Lucene search
K
MicrosoftWindows Server 1709

14 matches found

CVE
CVE
added 2019/04/09 8:19 p.m.1192 views

CVE-2019-0859

CVE-2019-0859 (Windows Win32k Privilege Escalation) : A local privilege escalation vulnerability in the Win32k component of Microsoft Windows arises from Win32k failing to properly handle objects in memory, enabling an attacker to run code in kernel mode. Several connected sources corroborate thi...

7.8CVSS8.2AI score0.04151EPSS
In wild
CVE
CVE
added 2018/10/10 1:0 p.m.1186 views

CVE-2018-8453

CVE-2018-8453 is a Windows Win32k local privilege escalation vulnerability. The flaw arises when Win32k fails to properly handle memory objects, allowing an attacker to escalate privileges via local code execution. Affected products include Windows 7, Windows 8.1, Windows 10 (and server variants ...

7.8CVSS7.6AI score0.69833EPSS
In wild
CVE
CVE
added 2019/04/09 8:15 p.m.1174 views

CVE-2019-0803

CVE-2019-0803 is a Windows Win32k elevation of privilege vulnerability. Root cause: Win32k fails to properly handle objects in memory, enabling local kernel-mode code execution. Affected software: Microsoft Windows Win32k component (privilege escalation). Impact: local privilege escalation with k...

7.8CVSS8.2AI score0.4523EPSS
In wild
CVE
CVE
added 2019/06/12 1:49 p.m.1166 views

CVE-2019-1064

CVE-2019-1064 is a Windows elevation-of-privilege flaw in the AppXSVC (Windows AppX Deployment Service) due to improper handling of hard links. The root cause allows a locally authenticated attacker to run processes in an elevated context, potentially installing programs or modifying data. Micros...

7.8CVSS7.7AI score0.06886EPSS
In wild
CVE
CVE
added 2019/04/08 11:41 p.m.1112 views

CVE-2019-0703

CVE-2019-0703 is described in the initial doc as an information-disclosure vulnerability in the Windows SMB Server’s handling of certain requests, distinct from CVE-2019-0704 and CVE-2019-0821. Connected sources add concrete context: FireEye/Mandiant notes this CVE was used in targeted attacks du...

6.5CVSS6.8AI score0.0964EPSS
In wild
CVE
CVE
added 2019/01/08 9:0 p.m.1100 views

CVE-2019-0543

Technical details about CVE-2019-0543 are not publicly provided in the supplied documents. Monitor for updates.

7.8CVSS7.7AI score0.04718EPSS
In wild
CVE
CVE
added 2019/04/09 2:34 a.m.1085 views

CVE-2019-0797

CVE-2019-0797 is a Windows Win32k privilege-escalation vulnerability caused by the Win32k component failing to properly handle objects in memory, enabling local code execution with kernel privileges. Affected: Windows Win32k subsystem (Win32k.sys). Impact: elevated privileges to SYSTEM with poten...

7.8CVSS8.2AI score0.0189EPSS
In wild
CVE
CVE
added 2018/08/15 5:0 p.m.1080 views

CVE-2018-8405

Technical details (exploit vector, affected products/versions, root cause specifics, and mitigations) are not publicly disclosed in the provided connected documents. Monitor for updates from authoritative sources.

7.8CVSS7.7AI score0.03444EPSS
In wild
CVE
CVE
added 2018/08/15 5:0 p.m.1075 views

CVE-2018-8406

CVE-2018-8406 is a DirectX Graphics Kernel (DXGKRNL) privilege-escalation vulnerability caused by the DXGKRNL driver improperly handling memory objects. Affected products include Windows Server 2016 and Windows 10 (and Windows 10 Servers). The CVE is characterized by a local, low-complexity attac...

7.8CVSS7.7AI score0.03444EPSS
In wild
CVE
CVE
added 2018/08/15 5:0 p.m.1011 views

CVE-2018-8414

CVE-2018-8414 is a Windows Shell remote code execution vulnerability where the Windows Shell fails to validate file paths. If a user opens a specially crafted file, an attacker could run arbitrary code in the user’s context. The vulnerability affects Windows 10 and related shells. Microsoft relea...

9.3CVSS8.9AI score0.73968EPSS
In wild
CVE
CVE
added 2018/05/09 7:0 p.m.337 views

CVE-2018-0824

CVE-2018-0824 is a Microsoft Windows remote code execution vulnerability in the COM subsystem due to improper handling of serialized objects. Public writeups and advisories summarize that a specially crafted file or script can trigger code execution, with potential remote impact when users open o...

8.8CVSS7.9AI score0.73469EPSS
In wild
CVE
CVE
added 2018/02/15 2:0 a.m.128 views

CVE-2018-0846

The connected documents confirm CVE-2018-0846 affects the Windows Common Log File System (CLFS) driver and describes an elevation-of-privilege flaw caused by improper handling of objects in memory. Affected products include various Windows client/server builds (Windows 7 SP1, Windows 8.1/RT 8.1, ...

7.8CVSS6.8AI score0.01239EPSS
CVE
CVE
added 2018/10/10 1:0 p.m.123 views

CVE-2018-8493

CVE-2018-8493 describes an information-disclosure vulnerability in the Windows TCP/IP stack where fragmented IP packets are mishandled. Affected products include Windows Server 2012 R2, Windows RT 8.1, Windows Server 2016, Windows 8.1, Windows 10, and Windows 10 Servers. The underlying issue is i...

7.5CVSS6.8AI score0.08421EPSS
CVE
CVE
added 2018/02/15 2:0 a.m.115 views

CVE-2018-0844

The CVE-2018-0844 entry describes an elevation-of-privilege vulnerability in the Windows Common Log File System (CLFS) driver, affecting multiple Windows versions (Windows 7 SP1, Windows 8.1/RT 8.1, Server 2008 SP2/R2 SP1, 2012/R2, 2016, and 1709). The root cause is how objects in memory are hand...

7.8CVSS6.8AI score0.01239EPSS