32 matches found
CVE-2018-8174
CVE-2018-8174 is a Windows VBScript Engine out-of-bounds write vulnerability enabling remote code execution. Public documentation confirms an RCE when the VBScript engine handles in-memory objects, affecting Windows 7, Server 2008/2012/2016, Windows 8.1, Windows 10 and server variants. Public wri...
CVE-2017-8464
CVE-2017-8464 affects Windows shells that render .lnk icons. A crafted LNK file can trigger arbitrary code execution due to improper icon handling in Windows Explorer and related parsers. Affected products include Windows client and server releases spanning Windows 7 through Windows 10 and Window...
CVE-2017-0213
CVE-2017-0213 is a Windows privilege-escalation flaw in the COM Aggregate Marshaler that can be triggered by a specially crafted application to gain elevated privileges locally. Public documentation confirms affected OS ranges including Windows 7 SP1, Windows Server 2008 SP2/R2 SP1, Windows 8.1, ...
CVE-2019-0841
CVE-2019-0841 is a Windows privilege-escalation vulnerability in the AppXSVC service caused by improper handling of hard links. The issue enables local elevation of privilege (from a low-privilege context to SYSTEM) and has public exploitation references (Exploits listed on Exploit-DB; CIRCL sigh...
CVE-2017-0263
CVE-2017-0263: Windows Win32k local privilege escalation via kernel-mode drivers. The CVE concerns memory-object handling in Win32k.sys that allows a local attacker to gain privileges through a crafted application. Documents identify the affected Windows family (Windows 7 SP1, 8.1, Windows Server...
CVE-2019-0880
CVE-2019-0880 is a local privilege-escalation in Windows where splwow64.exe mishandles certain calls, allowing a low-privilege user to elevate to medium integrity. Public details in the Initial and connected documents confirm the vulnerability class and affected component, and Microsoft’s MSRC en...
CVE-2019-0859
CVE-2019-0859 (Windows Win32k Privilege Escalation) : A local privilege escalation vulnerability in the Win32k component of Microsoft Windows arises from Win32k failing to properly handle objects in memory, enabling an attacker to run code in kernel mode. Several connected sources corroborate thi...
CVE-2018-8453
CVE-2018-8453 is a Windows Win32k local privilege escalation vulnerability. The flaw arises when Win32k fails to properly handle memory objects, allowing an attacker to escalate privileges via local code execution. Affected products include Windows 7, Windows 8.1, Windows 10 (and server variants ...
CVE-2019-0803
CVE-2019-0803 is a Windows Win32k elevation of privilege vulnerability. Root cause: Win32k fails to properly handle objects in memory, enabling local kernel-mode code execution. Affected software: Microsoft Windows Win32k component (privilege escalation). Impact: local privilege escalation with k...
CVE-2019-1064
CVE-2019-1064 is a Windows elevation-of-privilege flaw in the AppXSVC (Windows AppX Deployment Service) due to improper handling of hard links. The root cause allows a locally authenticated attacker to run processes in an elevated context, potentially installing programs or modifying data. Micros...
CVE-2019-1130
CVE-2019-1130 is a Windows privilege-escalation vulnerability in the AppX Deployment Service (AppXSVC) caused by improper handling of hard links. The CVE notes an elevation of privilege from a local user, with a CVSSv3.1 base score of 7.8 (LOCAL attack, LOW complexity, Privileges Required: LOW; U...
CVE-2017-8543
CVE-2017-8543 is a Windows remote code execution vulnerability in the Windows Search service. The root cause is how Windows Search handles objects in memory, allowing an attacker to take control of the affected system. Exploitation can occur by sending specially crafted messages to the Windows Se...
CVE-2019-1253
CVE-2019-1253 describes a local privilege-escalation in Microsoft Windows AppX Deployment Server caused by improper handling of junctions. The vulnerability allows an attacker who already has code execution on the target system to elevate privileges (local attack, low integrity/login requirements...
CVE-2019-1069
CVE-2019-1069 is a Windows Task Scheduler Privilege Escalation vulnerability in which the Task Scheduler Service inadequately validates certain file operations. The issue enables local privilege escalation when an attacker with unprivileged code execution on a victim system exploits the flaw. Mic...
CVE-2019-1215
CVE-2019-1215 describes a local privilege-escalation in Windows via ws2ifsl.sys (Winsock) where improper handling of memory-resident objects enables code execution with elevated privileges. Affected component is Winsock’s ws2ifsl.sys; root cause is memory handling of objects within the Winsock su...
CVE-2019-1315
CVE-2019-1315 describes a local privilege-escalation in Windows Error Reporting Manager, triggered when hard links are mishandled. Affected: Windows OS components involving Error Reporting; root cause is improper handling leading to unauthorized file manipulation and elevation. CVSSv3.1 base scor...
CVE-2018-8440
CVE-2018-8440 is a Windows elevation-of-privilege flaw in ALPC handling, enabling local privilege escalation via the ALPC Task Scheduler interface. Public details in connected docs show exploit PoCs and proof-of-concept code exist (e.g., CANVAS and metasploit references) and that tested environme...
CVE-2019-1214
CVE-2019-1214 is a Windows privilege-escalation vulnerability in the Windows Common Log File System (CLFS) Driver. It stems from improper handling of objects in memory, enabling a local attacker to escalate privileges on a vulnerable system. Public references consistently describe the CLFS driver...
CVE-2019-0703
CVE-2019-0703 is described in the initial doc as an information-disclosure vulnerability in the Windows SMB Server’s handling of certain requests, distinct from CVE-2019-0704 and CVE-2019-0821. Connected sources add concrete context: FireEye/Mandiant notes this CVE was used in targeted attacks du...
CVE-2019-0863
CVE-2019-0863 is a Windows Elevation of Privilege vulnerability in Windows Error Reporting (WER) where the vulnerability stems from the way WER handles files. The underlying issue allows local attackers to escalate to kernel-level privileges (CVE-2019-0863). Microsoft patched this in the May 2019...
CVE-2019-0543
Technical details about CVE-2019-0543 are not publicly provided in the supplied documents. Monitor for updates.
CVE-2019-0797
CVE-2019-0797 is a Windows Win32k privilege-escalation vulnerability caused by the Win32k component failing to properly handle objects in memory, enabling local code execution with kernel privileges. Affected: Windows Win32k subsystem (Win32k.sys). Impact: elevated privileges to SYSTEM with poten...
CVE-2018-8405
Technical details (exploit vector, affected products/versions, root cause specifics, and mitigations) are not publicly disclosed in the provided connected documents. Monitor for updates from authoritative sources.
CVE-2018-8406
CVE-2018-8406 is a DirectX Graphics Kernel (DXGKRNL) privilege-escalation vulnerability caused by the DXGKRNL driver improperly handling memory objects. Affected products include Windows Server 2016 and Windows 10 (and Windows 10 Servers). The CVE is characterized by a local, low-complexity attac...
CVE-2019-0903
Technical details about CVE-2019-0903 (affected component/version/root cause/impact) are not publicly provided in the supplied documents. Monitor for updates.
CVE-2019-1129
CVE-2019-1129 is a Windows AppX Deployment Service (AppXSVC) privilege-escalation vulnerability caused by improper handling of hard links. The issue enables local Privilege Escalation with high impact; CVSS 3.1 base score 7.8 (LOCAL, LOW complexity, no user interaction) as documented by NVD, and ...
CVE-2018-8414
CVE-2018-8414 is a Windows Shell remote code execution vulnerability where the Windows Shell fails to validate file paths. If a user opens a specially crafted file, an attacker could run arbitrary code in the user’s context. The vulnerability affects Windows 10 and related shells. Microsoft relea...
CVE-2018-8611
CVE-2018-8611 – Windows kernel elevation of privilege . The vulnerability arises because the Windows kernel fails to properly handle objects in memory, enabling a local attacker to run arbitrary code in kernel mode and perform actions such as installing programs, changing data, or creating accoun...
CVE-2018-0824
CVE-2018-0824 is a Microsoft Windows remote code execution vulnerability in the COM subsystem due to improper handling of serialized objects. Public writeups and advisories summarize that a specially crafted file or script can trigger code execution, with potential remote impact when users open o...
CVE-2018-8639
CVE-2018-8639 describes a local privilege escalation in Windows via Win32k, caused by improper handling of memory objects in the Win32k component. Affected systems include Windows 7, Windows 8.1, Windows 10 (and corresponding Windows Server editions listed in the CVE entry). The root cause is an ...
CVE-2018-8493
CVE-2018-8493 describes an information-disclosure vulnerability in the Windows TCP/IP stack where fragmented IP packets are mishandled. Affected products include Windows Server 2012 R2, Windows RT 8.1, Windows Server 2016, Windows 8.1, Windows 10, and Windows 10 Servers. The underlying issue is i...
CVE-2022-38396
CVE-2022-38396 concerns HP factory preinstalled Windows 10 images (20H2 and earlier). The issue is described as elevation of privilege by executing certain files outside the restricted path. The remediation is noted as implemented starting with Windows 10 21H2 (Oct 31, 2021). HP’s advisory refere...