35 matches found
CVE-2020-0787
CVE-2020-0787 is a privilege-escalation flaw in Microsoft Windows BITS (Background Intelligent Transfer Service) caused by improper handling of symbolic links. The issue can allow an attacker who can run code on a vulnerable host to escalate to system-level privileges and execute arbitrary code. ...
CVE-2020-0601
The CVE-2020-0601 issue affects Windows CryptoAPI (Crypt32.dll) and its ECC certificate validation, enabling a spoofing attack where a forged code-signing certificate could make malware appear trusted. Affected platforms include Windows 10 and Windows Server 2016/2019, with the vulnerability tied...
CVE-2020-0986
Technical details about CVE-2020-0986 are not publicly available in the provided connected documents. Please monitor for updates; current materials mention malware references in related EUVD entries but do not disclose affected products, vulnerable components, impact, or fixes.
CVE-2019-1322
CVE-2019-1322 is a Windows local privilege escalation vulnerability, arising from improper handling of authentication requests that can allow an attacker to execute with SYSTEM privileges. Public references and connected items show explicit exploitation tooling and modules (e.g., COMahawk and Ere...
CVE-2020-0683
CVE-2020-0683 is a Windows Installer Elevation of Privilege vulnerability. The issue occurs when MSI packages process symbolic links, allowing a local attacker to bypass access restrictions and add or remove files. Technical details across connected sources confirm the affected component (Windows...
CVE-2020-1054
CVE-2020-1054 is a Win32k kernel-mode elevation of privilege vulnerability in Windows where the Windows kernel-driver mishandles memory objects. The CVE entry is distinct from CVE-2020-1143. Public references in the provided set show an exploit for CVE-2020-1054 (Out-of-bounds write in Microsoft ...
CVE-2019-1405
CVE-2019-1405 is a local privilege-escalation flaw in the Windows UPnP service where improper handling allows COM object creation. Root cause per the connected CISA KEV entry is improper COM object creation by the UPnP service, enabling elevation of privileges. The CVSSv3.1 metrics in the initial...
CVE-2019-0859
CVE-2019-0859 (Windows Win32k Privilege Escalation) : A local privilege escalation vulnerability in the Win32k component of Microsoft Windows arises from Win32k failing to properly handle objects in memory, enabling an attacker to run code in kernel mode. Several connected sources corroborate thi...
CVE-2018-8453
CVE-2018-8453 is a Windows Win32k local privilege escalation vulnerability. The flaw arises when Win32k fails to properly handle memory objects, allowing an attacker to escalate privileges via local code execution. Affected products include Windows 7, Windows 8.1, Windows 10 (and server variants ...
CVE-2019-0803
CVE-2019-0803 is a Windows Win32k elevation of privilege vulnerability. Root cause: Win32k fails to properly handle objects in memory, enabling local kernel-mode code execution. Affected software: Microsoft Windows Win32k component (privilege escalation). Impact: local privilege escalation with k...
CVE-2019-1064
CVE-2019-1064 is a Windows elevation-of-privilege flaw in the AppXSVC (Windows AppX Deployment Service) due to improper handling of hard links. The root cause allows a locally authenticated attacker to run processes in an elevated context, potentially installing programs or modifying data. Micros...
CVE-2019-1130
CVE-2019-1130 is a Windows privilege-escalation vulnerability in the AppX Deployment Service (AppXSVC) caused by improper handling of hard links. The CVE notes an elevation of privilege from a local user, with a CVSSv3.1 base score of 7.8 (LOCAL attack, LOW complexity, Privileges Required: LOW; U...
CVE-2019-1069
CVE-2019-1069 is a Windows Task Scheduler Privilege Escalation vulnerability in which the Task Scheduler Service inadequately validates certain file operations. The issue enables local privilege escalation when an attacker with unprivileged code execution on a victim system exploits the flaw. Mic...
CVE-2019-1253
CVE-2019-1253 describes a local privilege-escalation in Microsoft Windows AppX Deployment Server caused by improper handling of junctions. The vulnerability allows an attacker who already has code execution on the target system to elevate privileges (local attack, low integrity/login requirements...
CVE-2019-1215
CVE-2019-1215 describes a local privilege-escalation in Windows via ws2ifsl.sys (Winsock) where improper handling of memory-resident objects enables code execution with elevated privileges. Affected component is Winsock’s ws2ifsl.sys; root cause is memory handling of objects within the Winsock su...
CVE-2019-1214
CVE-2019-1214 is a Windows privilege-escalation vulnerability in the Windows Common Log File System (CLFS) Driver. It stems from improper handling of objects in memory, enabling a local attacker to escalate privileges on a vulnerable system. Public references consistently describe the CLFS driver...
CVE-2019-0703
CVE-2019-0703 is described in the initial doc as an information-disclosure vulnerability in the Windows SMB Server’s handling of certain requests, distinct from CVE-2019-0704 and CVE-2019-0821. Connected sources add concrete context: FireEye/Mandiant notes this CVE was used in targeted attacks du...
CVE-2019-0863
CVE-2019-0863 is a Windows Elevation of Privilege vulnerability in Windows Error Reporting (WER) where the vulnerability stems from the way WER handles files. The underlying issue allows local attackers to escalate to kernel-level privileges (CVE-2019-0863). Microsoft patched this in the May 2019...
CVE-2019-0543
Technical details about CVE-2019-0543 are not publicly provided in the supplied documents. Monitor for updates.
CVE-2020-0938
CVE-2020-0938 affects the Windows Adobe Font Manager Library by improperly handling specially crafted multi-master Font 1 PostScript fonts. The root cause is a vulnerability in the font parser that can allow remote code execution when processing crafted documents. For all Windows versions except ...
CVE-2019-0797
CVE-2019-0797 is a Windows Win32k privilege-escalation vulnerability caused by the Win32k component failing to properly handle objects in memory, enabling local code execution with kernel privileges. Affected: Windows Win32k subsystem (Win32k.sys). Impact: elevated privileges to SYSTEM with poten...
CVE-2020-1027
CVE-2020-1027 is a Windows privilege-escalation vulnerability affecting Windows kernel memory handling and the CSRSS subsystem. The Windows kernel path (memory object handling) enabled local privilege escalation via write-what-where style abuse in kernel fault paths, while the CSRSS path allowed ...
CVE-2018-8405
Technical details (exploit vector, affected products/versions, root cause specifics, and mitigations) are not publicly disclosed in the provided connected documents. Monitor for updates from authoritative sources.
CVE-2018-8406
CVE-2018-8406 is a DirectX Graphics Kernel (DXGKRNL) privilege-escalation vulnerability caused by the DXGKRNL driver improperly handling memory objects. Affected products include Windows Server 2016 and Windows 10 (and Windows 10 Servers). The CVE is characterized by a local, low-complexity attac...
CVE-2019-0903
Technical details about CVE-2019-0903 (affected component/version/root cause/impact) are not publicly provided in the supplied documents. Monitor for updates.
CVE-2020-0638
CVE-2020-0638 is a Windows Update Notification Manager elevation-of-privilege vulnerability. An attacker who already has code execution on the target could exploit the flaw by running a crafted program to elevate privileges, due to how the Update Notification Manager handles files. The issue is l...
CVE-2019-1129
CVE-2019-1129 is a Windows AppX Deployment Service (AppXSVC) privilege-escalation vulnerability caused by improper handling of hard links. The issue enables local Privilege Escalation with high impact; CVSS 3.1 base score 7.8 (LOCAL, LOW complexity, no user interaction) as documented by NVD, and ...
CVE-2018-8414
CVE-2018-8414 is a Windows Shell remote code execution vulnerability where the Windows Shell fails to validate file paths. If a user opens a specially crafted file, an attacker could run arbitrary code in the user’s context. The vulnerability affects Windows 10 and related shells. Microsoft relea...
CVE-2018-0824
CVE-2018-0824 is a Microsoft Windows remote code execution vulnerability in the COM subsystem due to improper handling of serialized objects. Public writeups and advisories summarize that a specially crafted file or script can trigger code execution, with potential remote impact when users open o...
CVE-2018-8226
The CVE-2018-8226 entry describes a denial-of-service in the HTTP/2 protocol stack (HTTP.sys) for Windows. Affected components include HTTP.sys on Windows Server 2016 and Windows 10/Windows 10 Servers, with the root cause being improper parsing of specially crafted HTTP/2 requests, leading to sys...
CVE-2018-8140
CVE-2018-8140 (Cortana Elevation of Privilege) affects Windows 10 and Windows Server (server 1709/1803) where Cortana retrieves data from user input services without considering status, enabling local privilege escalation. Root cause: Cortana’s data handling allows execution of commands with elev...
CVE-2018-8493
CVE-2018-8493 describes an information-disclosure vulnerability in the Windows TCP/IP stack where fragmented IP packets are mishandled. Affected products include Windows Server 2012 R2, Windows RT 8.1, Windows Server 2016, Windows 8.1, Windows 10, and Windows 10 Servers. The underlying issue is i...
CVE-2018-8175
CVE-2018-8175 describes a denial-of-service in Windows WebDAV Minirdr when querying a WebDAV directory. The vulnerability can be triggered by a user visiting a attacker-controlled site or link, leading to the victim’s system stopping to respond. Affected products include Windows 10 and Windows Se...
CVE-2018-8239
CVE-2018-8239 — Windows GDI Information Disclosure Vulnerability affects Windows Server 2016, Windows 10, and Windows 10 Server variants. The root cause is that the Windows GDI component improperly discloses the contents of memory (an information-disclosure flaw). An attacker could exploit this b...
CVE-2018-8231
CVE-2018-8231 is a remote code execution vulnerability in Microsoft Windows HTTP.sys. The flaw occurs when Http.sys improperly handles objects in memory, allowing an attacker to gain control of the affected system by sending specially crafted requests. Affected products include Windows Server 201...