216 matches found
CVE-2014-6332
CVE-2014-6332 is discussed in connected sources as being exploited by the Neptune Exploit Kit to deliver a Monero-mining payload via Internet Explorer exploits. The Neptune Campaign uses CVE-2014-6332 alongside other IE and Flash exploits to identify vulnerable targets and chain exploits in a sin...
CVE-2015-2546
CVE-2015-2546 affects the Windows kernel Win32k memory handling (kernel‑mode driver) and enables local privilege escalation via a crafted application on affected Windows versions (Vista SP2 onward, Windows 7 SP1, 8/8.1, 10, Server editions). The root cause is a memory corruption vulnerability in ...
CVE-2014-6352
CVE-2014-6352 is an OLE remote code execution vulnerability in Microsoft Windows where a crafted OLE object can trigger arbitrary code execution. The issue affected Windows Vista SP2, Windows 7 SP1, Windows 8/8.1, Windows Server 2008/2012 variants, and Windows RT, with public exploitation reporte...
CVE-2013-3660
CVE-2013-3660 describes a local privilege-escalation in Microsoft Windows via Win32k.sys (EPATHOBJ::pprFlattenRec) where a pointer for the next object in a PATHREC list is not properly initialized. According to the CVE description and linked documents, local users could gain write access to the P...
CVE-2014-4113
CVE-2014-4113 corresponds to a Windows kernel-win32k.sys local privilege escalation (MS14-058) affecting multiple Windows editions (e.g., Windows 7/8/8.1 and corresponding server variants). The vulnerability arises in win32k.sys kernel-mode drivers and allows a crafted user-mode application to ga...
CVE-2014-4114
CVE-2014-4114 is the Windows OLE Remote Code Execution vulnerability exploited via a crafted OLE object embedded in a Office document. Affected products include Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8/8.1, Windows Server 2012 Gold and R2, and Windows RT Gol...
CVE-2015-0016
The CVE-2015-0016 issue corresponds to a directory traversal elevation-of-privilege vulnerability in the TS WebProxy (TSWbPrxy) component affecting multiple Windows versions (Vista SP2, Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8/8.1, Windows Server 2012/2012 R2, Windows RT/8.1). The und...
CVE-2014-4148
CVE-2014-4148 is a remote code execution vulnerability in Windows kernel-mode driver win32k.sys caused by improper handling of TrueType fonts. It affects multiple Windows versions (server 2003 SP2, Vista, 2008, 7, 8/8.1, Server 2012) and is referenced publicly as MS14-058. Public exploitation exi...
CVE-2015-1769
CVE-2015-1769 is a Windows privilege-escalation issue in the Mount Manager where symbolic link handling can be abused by inserting a malicious USB device. The vulnerability affects multiple Windows client/server releases (Vista SP2, 2008 SP2/R2, 7 SP1, 8/8.1, 2012/2012 R2, RT/RT 8.1, 10) and is c...
CVE-2015-2387
CVE-2015-2387 discusses a local privilege-escalation in the ATMFD.DLL component of the Windows Adobe Type Manager Font Driver. Concrete details from connected sources show multiple OTF/TTF vulnerabilities in ATMFD.DLL (and related font subsystems) that allowed memory corruption via crafted font d...
CVE-2015-2426
CVE-2015-2426 is a Windows OpenType Font Driver vulnerability (ATMFD.DLL) that causes a pool/heap overflow when processing OpenType fonts, allowing remote code execution. The issue arises from a flawed handling of font data (notably the Class1Count field in the GPOS/CFF paths) where an invalid ze...
CVE-2015-2360
CVE-2015-2360 is a local privilege-escalation in Windows kernel-mode driver Win32k.sys affecting multiple Windows versions (Server 2003 SP2/R2 SP2, Vista SP2, Server 2008 SP2/R2 SP1, Windows 7 SP1, 8/8.1, Server 2012/2012 R2, RT/RT 8.1). The underlying issue is in Win32k.sys that allows crafted a...
CVE-2015-0008
CVE-2015-0008 affects Windows clients/servers (Windows Server 2003 SP2, Vista SP2, Server 2008 SP2/R2, 7 SP1, 8/8.1, Server 2012/2012 R2, RT/RT 8.1) where UNC-based policy data transfers during Group Policy processing allow remote code execution due to lack of server-to-client authentication. The...
CVE-2015-2517
CVE-2015-2517 is a local privilege escalation in Windows Win32k memory corruption affecting multiple Windows releases (Vista to Windows 10). Connected sources confirm public exploitation (Exploit-DB 38278) and reference a memory-corruption root cause in the Win32k subsystem; no remediation detail...
CVE-2015-2511
CVE-2015-2511 is a kernel-mode Win32k memory corruption privilege-escalation vulnerability that affects multiple Windows versions (Vista SP2 to Windows 10). The flaw is triggered by a crafted application via the Windows kernel-mode driver, leading to local privilege elevation. Public exploit refe...
CVE-2015-2518
Technical details for CVE-2015-2518 are not provided in the supplied documents. No affected products, root cause, or remediation are stated here. Monitor updates from official advisories and connected sources.
CVE-2013-3175
CVE-2013-3175 is a Windows elevation-of-privilege issue in the handling of asynchronous RPC requests. Affected products include Windows XP SP2/SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2/R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT. Root cause...
CVE-2015-6108
CVE-2015-6108 affects the Windows font library across multiple Windows OS versions (Vista through Windows 8.1/Server 2012) and related Microsoft products, where a crafted embedded font can trigger remote code execution. The vulnerability is described as a memory corruption issue in handling embed...
CVE-2015-1637
CVE-2015-1637 is listed in OpenSSL TLS Export Cipher Suite Downgrade advisories (FREAK family). IBM AIX/OpenSSL references indicate OpenSSL on AIX platforms is affected by export-RSA downgrade threats and provides fixes via interim patches (IV69033s9a/b/c) for openssl.base 1.0.1.513 on AIX 5.3/6....
CVE-2013-0007
CVE-2013-0007 impacts Microsoft XML Core Services (MSXML) versions 4.0–6.0. A parsing fault in MSXML can allow remote code execution when a user visits a crafted web page (MSXML XSLT vulnerability). Affected components include MSXML DLLs; root cause is improper XML content parsing. Mitigation is ...
CVE-2015-0096
CVE-2015-0096 is a Windows DLL search-order/shortcut (LNK) loading vulnerability (MS15-020 family). A crafted LNK with dynamic icon and SpecialFolderDataBlock can bypass earlier whitelisting, causing Windows to load a malicious DLL when icons are rendered (e.g., in Explorer), potentially executin...
CVE-2013-3128
CVE-2013-3128 describes a vulnerability in OpenType font parsing that affects kernel-mode drivers across multiple Windows editions (XP SP2/3, Server 2003 SP2, Vista SP2, Server 2008 SP2/R2, Windows 7 SP1, 8, Server 2012, Windows RT) and certain .NET Framework versions. The issue arises in how Ope...
CVE-2013-3138
CVE-2013-3138 is a denial-of-service vulnerability arising from an integer overflow in the TCP/IP kernel-mode driver. The affected software set includes Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8; Windows Server 2012; Windows RT. An attacker can cause a system...
CVE-2014-0315
CVE-2014-0315 corresponds to the Windows File Handling vulnerability fixed by MS14-019. It is a local privilege-escalation/binary-hijacking issue caused by untrusted search path handling for .bat/.cmd files when CreateProcess() is used and the first token is CMD, which can execute a rogue cmd.exe...
CVE-2015-2454
CVE-2015-2454 concerns a vulnerability in the Windows kernel-mode driver where impersonation level handling is not properly constrained. The issue allows a local attacker to gain privileges by crafting an application, affecting multiple Windows versions listed in the initial document (Vista SP2, ...
CVE-2013-0013
The CVE-2013-0013 issue affects the Windows SSL/TLS stack: multiple Windows versions (Vista SP2, Server 2008 SP2/R2 and SP1, Windows 7, 8, Server 2012, Windows RT) have a flaw in the SSL provider that mishandles encrypted packets, enabling a man-in-the-middle to downgrade SSLv2 and intercept hand...
CVE-2013-3918
CVE-2013-3918 is an out-of-bounds write vulnerability in the InformationCardSigninHelper Class ActiveX control (icardie.dll) used by Internet Explorer. The flaw exists when the ActiveX control is instantiated via a crafted webpage, enabling remote code execution with the current user’s privileges...
CVE-2013-3869
The CVE-2013-3869 issue affects a broad set of Windows platforms (XP SP2/SP3, Server 2003 SP2, Vista SP2, Server 2008 SP2/R2 SP1, Windows 7 SP1, Windows 8, 8.1, Server 2012/R2, and Windows RT). The vulnerability stems from improper handling of X.509 certificates during validation, allowing remote...
CVE-2014-0263
CVE-2014-0263 concerns a remote code execution vulnerability in the Windows Graphics Component (Direct2D). The issue arises when the Direct2D implementation in affected Windows versions encounters a large 2D geometric figure, processed via Internet Explorer, leading to memory corruption that can ...
CVE-2014-1811
CVE-2014-1811 affects the Windows TCP/IP stack in Windows Vista SP2, Windows Server 2008 SP2/R2, Windows 7 SP1, Windows 8/8.1, Windows Server 2012, and Windows RT (and related editions). The vulnerability arises from handling malformed data in the TCP header Options field, leading to remote denia...
CVE-2013-3183
Microsoft Windows ICMPv6 Packet Denial of Service (CVE-2013-3183) affects multiple Windows platforms (Vista SP2, 2008 SP2/R2 SP1, 7 SP1, 8, 2012, RT) where the TCP/IP stack improperly allocates memory for inbound ICMPv6 packets, causing remote denial of service (system hang) via crafted packets. ...
CVE-2013-5056
The CVE-2013-5056 issue is a use-after-free vulnerability in the Microsoft Scripting Runtime Object Library (scrrun.dll) that allows remote code execution when a user visits a crafted website via Internet Explorer. Affected products span multiple Windows versions (XP SP2/SP3, Server 2003 SP2, Vis...
CVE-2015-2370
CVE-2015-2370 involves an elevation-of-privilege flaw in Windows RPC/DCOM: the DCE/RPC reflection enables a local attacker to gain privileges via a crafted OBJREF, allowing a local user to trigger RPC auth relaying. Affected products span Windows Server 2003 SP2/R2 SP2, Vista SP2, Server 2008 SP2...
CVE-2015-0009
CVE-2015-0009 is the Group Policy Security Feature Bypass vulnerability affecting multiple Windows platforms (Windows Server 2003 SP2, Vista SP2, Server 2008 SP2/R2, Windows 7, 8/8.1, Server 2012) where a man-in-the-middle attacker can spoof domain-controller responses to disable a signing requir...
CVE-2013-0006
CVE-2013-0006 is associated with OSIsoft PI Interface for OPC XML-DA (ICS advisory ICSA-20-315-01) and Microsoft MSXML/MS13-002 context. Connected documents identify the affected product as PI Interface for OPC XML-DA versions prior to 1.7.3.x, where the vulnerability stems from numeric errors/st...
CVE-2014-6321
CVE-2014-6321 is a Microsoft Schannel remote code execution vulnerability affecting Windows Server 2003 SP2, Vista SP2, Server 2008 SP2/R2, Windows 7 SP1, 8/8.1, Server 2012 (Gold/R2) and Windows RT/8.1. The issue arises from improper processing of crafted packets in Schannel, enabling remote cod...
CVE-2015-2464
CVE-2015-2463 and CVE-2015-2464 describe a TrueType font parsing vulnerability that allows remote code execution. Affected products include Windows Vista SP2, Windows Server 2008 SP2/R2 SP1, Windows 7 SP1, Windows 8/8.1, Windows Server 2012 Gold/R2, Windows RT 8.1, Office 2007 SP3 and 2010 SP2, L...
CVE-2016-3237
CVE-2016-3237 is a Kerberos authentication bypass in multiple Windows versions where domain password changes may fall back to NTLM, enabling MITM style bypass of authentication. Affected: Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold/R...
CVE-2015-0057
CVE-2015-0057 is a local privilege escalation in the Windows kernel-mode driver win32k.sys. The vulnerability in Win32k.sys allows local attackers to gain elevated privileges by exploiting crafted applications, specifically tied to MS15-010. Public exploits exist (e.g., Exploit-DB MS15-010 entry ...
CVE-2014-1767
CVE-2014-1767 is a local privilege-escalation vulnerability in the Windows Ancillary Function Driver (afd.sys) leveraged via a dangling/double-free condition in kernel-mode code (AFD). Public materials indicate Microsoft MS14-040 addressed this flaw, affecting multiple Windows versions from Windo...
CVE-2015-6111
CVE-2015-6111 describes a Denial of Service affecting Windows IPSec: IPSec in Windows 8/8.1, Windows Server 2012 (Gold/R2), Windows RT (Gold/8.1), and Windows 10 (Gold/1511) mishandles encryption negotiation, allowing an authenticated remote attacker to cause the system to hang via crafted IP tra...
CVE-2015-2554
CVE-2015-2554 is a Windows kernel elevation-of-privilege vulnerability (Windows 8/8.1, Windows Server 2012 RT/R2, Windows RT 8.1, Windows 10). The issue allows local attackers to gain privileges via a crafted application and is addressed by MS15-111 (KB3096447). Public exploits exist (per Exploit...
CVE-2015-0002
CVE-2015-0002 (AppCompat Cache Elevation of Privilege) affects Windows via AhcVerifyAdminContext in ahcache.sys, introduced with Windows 8/8.1 era. The root cause is improper validation of the caller’s impersonation token: the code retrieves the token and checks for LocalSystem or Administrators,...
CVE-2015-2506
The CVE-2015-2506 issue is a remote DoS in the Windows Adobe Type Manager Library (atmfd.dll) triggered by specially crafted OpenType fonts. The vulnerable component is the Adobe Type Manager Library integrated in Windows (atmfd.dll). Underlying cause is improper parsing/handling of OpenType font...
CVE-2015-2463
CVE-2015-2463/2464 describe a TrueType font parsing vulnerability affecting multiple Windows variants (Vista SP2, 7 SP1, 8/8.1, Server 2008/2012, RT, Office 2007/2010, Silverlight, .NET Framework). The issue allows remote code execution via a crafted TrueType font, caused by a parsing flaw in the...
CVE-2015-6132
CVE-2015-6132 is the Windows library loading remote code execution vulnerability affecting multiple Windows versions. Root cause: mishandled library loading enabling local privilege escalation via a crafted application. The MS15-132 security update fixes this, with public exploits and a Metasploi...
CVE-2015-2435
CVE-2015-2435 is a TrueType font parsing vulnerability impacting Microsoft Windows (multiple editions listed) and related components (e.g., Silverlight, Office) that allows remote code execution via a crafted font. The issue is documented with a CVSS v2 base score of 9.3 (high) and network attack...
CVE-2015-2455
CVE-2015-2455 (TrueType Font Parsing Vulnerability) is a Windows font-processing defect discovered via Project Zero fuzzing of the Windows kernel font stack (win32k.sys and ATMFD.DLL) affecting TrueType fonts and related SFNT tables. The Google Project Zero report outlines that incorrect handling...
CVE-2015-2432
CVE-2015-2432 affects ATMFD.DLL in the Windows Adobe Type Manager Library, enabling remote code execution via crafted OpenType fonts. Affected products include Windows Vista SP2, Windows Server 2008 SP2/R2 SP1, Windows 7 SP1, Windows 8/8.1, Windows Server 2012 (and RT variants). The root cause is...
CVE-2015-2456
Summary from Project Zero (2016) : Windows kernel font handling (TTF/OTF) contained multiple vulnerabilities discovered via fuzzing (ATMFD.DLL, win32k.sys) with several CVEs (notably CVE-2015-2455 and CVE-2015-2456). Root cause highlighted: the IUP instruction handler in win32k!itrp_IUP failed to...