Lucene search
K

621 matches found

CVE
CVE
added 2015/09/09 12:0 a.m.1274 views

CVE-2015-2546

CVE-2015-2546 affects the Windows kernel Win32k memory handling (kernel‑mode driver) and enables local privilege escalation via a crafted application on affected Windows versions (Vista SP2 onward, Windows 7 SP1, 8/8.1, 10, Server editions). The root cause is a memory corruption vulnerability in ...

8.2CVSS8.5AI score0.10929EPSS
In wildExploits1References4Affected Software9
Positive Technologies
Positive Technologies
added 2015/09/08 12:0 a.m.4 views

PT-2015-2023 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue exists due to insufficient input validation in the Windows operating system, allowing a local attacker to potentially elevate their privileges using a specially crafted applicatio...

7.2CVSS7AI score0.04206EPSS
Exploits0References12
Symantec
Symantec
added 2015/09/08 12:0 a.m.37 views

Microsoft Windows Kernel Mode Driver CVE-2015-2527 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Avaya Meeting Exchange - Client Registration Server 6.0 Avaya Meeting Exchange -...

7.2CVSS2AI score0.07044EPSS
Exploits1Affected Software8
Symantec
Symantec
added 2015/09/08 12:0 a.m.32 views

Microsoft Windows Kernel Mode Driver CVE-2015-2511 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Avaya Meeting Exchange - Client Registration Server 6.0 Avaya Meeting Exchange -...

7.2CVSS1.7AI score0.04206EPSS
Exploits0Affected Software9
Symantec
Symantec
added 2015/09/08 12:0 a.m.38 views

Microsoft Windows Kernel Mode Driver CVE-2015-2517 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Avaya Meeting Exchange - Client Registration Server 6.0 Avaya Meeting Exchange -...

7.2CVSS1.7AI score0.0419EPSS
Exploits0Affected Software9
Kaspersky
Kaspersky
added 2015/09/08 12:0 a.m.159 views

KLA10656 Multiple vulnerabilities in Microsoft Windows

Multiple serious vulnerabilities have been found in Microsoft Windows and related products. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, gain privileges or execute arbitrary code. Below is a complete list of vulnerabilities 1. Imprope...

9.3CVSS9.4AI score0.71044EPSS
Exploits21References60
VulnCheck KEV
VulnCheck KEV
added 2015/09/08 12:0 a.m.8 views

VulnCheck KEV: CVE-2015-2546

The kernel-mode driver in Microsoft Windows OS and Server allows local users to gain privileges via a crafted application...

8.2CVSS7.3AI score0.10929EPSS
Exploits1References1
NVD
NVD
added 2015/08/15 12:59 a.m.22 views

CVE-2015-2454

The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly constrain impersonation levels, which allows local users to gain privileges via a crafte...

2.1CVSS6.3AI score0.02097EPSS
Exploits0References2
Prion
Prion
added 2015/08/15 12:59 a.m.19 views

Security feature bypass

The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly constrain impersonation levels, which allows local users to gain privileges via a crafte...

2.1CVSS6.7AI score0.02097EPSS
Exploits0References2Affected Software4
CVE
CVE
added 2015/08/15 12:0 a.m.165 views

CVE-2015-2454

CVE-2015-2454 concerns a vulnerability in the Windows kernel-mode driver where impersonation level handling is not properly constrained. The issue allows a local attacker to gain privileges by crafting an application, affecting multiple Windows versions listed in the initial document (Vista SP2, ...

2.1CVSS6.3AI score0.02097EPSS
Exploits0References2Affected Software8
Cvelist
Cvelist
added 2015/08/15 12:0 a.m.24 views

CVE-2015-2454

The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly constrain impersonation levels, which allows local users to gain privileges via a crafte...

6.2AI score0.02097EPSS
Exploits0References2
CNVD
CNVD
added 2015/08/14 12:0 a.m.4 views

Microsoft Windows Kernel KMD Security Feature Bypass Vulnerability

Microsoft Windows is a series of operating systems released by the American company Microsoft. A security feature bypass vulnerability exists in Microsoft Windows Kernel KMD, which can be exploited by an attacker to elevate privileges...

2.1CVSS6.8AI score0.02097EPSS
Exploits0References1
CNVD
CNVD
added 2015/07/16 12:0 a.m.3 views

Microsoft Windows Server Elevation of Privilege Vulnerability (CNVD-2015-04661)

Microsoft Windows Server is a series of servers based on the windows operating system launched by the United States Microsoft Microsoft. A security vulnerability exists in the win32k.sys file in the kernel-mode driver for Microsoft Windows. A local attacker exploits the vulnerability to gain...

7.2CVSS6.8AI score0.03723EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2015/07/15 12:0 a.m.37 views

Microsoft Windows Kernel-Mode Driver Privilege Elevation Vulnerabilities (3070102)

This host is missing an important security update according to Microsoft Bulletin MS15-073. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

7.2CVSS4.9AI score0.03723EPSS
Exploits1References3
0day.today
0day.today
added 2015/06/23 12:0 a.m.76 views

Microsoft Windows ClientCopyImage Improper Object Handling Exploit

This Metasploit module exploits improper object handling in the win32k.sys kernel mode driver. This Metasploit module has been tested on vulnerable builds of Windows 7 x64 and x86, and Windows 2008 R2 SP1 x64. This module requires Metasploit: http://metasploit.com/download Current source:...

7.2CVSS7.6AI score0.562EPSS
Exploits38
NVD
NVD
added 2015/06/10 1:59 a.m.25 views

CVE-2015-1723

Use-after-free vulnerability in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges...

7.2CVSS6.3AI score0.03335EPSS
Exploits0References3
Symantec
Symantec
added 2015/06/09 12:0 a.m.29 views

Microsoft Windows Kernel Mode Driver CVE-2015-1720 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with elevated privileges. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsof...

7.2CVSS1.9AI score0.01906EPSS
Exploits0Affected Software3
Metasploit
Metasploit
added 2015/06/03 11:48 a.m.97 views

Windows ClientCopyImage Win32k Exploit

This module exploits improper object handling in the win32k.sys kernel mode driver. This module has been tested on vulnerable builds of Windows 7 x64 and x86, and Windows 2008 R2 SP1 x64. This module requires Metasploit: https://metasploit.com/download Current source:...

7.8CVSS7.3AI score0.562EPSS
Exploits38
OpenVAS
OpenVAS
added 2015/05/13 12:0 a.m.34 views

Microsoft Windows Kernel-Mode Driver Privilege Elevation Vulnerability (3045171)

This host is missing an important security update according to Microsoft Bulletin MS15-051. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

2.1CVSS4.9AI score0.03052EPSS
Exploits0References7
Symantec
Symantec
added 2015/05/12 12:0 a.m.25 views

Microsoft Windows Kernel Mode Driver CVE-2015-1679 Local Information Disclosure Vulnerability

Description Microsoft Windows is prone to a local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information such as kernel memory contents. This may aid in launching further attacks. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP...

2.1CVSS0.4AI score0.03052EPSS
Exploits0Affected Software3
Rows per page
Query Builder