113 matches found
CVE-2017-0179
CVE-2017-0179 describes a Hyper-V denial-of-service vulnerability affecting Windows host systems (e.g., Windows 10/Server 2012 R2/Server 2016) where input from a privileged user on a guest OS is not properly validated. Connected sources reference related Hyper-V CVEs (e.g., CVE-2017-0184) and ind...
CVE-2016-0088
CVE-2016-0088 corresponds to a Hyper-V remote code execution vulnerability in Microsoft Windows Hyper-V affecting Windows 8.1, Windows Server 2012 (Gold/R2), and Windows 10. The root cause is that Hyper-V fails to properly validate guest OS input from an authenticated user, enabling a crafted app...
CVE-2016-0175
The CVE-2016-0175 issue is a Win32k Information Disclosure vulnerability in the Windows kernel that allows a local attacker to obtain the memory addresses of kernel objects, enabling a KASLR bypass. The vulnerability affects multiple Windows releases (Vista SP2, Server 2008 SP2/R2, Windows 7 SP1,...
CVE-2017-0186
CVE-2017-0186 describes a denial-of-service vulnerability in Microsoft Hyper-V Network Switch when a privileged user on a guest OS can cause input validation to fail on supported Windows hosts (Windows 10, 8.1, Server 2012, 2012 R2, 2016). The underlying impact is host availability disruption. No...
CVE-2017-0185
Technical details for CVE-2017-0185 are not provided in the supplied documents. No concrete product/version/impact information is available here; monitor for updates.
CVE-2017-0024
Technical details for CVE-2017-0024 are not publicly available in the provided connected documents. Monitor for updates to confirm affected products, root cause, impact, and remediations.
CVE-2016-0196
CVE-2016-0196 concerns a privilege-escalation in Windows kernel-mode drivers. The initial description indicates that local users could gain privileges via a crafted application, affecting multiple Windows platforms including Windows Vista SP2, Windows Server 2008 SP2/R2, Windows 7 SP1, Windows 8....
CVE-2016-0197
CVE-2016-0197 is a local elevation-of-privilege vulnerability in the DirectX Graphics kernel subsystem (dxgkrnl.sys) affecting Windows Vista SP2, Server 2008 SP2/R2 SP1, Windows 7 SP1, Windows 8.1, Server 2012, Windows RT 8.1, and Windows 10 (including 1511). Root cause: improper handling of obje...
CVE-2017-0156
CVE-2017-0156 is an elevation-of-privilege vulnerability in the Microsoft Graphics component affecting Windows 7, 8.1, RT 8.1, 10, and Windows Server 2008 R2/2012/2012 R2/2016. The issue arises when the Graphics Component fails to properly handle memory objects, allowing a local attacker to gain ...
CVE-2017-0191
CVE-2017-0191 affects multiple Windows platforms (Windows 7, 8.1, 10 and Windows Server 2008 R2/2012/2012 R2/2016) with a denial-of-service condition caused by how memory objects are handled. The vulnerability could allow an attacker to cause a target system to stop responding. The provided sourc...
CVE-2016-0090
Summary: CVE-2016-0090 is a Windows Hyper-V Information Disclosure vulnerability. It affects Hyper-V on Windows 8.1, Windows Server 2012 R2, and Windows 10 where a guest OS user can cause the Hyper-V host to disclose memory contents via a crafted application. Root cause: inadequate validation of ...
CVE-2018-6947
CVE-2018-6947 is an uninitialised stack variable vulnerability in the nxfuse component of the Open Source DokanFS library shipped with NoMachine 6.0.66_2 and earlier. It enables local, low-privilege users to gain elevation of privileges on Windows 7 (32/64-bit) and can cause a denial of service o...
CVE-2016-0089
This CVE refers to CVE-2016-0089, a Windows Hyper-V Information Disclosure vulnerability. A guest OS user could exploit improper validation of guest input to cause the Hyper-V host to reveal memory information. Affected products include Hyper-V on Windows 8.1, Windows Server 2012 (Gold/R2), and W...