Lucene search
K
MicrosoftWindows 10 1511

16 matches found

CVE
CVE
added 2017/06/15 1:0 a.m.1372 views

CVE-2017-8464

CVE-2017-8464 affects Windows shells that render .lnk icons. A crafted LNK file can trigger arbitrary code execution due to improper icon handling in Windows Explorer and related parsers. Affected products include Windows client and server releases spanning Windows 7 through Windows 10 and Window...

9.3CVSS7.2AI score0.90026EPSS
In wild
CVE
CVE
added 2017/05/12 2:0 p.m.1354 views

CVE-2017-0213

CVE-2017-0213 is a Windows privilege-escalation flaw in the COM Aggregate Marshaler that can be triggered by a specially crafted application to gain elevated privileges locally. Public documentation confirms affected OS ranges including Windows 7 SP1, Windows Server 2008 SP2/R2 SP1, Windows 8.1, ...

7.3CVSS5.9AI score0.84138EPSS
In wild
CVE
CVE
added 2016/04/12 11:0 p.m.1294 views

CVE-2016-0167

CVE-2016-0167 is a Windows kernel-mode Win32k Privilege Escalation vulnerability affecting multiple OS versions (e.g., Vista SP2, Windows 7 SP1, Windows 8.1, Windows Server 2008/R2, Windows 10). The issue arises in the kernel-mode driver Win32k where a crafted application can escalate privileges ...

7.8CVSS6.8AI score0.05729EPSS
In wild
CVE
CVE
added 2017/03/17 12:0 a.m.1247 views

CVE-2017-0147

CVE-2017-0147 affects the SMBv1 server in multiple Windows platforms, where remote attackers can obtain sensitive information from process memory via crafted SMB packets. Affected products include Windows Vista SP2, Windows Server 2008 SP2/R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012, ...

7.5CVSS5.7AI score0.99693EPSS
In wild
CVE
CVE
added 2017/05/12 2:0 p.m.1198 views

CVE-2017-0263

CVE-2017-0263: Windows Win32k local privilege escalation via kernel-mode drivers. The CVE concerns memory-object handling in Win32k.sys that allows a local attacker to gain privileges through a crafted application. Documents identify the affected Windows family (Windows 7 SP1, 8.1, Windows Server...

7.8CVSS7.6AI score0.10034EPSS
In wild
CVE
CVE
added 2016/03/09 11:0 a.m.1165 views

CVE-2016-0099

CVE-2016-0099 corresponds to the Windows “Secondary Logon Handle Privilege Escalation” issue. The Secondary Logon Service fails to properly process request handles, enabling local attackers to gain elevated privileges. Publicly documented in multiple sources as MS16-032, with Metasploit/Ms16-032-...

7.8CVSS7.5AI score0.37164EPSS
In wild
CVE
CVE
added 2016/08/09 9:0 p.m.1163 views

CVE-2016-3309

CVE-2016-3309 is a Windows kernel Win32k elevation-of-privilege vulnerability. A local attacker could gain SYSTEM privileges by exploiting a pool/handle-management issue in win32k, enabling code execution in kernel mode. Connected sources document an exploit (win32kfull!bFill pool overflow) and i...

7.8CVSS7.5AI score0.20625EPSS
In wild
CVE
CVE
added 2017/06/15 1:0 a.m.1141 views

CVE-2017-8543

CVE-2017-8543 is a Windows remote code execution vulnerability in the Windows Search service. The root cause is how Windows Search handles objects in memory, allowing an attacker to take control of the affected system. Exploitation can occur by sending specially crafted messages to the Windows Se...

10CVSS6.2AI score0.7376EPSS
In wild
CVE
CVE
added 2016/11/10 6:16 a.m.1134 views

CVE-2016-7255

CVE-2016-7255 is a Windows kernel privilege-escalation issue affecting win32k.sys. The CVE arises from a local attacker crafting an exploit against a Win32k component, enabling elevation to SYSTEM via the NtSetWindowLongPtr path in win32k.sys (MS16-135). Public exploitation materials in Exploit D...

7.8CVSS7.6AI score0.80968EPSS
In wild
CVE
CVE
added 2017/03/17 12:0 a.m.1114 views

CVE-2017-0001

CVE-2017-0001 is a Windows Graphics Device Interface (GDI) local privilege escalation affecting multiple Windows platforms (Vista SP2, Server 2008 SP2/R2 SP1, 7 SP1, 8.1, 2012 Gold/R2, RT 8.1, and newer Windows 10 builds). The description states that a crafted application can allow local users to...

7.8CVSS6.2AI score0.03114EPSS
In wild
CVE
CVE
added 2017/03/17 12:0 a.m.1080 views

CVE-2017-0005

Technical details (affected product/version, root cause, fix) are not provided in the supplied documents; public details are high-level. Monitor for updates from official advisories and CVE feeds.

7.8CVSS6.2AI score0.11022EPSS
In wild
CVE
CVE
added 2016/04/12 11:0 p.m.1041 views

CVE-2016-0151

CVE-2016-0151 affects the Client-Server Run-time Subsystem (CSRSS) in Microsoft Windows 8.1, Windows Server 2012 (Gold/R2), Windows RT 8.1, and Windows 10 (Gold/1511). The root cause is mismanagement of process tokens in CSRSS/in memory, enabling local privilege escalation via a crafted applicati...

7.8CVSS6.6AI score0.63195EPSS
In wild
CVE
CVE
added 2016/11/10 6:16 a.m.1038 views

CVE-2016-7256

CVE-2016-7256 is a remote code execution vulnerability in atmfd.dll, the Windows font library, affecting multiple Windows releases (Vista‑through‑Server 2016/Win10 1511–1607). It allows an attacker to execute arbitrary code by visiting a crafted web page that leverages specially embedded fonts du...

9.3CVSS8.8AI score0.64835EPSS
In wild
CVE
CVE
added 2016/10/14 1:0 a.m.911 views

CVE-2016-3393

CVE-2016-3393 affects the Graphics Device Interface (GDI/GDI+) in Windows, where improper handling of memory objects in the GDI component can enable remote code execution. The vulnerability impacts multiple Windows editions (Vista through Windows 10 variants listed in the CVE description) and is ...

9.3CVSS7.8AI score0.68684EPSS
In wild
CVE
CVE
added 2016/04/12 11:0 p.m.514 views

CVE-2016-0165

CVE-2016-0165 is a Windows kernel-mode privilege-escalation issue affecting the Win32k subsystem (win32k.sys). The vulnerability allows a local attacker to gain higher privileges by exploiting how memory/objects are handled in the kernel, as described in CNVD-2016-02281. Affected products include...

7.8CVSS6.8AI score0.13841EPSS
In wild
CVE
CVE
added 2023/02/03 4:53 p.m.70 views

CVE-2022-38396

CVE-2022-38396 concerns HP factory preinstalled Windows 10 images (20H2 and earlier). The issue is described as elevation of privilege by executing certain files outside the restricted path. The remediation is noted as implemented starting with Windows 10 21H2 (Oct 31, 2021). HP’s advisory refere...

7.8CVSS7.9AI score0.00407EPSS