Lucene search
K

105 matches found

Microsoft CVE
Microsoft CVE
added 2025/04/08 7:0 a.m.14 views

Microsoft Virtual Hard Disk Elevation of Privilege Vulnerability

Stack-based buffer overflow in Microsoft Virtual Hard Drive allows an authorized attacker to elevate privileges locally...

7.8CVSS7.3AI score0.00533EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/03/28 12:0 a.m.2 views

PT-2025-28587

Name of the Vulnerable Software and Affected Versions: Microsoft Windows Virtual Hard Disk VHDX affected versions not specified Description: An integer overflow or wraparound condition exists in Virtual Hard Disk VHDX that may allow an unauthorized attacker to elevate privileges locally. The issu...

7.8CVSS6.4AI score0.00654EPSS
Exploits0References18
Vulnrichment
Vulnrichment
added 2024/04/09 5:0 p.m.26 views

CVE-2024-26254 Microsoft Virtual Machine Bus (VMBus) Denial of Service Vulnerability

...

7.5CVSS6.8AI score0.03136EPSS
Exploits0References1
Prion
Prion
added 2024/01/09 6:15 p.m.29 views

Privilege escalation

Microsoft Virtual Hard Disk Elevation of Privilege Vulnerability...

4.3CVSS6.9AI score0.00706EPSS
Exploits0References1Affected Software9
Vulnrichment
Vulnrichment
added 2024/01/09 5:56 p.m.5 views

CVE-2024-20658 Microsoft Virtual Hard Disk Elevation of Privilege Vulnerability

...

7.8CVSS7.6AI score0.00706EPSS
Exploits0References1
OSV
OSV
added 2023/10/10 6:15 p.m.2 views

CVE-2023-36718

Microsoft Virtual Trusted Platform Module Remote Code Execution Vulnerability...

7.8CVSS7.3AI score0.01583EPSS
Exploits0References1
Prion
Prion
added 2023/10/10 6:15 p.m.22 views

Remote code execution

Microsoft Virtual Trusted Platform Module Remote Code Execution Vulnerability...

3.5CVSS8.2AI score0.01583EPSS
Exploits0References1Affected Software7
Positive Technologies
Positive Technologies
added 2023/10/10 12:0 a.m.5 views

PT-2023-6060 · Microsoft · Virtual Trusted Platform Module +1

Name of the Vulnerable Software and Affected Versions: Microsoft Virtual Trusted Platform Module affected versions not specified Description: The issue is related to insufficient input validation in the virtual trusted platform module of Windows operating systems. This can be exploited by attacke...

7.8CVSS8.6AI score0.01583EPSS
Exploits0References7
Kitploit
Kitploit
added 2023/10/07 11:30 a.m.37 views

S4UTomato - Escalate Service Account To LocalSystem Via Kerberos

Escalate Service Account To LocalSystem via Kerberos. Traditional Potatoes Friends familiar with the "Potato" series of privilege escalation should know that it can elevate service account privileges to local system privileges. The early exploitation techniques of "Potato" are almost identical:...

7.8AI score
Exploits0References6
Rapid7 Blog
Rapid7 Blog
added 2023/10/05 5:45 p.m.46 views

Little Crumbs Can Lead To Giants

This week is the Virus Bulletin Conference in London. Part of the conference is the Cyber Threat Alliance summit, where CTA members like Rapid7 showcase their research into all kinds of cyber threats and techniques. Traditionally, when we investigate a campaign, the focus is mostly on the code of...

5.8CVSS6.8AI score0.01986EPSS
Exploits0
Microsoft KB
Microsoft KB
added 2018/10/09 12:0 a.m.4 views

November 8, 2016 — KB3198585 (OS Build 10240.17190)

November 8, 2016 — KB3198585 OS Build 10240.17190 This update includes quality improvements and security updates. No new operating system features are being introduced in this update. Key changes include: Addressed issue to update the Access Point Name APN database. Addressed issue with deadlocks...

7.3AI score
Exploits0
Microsoft KB
Microsoft KB
added 2016/11/08 8:0 a.m.56 views

Cumulative update for Windows 10: November 8, 2016

Cumulative update for Windows 10: November 8, 2016 Summary This security update includes improvements and fixes in the functionality of Windows 10. It also resolves the following vulnerabilities in Windows: 3198467 MS16-142: Cumulative security update for Internet Explorer: November 8, 2016 31934...

9.3CVSS7.8AI score0.80968EPSS
Exploits42
CNVD
CNVD
added 2015/02/27 12:0 a.m.5 views

Microsoft Virtual PC Hypervisor Virtual Machine Monitor Security Bypass Vulnerability

Windows Virtual PC is the latest Microsoft virtualization technology. A security bypass vulnerability exists in Microsoft Virtual PC Hypervisor Virtual Machine Monitor, which can be exploited by an attacker to bypass memory protection mechanisms and obtain sensitive information...

9.3CVSS6.7AI score0.28163EPSS
Exploits1References1
securityvulns
securityvulns
added 2015/02/11 12:0 a.m.51 views

Microsoft Virtual Machine Manager privilege escalation

Insufficient users role checking...

6.9CVSS4.2AI score0.01642EPSS
Exploits0Affected Software1
Symantec
Symantec
added 2015/02/10 12:0 a.m.28 views

Microsoft Virtual Machine Manager CVE-2015-0012 Local Privilege Escalation Vulnerability

Description Microsoft Virtual Machine Manager is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Technologies Affected Microsoft System Center Virtual Machine Manager 2012 R2 UR4 VMM Server update...

6.9CVSS2.6AI score0.01642EPSS
Exploits0Affected Software1
VMware
VMware
added 2011/11/15 12:0 a.m.59 views

VMSA-2011-0014:VMware vCenter Update Manager fix for Jetty Web server addresses directory traversal vulnerability

VMSA-2011-0014 VMware vCenter Update Manager fix for Jetty Web server addresses directory traversal vulnerability VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2011-0014 VMware Security Advisory Synopsis: VMware vCenter Update Manager fix for Jetty Web server addresses...

5CVSS6AI score0.59726EPSS
Exploits7References3Affected Software1
ThreatPost
ThreatPost
added 2010/05/03 7:10 p.m.129 views

How Assumptions May Be Making Us All Less Secure

In the space of a given year, untold thousands of vulnerabilities are found in operating systems, applications and plug-ins. In many cases, the affected vendors fix the flaws, either with a patch, a workaround or some other mitigation. But there’s also a huge population of security bugs that...

9.3CVSS0.1AI score0.99945EPSS
Exploits33References5
VulnCheck KEV
VulnCheck KEV
added 2010/05/01 12:0 a.m.2 views

VulnCheck KEV: CVE-2003-0111

The ByteCode Verifier component of Microsoft Virtual Machine VM build 5.0.3809 and earlier, as used in Windows and Internet Explorer, allows remote attackers to bypass security checks and execute arbitrary code via a malicious Java applet, aka "Flaw in Microsoft VM Could Enable System Compromise....

7.5CVSS6.1AI score0.41212EPSS
Exploits0References1
Prion
Prion
added 2010/04/01 10:30 p.m.41 views

Privilege escalation

The memory-management implementation in the Virtual Machine Monitor aka VMM or hypervisor in Microsoft Virtual PC 2007 Gold and SP1, Virtual Server 2005 Gold and R2 SP1, and Windows Virtual PC does not properly restrict access from the guest OS to memory locations in the VMM work area, which allo...

9.3CVSS8.2AI score0.28163EPSS
Exploits1References4Affected Software2
NVD
NVD
added 2010/04/01 10:30 p.m.15 views

CVE-2010-1225

The memory-management implementation in the Virtual Machine Monitor aka VMM or hypervisor in Microsoft Virtual PC 2007 Gold and SP1, Virtual Server 2005 Gold and R2 SP1, and Windows Virtual PC does not properly restrict access from the guest OS to memory locations in the VMM work area, which allo...

9.3CVSS7.5AI score0.28163EPSS
Exploits1References4
Rows per page
Query Builder