Lucene search
K

3876 matches found

ThreatPost
ThreatPost
added 2017/03/17 2:12 p.m.10 views

VM Escape Earns Hackers $105K at Pwn2Own

Hackers managed to take down Microsoft Edge and escape a virtual machine to boot on the third day of Pwn2Own early Friday. Members from Qihoo’s 360 Security Team carried out the VM exploit, earning the group $105,000, by far the highest amount awarded to a group at the hacking challenge this week...

7.7AI score
Exploits0References7
OSV
OSV
added 2017/03/17 12:59 a.m.3 views

CVE-2017-0103

The kernel API in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Windows Server 2012 mishandles registry objects in memory, which allows local users to gain privileges via a crafted application, aka "Windows Registry Elevation of Privilege Vulnerability."...

7CVSS5.8AI score0.02942EPSS
Exploits1References4
OSV
OSV
added 2017/03/17 12:59 a.m.1 views

CVE-2017-0080

The kernel-mode drivers in Microsoft Windows 10 Gold, 1511, and 1607 and Windows Server 2016 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability." This vulnerability is different from those described in CVE-2017-0024, CVE-2017-0026,...

7.8CVSS5.8AI score0.02388EPSS
Exploits0References3
OSV
OSV
added 2017/03/17 12:59 a.m.3 views

CVE-2017-0079

The kernel-mode drivers in Windows 8.1; Windows Server 2012 R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability." This vulnerability is different from those described in...

7.8CVSS5.8AI score0.02388EPSS
Exploits0References3
OSV
OSV
added 2017/03/17 12:59 a.m.2 views

CVE-2017-0050

The kernel API in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7; Windows 8; Windows 10 Gold, 1511, and 1607; Windows RT 8.1; Windows Server 2012 Gold and R2; and Windows Server 2016 does not properly enforce permissions, which allows local users to spoof processes,...

7.8CVSS5.8AI score0.01468EPSS
Exploits0References3
OSV
OSV
added 2017/03/17 12:59 a.m.1 views

CVE-2017-0056

The kernel-mode drivers in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allow local users to gain privileges via a crafted application, aka...

7.8CVSS5.8AI score0.0139EPSS
Exploits0References3
CNVD
CNVD
added 2017/03/16 12:0 a.m.3 views

Microsoft Windows Kernel 'Win32k.sys' local elevation of privilege vulnerability (CNVD-2017-03699)

Microsoft Windows is the popular computer operating system. A local elevation of privilege vulnerability exists in Microsoft Windows Kernel 'Win32k.sys'. An attacker can exploit the vulnerability to run arbitrary code in kernel mode...

7.8CVSS7.3AI score0.02388EPSS
Exploits0References1
CNVD
CNVD
added 2017/03/16 12:0 a.m.2 views

Microsoft Windows Kernel 'Win32k.sys' local boost vulnerability (CNVD-2017-03631)

Microsoft Windows is an operating system developed by the American company Microsoft. A local lift vulnerability exists in the Microsoft Windows Kernel 'Win32k.sys'. An attacker can exploit this vulnerability to execute arbitrary code with kernel privileges...

7.8CVSS7.4AI score0.0139EPSS
Exploits0References1
CNVD
CNVD
added 2017/03/16 12:0 a.m.2 views

Microsoft Windows Kernel 'Win32k.sys' local boost vulnerability (CNVD-2017-03630)

Microsoft Windows is an operating system developed by the American company Microsoft. A local elevation of privilege vulnerability exists in the Microsoft Windows Kernel 'Win32k.sys'. An attacker can exploit this vulnerability to execute arbitrary code with elevated privileges in the kernel...

7.8CVSS7.7AI score0.02388EPSS
Exploits0References1
CNVD
CNVD
added 2017/03/16 12:0 a.m.3 views

Microsoft Windows Kernel Local Mobilization Vulnerability (CNVD-2017-03625)

Microsoft Windows is an operating system developed by the American company Microsoft. Microsoft Windows suffers from a local elevation vulnerability. An attacker could exploit this vulnerability to execute arbitrary code with kernel privileges...

7CVSS7.4AI score0.02942EPSS
Exploits1References1
CNVD
CNVD
added 2017/03/16 12:0 a.m.4 views

Microsoft Windows Kernel 'Win32k.sys' local boost vulnerability (CNVD-2017-03629)

Microsoft Windows is an operating system developed by the American company Microsoft. A local elevation of privilege vulnerability exists in the Microsoft Windows Kernel 'Win32k.sys'. An attacker can exploit this vulnerability to execute arbitrary code with elevated privileges in the kernel...

7.8CVSS7.7AI score0.02388EPSS
Exploits0References1
Microsoft KB
Microsoft KB
added 2017/03/14 7:0 a.m.70 views

March 2017 Security Only Quality Update for Windows 7 SP1 and Windows Server 2008 R2 SP1

March 2017 Security Only Quality Update for Windows 7 SP1 and Windows Server 2008 R2 SP1 Summary This security update resolves the following vulnerabilities in Windows 7 SP1 and Windows Server 2008 R2 SP1: MS17-022 Security update for Microsoft XML Core Services MS17-021 Security update for...

9.3CVSS8AI score0.9923EPSS
Exploits86
Microsoft KB
Microsoft KB
added 2017/03/14 7:0 a.m.134 views

March 2017 Security Only Quality Update for Windows 8.1 and Windows Server 2012 R2

March 2017 Security Only Quality Update for Windows 8.1 and Windows Server 2012 R2 Summary This security update resolves the following vulnerabilities in Windows 8.1 and Windows Server 2012 R2: MS17-022 Security update for Microsoft XML Core Services MS17-021 Security update for DirectShow MS17-0...

9.3CVSS8.1AI score0.99693EPSS
Exploits109
Microsoft KB
Microsoft KB
added 2017/03/14 7:0 a.m.135 views

March 2017 Security Monthly Quality Rollup for Windows Server 2012

March 2017 Security Monthly Quality Rollup for Windows Server 2012 Summary This security update resolves the following vulnerabilities in Windows Server 2012: MS17-022 Security update for Microsoft XML Core Services MS17-019 Security update for Active Directory Federation Services MS17-018 Securi...

9.3CVSS7.9AI score0.99693EPSS
Exploits119
Positive Technologies
Positive Technologies
added 2017/03/14 12:0 a.m.4 views

PT-2017-1640 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to insufficient access control in Windows kernel drivers, which can be exploited by an attacker to elevate their privileges using a specially crafted application. This...

7.8CVSS7.9AI score0.01835EPSS
Exploits0References12
Check Point Advisories
Check Point Advisories
added 2017/03/14 12:0 a.m.4 views

Microsoft Windows Win32k Elevation of Privilege (MS17-018: CVE-2017-0026)

An elevation of privilege vulnerability exists in Windows Kernel. The vulnerability is caused when the Windows kernel-mode driver fails to properly handle objects in memory. A remote attacker can exploit this vulnerability by running a specially crafted application...

7.2CVSS7.4AI score0.02388EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2017/03/14 12:0 a.m.246 views

MS17-017: Security Update for Windows Kernel (4013081)

The remote Windows host is missing a security update. It is, therefore, affected by multiple elevation of privilege vulnerabilities : - An elevation of privilege vulnerability exists in the Windows Kernel API due to improper enforcement of permissions. A local attacker can exploit this, via a...

7.8CVSS7.6AI score0.57482EPSS
Exploits4References5
Exploit DB
Exploit DB
added 2017/01/08 12:0 a.m.578 views

Microsoft Windows Kernel - 'win32k.sys NtSetWindowLongPtr' Local Privilege Escalation (MS16-135) (2)

/ Source: https://ricklarabee.blogspot.com/2017/01/virtual-memory-page-tables-and-one-bit.html Binary: https://github.com/rlarabee/exploits/raw/8b9eb646516d7f022a010f28018209f331c28975/cve-2016-7255/compiled/cve-2016-7255.exe Mirror:...

7.8CVSS8AI score0.80968EPSS
Exploits24
Microsoft KB
Microsoft KB
added 2017/01/07 12:0 a.m.52 views

MS10-047: Vulnerabilities in Windows Kernel could allow elevation of privilege

MS10-047: Vulnerabilities in Windows Kernel could allow elevation of privilege Support for Windows Vista Service Pack 1 SP1 ends on July 12, 2011. To continue receiving security updates for Windows, make sure you're running Windows Vista with Service Pack 2 SP2. For more information, refer to thi...

6.4AI score
Exploits0
Microsoft KB
Microsoft KB
added 2017/01/07 12:0 a.m.44 views

MS16-034: Description of the security update for Windows kernel-mode drivers: March 8, 2016

MS16-034: Description of the security update for Windows kernel-mode drivers: March 8, 2016 Summary This security update resolves vulnerabilities in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an attacker logs on to the system and runs a specially crafted...

6.7AI score
Exploits0
Rows per page
Query Builder