14 matches found
CVE-2019-0859
CVE-2019-0859 (Windows Win32k Privilege Escalation) : A local privilege escalation vulnerability in the Win32k component of Microsoft Windows arises from Win32k failing to properly handle objects in memory, enabling an attacker to run code in kernel mode. Several connected sources corroborate thi...
CVE-2018-8453
CVE-2018-8453 is a Windows Win32k local privilege escalation vulnerability. The flaw arises when Win32k fails to properly handle memory objects, allowing an attacker to escalate privileges via local code execution. Affected products include Windows 7, Windows 8.1, Windows 10 (and server variants ...
CVE-2019-0803
CVE-2019-0803 is a Windows Win32k elevation of privilege vulnerability. Root cause: Win32k fails to properly handle objects in memory, enabling local kernel-mode code execution. Affected software: Microsoft Windows Win32k component (privilege escalation). Impact: local privilege escalation with k...
CVE-2019-1064
CVE-2019-1064 is a Windows elevation-of-privilege flaw in the AppXSVC (Windows AppX Deployment Service) due to improper handling of hard links. The root cause allows a locally authenticated attacker to run processes in an elevated context, potentially installing programs or modifying data. Micros...
CVE-2019-0703
CVE-2019-0703 is described in the initial doc as an information-disclosure vulnerability in the Windows SMB Server’s handling of certain requests, distinct from CVE-2019-0704 and CVE-2019-0821. Connected sources add concrete context: FireEye/Mandiant notes this CVE was used in targeted attacks du...
CVE-2019-0543
Technical details about CVE-2019-0543 are not publicly provided in the supplied documents. Monitor for updates.
CVE-2019-0797
CVE-2019-0797 is a Windows Win32k privilege-escalation vulnerability caused by the Win32k component failing to properly handle objects in memory, enabling local code execution with kernel privileges. Affected: Windows Win32k subsystem (Win32k.sys). Impact: elevated privileges to SYSTEM with poten...
CVE-2018-8405
Technical details (exploit vector, affected products/versions, root cause specifics, and mitigations) are not publicly disclosed in the provided connected documents. Monitor for updates from authoritative sources.
CVE-2018-8406
CVE-2018-8406 is a DirectX Graphics Kernel (DXGKRNL) privilege-escalation vulnerability caused by the DXGKRNL driver improperly handling memory objects. Affected products include Windows Server 2016 and Windows 10 (and Windows 10 Servers). The CVE is characterized by a local, low-complexity attac...
CVE-2018-8414
CVE-2018-8414 is a Windows Shell remote code execution vulnerability where the Windows Shell fails to validate file paths. If a user opens a specially crafted file, an attacker could run arbitrary code in the user’s context. The vulnerability affects Windows 10 and related shells. Microsoft relea...
CVE-2018-0824
CVE-2018-0824 is a Microsoft Windows remote code execution vulnerability in the COM subsystem due to improper handling of serialized objects. Public writeups and advisories summarize that a specially crafted file or script can trigger code execution, with potential remote impact when users open o...
CVE-2018-0846
The connected documents confirm CVE-2018-0846 affects the Windows Common Log File System (CLFS) driver and describes an elevation-of-privilege flaw caused by improper handling of objects in memory. Affected products include various Windows client/server builds (Windows 7 SP1, Windows 8.1/RT 8.1, ...
CVE-2018-8493
CVE-2018-8493 describes an information-disclosure vulnerability in the Windows TCP/IP stack where fragmented IP packets are mishandled. Affected products include Windows Server 2012 R2, Windows RT 8.1, Windows Server 2016, Windows 8.1, Windows 10, and Windows 10 Servers. The underlying issue is i...
CVE-2018-0844
The CVE-2018-0844 entry describes an elevation-of-privilege vulnerability in the Windows Common Log File System (CLFS) driver, affecting multiple Windows versions (Windows 7 SP1, Windows 8.1/RT 8.1, Server 2008 SP2/R2 SP1, 2012/R2, 2016, and 1709). The root cause is how objects in memory are hand...