254 matches found
CVE-2015-6112
CVE-2015-6112 affects the SChannel TLS implementation in multiple Windows OS versions (Vista SP2; Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8/8.1; Server 2012 Gold and R2; Windows RT Gold and 8.1). The root cause is that SChannel lacks extended master-secret binding support, so during re...
CVE-2016-0006
CVE-2016-0006 is a local privilege-escalation vulnerability in the Windows sandbox implementation where reparse points are mishandled. A crafted application can escalate privileges on affected systems by exploiting this flaw. Affected products include Windows Vista SP2, Windows Server 2008 SP2/R2...
CVE-2013-1287
The CVE-2013-1287 issue affects the USB kernel-mode drivers in multiple Windows versions (XP SP2/SP3, Server 2003 SP2, Vista SP2, Server 2008 R2 SP1, 7, 8, Server 2012). Root cause: objects in memory are not properly handled by USB descriptor processing, enabling physically proximate attackers to...
CVE-2014-1814
CVE-2014-1814 is a local privilege-escalation vulnerability in the Windows Installer service. It affects Windows client/server platforms listed in the advisory (e.g., Windows Server 2003 SP2, Vista SP2, Server 2008 SP2/R2, 7, 8, 8.1, Server 2012/2012 R2, and Windows RT/8.1). The flaw arises from ...
CVE-2014-1819
CVE-2014-1819 affects Windows kernel-mode font handling (win32k.sys) where access to font-file objects is not properly controlled, enabling local privilege escalation via a crafted font file. Connected docs corroborate font-file handling as the root cause and map to MS14-045 kernel-mode driver up...
CVE-2014-4074
CVE-2014-4074 concerns a privilege-escalation flaw in Windows Task Scheduler. The vulnerability exists in Task Scheduler across Windows 8/8.1, Windows Server 2012 (Gold/R2) and Windows RT/8.1, where a crafted task can be scheduled to abuse privileges. The issue is triggered locally by scheduling ...
CVE-2015-1724
CVE-2015-1724 is a local privilege-escalation use-after-free in Windows kernel-object handling affecting multiple Windows versions (Server 2003 SP2/R2 SP2, Vista SP2, Server 2008 SP2/R2 SP1, 7 SP1, 8/8.1, Server 2012/2012 R2, RT/RT 8.1). The vulnerability lies in kernel-mode drivers and can be tr...
CVE-2015-2381
CVE-2015-2381 affects Microsoft Windows' kernel-mode driver component win32k.sys in Windows 8, Windows 8.1, Windows Server 2012 Gold/R2, and Windows RT Gold/8.1. The vulnerability allows local users to read kernel memory via a crafted application, an information-disclosure issue. Impact is stated...
CVE-2015-2428
CVE-2015-2428 affects Windows Object Manager interactions with object symbolic links originated in sandboxed processes, enabling local privilege escalation by failing to constrain impersonation levels. The issue arises when a sandboxed process creates an Object Manager symbolic link; the kernel a...
CVE-2015-2453
The CVE-2015-2453 CSRSS Local Elevation of Privilege vulnerability affects multiple Windows editions (Vista SP2, Server 2008 SP2/R2 SP1, Windows 7 SP1, 8, 8.1, Server 2012 Gold/R2, Windows RT Gold/8.1). A crafted application can continue running during a subsequent user login, enabling local user...
CVE-2015-2530
CVE-2015-2530 affects Windows Journal across Windows Vista SP2, Server 2008 SP2/R2 SP1, Windows 7 SP1, 8/8.1, Server 2012, RT, and Windows 10. The vulnerability enables remote code execution via a crafted .jnt file (Windows Journal RCE Vulnerability), a distinct issue from CVE-2015-2513 and CVE-2...
CVE-2016-0007
CVE-2016-0007 is a local privilege escalation in the Windows sandbox: the sandbox implementation mishandles reparse points across multiple Windows versions (Vista SP2, Server 2008 SP2/R2, Windows 7 SP1, 8/8.1, Server 2012, RT, and Windows 10 1511). A crafted application could exploit this to gain...
CVE-2016-0008
CVE-2016-0008 covers a Windows GDI32.dll ASLR bypass vulnerability. Affected software includes Windows Vista SP2, Windows Server 2008 SP2/R2, Windows 7 SP1, Windows 8/8.1, Windows Server 2012 Gold/R2, and Windows RT Gold/8.1, where remote attackers could bypass ASLR via unspecified vectors. The v...
CVE-2014-6322
CVE-2014-6322 is a Windows Audio Service elevation-of-privilege vulnerability (MS14-071). Affects Windows Vista SP2, Server 2008 SP2/R2, Windows 7 SP1, Windows 8/8.1, Server 2012/2012 R2, and Windows RT. Root cause involves the Windows Audio service components (audiosrv.dll, audioses.dll, audioks...
CVE-2015-0073
CVE-2015-0073 concerns the Windows Registry Virtualization feature. The Windows kernel’s registry virtualization mechanism does not properly restrict changes to virtual stores, enabling a local attacker to elevate privileges via a crafted application. The vulnerability affects multiple Windows ve...
CVE-2015-0092
CVE-2015-0092 is described in connected documents as a pool-based buffer underflow (≤64 bytes) affecting the Windows Adobe Type Manager Font Driver (ATMFD.DLL). The vulnerability is linked to the font rendering stack (Charstring-related components) and involves a memory underflow on an arbitraril...
CVE-2015-1680
Technical details about CVE-2015-1680 are not publicly available in the provided connected documents; monitor for updates.
CVE-2015-1697
CVE-2015-1697 relates to a Windows Journal remote code execution vulnerability. Current sources confirm affected platforms include Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8/8.1, Windows Server 2012 Gold/R2, and Windows RT Gold/8.1, where processing a crafted ...
CVE-2015-1716
CVE-2015-1716 is an information-disclosure vulnerability in Schannel (Windows) caused by improper restriction of Diffie-Hellman Ephemeral key lengths. Connected advisories describe it as affecting TLS configurations that permit DHE_EXPORT/weak keys, enabling MITM-style decryption of TLS traffic (...
CVE-2015-2367
CVE-2015-2367 affects Windows kernel-mode driver Win32k.sys across multiple Windows versions (Server 2003 SP2/R2 SP2, Vista SP2, Server 2008 SP2/R2 SP1, Windows 7 SP1, 8/8.1, Server 2012/2012 R2, Windows RT 8.1). Root cause is an information-disclosure in uninitialized kernel memory via a crafted...
CVE-2015-2465
CVE-2015-2465 affects the Windows shell and related components (Windows Vista SP2, Windows Server 2008 SP2/R2, Windows 7 SP1, Windows 8/8.1, Windows Server 2012/2012 R2, Windows RT/RT 8.1, and Windows 10). The vulnerability arises from not properly constraining impersonation levels, enabling loca...
CVE-2016-0014
CVE-2016-0014 is a DLL-loading Elevation of Privilege vulnerability affecting multiple Windows versions (Vista through Windows 10 thresholds) where improper DLL loading allows a local attacker to gain complete control via a crafted application. Root cause: mishandling of DLL loading. Affected com...
CVE-2016-0016
CVE-2016-0016 is a Windows DLL loading vulnerability that enables local privilege escalation via a crafted application. Affected products include Windows Vista SP2, Windows 7 SP1, Windows 8/8.1, Windows 10, and Windows Server 2008/2012 families (as listed in the CVE entry). Root cause: mishandlin...
CVE-2013-1294
The CVE-2013-1294 entry describes a kernel race-condition vulnerability in the Windows family (XP SP2/3, Server 2003 SP2, Vista SP2, Server 2008 SP2/R2, Windows 7 SP1, Windows 8, Server 2012, Windows RT) where improper handling of in-memory objects can be abused by a crafted local application to ...
CVE-2013-3200
CVE-2013-3200 concerns a local-privilege-escalation in Windows USB handling. The vulnerability exists in kernel-mode USB drivers across multiple Windows releases (XP SP2/SP3, Server 2003 SP2, Vista SP2, Server 2008 SP2/R2 SP1, Windows 7 SP1, Windows 8, Server 2012, Windows RT). A crafted USB devi...
CVE-2013-3880
CVE-2013-3880 affects Windows 8, Windows Server 2012, and Windows RT. The App Container feature in kernel‑mode drivers may be bypassed by a Trojan horse, allowing a container to access sensitive information from another container. This aligns with the MS13‑081 set of Windows kernel‑mode driver vu...
CVE-2015-0090
CVE-2015-0090 is a registry-object vulnerability in the Windows ATMFD.DLL font driver. An off‑by‑one bug sanitizing registry indices allows a load/store between the transient array and Registry[3], enabling a read/write‑what‑where primitive. Attackers can spray kernel pools and copy controlled da...
CVE-2015-1675
The connected CNVD entries corroborate CVE-2015-1675 family: Microsoft Windows Journal file handling vulnerabilities allow remote code execution via specially crafted Journal files (.jnt). Affected products/versions from the CVE scope include Windows Vista through Windows 8.1/Server editions, wit...
CVE-2015-1677
Technical details about CVE-2015-1677 are not publicly available in the provided connected documents. Monitor for updates.
CVE-2015-1721
CVE-2015-1721 is the Windows kernel-mode driver null-pointer dereference in Win32k.sys that can allow local privilege escalation or denial of service. Affected products span Windows Server 2003/2008/2012 families, Windows Vista/7/8/8.1, and Windows RT/Server variants (Win32k.sys). Root cause: NUL...
CVE-2015-1726
CVE-2015-1726 is a local privilege-escalation use-after-free vulnerability in Windows kernel-mode drivers (the kernel brush object) affecting Windows Server 2003 SP2/R2 SP2, Vista SP2, Server 2008 SP2/R2 SP1, Windows 7 SP1, Windows 8/8.1, Server 2012 (including R2) and RT 8.1. The underlying issu...
CVE-2015-1727
CVE-2015-1727 is a local privilege-escalation vulnerability in Windows kernel-mode driver Win32k.sys (buffer overflow). A crafted/local attacker can gain SYSTEM privileges via the Win32k Pool Buffer Overflow vulnerability affecting multiple Windows versions (from Windows Server 2003 SP2/R2 SP2 to...
CVE-2015-2364
CVE-2015-2364 concerns a privilege-escalation in the Windows Graphics Component caused by incorrect bitmap conversion. A local attacker can exploit this via a crafted application to gain elevated privileges. Affected products include Windows Server 2003 SP2/R2 SP2, Windows Vista SP2, Windows Serv...
CVE-2015-2512
CVE-2015-2512 is a local privilege escalation in the Adobe Type Manager Library (Font Driver) on Windows. The vulnerability arises from improper handling of objects in memory within the Font Driver, allowing a crafted application to execute with elevated privileges (SYSTEM) on affected Windows ve...
CVE-2015-6102
CVE-2015-6102 describes a Windows kernel information-disclosure vulnerability that allows local users to bypass KASLR and discover a driver base address. Affected are Windows Vista SP2, Server 2008 SP2/R2 SP1, Windows 7 SP1, Windows 8/8.1, Server 2012 (Gold/R2), Windows RT 8.1, and Windows 10 (in...
CVE-2013-1285
CVE-2013-1285 concerns Windows USB descriptor handling vulnerabilities in several Windows OS versions (XP SP2/SP3; Server 2003 SP2; Vista SP2; Server 2008 SP2/R2/R2 SP1; Windows 7; Windows 8; Server 2012). The issue arises from improper handling of objects in memory by USB kernel‑mode drivers, en...
CVE-2013-1286
Summary: CVE-2013-1286 is a Windows USB Descriptor Vulnerability. The exposed flaw lies in USB kernel-mode drivers on Windows XP SP2/SP3, Server 2003 SP2, Vista SP2, Server 2008 SP2/R2, Windows 7 SP1, Windows 8, and Server 2012, where objects in memory are not properly handled, allowing physicall...
CVE-2013-3898
CVE-2013-3898 concerns a memory-address validity issue in Microsoft Hyper-V on Windows 8/Windows Server 2012. The vulnerability allows guest OS users to execute arbitrary code in all guest OS instances or to cause a denial-of-service by crashing the host, via a guest-to-host hypercall with a craf...
CVE-2013-7332
Technical details about CVE-2013-7332 are not provided in the connected documents. The sources mention related XML entity expansion issues (e.g., CVE-2009-2473) but no vendor/product/version specifics for this CVE.
CVE-2014-1807
The CVE-2014-1807 issue is a Windows Shell privilege-escalation vulnerability tied to the ShellExecute path/file-association handling in Windows Shell. A local attacker could exploit this by delivering a crafted application, taking advantage of improper file-association processing to execute code...
CVE-2015-0062
CVE-2015-0062 is a local privilege escalation in multiple Windows platforms (Windows 7 SP1, Windows 8/8.1, Windows Server 2008 R2 SP1, Server 2012/2012 R2, etc.) caused by incorrect impersonation handling in a process that uses SeAssignPrimaryTokenPrivilege, allowing a crafted local attacker to g...
CVE-2015-0077
The CVE-2015-0077 issue affects Microsoft Windows kernel-mode drivers across multiple Windows families (Server 2003 SP2, Vista SP2, Server 2008 SP2/R2 SP1, Windows 7 SP1, Windows 8/8.1, Server 2012). The root cause is improper initialization of function buffers in kernel-mode drivers, enabling lo...
CVE-2015-1723
CVE-2015-1723 is a local privilege-escalation in Windows kernel-mode drivers (use-after-free) affecting Windows Server 2003 SP2/R2 SP2, Vista SP2, Server 2008 SP2/R2 SP1, Windows 7 SP1, Windows 8/8.1, Server 2012 (Gold/R2) and Windows RT 8.x. A crafted application can exploit the use-after-free i...
CVE-2015-2519
CVE-2015-2519 is a Windows Journal remote code execution vulnerability caused by an integer overflow when handling Journal (.jnt) files. Affected Windows versions span Vista SP2, Server 2008 SP2/R2, Windows 7 SP1, 8/8.1, Server 2012/2012 R2, RT/RT 8.1, and Windows 10. The issue enables arbitrary ...
CVE-2014-0254
The CVE-2014-0254 issue affects Microsoft Windows 8, Windows Server 2012, and Windows RT, where the IPv6 TCP/IP stack does not properly validate ICMPv6 Router Advertisement packets, allowing remote denial-of-service that can cause a system hang. Affected component: IPv6 implementation in Windows ...
CVE-2014-6317
CVE-2014-6317 is a denial-of-service vulnerability in Windows kernel-mode driver code (win32k.sys) caused by an array index error when loading TrueType font files. The issue affects multiple Windows client and server SKUs (e.g., Windows 7, 8/8.1, Vista, Windows Server 2003/2008/2012 and RT varian...
CVE-2015-0059
CVE-2015-0059 is the Windows kernel-mode TrueType font parsing remote code execution vulnerability (win32k.sys) exposed via crafted TTF files. Affects multiple Windows versions including Windows 7, Windows 8/8.1, Windows Server 2008 R2 SP1, Windows Server 2012, and Windows RT/8.1; root cause is i...
CVE-2015-0078
CVE-2015-0078 is a local privilege-escalation vulnerability in Windows kernel-mode Win32k (win32k.sys) where token validation for calling threads is improper. Affects Windows 8, Windows 8.1, Windows Server 2012 (Gold/R2), Windows RT/RT 8.1. Root cause: token validation weakness in win32k.sys that...
CVE-2015-6113
Mode C: CVE-2015-6113 is a Windows kernel security feature bypass where a local attacker could bypass filesystem permissions via FileLinkInformation hard-links in sandboxed processes. The root cause is that ZwSetInformationFile accepted a link operation with 0 desired access for the file handle, ...
CVE-2015-6133
CVE-2015-6133 affects multiple Windows versions (Windows 8/8.1, Windows Server 2012 R2, Windows RT, Windows 10 1511) and is caused by improper handling of library loading, enabling local privilege escalation via a crafted application. Public exploitation exists: exploits reference MS15-132 and re...