Microsoft Windows 'Win32k.sys' Local Information Disclosure Vulnerability

Microsoft Windows is the popular operating system. Microsoft Windows Win32k does not properly handle memory objects, allowing an attacker to exploit a vulnerability by submitting a special request that could obtain sensitive information...

Microsoft Windows 8.1 (x64) - RGNOBJ Integer Overflow (MS16-098) (2) Exploit

Exploit for windows platform in category local exploits Sources: - https://github.com/sensepost/gdi-palettes-exp - https://sensepost.com/blog/2017/abusing-gdi-objects-for-ring0-primitives-revolution/ Windows 7 SP1 x86 exploit presented at DEF CON 25 involving the abuse of a newly discovered GDI...

Microsoft Edge Information Disclosure Vulnerability (CNVD-2017-23793)

Microsoft Windows 10 and Windows Server 2016 are both products of Microsoft Corporation USA. The former is an operating system for personal computers and the latter is a server operating system.Edge is one of the web browsers that comes with the system. Edge in Microsoft Windows has an informatio...

CVE-2017-8666

Microsoft Win32k in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability when it fails to properly handle objects in memory, ak...

CVE-2017-8627

Windows Subsystem for Linux in Windows 10 1703, allows a denial of service vulnerability due to the way it handles objects in memory, aka "Windows Subsystem for Linux Denial of Service Vulnerability"...

CVE-2017-8635

Microsoft browsers in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user due to the way that...

CVE-2017-8624

CLFS in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an elevation of privilege vulnerability due to the way it handles objects in memory, aka "Windows CLFS Elevati...

CVE-2017-8593

Microsoft Win32k in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability when it fails to properly handle objects in memory, ak...

CVE-2017-8627

Windows Subsystem for Linux in Windows 10 1703, allows a denial of service vulnerability due to the way it handles objects in memory, aka "Windows Subsystem for Linux Denial of Service Vulnerability"...

Scripting Engine Information Disclosure Vulnerability

An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft browsers. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. In a web-based attack scenario, an...

Microsoft Windows 8.1 (x64) - RGNOBJ Integer Overflow (MS16-098) (2)

Sources: - https://github.com/sensepost/gdi-palettes-exp - https://sensepost.com/blog/2017/abusing-gdi-objects-for-ring0-primitives-revolution/ Windows 7 SP1 x86 exploit presented at DEF CON 25 involving the abuse of a newly discovered GDI object abuse technique. DC25 5A1F - Demystifying Windows...

Microsoft Windows 8.1 (x64) - RGNOBJ Integer Overflow (MS16-098) (2)

Microsoft Windows 8.1 x64 - RGNOBJ Integer Overflow MS16-098 2 Sources: - https://github.com/sensepost/gdi-palettes-exp - https://sensepost.com/blog/2017/abusing-gdi-objects-for-ring0-primitives-revolution/ Windows 7 SP1 x86 exploit presented at DEF CON 25 involving the abuse of a newly discovere...

Microsoft Edge Memory Corruption Vulnerability

A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the...

Apple macOSiOS - xpc_data Objects Sandbox Escape Privilege Escalation

Apple macOSiOS - xpcdata Objects Sandbox Escape Privilege Escalation Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1247 When XPC serializes large xpcdata objects it creates mach memory entry ports to represent the memory region then transfers that region to the receiving proce...

Artemis: Deserialization of untrusted input vulnerability

It was found that use of a JMS ObjectMessage does not safely handle user supplied data when deserializing objects. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using a JMS ObjectMessage...

(Pwn2Own) Microsoft Windows Palette Object Use-After-Free Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...

PHP Object Injection And Arbitrary Code Execution

anchorcms/anchor-cms is vulnerable to PHP object injection and arbitrary code execution. The vulnerability is possible because system/session/drivers/cookie.php does not filter malicious serialized objects in a cookie, allowing attackers to inject PHP objects and execute arbitrary PHP code...

CVE-2017-5108

Type confusion in PDFium in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to potentially maliciously modify objects via a crafted PDF file...

tomcat: Calls to application listeners did not use the appropriate facade object

A vulnerability was discovered in tomcat. When running an untrusted application under a SecurityManager it was possible, under some circumstances, for that application to retain references to the request or response objects and thereby access and/or modify information associated with another web...

UBUNTU-CVE-2017-11625

A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, which allows attackers to cause a denial of service via a crafted file, related to the QPDF::resolveObjectsInStream function in QPDF.cc, aka an "infinite loop."...