Lucene search
K

6 matches found

CVE
CVE
added 2021/02/25 11:1 p.m.1526 views

CVE-2021-1732

CVE-2021-1732 is a Windows Win32k local privilege escalation vulnerability. The root cause is a flaw in how the WndExtra field is handled as an offset, enabling an out-of-bounds write that grants SYSTEM privileges. Public exploit activity exists in multiple GitHub repos that demonstrate a local p...

7.8CVSS8AI score0.78376EPSS
In wild
CVE
CVE
added 2020/11/11 6:48 a.m.1366 views

CVE-2020-17087

CVE-2020-17087 is a Windows Kernel Local Privilege Escalation vulnerability tied to a heap-based overflow in cng.sys. Connected exploit sources describe a local-vector attack requiring initial code execution, then abusing an IOCTL to .\\.GLOBALROOT\Device\Cng with a crafted size parameter that ca...

7.8CVSS8.3AI score0.05387EPSS
In wild
CVE
CVE
added 2020/06/09 7:43 p.m.1301 views

CVE-2020-0986

Technical details about CVE-2020-0986 are not publicly available in the provided connected documents. Please monitor for updates; current materials mention malware references in related EUVD entries but do not disclose affected products, vulnerable components, impact, or fixes.

7.8CVSS7.7AI score0.15932EPSS
In wild
CVE
CVE
added 2020/08/17 7:13 p.m.1151 views

CVE-2020-1464

CVE-2020-1464 is a Windows spoofing vulnerability where improper validation of code-signing signatures allows bypassing security features and loading improperly signed files. It affects Windows and was actively exploited in the wild, per reports linked to the August 2020 Patch Tuesday. The core i...

7.8CVSS7.1AI score0.41131EPSS
In wild
CVE
CVE
added 2021/04/13 7:32 p.m.1148 views

CVE-2021-28310

CVE-2021-28310 is a Win32k Elevation of Privilege vulnerability in Microsoft Windows. Project Zero’s 2021 review notes Win32k 0-day activity among in-the-wild exploits, with CVE-2021-28310 listed as one of the Windows 0-days targeted in 2021 (alongside other Win32k issues). The CVE entry is suppo...

7.8CVSS8.2AI score0.0833EPSS
In wild
CVE
CVE
added 2023/02/03 4:53 p.m.70 views

CVE-2022-38396

CVE-2022-38396 concerns HP factory preinstalled Windows 10 images (20H2 and earlier). The issue is described as elevation of privilege by executing certain files outside the restricted path. The remediation is noted as implemented starting with Windows 10 21H2 (Oct 31, 2021). HP’s advisory refere...

7.8CVSS7.9AI score0.00407EPSS