Microsoft Windows SMB2 Out-Of-Bounds Access Information Disclosure Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...

CVE-2018-10499

This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Samsung Galaxy Apps Fixed in version 6.4.0.15. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw...

CVE-2018-10498

This vulnerability allows local attackers to disclose sensitive information on vulnerable installations of Samsung Email Fixed in version 5.0.02.16. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific...

CVE-2018-10502

The vulnerability CVE-2018-10502 affects Samsung Galaxy Apps, where the staging mode handling allows a local attacker who can run low-privileged code to modify configuration based on a file’s presence in a user-controlled location, enabling privilege escalation to protected resources. A fix is av...

CVE-2018-10500

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Samsung Galaxy Apps Fixed in version 6.4.0.15. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw...

Apple macOS Dock Service DSSetProcessRecents Uninitialized Pointer Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of Mach...

Apple macOS AirPort BrcmNIC Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on vulnerable installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handlin...

CVE-2018-10514

A Missing Impersonation Privilege Escalation vulnerability in Trend Micro Security 2018 Consumer products could allow a local attacker to escalate privileges on vulnerable installations. An attacker must first obtain the ability to execute low-privileged code on the target system in order to...

Privilege escalation

A Missing Impersonation Privilege Escalation vulnerability in Trend Micro Security 2018 Consumer products could allow a local attacker to escalate privileges on vulnerable installations. An attacker must first obtain the ability to execute low-privileged code on the target system in order to...

CVE-2018-15363

An Out-of-Bounds Read Privilege Escalation vulnerability in Trend Micro Security 2018 Consumer products could allow a local attacker to escalate privileges on vulnerable installations. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploi...

Privilege escalation

An Out-of-Bounds Read Privilege Escalation vulnerability in Trend Micro Security 2018 Consumer products could allow a local attacker to escalate privileges on vulnerable installations. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploi...

CVE-2018-15364

A Named Pipe Request Processing Out-of-Bounds Read Information Disclosure vulnerability in Trend Micro OfficeScan XG 12.0 could allow a local attacker to disclose sensitive information on vulnerable installations. An attacker must first obtain the ability to execute low-privileged code on the...

Trend Micro Maximum Security ID_AMSP_MASTER Deserialization of Untrusted Data Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Trend Micro Maximum Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within...

Microsoft Windows BasicRender Driver Race Condition Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within processing of th...

Microsoft Windows dxgkrnl Driver D3DKMTRender Method Untrusted Pointer Dereference Privilege Escalation Vulnerability

This vulnerability allows remote attackers to escalate privileges on vulnerable installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the D3DKMTRende...

Microsoft Windows NtGdiClearBitmapAttributes Use-After-Free Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the processing a...

(Pwn2Own) Huawei Reader onChapPack Directory Traversal File Deletion Vulnerability

This vulnerability allows local attackers to delete arbitrary files on vulnerable installations of Huawei Reader. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of t...

VMware Workstation SetGuestInfo Null Pointer Dereference Denial of Service Vulnerability

This vulnerability allows local attackers to deny service on vulnerable installations of VMware Workstation. An attacker must first obtain the ability to execute low-privileged code on a guest OS in order to exploit this vulnerability. The specific flaw exists within the SetGuestInfo RPC function...

(Pwn2Own) Oracle Virtualbox HGCM Out-Of-Bounds Write Privilege Escalation Vulnerability

This vulnerability allows remote attackers to escalate privileges on vulnerable installations of Oracle VirtualBox. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the...

Oracle VirtualBox SHCRGL_GUEST_FN_WRITE_READ_BUFFERED Uninitialized Memory Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on vulnerable installations of Oracle VirtualBox. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...