254 matches found
CVE-2015-2363
CVE-2015-2363 affects Windows kernel-mode graphics/driver component Win32k.sys, enabling local privilege escalation via a crafted application. Affected products include Windows Server 2003 SP2/R2 SP2, Windows Vista SP2, Windows Server 2008 SP2/R2 SP1, Windows 7 SP1, Windows 8/8.1, Windows Server ...
CVE-2015-2433
CVE-2015-2433 is described as a local kernel ASLR bypass vulnerability in Microsoft Windows (affecting Vista SP2/Server 2008 SP2 and R2, Windows 7 SP1, 8/8.1, Server 2012, RT/RT 8.1, Windows 10). Connected records confirm public exploitation activity and linkage to a separate MS15-080/graphics-fo...
CVE-2015-2514
CVE-2015-2514 pertains to Windows Journal remote code execution via a crafted .jnt file affecting Windows Vista SP2, Server 2008 SP2/R2 SP1, Windows 7 SP1, Windows 8/8.1, Windows Server 2012 Gold/R2, Windows RT Gold/8.1, and Windows 10. The connected records also reference CVE-2015-2513 and CVE-2...
CVE-2013-3876
CVE-2013-3876 concerns DirectAccess in Windows platforms where the client/server DirectAccess component fails to properly verify server X.509 certificates. This enables a man-in-the-middle to impersonate a legitimate server and potentially read encrypted domain credentials when a crafted certific...
CVE-2014-6318
CVE-2014-6318 refers to a vulnerability in the Remote Desktop Protocol (RDP) audit logon feature across multiple Windows versions (Vista SP2, Server 2008 SP2/R2, 7 SP1, 8/8.1, Server 2012/2012 R2, RT/RT 8.1). The issue is that failed login attempts with valid credentials are not properly logged, ...
CVE-2015-2524
Technical details about CVE-2015-2524 are not publicly available in the provided connected documents. No specific affected product/version, root cause, impact, or remediation are disclosed here. Monitor for updates.
CVE-2015-6126
CVE-2015-6126 is a local elevation-of-privilege vulnerability in the Pragmatic General Multicast (PGM) protocol implementation in Windows. The root cause is a race condition that can lead to references to memory that has already been freed (use-after-free), enabling a logged-in attacker to gain p...
CVE-2015-2509
CVE-2015-2509 concerns Windows Media Center in Vista SP2, Win7 SP1, Win8, and Win8.1. The vulnerability arises in Windows Media Center’s handling of Media Center Link (.mcl) files, where a crafted mcl file can lead to arbitrary code execution. Exploitation described in public sources involves del...
CVE-2014-0300
CVE-2014-0300 is a Windows kernel-mode driver (Win32k.sys) elevation-of-privilege vulnerability affecting multiple Windows versions (XP SP2/SP3, Server 2003 SP2, Vista SP2, Server 2008 SP2/R2, Windows 7, 8, 8.1, Server 2012) where local attackers can gain privileges via a crafted application. Roo...
CVE-2015-0081
CVE-2015-0081 affects Windows Text Services (WTS) and allows remote code execution when a user opens a crafted web site or file. Affected products include Windows Server 2003 SP2, Vista SP2, Server 2008 SP2/R2, Windows 7 SP1, Windows 8/8.1, Windows Server 2012/2012 R2, and Windows RT/8.1. Root ca...
CVE-2015-2462
CVE-2015-2462 is an OpenType font parsing vulnerability in Windows’ Adobe Type Manager Library (ATMFD.DLL). The weakness allows remote code execution when a crafted OpenType font is processed by affected Windows builds. The affected platforms include Windows Vista SP2, Windows Server 2008 SP2/R2,...
CVE-2015-2528
The CVE-2015-2528 issue affects Windows 8, Windows 8.1, Windows Server 2012 Gold/R2, Windows RT Gold/8.1, and Windows 10, where the local threat can gain privileges by abusing improper constraints on impersonation levels in Task Management. The root cause is not clearly constrained impersonation ...
CVE-2015-2553
CVE-2015-2553 affects the Windows kernel’s handling of mountpoint creation for reparse points, enabling local privilege escalation via sandboxed environments on Windows Vista/7/8/8.1/10 and corresponding server editions. Public writeups describe bypasses of the mitigation introduced by MS15-111 (...
CVE-2015-6101
CVE-2015-6101 is a Windows kernel local privilege escalation affecting Windows Vista SP2, Windows Server 2008 SP2/R2 SP1, Windows 7 SP1, Windows 8/8.1, Windows Server 2012 Gold/R2, Windows RT/8.1, and Windows 10 (build 1511). The vulnerability allows a local user to gain privileges via a crafted ...
CVE-2015-6173
CVE-2015-6173 targets the Windows kernel memory elevation vulnerability affecting multiple Windows versions (Vista SP2, 2008 SP2/R2, 7 SP1, 8/8.1, 2012 Gold/R2, RT/8.1, 10 RT1/1511). It enables local privilege escalation via a crafted application, with exploitation publicized ( exploit-db entries...
CVE-2014-0323
CVE-2014-0323 affects Microsoft Windows kernel-mode driver win32k.sys, enabling local attackers to disclose kernel memory contents or trigger a system hang via a crafted application. Affected products include Windows XP SP2/SP3, Server 2003 SP2, Vista SP2, Server 2008 SP2/R2, Windows 7 SP1, Windo...
CVE-2014-1817
CVE-2014-1817 concerns a vulnerability in usp10.dll (Uniscribe) that affects multiple Windows versions (Server 2003 SP2, Vista, Server 2008/2008 R2, Windows 7/8/8.1, Server 2012/R2) and related Office components. The issue arises from processing a crafted EMF+ record in a font file, enabling remo...
CVE-2014-1818
CVE-2014-1818 is a GDI+ image parsing vulnerability in Windows and Office components that allows remote code execution when a crafted EMF+ record is embedded in an image file. The affected products include multiple Windows versions (Server 2003 SP2, Vista SP2, Server 2008 SP2/R2 SP1, Windows 7 SP...
CVE-2015-0006
The CVE-2015-0006 issue is a vulnerability in Microsoft Windows’ Network Location Awareness (NLA) service. The root cause is that NLA does not perform mutual authentication to verify domain connections, enabling a remote attacker to spoof DNS/LDAP responses on a local network and trigger an unint...
CVE-2015-2472
CVE-2015-2472 is a Remote Desktop Session Host Spoofing vulnerability. RDSH in RDP up to Windows 8.1/Server 2012 and related editions does not properly verify certificates, allowing a MITM attacker to spoof a TLS/SSL session with a crafted certificate that has valid Issuer and Serial Number field...
CVE-2016-0018
CVE-2016-0018 affects Windows 7 SP1, Windows 8/8.1, Windows Server 2012 R2, and Windows 10 (RSA/1511 scope noted) where DLL loading is mishandled, enabling local privilege escalation via a crafted application. Connected advisories (MS16-007) indicate multiple DLL-loading and related RPC/DirectSho...
CVE-2015-6095
CVE-2015-6095 is a Windows Kerberos security feature bypass vulnerability affecting multiple Windows versions (Vista SP2, 2008 SP2/R2 SP1, 7 SP1, 8, 8.1, 2012/2012 R2, RT, 10 1511). The issue arises from mishandling password changes, which can let physically proximate attackers bypass authenticat...
CVE-2013-1300
CVE-2013-1300 maps to a Win32k memory handling vulnerability in win32k.sys affecting multiple Windows XP/Vista/7/8/2003/Server variants. The issue is a local privilege escalation via a crafted application that abuses kernel memory object handling, enabling an attacker to gain SYSTEM-level privile...
CVE-2015-1674
CVE-2015-1674 affects Windows kernel on Windows 8, Windows 8.1, Windows Server 2012 (Gold/R2) and Windows RT (gold/8.1). The vulnerability stems from the kernel not properly validating an unspecified address, enabling local attackers to bypass KASLR and to discover the cng.sys base address via a ...
CVE-2015-1756
CVE-2015-1756 is a use-after-free vulnerability in Microsoft Windows Common Controls that could allow remote code execution when a user visits a crafted web page and then uses Internet Explorer F12 Developer Tools. The issue affects multiple Windows versions (Vista SP2, Server 2008 SP2/R2 SP1, 7 ...
CVE-2015-2429
CVE-2015-2429 affects Windows sandboxed contexts (Windows Vista SP2, 7 SP1, 8/8.1, Server 2008/2012 and R2, RT) where a crafted application could bypass the sandbox and perform registry actions. Root cause: registry key symbolic links could be created from a sandboxed process, enabling privilege ...
CVE-2015-2507
CVE-2015-2507 is a local privilege-escalation in the Windows Adobe Type Manager Library. The vulnerability affects multiple Windows versions (Vista SP2, Server 2008 SP2/R2 SP1, Windows 7 SP1, 8/8.1, Server 2012 Gold/R2, RT/8.1, 10). The root cause is the Adobe Type Manager Library failing to prop...
CVE-2015-2525
CVE-2015-2525 affects Windows Task Scheduler across multiple OS versions (Vista SP2, Server 2008 SP2/R2, Windows 7/8/8.1, Server 2012/2012 R2, RT/10). The vulnerability allows local privilege escalation by bypassing filesystem restrictions during task deletion via Task Scheduler (schedsvc.dll) wi...
CVE-2015-6100
Technical details about CVE-2015-6100 are not provided in the connected documents; the initial entry describes a Windows kernel privilege escalation affecting multiple OS versions but lacks concrete technical specifics. Monitor for updates.
CVE-2015-6104
CVE-2015-6104 affects the Adobe Type Manager Library in multiple Windows platforms (Vista SP2, Server 2008 SP2/R2, 7 SP1, 8/8.1, 2012, RT/8.1, 10 Gold/1511). The vulnerability allows remote code execution via a crafted embedded font, due to a flaw in font processing in Win32k/font handling (Windo...
CVE-2015-0011
CVE-2015-0011 is a local privilege-escalation flaw in the WebDAV kernel-mode driver mrxdav.sys across multiple Windows OS versions (e.g., Server 2003 SP2, Vista SP2, 2008 SP2/R2, 7 SP1, 8/8.1, Server 2012/2012 R2, RT/RT 8.1). The root cause is improper enforcement of impersonation protection, all...
CVE-2015-1643
CVE-2015-1643 affects multiple Windows versions (Vista to Server 2012/R2, RT/RT 8.1, etc.). The root cause is NtCreateTransactionManager type confusion that fails to properly constrain impersonation levels, enabling a local unprivileged user to escalate to higher privileges via a crafted applicat...
CVE-2015-2516
CVE-2015-2516 affects Windows Journal across multiple Windows client/server editions (e.g., Vista SP2, Windows 7 SP1, Windows 8/8.1, Windows 10, and Windows Server 2008/2012 variants). The issue is a denial-of-service via a specially crafted Journal file (.jnt), caused by improper handling that c...
CVE-2015-2549
CVE-2015-2549 is a Windows kernel memory corruption local privilege escalation vulnerability affecting multiple Windows versions (Vista SP2, 2008 SP2/R2, 7 SP1, 8/8.1, 2012, RT, 10). The connected material confirms related CVEs (2549, 2550, 2552, 2553, 2554) and notes exploitation via a crafted l...
CVE-2013-0008
CVE-2013-0008 describes a local privilege-escalation in Windows via the kernel‑mode driver win32k.sys. The vulnerability arises from improper handling of window broadcast messages, allowing a crafted local user‑mode application to elevate privileges. Affected Windows versions include Vista SP2, S...
CVE-2013-3195
The CVE-2013-3195 vulnerability affects the Windows common control library, specifically the DSA_InsertItem function in Comctl32.dll. It describes an integer/ memory allocation overflow that could allow remote code execution when a crafted value is supplied to an ASP.NET web application, affectin...
CVE-2013-3864
Technical details for CVE-2013-3864 are not publicly available in the provided connected documents. Monitor for updates from official advisories; the supplied references include NVD entries for related CVEs but no new specifics about this CVE.
CVE-2015-0010
CVE-2015-0010 affects the Windows kernel-mode Cryptography Next Generation driver (cng.sys). The vulnerability occurs when using the CRYPTPROTECTMEMORY_SAME_LOGON option, where the code path does not validate the impersonation token’s level, permitting local users to bypass decryption restriction...
CVE-2015-0076
CVE-2015-0076 affects the Microsoft Windows Photo Decoder component across Windows Vista SP2, Server 2008 SP2/R2 SP1, Windows 7 SP1, Windows 8/8.1, Server 2012 (Gold/R2) and Windows RT/8.1. The vulnerability stems from not properly initializing memory when rendering JPEG XR (.JXR) images, allowin...
CVE-2015-2430
CVE-2015-2430 describes a Windows sandbox-elevation vulnerability affecting multiple OS versions (Vista SP2, Windows 7 SP1, Windows 8/8.1, Server 2008/2012 variants, RT). The initial report notes a sandbox bypass enabling unspecified filesystem actions via a crafted application. Connected documen...
CVE-2015-2459
CVE-2015-2459 concerns ATMFD.DLL in the Windows Adobe Type Manager Library across Windows Vista/7/8/10 and server editions. The connected exploitpack entry describes an out-of-bounds read in ATMFD.DLL triggered by processing a malformed OpenType font, specifically a corrupted CFF table Name INDEX...
CVE-2015-2513
CVE-2015-2513 relates to Windows Journal remote code execution via a crafted .jnt file across Windows Vista SP2, Windows Server 2008 SP2/R2 SP1, Windows 7 SP1, Windows 8/8.1, Windows Server 2012 Gold/R2, Windows RT Gold/8.1, and Windows 10. The root cause is processing of .jnt files enabling arbi...
CVE-2015-2527
CVE-2015-2527 is a local privilege-escalation vulnerability in Windows' kernel-mode driver pathway, specifically the process-initialization logic in win32k.sys. The root cause is improper constraining of impersonation levels during certain process initialization scenarios, enabling a locally auth...
CVE-2016-0006
CVE-2016-0006 is a local privilege-escalation vulnerability in the Windows sandbox implementation where reparse points are mishandled. A crafted application can escalate privileges on affected systems by exploiting this flaw. Affected products include Windows Vista SP2, Windows Server 2008 SP2/R2...
CVE-2013-3198
CVE-2013-3198 affects the NTVDM subsystem in the Windows kernel on 32-bit Windows XP SP3, Server 2003 SP2, Vista SP2, Server 2008 SP2, Windows 7 SP1, and Windows 8. It relies on improper validation of kernel-memory addresses, enabling local privilege escalation or memory corruption (DoS) via a cr...
CVE-2015-0080
CVE-2015-0080 affects multiple Windows platforms (Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012) where memory is not properly initialized when rendering certain malformed PNG images, enabling a remote att...
CVE-2015-0088
CVE-2015-0088 is referenced in connected Project Zero posts as an off-by-x out-of-bounds read/write issue related to the Type 2 Charstring/operand stack in ATMFD.DLL/OpenType handling. The supplied connected documents do not provide explicit product versions, root-cause analysis, impact details, ...
CVE-2015-0094
CVE-2015-0094 is a Windows kernel-mode driver information-disclosure vulnerability where the affected kernel components do not properly restrict address information during a function call, enabling local attackers to bypass ASLR. Affected products include multiple Windows versions listed in sourc...
CVE-2015-2366
CVE-2015-2366 affects Win32k.sys in multiple Windows kernel‑mode drivers (Windows 7 SP1, Windows 8/8.1, Windows Server 2008 R2 SP1, 2012, RT) and allows local privilege escalation via a crafted application. The root cause is improper handling in the kernel‑mode driver, enabling an attacker to gai...
CVE-2015-2461
The CVE-2015-2461 entry is supported by connected documentation describing an ATMFD.DLL OpenType font parsing vulnerability in the Windows Adobe Type Manager Library. The exploitable condition is an out-of-bounds read in ATMFD.DLL when handling a crafted OpenType font, specifically triggered by a...