28 matches found
CVE-2021-1675
CVE-2021-1675 is the Windows Print Spooler vulnerability known as “PrintNightmare.” Public documents describe a remote code execution path via the Print Spooler service, exploitable by an authenticated attacker through RPC/Printer driver operations (e.g., RpcAddPrinterDriverEx) to execute code wi...
CVE-2021-40444
CVE-2021-40444 is a Microsoft MSHTML remote-code-execution vulnerability exploited via specially crafted Word documents containing malicious ActiveX controls. Public details confirm an exploit chain: a Word doc opens, a relationship in document.xml.rels points to a malicious HTML, IE Preview load...
CVE-2021-31166
CVE-2021-31166 : A use-after-free in Microsoft’s HTTP Protocol Stack (http.sys) enables remote code execution. The issue occurs in http!UlpParseContentCoding: a local LIST_ENTRY is built and then moved into the Request structure without nulling the local list, leaving entries dangling and allowin...
CVE-2021-1732
CVE-2021-1732 is a Windows Win32k local privilege escalation vulnerability. The root cause is a flaw in how the WndExtra field is handled as an offset, enabling an out-of-bounds write that grants SYSTEM privileges. Public exploit activity exists in multiple GitHub repos that demonstrate a local p...
CVE-2021-40449
CVE-2021-40449 is a Win32k use-after-free local privilege escalation in GreResetDCInternal. The vulnerability arises when a user‑mode callback hook on the driver’s PDEV path (DrvEnablePDEV) can trigger a subsequent ResetDC call, freeing the original device context and causing a kernel‑mode use‑af...
CVE-2020-17087
CVE-2020-17087 is a Windows Kernel Local Privilege Escalation vulnerability tied to a heap-based overflow in cng.sys. Connected exploit sources describe a local-vector attack requiring initial code execution, then abusing an IOCTL to .\\.GLOBALROOT\Device\Cng with a crafted size parameter that ca...
CVE-2021-36934
CVE-2021-36934 (Windows SAM Local Privilege Escalation, alias HiveNightmare/SeriousSAM) is a local-privilege-escalation flaw caused by overly permissive ACLs on system files in %windir%\system32\config (notably SAM and SYSTEM). If a Volume Shadow Copy exists, a non-privileged user can read these ...
CVE-2020-0986
Technical details about CVE-2020-0986 are not publicly available in the provided connected documents. Please monitor for updates; current materials mention malware references in related EUVD entries but do not disclose affected products, vulnerable components, impact, or fixes.
CVE-2021-41379
CVE-2021-41379 is a Windows Installer Elevation of Privilege vulnerability affecting Windows Installer across Windows 10/11 and Windows Server. Public details in connected sources describe the issue as a Windows Installer privilege-escalation flaw, with references to InstallerFileTakeOver as the ...
CVE-2021-31956
CVE-2021-31956 is a Windows NTFS local privilege-escalation vulnerability that Microsoft and security researchers have shown can be exploited via manipulation of the Windows kernel’s WNF/NTFS interaction and pool-heap exploitation techniques to obtain SYSTEM-level access. Public materials describ...
CVE-2021-34484
CVE-2021-34484 is a Windows User Profile Service local privilege escalation caused by a race condition in CreateDirectoryJunction() that allowed a logged-on user to influence profile handling and load a malicious DLL with SYSTEM privileges. The vulnerability was initially patched but later bypass...
CVE-2021-33742
CVE-2021-33742 is a memory-corruption remote code execution vulnerability in Microsoft Windows MSHTML/Internet Explorer. The IE/MSHTML bugchain included a use-after-free (user-controlled callback between two actions) and a buffer overflow in MSHTML, enabling arbitrary code execution. In-the-wild ...
CVE-2021-36948
Technical details are not publicly provided in the available documents. The CVE is described as Windows Update Medic Service EoP, with some sources noting exploitation in the wild, but there is no concrete root cause, affected versions, or fix details here.
CVE-2021-31201
CVE-2021-31201 is a Windows privilege-escalation vulnerability affecting the Enhanced Cryptographic Provider . The available documents confirm it enables local privilege escalation (local access required) and classify the impact as elevation of privileges; exact root-cause details are not provide...
CVE-2021-34448
CVE-2021-34448 is a memory corruption vulnerability in the Microsoft Windows Scripting Engine (IE/JavaScript). Exploitation can be remote via a crafted web page or email, enabling code execution at the logged-on user level. Public analyses reference exploitation in the wild and Microsoft Patch Tu...
CVE-2021-31199
CVE-2021-31199 is a Windows Elevation of Privilege vulnerability in the Microsoft Enhanced Cryptographic Provider. The CVE affects Windows components and is driven by local exploitation (local access required) with low privileges needed, and no user interaction, but yields high impact on confiden...
CVE-2021-31979
CVE-2021-31979 is a Windows kernel elevation-of-privilege vulnerability that affects multiple kernel components, with confirmed in-the-wild activity. Affected areas include NTOS kernel, Win32k, and ntfs.sys, indicating local privilege escalation via kernel-level flaws. Public documentation in the...
CVE-2021-31955
CVE-2021-31955 is a Windows kernel information-disclosure vulnerability in ntoskrnl.exe related to the SuperFetch feature. By sending a SystemSuperfetchInformation query via NtQuerySystemInformation, an attacker can obtain the kernel address of the current process’s EPROCESS, which also contains ...
CVE-2021-33739
This CVE (CVE-2021-33739) concerns the Microsoft Desktop Window Manager (DWM) Core Library in Windows. Affected component: dwmcore.dll within Windows 10/Server environments. Root cause: a use-after-free-style issue tied to a Tracker Binding Manager object in the DWM core, leading to an elevation ...
CVE-2021-33771
CVE-2021-33771 is a Windows Kernel Elevation of Privilege vulnerability affecting Windows kernels; multiple sources classify it as a local, low-complexity EoP with high impact. Several connected documents reference active exploitation in the wild or near-wild activity, including reports of target...
CVE-2020-1464
CVE-2020-1464 is a Windows spoofing vulnerability where improper validation of code-signing signatures allows bypassing security features and loading improperly signed files. It affects Windows and was actively exploited in the wild, per reports linked to the August 2020 Patch Tuesday. The core i...
CVE-2021-28310
CVE-2021-28310 is a Win32k Elevation of Privilege vulnerability in Microsoft Windows. Project Zero’s 2021 review notes Win32k 0-day activity among in-the-wild exploits, with CVE-2021-28310 listed as one of the Windows 0-days targeted in 2021 (alongside other Win32k issues). The CVE entry is suppo...
CVE-2021-36955
CVE-2021-36955 is a Windows privilege-escalation flaw in the Common Log File System (CLFS) driver. The vulnerability stems from the CLFS driver (clfs.sys) and enables local privilege escalation to SYSTEM when exploited. Connected guidance and threat intel cite this CVE alongside Windows CLFS-rela...
CVE-2021-40450
CVE-2021-40450 is a Win32k elevation-of-privilege vulnerability (local, privilege escalation) in Windows. The CVE is described as a Win32k Privilege Escalation issue with high impact (confidentiality, integrity, availability) per CVSS 3.1/3.1 vector; attack is local and requires no user interacti...
CVE-2021-34486
CVE-2021-34486 is a Windows Event Tracing Elevation of Privilege vulnerability. The referenced data identify ETW as the affected component with a local attack vector and privilege escalation impact (CVE severity up to HIGH in CVSS‑3.1). Microsoft and related catalogs describe this as a Windows ET...
CVE-2021-41357
CVE-2021-41357 is a Windows Win32k privilege-escalation vulnerability (local, low complexity, no user interaction) with CVSS v3.1 base score 7.8 (high). Affected component is Win32k; root cause involves elevation of privileges on Windows systems. Public disclosures in the connected documents indi...
CVE-2021-43226
CVE-2021-43226 pertains to the Windows Common Log File System (CLFS) Driver. The available documents identify a local privilege-escalation vulnerability in CLFS that could allow a privileged attacker on a Windows host to gain higher privileges. The CVE is listed in the KEV catalog as a Microsoft ...
CVE-2022-38396
CVE-2022-38396 concerns HP factory preinstalled Windows 10 images (20H2 and earlier). The issue is described as elevation of privilege by executing certain files outside the restricted path. The remediation is noted as implemented starting with Windows 10 21H2 (Oct 31, 2021). HP’s advisory refere...