporation. There is a resource management vulnerability in Microsoft Remote Desktop Client. Attackers can exploit this vulnerability to execute code. The following products and versions are affected: Windows App...
Microsoft Windows NT OS Kernel 缓冲区错误漏洞
The Microsoft Windows NT OS Kernel is the core of the Windows operating system developed by Microsoft Corporation. It is responsible for managing system resources, providing hardware abstraction, and ensuring system security and stability. There are security vulnerabilities in the Microsoft Windo...
Microsoft BitLocker 授权问题漏洞
Microsoft Windows BitLocker is a security feature provided by Microsoft that ensures the recovery key is backed up and secure before it is activated. There is an access control vulnerability in Microsoft Windows BitLocker. Attackers can exploit this vulnerability to bypass certain features. The...
Microsoft HTTP.sys 资源管理错误漏洞
Microsoft HTTP.SYS is an HTTP application protocol developed by Microsoft Corporation. There is a resource management vulnerability in Microsoft HTTP.SYS. Attackers can exploit this vulnerability to cause a denial-of-service attack on the system. The following products and versions are affected:...
Microsoft Windows Media Center 缓冲区错误漏洞
Microsoft Windows Media is a series of media playback and management software developed by the American company Microsoft. There are security vulnerabilities in Microsoft Windows Media. Attackers can exploit these vulnerabilities to execute code. The following products and versions are affected:...
Microsoft Windows Boot Manager 处理逻辑错误漏洞
Microsoft Windows Boot Manager is a UEFI application provided by Microsoft Corporation, used to configure the boot environment. There are security vulnerabilities in Microsoft Windows Boot Manager. Attackers can exploit these vulnerabilities to bypass certain functions. The following products and...
Microsoft Windows Secure Boot 权限许可和访问控制问题漏洞
Microsoft Windows Secure Boot is a security boot feature provided by the American company Microsoft. There is an access control error vulnerability in Microsoft Windows Secure Boot. Attackers can exploit this vulnerability to bypass certain features. The following products and versions are...
Microsoft Windows Internet (wininet.dll) 数字错误漏洞
Microsoft Windows is an operating system used by personal devices by the American company Microsoft. There is a vulnerability in Microsoft Windows Internet wininet.dll related to input validation errors. Attackers can exploit this vulnerability to gain higher privileges. The following products an...
Microsoft Windows DHCP Server 缓冲区错误漏洞
Microsoft Windows DHCP Server is a core service of the American company Microsoft, used for automatically retrieving network configuration information. There are security vulnerabilities in Microsoft Windows DHCP Server. Attackers can exploit these vulnerabilities to execute code. The following...
Microsoft Windows Kernel 资源管理错误漏洞
The Microsoft Windows Kernel is the kernel of the Windows operating system developed by Microsoft Corporation. There is a resource management vulnerability in the Microsoft Windows Kernel. Attackers can exploit this vulnerability to gain higher privileges. The following products and versions are...
Microsoft Function Discovery Service (fdwsd.dll) 竞争条件问题漏洞
The Microsoft Function Discovery Service is a background service provided by Microsoft Corporation. There are competition-related vulnerabilities in the Microsoft Function Discovery Service fdwsd.dll. The following products and versions are affected: Windows 11 Version 26H1 for ARM64-based System...
Microsoft Kinect 权限许可和访问控制问题漏洞
The Microsoft Kinect is a motion input device developed by Microsoft Corporation. The Microsoft Kinect has an access control vulnerability. Attackers can exploit this vulnerability to gain higher privileges. The following products and versions are affected: Windows Server 2025, Windows 10 Version...
Microsoft HTTP.sys 缓冲区错误漏洞
Microsoft HTTP.SYS is an HTTP application protocol developed by Microsoft Corporation. There are security vulnerabilities in Microsoft HTTP.SYS. Attackers can exploit these vulnerabilities to execute code. The following products and versions are affected: Windows 10 Version 1809 for 32-bit system...
Microsoft Windows Secure Boot 处理逻辑错误漏洞
Microsoft Windows Secure Boot is a security boot mechanism developed by Microsoft Corporation. There are security vulnerabilities associated with Microsoft Windows Secure Boot. Attackers can exploit these vulnerabilities to bypass certain features. The following products and versions are affected...