CVE-2025-54110 Windows Kernel Elevation of Privilege Vulnerability

...

CVE-2025-54110

CVE-2025-54110 concerns a Windows Kernel integer overflow in NtQueryDirectoryObject that could enable local privilege escalation. Connected PoCs describe a kernel-EoP flow via crafted inputs, thresholds (e.g., 0xFFFFFDBC) and direct memory handling, but reports assert exploitation yields only STA...

Windows Kernel-Mode Driver Information Disclosure Vulnerability

Exposure of sensitive information to an unauthorized actor in Windows Kernel allows an authorized attacker to disclose information locally...

Windows Kernel Memory Information Disclosure Vulnerability

Generation of error message containing sensitive information in Windows Kernel allows an authorized attacker to disclose information locally...

Windows Kernel Elevation of Privilege Vulnerability

Integer overflow or wraparound in Windows Kernel allows an authorized attacker to elevate privileges locally...

PT-2025-36827

Name of the Vulnerable Software and Affected Versions: Windows Kernel affected versions not specified Description: A vulnerability allows attackers to obtain sensitive information and affect the system. An authorized attacker can disclose information locally. Recommendations: At the moment, there...

Microsoft Windows Kernel 信息泄露漏洞

Microsoft Windows Kernel is the kernel of the Windows operating system from Microsoft Corporation USA. An information disclosure vulnerability exists in Microsoft Windows Kernel. An attacker could exploit this vulnerability to obtain sensitive information. The following products and versions are...

KLA87444 Multiple vulnerabilities in Microsoft Windows

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, bypass security restrictions, execute arbitrary code, cause denial of service, obtain sensitive information. Below is a complete list of vulnerabilities: 1. An elevation...

Microsoft Windows Kernel 输入验证错误漏洞

Microsoft Windows Kernel is the kernel of the Windows operating system from Microsoft Corporation USA. An input validation error vulnerability exists in Microsoft Windows Kernel. An attacker can exploit the vulnerability to elevate privileges. The following products and versions are...

PT-2025-36852

Name of the Vulnerable Software and Affected Versions Windows Kernel affected versions not specified Description An integer overflow or wraparound condition exists in the Windows Kernel. Successful exploitation of this issue could allow an authorized attacker to elevate privileges locally. The...

PT-2025-36826

Name of the Vulnerable Software and Affected Versions: Windows Kernel affected versions not specified Description: A vulnerability allows attackers to obtain sensitive information and affect the system. The Windows Kernel generates error messages containing sensitive information, potentially...

PT-2025-36885

Name of the Vulnerable Software and Affected Versions: Windows Win32K - GRFX affected versions not specified Description: A race condition exists due to improper synchronization when handling concurrent execution using a shared resource within Windows Win32K - GRFX. This allows an authorized...

Microsoft Windows Kernel 安全漏洞

Microsoft Windows Kernel is the kernel of the Windows operating system by Microsoft Corporation USA. A security vulnerability exists in Microsoft Windows Kernel. An attacker exploiting this vulnerability could gain access to sensitive information. The following products and versions are...

KLA87445 Multiple vulnerabilities in Microsoft Products (ESU)

Multiple vulnerabilities were found in Microsoft Products Extended Security Update. Malicious users can exploit these vulnerabilities to gain privileges, bypass security restrictions, execute arbitrary code, cause denial of service, obtain sensitive information. Below is a complete list of...

awesome-windows-exploitation

This is a curated list of Windows Exploitation resources and tools. The list is organized by category, including Windows stack overflows, Windows heap overflows, kernel-based Windows overflows, Windows kernel memory corruption, return-oriented programming, Windows memory protections, bypassing...

May 13, 2025—KB5058392 (OS Build 17763.7314)

May 13, 2025—KB5058392 OS Build 17763.7314 Support for Windows 10 has ended on October 14, 2025 After October 14, 2025, Microsoft will no longer provide free software updates from Windows Update, technical assistance, or security fixes for Windows 10. Your PC will still work, but we recommend...

PT-2025-34070 · Undefined · Undefined

🔥 Critical & High-Severity CVEs 1. CVE-2025-27461 — Ivanti Connect Secure / Policy Secure Auth Bypass → RCE Severity: Critical 9.8 Vector: Exploitable over the internet; bypasses auth → remote code execution. Why it matters: Actively exploited by ransomware crews; initial access vector. Defender...

PT-2025-34069 · Undefined · Undefined

🔥 Critical & High-Severity CVEs 1. CVE-2025-27461 — Ivanti Connect Secure / Policy Secure Auth Bypass → RCE Severity: Critical 9.8 Vector: Exploitable over the internet; bypasses auth → remote code execution. Why it matters: Actively exploited by ransomware crews; initial access vector. Defender...

Exploit for Double Free in Microsoft

CVE-2025-49667 — Win32k Privilege Escalation Exploit !Explo...

CVE-2025-53136

Exposure of sensitive information to an unauthorized actor in Windows NT OS Kernel allows an authorized attacker to disclose information locally...