CVE-2025-6250 Privilege Management for Windows - Elevation of Privilege

Prior to 25.4.270.0, when wmic.exe is elevated with a full admin token the user can stop the Defendpoint service, bypassing anti-tamper protections. Once the service is disabled, the malicious user can add themselves to Administrators group and run any process with elevated permissions...

CVE-2019-1478

An elevation of privilege vulnerability exists when Windows improperly handles COM object creation, aka 'Windows COM Server Elevation of Privilege Vulnerability'...

CVE-2024-43509 Windows Graphics Component Elevation of Privilege Vulnerability

...

PT-2024-4280

Name of the Vulnerable Software and Affected Versions Microsoft Windows affected versions not specified Description An elevation-of-privilege vulnerability exists in the Microsoft Windows Kernel Streaming service. The vulnerability is due to improper handling of untrusted pointer dereferencing...

Windows CNG Key Isolation Service Elevation of Privilege Vulnerability

...

CVE-2023-36399 Windows Storage Elevation of Privilege Vulnerability

...

CVE-2022-41092 Windows Win32k Elevation of Privilege Vulnerability

...

CVE-2022-24460

Tablet Windows User Interface Application Elevation of Privilege Vulnerability...

CVE-2022-21967

Xbox Live Auth Manager for Windows Elevation of Privilege Vulnerability...

CVE-2021-43237 Windows Setup Elevation of Privilege Vulnerability

...

CVE-2021-43223 Windows Remote Access Connection Manager Elevation of Privilege Vulnerability

...

Patch Tuesday - August 2021

Hot off the press, it’s another issue of the Patch Tuesday blog! While the number of vulnerabilities is low this month, there are a number of high risk items administrators will want to patch right away including a few that will require additional remediation steps. This Patch Tuesday also includ...

Exploit for CVE-2017-0213

windows-kernel-exploits 简介 windows-kernel-exploits 漏洞列表 Security Bulletin KB Description Operating System - MS17-017 KB4013081 GDI Palette Objects Local Privilege Escalation windows 7/8 - CVE-2017-8464 LNK Remote Code Execution Vulnerability windows 10/8.1/7/2016/2010/2008 - CVE-2017-0213...

CVE-2021-1698

Windows Win32k Elevation of Privilege Vulnerability...

CVE-2020-16940 Windows - User Profile Service Elevation of Privilege Vulnerability

...

Privilege escalation

An elevation of privilege vulnerability exists in the way that the Microsoft Store Install Service handles file operations in protected locations, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0934, CVE-2020-0983, CVE-2020-1011, CVE-2020-1015...

CVE-2020-0737

CVE-2020-0737 is a Windows elevation-of-privilege vulnerability tied to how tapisrv.dll handles in-memory objects. The root cause is memory-objects handling in this DLL, enabling an attacker who can supply or manipulate objects to execute code with elevated privileges on affected Windows systems....

Microsoft Windows and Microsoft Windows Server Elevation of Privilege Vulnerability (CNVD-2020-02182)

Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation.Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system. An elevation of privilege vulnerability exists in Microsoft Windows and Microsoft Windows...

Privilege escalation

An elevation of privilege vulnerability exists in the way that the dssvc.dll handles file creation allowing for a file overwrite or creation in a secured location, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1422, CVE-2019-1423...

Privilege escalation

An elevation of privilege vulnerability exists in the way that the wcmsvc.dll handles objects in memory, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1173, CVE-2019-1174, CVE-2019-1175, CVE-2019-1177, CVE-2019-1178, CVE-2019-1179, CVE-2019-1180,...