113 matches found
CVE-2023-24857
Technical details for CVE-2023-24857 are not present in the provided connected documents. The materials reference the vulnerability name and Microsoft advisory, but no product/version/impact/fix specifics are included. Monitor for updates.
CVE-2023-36912
Technical details about CVE-2023-36912 are not publicly available in the provided documents. Monitor for updates.
CVE-2016-0176
CVE-2016-0176 is a Windows privilege-escalation flaw in the DirectX Graphics Kernel Subsystem (dxgkrnl.sys). It affects multiple Windows versions (7 SP1, Server 2008 R2 SP1, 8.1, Server 2012 R2/Gold, RT 8.1, 10 variants). Root cause: improper handling of memory objects in the DirectX kernel subsy...
CVE-2017-0180
Technical details for CVE-2017-0180 are not publicly provided in the connected documents. Available sources reference Hyper-V Network Switch input validation issues but do not disclose affected versions, root cause specifics, or exploit information. Monitor for updates.
CVE-2023-36908
CVE-2023-36908 details are not publicly provided in the supplied documents. No explicit affected products, root cause, or remediation are described. Monitor for updates from official sources.
CVE-2023-21699
Technical details for CVE-2023-21699 are not provided in the connected documents. The initial description only notes an iSNS information disclosure vulnerability. Monitor for updates as more details become available.
CVE-2023-21811
Technical details for CVE-2023-21811 are not publicly provided in the supplied documents. No affected products, root cause, or remediation are specified here. Monitor for updates from the connected sources.
CVE-2017-0162
Technical details for CVE-2017-0162 are not present in the connected documents. The Initial document provides a high-level vulnerability description only. Monitor for updates from official advisories for affected products and fixes.
CVE-2017-0166
CVE-2017-0166: An LDAP elevation of privilege vulnerability in Windows occurs when LDAP request buffer lengths are improperly calculated. This enables a remote attacker to send malicious traffic to a Domain Controller to achieve elevated privileges. The initial description and connected documents...
CVE-2023-36907
Technical details about CVE-2023-36907 are not publicly available in the provided documents; no affected products, root cause, impact, or fixes are described here. Monitor official updates from NVD/Microsoft for remediation.
CVE-2018-0972
CVE-2018-0972 is a Windows kernel information-disclosure vulnerability that could enable an ASLR bypass. The entry covers multiple Windows versions (desktop, server, and RT). Public details in the initial record include CVSS metrics from NVD (2.1/5.5, LOW to MEDIUM overall, LOCAL access with low ...
CVE-2017-0193
CVE-2017-0193 affects Hyper-V instruction emulation in Microsoft Windows, enabling a local attacker to escalate privileges inside a guest VM due to insufficient enforcement of privilege levels in Hypervisor Code Integrity. Affected scope includes Windows Server 2008 R2/2012, Windows 7/8.1, Window...
CVE-2023-36905
CVE-2023-36905 affects Windows Wireless Wide Area Network Service (WwanSvc). The NVD entry shows a High-severity information disclosure (CVSS 3.1 base 7.5) with network attack vector and no user interaction; confidentiality impact is High. Connected docs reference Microsoft MSRC/KB guidance but d...
CVE-2018-0887
CVE-2018-0887 describes an information-disclosure in the Windows kernel caused by improper initialization of a memory address. Affected products include multiple Windows versions (Windows 7, Windows 8.1, Windows 10 family and corresponding Server variants). The vulnerability exposes partial confi...
CVE-2023-36913
Technical details about CVE-2023-36913 are not publicly provided in the supplied documents. No specific affected products, root cause, or remediation are described here. Monitor for updates as new information may be released.
CVE-2018-0973
Technical details for CVE-2018-0973 are not publicly available in the provided documents. The connected EUVD and CIRCL entries do not reveal affected products, impacts, or fixes for this CVE. Monitor sources for updates.
CVE-2016-0170
CVE-2016-0170 affects the Windows GDI component across multiple Windows versions (Vista SP2, Server 2008 SP2/R2, 7 SP1, 8.1, 2012/2012 R2, RT 8.1, 10). The vulnerability enables remote code execution when processing crafted documents, due to how the Graphics Component handles objects in memory. A...
CVE-2016-0179
CVE-2016-0179 describes a remote code execution vulnerability in Windows Shell across Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, and Windows 10 (Gold/1511). The root cause is improper handling of objects in memory within Windows Shell, enabling an attacker to trigger arbitrary code exec...
CVE-2017-0182
The connected Nessus plugin confirms a Hyper-V Denial of Service issue tied to CVE-2017-0182 family: a DoS affecting Microsoft Windows Hyper-V when input from a privileged guest OS is not properly validated, potentially crashing the host. Affected platforms include Windows client/server variants ...
CVE-2017-11847
CVE-2017-11847 affects the Windows kernel across multiple Windows client/server versions (Windows 7 SP1; Windows 8.1/RT; Windows 10 1511–1709; Windows Server 2008/2012/2016, etc.). The root cause is improper handling of objects in memory, enabling a local attacker to escalate privileges and run a...
CVE-2018-0968
CVE-2018-0968 is a Windows kernel information-disclosure vulnerability that could enable an attacker to bypass Kernel ASLR. It affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2016, Windows 8.1, Windows 10, and Windows Server 2019/10-family variants as listed. The connected CIRCL en...
CVE-2018-0970
Technical details for CVE-2018-0970 are not provided in the supplied documents. Public disclosure, affected products, and remediation remain unclear; monitor for updates.
CVE-2023-21697
Technical details about CVE-2023-21697 are not publicly available in the provided documents. Monitor for updates from Microsoft/NVD and Vulners for affected products, exploit information, and remediation.
CVE-2017-0084
CVE-2017-0084 concerns a remote code execution in Microsoft Windows Uniscribe (USP10) via font processing. The vulnerability is triggered by a crafted font during text rendering, leading to an invalid memory operation in USP10 which can be exploited to execute arbitrary code. Exploit details in p...
CVE-2016-0168
CVE-2016-0168 is a Windows GDI information-disclosure vulnerability affecting multiple Windows versions. Connected data confirms exploitation activity (Exploits listed on Exploit-DB and sightings in CIRCL) but provides no vendor-specific patch or remediation details in the supplied documents. No ...
CVE-2017-0058
CVE-2017-0058 is a Windows Win32k information-disclosure vulnerability where win32k.sys fails to properly provide kernel information, allowing a local attacker to obtain sensitive data to aid compromise. Affected: Microsoft Windows Win32k component. Root cause: improper kernel information exposur...
CVE-2018-0960
Technical details for CVE-2018-0960 are not publicly available in the provided documents. No product/version-specific impact or remediation is stated here; monitor for updates from official advisories.
CVE-2016-0171
CVE-2016-0171 is a Windows kernel‑mode elevation of privilege vulnerability affecting Win32k in several Windows releases (Vista SP2 to Windows 10 1511). The entry describes that a crafted user‑mode application can trigger a local privilege escalation via a flaw in the Win32k subsystem, with explo...
CVE-2017-0184
Microsoft Hyper-V remote Denial of Service vulnerability (CVE-2017-0184) arises from improper validation of input from a privileged user on a guest OS, potentially allowing a guest to crash the host. Affected component: Hyper-V on Windows Server. Consequence: denial of service impacting host avai...
CVE-2018-0969
The CVE-2018-0969 entry describes an information-disclosure vulnerability in the Windows kernel that could enable retrieval of information to bypass Kernel ASLR. Affected products include Windows 7, Windows Server 2012 R2/2012, Windows RT 8.1, Windows 8.1, Windows 10 and various Windows Server ed...
CVE-2017-11880
CVE-2017-11880 affects the Windows kernel across multiple OS versions (Windows 7 SP1, Server 2008 SP2/R2 SP1, 8.1, 2012/2012 R2, 10 1511/1607/1703, Server 2016). It enables an attacker to run a specially crafted application to obtain information and further compromise the system due to the kernel...
CVE-2018-0975
CVE-2018-0975 is an information-disclosure vulnerability in the Windows kernel that could enable an attacker to obtain information leading to a Kernel ASLR bypass. The Initial document lists affected Windows platforms (Windows 7, Windows Server 2008/2012/2016, Windows 8.1, Windows 10 and correspo...
CVE-2017-0258
CVE-2017-0258 is a Windows kernel local information-disclosure vulnerability affecting multiple Windows versions (Windows 7 SP1, Windows 8.1, Windows Server 2008 SP2/R2 SP1, Windows Server 2012/2016, Windows 10 releases 1511–1703, RT 8.1). A specially crafted document can allow an authenticated u...
CVE-2017-0076
Summary of CVE-2017-0076 and related entries : The vulnerability affects Hyper-V in multiple Windows platforms (Vista SP2; Server 2008 SP2/2008 R2; Windows 7 SP1; Windows 8.1; Server 2012/2012 R2; Windows 10 versions 1511/1607; and Windows Server 2016). The issue allows a guest OS user running in...
CVE-2016-0173
CVE-2016-0173 is a Win32k Elevation of Privilege vulnerability affecting Windows kernel‑mode drivers across Windows Vista SP2 through Windows 10 (1511). A crafted user-mode application can trigger local privilege escalation, as described in the original entry. Public exploit access exists: Exploi...
CVE-2017-0074
CVE-2017-0074 is a Hyper-V denial-of-service vulnerability affecting Windows Hyper-V across multiple Windows client and server editions. Connected sources (CNVD entries) describe a Hyper-V DoS where a crafted application can crash the host, affecting Hyper-V guests; specific affected versions ali...
CVE-2017-0163
CVE-2017-0163 affects Windows Server Hyper-V Network Switch, allowing remote code execution when input from a guest OS is not properly validated. The underlying issue is improper validation of guest-supplied input, enabling an attacker with guest access to execute arbitrary code on the host. Publ...
CVE-2017-0192
The CVE-2017-0192 entry describes an information disclosure in the Microsoft Windows ATMFD.dll (Adobe Type Manager Font Driver). Affected products include Windows Vista SP2, Windows Server 2008 SP2/R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold/R2, Windows RT 8.1, and Windows 10 bui...
CVE-2017-0167
CVE-2017-0167 is a Windows kernel information disclosure vulnerability affecting Windows 8.1, Windows RT 8.1, Windows Server 2012 R2, Windows 10, and Windows Server 2016, caused by the kernel improperly handling objects in memory. Successful exploitation could let an attacker obtain information f...
CVE-2023-21701
CVE-2023-21701 is described as a Microsoft PEAP Denial of Service vulnerability with a CVSS v3.1 base score of 7.5 (Network attack, no user interaction, high impact to availability). The provided documents do not include concrete exploit details, affected product versions, root cause, or a confir...
CVE-2016-0180
CVE-2016-0180 is a Windows kernel elevation-of-privilege vulnerability affecting multiple Windows versions (Vista SP2, Server 2008 SP2/R2, 7 SP1, 8.1, 2012, RT 8.1, 10 variants). The root cause is how the Windows kernel mishandles symbolic links, enabling a local attacker to gain privileges via a...
CVE-2017-0097
CVE-2017-0097 affects Hyper-V in multiple Windows platforms (Vista SP2, Server 2008 SP2/R2, Windows 7 SP1, 8.1, Server 2012/R2, Windows 10 up to 1607 and Server 2016). The vulnerability allows a guest OS user, running as a VM, to cause a denial of service on the host via a crafted application. Th...
CVE-2023-21702
CVE-2023-21702 refers to a Windows iSCSI Service Denial of Service vulnerability. The initial description notes a HIGH (7.5) CVSS v3.1 impact with network attack vector and no user interaction, but the connected documents do not provide additional technical details, affected software versions, ro...
CVE-2017-0188
CVE-2017-0188 concerns a Win32k information-disclosure vulnerability in Windows 8.1/RT 8.1, Windows Server 2012/2012 R2, Windows 10, and Windows Server 2016. The win32k component improperly provides kernel information, enabling an attacker who can exploit the issue to obtain information that coul...
CVE-2017-0183
CVE-2017-0184 is a Hyper-V Denial of Service vulnerability caused by improper validation of input from a privileged user on a guest OS. Exploitation could crash the host Hyper-V service. A known remediation is the security update KB3217841 (April 2017).
CVE-2017-11849
The CVE-2017-11849 entry concerns the Windows kernel information disclosure vulnerability. Affected software includes Windows kernel on Windows 7 SP1; Windows Server 2008 SP2/R2 SP1; Windows 8.1/RT 8.1; Windows Server 2012/R2; Windows 10 versions (Gold, 1511, 1607, 1703, 1709); and Windows Server...
CVE-2017-11853
Technical details for CVE-2017-11853 (affected Windows kernel versions, root cause, impact, and fixes) are not publicly provided in the connected documents. Monitor for updates from official advisories (MSRC) and regional databases.
CVE-2017-0189
Technical details about CVE-2017-0189 are not publicly available in the provided connected documents. Monitor for updates.
CVE-2017-0165
CVE-2017-0165 is a local elevation of privilege vulnerability in Microsoft Windows (affecting Windows 10, 1511, 8.1, RT 8.1, and Windows Server 2012 R2) caused by improper sanitization of handles in memory. The CIRCL/CVE sighting notes an exploit in ExploitDB, indicating public exploitation exist...
CVE-2017-0178
CVE-2017-0178 affects Microsoft Hyper-V on Windows 10 (incl. 1511/1607), Windows 8.1, Windows Server 2012 R2, and Windows Server 2016. The vulnerability is a denial-of-service caused by improper validation of input from a privileged user on a guest OS, leading to host crash. Connected docs corrob...