200 matches found
CVE-2026-40397
Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally...
Microsoft Windows Common Log File System Driver 数字错误漏洞
The Microsoft Windows Common Log File System Driver is a high-performance, general-purpose log file system API provided by Microsoft. It allows specialized client applications to utilize this subsystem, enabling multiple clients to share it for optimized log access. The Microsoft Windows Common L...
Exploit for Out-of-bounds Read in Microsoft
!CVEhttps://img.shields.io/badge/CVE-2025--60709-FF0000?styl...
CVE-2026-2636
This vulnerability is caused by a CWE‑159: "Improper Handling of Invalid Use of Special Elements" weakness, which leads to an unrecoverable inconsistency in the CLFS.sys driver. This condition forces a call to the KeBugCheckEx function, allowing an unprivileged user to trigger a system crash...
CVE-2026-2636 Denial of Service in Microsoft OS
This vulnerability is caused by a CWE‑159: "Improper Handling of Invalid Use of Special Elements" weakness, which leads to an unrecoverable inconsistency in the CLFS.sys driver. This condition forces a call to the KeBugCheckEx function, allowing an unprivileged user to trigger a system crash...
CVE-2026-2636 Denial of Service in Microsoft OS
This vulnerability is caused by a CWE‑159: "Improper Handling of Invalid Use of Special Elements" weakness, which leads to an unrecoverable inconsistency in the CLFS.sys driver. This condition forces a call to the KeBugCheckEx function, allowing an unprivileged user to trigger a system crash...
PT-2026-21986
Name of the Vulnerable Software and Affected Versions Windows versions prior to September 2025 cumulative update for Windows 11 2024 LTSC and Windows Server 2025 Windows 11 23H2 and earlier Description The issue is caused by improper handling of invalid use of special elements within the CLFS.sys...
EUVD-2016-4367
Malware in sbrugna...
EUVD-2017-17573
Malware in sbrugna...
EUVD-2020-2151
Malware in sbrugna...
Dissecting PipeMagic: Inside the architecture of a modular backdoor framework
Among the plethora of advanced attacker tools that exemplify how threat actors continuously evolve their tactics, techniques, and procedures TTPs to evade detection and maximize impact, PipeMagic, a highly modular backdoor used by Storm-2460 masquerading as a legitimate open-source ChatGPT Deskto...
Exploit for Use After Free in Microsoft
🚨 CVE-2025-29824 Exploit: PipeMagic Ransomware Chain 📌 Critical...
VulnCheck KEV: CVE-2025-32706
Microsoft Windows Common Log File System CLFS Driver contains a heap-based buffer overflow vulnerability that allows an authorized attacker to elevate privileges locally...
Microsoft Windows Common Log File System (CLFS) Driver Heap-Based Buffer Overflow Vulnerability
Microsoft Windows Common Log File System CLFS Driver contains a heap-based buffer overflow vulnerability that allows an authorized attacker to elevate privileges locally...
Microsoft Windows Common Log File System (CLFS) Driver Use-After-Free Vulnerability
Microsoft Windows Common Log File System CLFS Driver contains a use-after-free vulnerability that allows an authorized attacker to elevate privileges locally...
Patch Tuesday - April 2025
Microsoft is addressing 121 vulnerabilities this April 2025 Patch Tuesday, which is more than twice as many as last month. Microsoft has evidence of in-the-wild exploitation for just one of the vulnerabilities published today, which is already reflected in CISA KEV. Once again, Microsoft has...
Exploit for Heap-based Buffer Overflow in Microsoft
CVE-2024-49138-POC Proof of Concept that exploits CVE-2024-4...
Microsoft Fixes 72 Flaws, Including Patch for Actively Exploited CLFS Vulnerability
Microsoft closed out its Patch Tuesday updates for 2024 with fixes for a total of 72 security flaws spanning its software portfolio, including one that it said has been exploited in the wild. Of the 72 flaws, 17 are rated Critical, 54 are rated Important, and one is rated Moderate in severity...
Patch Tuesday, December 2024 Edition
Microsoft today released updates to plug at least 70 security holes in Windows and Windows software, including one vulnerability that is already being exploited in active attacks. The zero-day seeing exploitation involves CVE-2024-49138, a security weakness in the Windows Common Log File System...
Patch Tuesday - December 2024
Microsoft is addressing 70 vulnerabilities this December 2024 Patch Tuesday. Microsoft has evidence of in-the-wild exploitation and public disclosure for one of the vulnerabilities published today, and this is reflected in a CISA KEV entry. For the third month in a row, Microsoft has published...