CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4305 matches found

The Hacker News•added 2013/05/02 11:14 a.m.•12 views

Mysterious Avatar rootkit with API, SDK, and Yahoo Groups for C&C communication

Early 2012 ESET company a mysterious malware, dubbed the Avatar rootkit Win32/Rootkit.Avatar, advertised in the underground forums by Russian cyber crime. "We present you here previously announced product. In connection with work on other projects, we moved the release date for the public from Ma...

6.9AI score

Exploits0

The Hacker News•added 2013/05/02 12:14 a.m.•15 views

Mysterious Avatar rootkit with API, SDK, and Yahoo Groups for C&C communication

6.9AI score

Exploits0

OpenVAS•added 2013/04/10 12:0 a.m.•24 views

Microsoft Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (2829996)

This host is missing an important security update according to Microsoft Bulletin MS13-036. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

7.4CVSS4.9AI score0.17215EPSS

Exploits4References7

NVD•added 2013/04/09 10:55 p.m.•27 views

CVE-2013-1293

The NTFS kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges or cause a denial of service NULL pointer dereference and system crash via a crafted application that leverages improper handling o...

6.9CVSS6.4AI score0.00775EPSS

Exploits1References2

NVD•added 2013/04/09 10:55 p.m.•29 views

CVE-2013-1291

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, Windows 7 Gold and SP1, and Windows 8 allows local users to cause a denial of service reboot via a crafted OpenType font, aka "OpenType Font Parsing Vulnerabilit...

7.1CVSS6AI score0.17215EPSS

Exploits1References2

NVD•added 2013/04/09 10:55 p.m.•31 views

CVE-2013-1283

Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a...

6.9CVSS6.3AI score0.00645EPSS

Exploits1References3

Prion•added 2013/04/09 10:55 p.m.•29 views

Null pointer dereference

6.9CVSS6.9AI score0.00775EPSS

Exploits1References2

ATTACKERKB•added 2013/04/09 10:55 p.m.•2 views

CVE-2013-1292

Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application that leverages improper handling ...

7.4CVSS5.2AI score0.00471EPSS

Exploits1References4

Prion•added 2013/04/09 10:55 p.m.•24 views

Race condition

6.9CVSS6.8AI score0.00471EPSS

Exploits1References3Affected Software1

Cvelist•added 2013/04/09 10:0 p.m.•38 views

CVE-2013-1293

6.4AI score0.00775EPSS

Exploits1References2

CVE•added 2013/04/09 10:0 p.m.•62 views

CVE-2013-1291

CVE-2013-1291 refers to a local-denial-of-service vulnerability in Windows OpenType font parsing via win32k.sys. Exploitation requires local access and a crafted OpenType font can crash/restart the system. Affected OS versions include Windows XP SP3, Server 2003 SP2, Vista SP2, Server 2008 SP2, W...

7.1CVSS6.1AI score0.17215EPSS

Exploits1References2Affected Software6

CVE•added 2013/04/09 10:0 p.m.•81 views

CVE-2013-1293

The CVE-2013-1293 issue affects the NTFS kernel-mode driver (Ntfs.sys) in multiple Windows versions (Vista SP2, Server 2008 SP2/R2/R2 SP1, and Windows 7 SP1). It stems from improper handling of objects in memory causing a NULL pointer dereference . This enables a local privilege escalation or den...

6.9CVSS6.5AI score0.00775EPSS

Exploits1References2Affected Software3

Cvelist•added 2013/04/09 10:0 p.m.•37 views

CVE-2013-1292

6.3AI score0.00471EPSS

Exploits1References3

Vulnrichment•added 2013/04/09 10:0 p.m.•13 views

CVE-2013-1292

6.6AI score0.00471EPSS

Exploits1References3

Prion•added 2013/03/13 12:55 a.m.•28 views

Security feature bypass

The USB kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, and Windows Server 2012 do not properly handle objects in memory, which allows physically proximate attackers to...

7.2CVSS7.4AI score0.00502EPSS

Exploits0References3Affected Software5

Prion•added 2013/03/13 12:55 a.m.•27 views

Security feature bypass

7.2CVSS7.4AI score0.00502EPSS

Exploits0References3Affected Software5

OpenVAS•added 2013/03/13 12:0 a.m.•25 views

Microsoft Windows Kernel-Mode Drivers Privilege Elevation Vulnerabilities (2807986)

This host is missing an important security update according to Microsoft Bulletin MS13-027. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

7.2CVSS4.9AI score0.00502EPSS

Exploits0References5

CVE•added 2013/03/13 12:0 a.m.•71 views

CVE-2013-1286

Summary: CVE-2013-1286 is a Windows USB Descriptor Vulnerability. The exposed flaw lies in USB kernel-mode drivers on Windows XP SP2/SP3, Server 2003 SP2, Vista SP2, Server 2008 SP2/R2, Windows 7 SP1, Windows 8, and Server 2012, where objects in memory are not properly handled, allowing physicall...

7.2CVSS7.2AI score0.00502EPSS

Exploits0References3Affected Software1

Cvelist•added 2013/03/13 12:0 a.m.•40 views

CVE-2013-1285

7AI score0.00502EPSS

Exploits0References3

Cvelist•added 2013/03/13 12:0 a.m.•37 views

CVE-2013-1286

7AI score0.00502EPSS

Exploits0References3

Rows per page