2974 matches found
CVE-2018-8641
CVE-2018-8641 is a Windows Win32k kernel-mode privilege-escalation vulnerability. The Win32k component fails to properly handle objects in memory, enabling local privilege escalation. Affected products include multiple Windows versions (Windows 7, Windows 8.1, Windows 10 and corresponding Server ...
CVE-2022-30170
Technical details about CVE-2022-30170 are not provided in the supplied documents. The connected sources reference related Credential Roaming issues and general Windows security updates, but no specific vulnerability details, affected products, or fixes are disclosed here. Monitor for updates.
CVE-2020-15705
GRUB2 ≤ 2.04 fails to validate kernel signatures when booting directly without shim, allowing Secure Boot bypass if the kernel signing certificate is in the Secure Boot DB. The issue affects GRUB2 2.04 and earlier; upgrades to patched grub2/shim combinations are advised (e.g., 2.06+ and related s...
CVE-2019-1182
CVE-2019-1182 is a remote code execution vulnerability in Microsoft Windows Remote Desktop Services (RDS) caused by a heap overflow in the server’s dynamic channel handling when processing RDP requests. The flaw is pre-authentication and exploitable by an unauthenticated attacker who connects to ...
CVE-2022-22049
CVE-2022-22049 is a Windows CSRSS (Client Server Run-time Subsystem) Elevation of Privilege vulnerability. The entry lists a CVSS v2 base score of 7.2 (HIGH) and CVSS v3.1 base score of 7.8 (HIGH), with LOCAL attack vector, LOW attack complexity, and privileges required as LOW; no user interactio...
CVE-2019-1006
CVE-2019-1006 corresponds to an authentication bypass vulnerability in Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF) that allows signing SAML tokens with arbitrary symmetric keys. The connected Nessus entries reiterate this issue as part of Microsoft SharePoint serv...
CVE-2022-21972
CVE-2022-21972 is a Windows PPTP VPN component remote code execution vulnerability caused by use-after-free handling of PPTP packets. The connected advisory states a remote code execution vulnerability exists in Windows VPN due to improper PPTP packet handling, i.e., PPTP protocol use after free....
CVE-2022-24505
CVE-2022-24505 is a Windows ALPC Elevation of Privilege vulnerability. The connected sources confirm a local privilege escalation in the Windows ALPC mechanism, enabling an attacker with local access to obtain high/ SYSTEM-like privileges. The NVD/CVSS data show a CVSS 3.1 base score of 7.0 (HIGH...
CVE-2022-24500
CVE-2022-24500 is a Windows SMB Remote Code Execution vulnerability. Connected exploit posts provide concrete steps and code to launch a Windows SMB-based RCE, requiring the target to interact with a malicious server/share over SMB (port 445). The GitHub exploits illustrate an end-to-end chain (d...
CVE-2019-0685
CVE-2019-0685 is a Windows Win32k Elevation of Privilege vulnerability. The Win32k component fails to properly handle objects in memory, enabling a local attacker to escalate to kernel mode and execute code with high impact. Documented alongside related CVEs (CVE-2019-0803, CVE-2019-0859) and ref...
CVE-2023-21746
CVE-2023-21746 is a Windows NTLM elevation of privilege vulnerability. A GitHub exploit module for LocalPotato CVE-2023-21746 suggests a Windows-based target, with hints of buffer overflow/memory corruption as the likely root cause and that the exploit may be invoked via an exploit.py script in a...
CVE-2018-0952
CVE-2018-0952 is a local Elevation of Privilege vulnerability in Diagnostics Hub Standard Collector (used by Windows Diagnostics Hub and Visual Studio components). The root cause, as documented, is the ability to create arbitrary files due to lack of proper client impersonation in DiagnosticsHub....
CVE-2018-8124
CVE-2018-8124 is a Win32k privilege-escalation vulnerability in Windows where the Win32k component fails to properly handle objects in memory. Affected: Windows 7, Windows Server 2008/2008 R2, Windows 8.1, Windows 10 and corresponding Server editions listed in the description; root cause is impro...
CVE-2021-38633
CVE-2021-38633 affects Windows CLFS driver (Common Log File System). Connected sources provide concrete technical detail: the vulnerability is a local privilege escalation in clfs.sys, related to CLFS container/file creation paths and privilege checks (e.g., CClfsBaseFilePersisted::CreateContaine...
CVE-2021-26424
The CVE-2021-26424 issue is a Windows TCP/IP remote code execution vulnerability. According to the NCSC advisory, it can be remotely triggered by a malicious IPv6 ping from a Hyper‑V guest to the Hyper‑V host, with exploitation achieved by sending a specially crafted TCP/IP packet to the host usi...
CVE-2020-1013
Technical details specific to CVE-2020-1013 are not provided in the supplied documents. The connected KB articles reference other updates and vulnerabilities but do not reveal CVE-2020-1013 specifics. Monitor for updates.
CVE-2020-1048
CVE-2020-1048 is a Windows Print Spooler elevation of privilege vulnerability. It arises from improper handling that allows arbitrary writing to the file system, enabling local privilege escalation. Public exploits/public PoCs exist (notably PrintDemon) and have been discussed alongside patch cir...
CVE-2021-36963
Technical details about CVE-2021-36963 are not provided in the supplied documents. Public disclosures among the connected items do not specify affected products, root cause, impact, or fixes beyond the general vendor advisory; monitor for official updates.
CVE-2022-24491
CVE-2022-24491 is a Remote Code Execution flaw in Windows Network File System (NFS) that is exploitable only on systems with the NFS role enabled. Affected component is the Windows NFS protocol handling; the root cause is remote code execution via specially crafted NFS network messages. Public pa...
CVE-2022-24528
CVE-2022-24528 is a Remote Code Execution vulnerability in Windows RPC Runtime. It is a network-exposed issue affecting the Windows RPC runtime, with a high-severity impact (C/H/I/A: high) per CVSS v3.1 (8.8) and a medium base score (6.8) in CVSS v2. The CVSS v3.1 vector indicates network access,...
CVE-2022-26931
CVE-2022-26931 is a Windows Kerberos elevation-of-privilege issue tied to certificate-to-account mapping changes in Active Directory. Microsoft KBs and Citrix documents describe remediation via certificate-mapping updates (e.g., KB5014754 and related out‑of‑band mitigations) to address how certif...
CVE-2018-8166
The CVE-2018-8166 entry is supported by connected documents describing a Win32k privilege-escalation vulnerability in Windows where the Win32k component mishandles objects in memory, allowing local kernel-mode code execution if exploited. Affected products span multiple Windows versions (e.g., Wi...
CVE-2019-1040
CVE-2019-1040 describes a tampering vulnerability in Microsoft Windows NTLM MIC protection where a MITM attacker can alter NTLM flags in the NTLM exchange without invalidating the signature. The root cause is improper validation/tampering of MIC in NTLM AUTHENTICATE messages, enabling an attacker...
CVE-2020-1337
CVE-2020-1337 is a local privilege-escalation vulnerability in the Windows Print Spooler. It results from a bypass of the CVE-2020-1048 patch via a Junction Directory, allowing an unprivileged user to achieve elevation by abusing how the spooler writes to the file system. The risk is local (no ne...
CVE-2019-0796
Technical details for CVE-2019-0796 are not publicly provided in the supplied documents; no affected product/version or exploit specifics are confirmed here. Monitor for updates.
CVE-2020-0611
CVE-2020-0611 is a remote code execution vulnerability in the Windows Remote Desktop Client. Connected documents confirm the flaw affects the RDP client when a user connects to a malicious server, enabling arbitrary code execution on the client. The Microsoft blogs and advisories describe pre-aut...
CVE-2022-21977
Technical details about CVE-2022-21977 (Media Foundation Information Disclosure Vulnerability) are not provided in the supplied documents. No concrete affected products, versions, or remediation are stated here; monitor official sources for updates and disclosures.
CVE-2020-1599
CVE-2020-1599 is referenced in connected material (notably Microsoft ZLoader defense-evasion coverage) as a vulnerability used to aid attacker techniques (e.g., signing/validating files to mask malice). The documents do not provide concrete technical details on the root cause, affected products/v...
CVE-2020-1307
Technical details for CVE-2020-1307 are not publicly provided in the supplied documents. Monitor for updates from official sources for affected products, impact, and remediation if available.
CVE-2022-24547
CVE-2022-24547 matches the Windows Digital Media Receiver Elevation of Privilege vulnerability. Connected CNVD-2022-65611 describes an elevation of privilege in Microsoft Windows Digital Media Receiver caused by an incorrect programmatic call to an advanced local procedure. The CVE entry lists th...
CVE-2018-8164
CVE-2018-8164 is a Win32k privilege-escalation vulnerability in Windows where the Win32k component fails to properly handle objects in memory. Affected are multiple Windows releases (server and client SKUs listed in the CVE entry). The connected documents corroborate a kernel-mode elevation of pr...
CVE-2020-0624
CVE-2020-0624 is a Win32k Elevation of Privilege vulnerability in Windows where the Win32k component fails to properly handle objects in memory. The NVD entry notes an affected Windows environment with local attacker access and a high-severity CVSS 3.1 score (7.8) indicating local, low-privilege,...
CVE-2021-31167
CVE-2021-31167 is a Windows vulnerability in the Container Manager Service that enables Elevation of Privilege. It is a local, low-attack-complexity issue with high impact (confidentiality/ integrity/ availability), allowing an attacker with low privileges to escalate. Public exploits are noted f...
CVE-2022-24545
Technical details about CVE-2022-24545 (affected product/versions/root cause/exploitability) are not provided in the supplied connected documents. Monitor for updates from official advisories for concrete information and remediation guidance.
CVE-2019-0730
CVE-2019-0730 is a Windows local privilege escalation affecting the LUAFV driver (luafv.sys). The vulnerability arises from how LUAFV handles certain calls, enabling an attacker to obtain elevated privileges. Public exploitation exists per CIRCL/CVE-2019-0730 sightings, including Exploit-DB entry...
CVE-2019-1226
CVE-2019-1226 is a pre-auth remote code execution vulnerability in Windows Remote Desktop Services (RDP Server). An unauthenticated attacker can send specially crafted RDP requests to a target and execute arbitrary code, potentially installing programs, modifying data, or creating user accounts w...
CVE-2019-0821
CVE-2019-0821, CVE-2019-0703 and CVE-2019-0704 describe an information disclosure vulnerability in the Windows SMB Server related to how it handles certain requests. The connected documents consistently identify the SMB Server information-disclosure flaw as the core issue across these CVEs, affec...
CVE-2021-1678
CVE-2021-1678 affects the Windows Print Spooler service and is described in Connected documents as an arbitrary code execution vulnerability. The available connected document provides a PoC exploit (Exploit for CVE-2021-1678) hosted on Gitee, contained in a Docker container with a Python script s...
CVE-2021-43217
CVE-2021-43217 is a Windows Encrypting File System (EFS) remote code execution vulnerability. The connected exploit document documents a practical demonstration of an EFS bypass on Windows 10 and shows use of Kali Linux, Metasploit and reverse TCP payloads, indicating an attacker could achieve co...
CVE-2022-24497
CVE-2022-24497 is a Windows Network File System (NFS) Remote Code Execution vulnerability. Exploitation can occur remotely over the network if NFS is enabled; Microsoft rated it Critical (CVSS v3.1 9.8) with wormable characteristics discussed in Patch Tuesday coverage. There is a public exploit/t...
CVE-2021-28476
CVE-2021-28476 is a Hyper-V vmswitch.sys vulnerability enabling guest-to-host access via an out-of-bounds read in VmsIfrInfoParams_OID_SWITCH_NIC_REQUEST when processing OID_SWITCH_NIC_REQUEST. Public PoC/exploit code exists (e.g., 0vercl0k and LaCeeKa repos) and prior reports describe guest-trig...
CVE-2022-21967
Technical details about CVE-2022-21967 are not publicly provided in the supplied documents. Monitor for updates from official sources for affected products, impact, and remediation information.
CVE-2022-23293
Technical details for CVE-2022-23293 are not publicly available in the provided Connected documents. Monitor for updates.
CVE-2022-23284
Technical details for CVE-2022-23284 (affected product, root cause, impact, and fix) are not publicly available in the provided Connected documents. Monitor for updates from official sources.
CVE-2019-0805
Technical details for CVE-2019-0805 are not publicly available in the provided documents. Monitor for updates.
CVE-2019-0633
CVE-2019-0633 describes a remote code-execution vulnerability in the Microsoft Windows SMBv2 server. The SMBv2 service can be triggered by handling certain requests, enabling an attacker to execute arbitrary code on the target system. The CVE is distinct from CVE-2019-0630. Severity is high (NVD ...
CVE-2019-0731
Technical details (affected product/version, root cause, impact, or fix) are not provided in the connected documents. Monitor for updates from CIRCL/CIRSA sources and exploit-db references for CVE-2019-0731.
CVE-2021-34487
Technical details for CVE-2021-34487 are not publicly available in the provided connected documents. Monitor for updates from Microsoft and CVE records; no concrete affected products, root cause, or fixes are described here.
CVE-2019-0704
CVE-2019-0703 is an information-disclosure vulnerability in Windows SMB Server handling of certain requests. Connected sources confirm the issue as a Windows SMB Information Disclosure vulnerability distinct from CVE-2019-0704 and CVE-2019-0821. FireEye Mandiant Threat Intelligence notes that CVE...
CVE-2021-26432
CVE-2021-26432 is a remote code execution vulnerability in the Windows Services for NFS ONCRPC XDR Driver. The issue allows an attacker to execute arbitrary code on a vulnerable system via the ONCRPC XDR Driver component, with high impact (C/H/I/A = HIGH) and network access (CVSS scores reflect r...