686 matches found
CVE-2022-24521
CVE-2022-24521 is a Windows Windows Common Log File System Driver Privilege Escalation vulnerability. The CVE entry reports an elevation-of-privilege flaw in the CLFS driver; CVSS scores shown include a 2.0/2.0 base (MEDIUM) on NVD and a 3.1-based HIGH score from Microsoft, both indicating local ...
CVE-2022-26904
CVE-2022-26904 is a Windows User Profile Service Elevation of Privilege vulnerability. The issue is a race-condition–driven LPE in the User Profile Service, with attacker-controlled code execution at SYSTEM granted by bypasses and PoCs described in public sources. A Metasploit module exists for t...
CVE-2011-3416
CVE-2011-3416 affects Microsoft .NET Framework's ASP.NET Forms Authentication, allowing remote authenticated users to obtain access to arbitrary user accounts via a crafted username. Affected: .NET Framework 1.1 SP1, 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0. The issue is addressed by MS11-100; vulnerable...
CVE-2009-3103
CVE-2009-3103 affects SMBv2 in srv2.sys on Windows Vista (Gold, SP1, SP2), Windows Server 2008 (Gold, SP2), and Windows 7 RC. Description and NSE/script references describe an out-of-bounds/array indexing issue in the SMB Negotiation protocol handling (ProcessID High header) that can allow remote...
CVE-2022-26809
CVE-2022-26809 is a Windows RPC Runtime Remote Code Execution vulnerability. Public material in the connected documents indicates an unauthenticated remote attacker can trigger code execution by sending a crafted RPC call, with the real vulnerability located in OSF_CASSOCIATION::ProcessBindAckOrN...
CVE-2016-0128
Technical details about CVE-2016-0128 are not provided in the connected documents. The initial description mentions Badlock affecting Windows SAM/LSAD, but no explicit exploit vectors, affected products, or fixes are given here. Monitor for updates.
CVE-2022-24481
CVE-2022-24481 is a Windows Common Log File System Driver elevation-of-privilege vulnerability. The connected exploit reports describe a memory/counterpart corruption involving CLFS_CONTAINER_CONTEXT.pContainer that can be triggered from CClfsContainer::Close by modifying CLFS_BASE_RECORD_HEADER....
CVE-2012-0002
CVE-2012-0002 is a Remote Desktop Protocol memory-processing vulnerability in affected Windows platforms (Windows XP SP2/SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2/R2, Windows 7 SP1). The flaw permits remote code execution by sending specially crafted RDP packets tha...
CVE-2017-0055
CVE-2017-0055 refers to a cross-site scripting (XSS) elevation-of-privilege vulnerability in Microsoft Internet Information Services (IIS). The issue affects IIS on multiple Windows platforms (Vista through Windows Server 2016) and allows a remote attacker to craft a request that can execute scri...
CVE-2011-2016
CVE-2011-2016 describes an untrusted search path vulnerability in Windows Mail and Windows Meeting Space, affecting Windows Vista SP2, Windows Server 2008 SP2, R2 and R2 SP1, and Windows 7 (Gold and SP1). The root cause is loading a Trojan horse DLL from the current working directory when opening...
CVE-2022-24500
CVE-2022-24500 is a Windows SMB Remote Code Execution vulnerability. Connected exploit posts provide concrete steps and code to launch a Windows SMB-based RCE, requiring the target to interact with a malicious server/share over SMB (port 445). The GitHub exploits illustrate an end-to-end chain (d...
CVE-2022-24528
CVE-2022-24528 is a Remote Code Execution vulnerability in Windows RPC Runtime. It is a network-exposed issue affecting the Windows RPC runtime, with a high-severity impact (C/H/I/A: high) per CVSS v3.1 (8.8) and a medium base score (6.8) in CVSS v2. The CVSS v3.1 vector indicates network access,...
CVE-2018-8166
The CVE-2018-8166 entry is supported by connected documents describing a Win32k privilege-escalation vulnerability in Windows where the Win32k component mishandles objects in memory, allowing local kernel-mode code execution if exploited. Affected products span multiple Windows versions (e.g., Wi...
CVE-2018-8164
CVE-2018-8164 is a Win32k privilege-escalation vulnerability in Windows where the Win32k component fails to properly handle objects in memory. Affected are multiple Windows releases (server and client SKUs listed in the CVE entry). The connected documents corroborate a kernel-mode elevation of pr...
CVE-2017-0214
CVE-2017-0213 is a Windows Privilege Escalation flaw in the COM Aggregate Marshaler. Reports confirm it enables local elevation of privilege when a specially crafted app is run, affecting Windows client and server SKUs listed in the CVE description. Several connected sources document exploitation...
CVE-2009-2524
CVE-2009-2524 refers to an Integer Overflow in LSASS during NTLM authentication in multiple Windows versions. A malformed NTLM packet can cause LSASS to crash and reboot the host, i.e., a denial-of-service condition. Affected software includes Windows XP SP2/SP3, Windows Server 2003 SP2, Windows ...
CVE-2016-0143
CVE-2016-0143 is a Windows Win32k Privilege Escalation vulnerability in the kernel-mode driver (win32k.sys) affecting multiple Windows versions (Vista SP2, Server 2008 SP2/R2, Windows 7 SP1, 8.1, 2012, RT 8.1, Windows 10 Gold/1511). Root cause: improper handling of objects in memory within the Wi...
CVE-2016-3308
Technical details for CVE-2016-3308 are not publicly available in the provided documents; monitor for updates.
CVE-2017-0025
Technical details such as affected products, vulnerable components, impact, and remediation for CVE-2017-0025 are not provided in the connected documents; no publicly disclosed specifics are included here. Monitor for updates.
CVE-2017-11835
CVE-2017-11835 affects the Microsoft Windows Embedded OpenType (EOT) font engine. The vulnerability exists in Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, where specially crafted embedded fonts parsed by the EOT font engine can allow a local attacker who logs on and opens a document to read...
CVE-2017-0047
Technical details about CVE-2017-0047 are not provided in the connected documents. Public information in the Initial Description is limited to an overview; monitor for updates.
CVE-2017-8563
CVE-2017-8563 is an elevation-of-privilege vulnerability in Windows where Kerberos can fall back to NTLM as the default authentication protocol. The issue is exposed via LDAP/NTLM negotiation and can enable domain‑level credential abuse if NTLM relay occurs. Public documentation notes that follow...
CVE-2011-0657
CVE-2011-0657 affects the DNSAPI.dll DNS client in multiple Windows platforms (XP SP2/SP3, Server 2003 SP2, Vista SP1/SP2, Server 2008 Gold/SP2/R2, Windows 7 SP1). Root cause: improper processing of DNS queries by the DNS client, enabling remote attackers to run arbitrary code via (1) a crafted L...
CVE-2016-3311
CVE-2016-3311 is a Windows kernel-mode driver elevation of privilege vulnerability affecting multiple Windows versions (Vista SP2, Server 2008 SP2/R2, Windows 7 SP1, 8.1, Server 2012, Windows RT 8.1, and Windows 10 variants). The issue arises in Win32k kernel components where a crafted applicatio...
CVE-2013-0810
CVE-2013-0810 affects Windows XP SP2/SP3, Windows Server 2003 SP2, Windows Vista SP2, and Windows Server 2008 SP2. Attackers could trigger remote code execution by delivering a crafted theme file containing a malicious screensaver. The root cause is improper handling of screensaver/theme data, al...
CVE-2022-26903
Technical details about CVE-2022-26903 (affected components, root cause, impact, and fixes) are not provided in the supplied documents. Monitor for updates from Microsoft and CVE databases for official disclosures and remediation information.
CVE-2016-3310
CVE-2016-3310 is a Win32k Elevation of Privilege vulnerability affecting multiple Windows versions. The issue arises in kernel‑mode drivers where improper handling of memory objects enables a local user to execute code with SYSTEM privileges via a crafted application. This is a local, non‑authent...
CVE-2009-2512
CVE-2009-2512 describes a remote code execution vulnerability in Microsoft Windows WSDAPI (Web Services on Devices API) affecting Windows Vista (Gold, SP1, SP2) and Windows Server 2008 (Gold, SP2). The root cause is memory corruption due to improper processing/validation of WSD message headers (M...
CVE-2013-3175
CVE-2013-3175 is a Windows elevation-of-privilege issue in the handling of asynchronous RPC requests. Affected products include Windows XP SP2/SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2/R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT. Root cause...
CVE-2022-21983
CVE-2022-21983 is a Win32 Stream Enumeration Remote Code Execution vulnerability. The connected sources show an in-scope CVE with a network attack vector and high impact: CVSSv3.1 base score 7.5 (HIGH), with no authentication (NONE) and user interaction required (REQUIRED); confidentiality, integ...
CVE-2022-26831
CVE-2022-26831 : Windows LDAP Denial of Service vulnerability. The vulnerability is described as a Windows LDAP DoS issue with a Network attack vector (no user interaction) and a high-impact on availability (per CVSS v3.1: 7.5, HIGH; CVSS v2: 5.0, MEDIUM). Connected sources confirm the Windows LD...
CVE-2009-2493
CVE-2009-2493 : Microsoft’s ATL vulnerability enables remote code execution when a user loads a specially crafted component/control hosted on a malicious page. The issue is described in MS09-037 (ATL vulnerabilities) and is addressed by Microsoft security bulletin updates; affected products inclu...
CVE-2010-0480
CVE-2010-0480 is a remote code execution vulnerability in Microsoft MPEG Layer-3 codecs. The issue arises from multiple stack-based buffer overflows in the MPEG Layer-3 audio decoders (l3codecx.ax and related ACM codecs) when processing crafted AVI files, affecting Windows 2000 SP4, XP SP2/SP3, S...
CVE-2022-24492
CVE-2022-24492 is a Remote Code Execution vulnerability in Windows RPC Runtime. The connected Akamai blog notes that Windows RPC-related RCE vulnerabilities were patched in Microsoft’s April 2022 Patch Tuesday, including CVE-2022-24492, with patches issued as part of the Windows security updates....
CVE-2017-8582
CVE-2017-8582 affects the HTTP.sys server component in multiple Windows editions. The vulnerability arises from the component’s improper handling of in-memory objects, enabling a remote, unauthenticated attacker to obtain information and potentially facilitate further compromise. The impact is an...
CVE-2022-24530
CVE-2022-24530 is a Windows Installer Elevation of Privilege vulnerability. The NVD entry lists a CVSSv3.1 base score of 7.8 (LOCAL, LOW privileges required, UI NONE, S C changed, impact: HIGH on confidentiality, integrity, and availability). It reflects a local privilege escalation in the Window...
CVE-2022-26801
CVE-2022-26801 is a Windows Print Spooler Elevation of Privilege vulnerability (Local, Low attack complexity; no user interaction required per description). The connected documents show confirmed details on the vulnerability’s existence and CVSS metrics (CVSS 3.1 base score 7.8; confidentiality/i...
CVE-2017-0174
CVE-2017-0174 is a Windows NetBIOS Denial of Service vulnerability. Exploitation involves sending malformed NetBIOS packets to affected Windows versions (Windows 7/8.1/10, Windows Server 2008-2016 and related). The underlying cause is improper handling within the Windows NetBIOS/network stack, al...
CVE-2017-0272
CVE-2017-0272 affects the Microsoft Windows SMBv1 server on Windows clients/servers (Windows 7/8.1, Windows Server 2008 SP2/R2 SP1, 2012, 2016, 10 versions etc.). Root cause: the SMBv1 server mishandles certain requests, enabling remote code execution by a remote attacker. Impact is high (remote ...
CVE-2010-0270
The CVE-2010-0270 entry describes a remote code execution/memory corruption vulnerability in the SMB client of Windows 7 and Windows Server 2008 R2. The SMB client fails to properly validate fields in SMB responses (SMB transaction responses), for both SMBv1 and SMBv2, allowing remote SMB servers...
CVE-2022-24474
Technical details about CVE-2022-24474 are not publicly available in the provided documents; no affected products, versions, or fixes are specified here. Monitor for updates.
CVE-2022-24499
Technical details about CVE-2022-24499 are not provided in the connected documents; public specifics (affected products, root cause, exploit info, or remediation) are not available here. Monitor for updates.
CVE-2008-4114
The CVE-2008-4114 issue affects the Windows SMB SRV.SYS driver (WriteAndX handling) across multiple Windows platforms (Windows 2000 SP4, XP SP2/SP3, Server 2003 SP1/SP2, Vista Gold/SP1, Server 2008). The vulnerability arises from insufficient validation of the SMB WRITE_ANDX DataOffset, which can...
CVE-2016-0051
CVE-2016-0051 is a local privilege-escalation vulnerability in the Windows WebDAV client. The issue stems from the WebDAV client’s handling of crafted input, allowing a local attacker to gain SYSTEM-level privileges on affected Vista/7/8.1/2012/RT/10 variants with the WebDAV component (WebDAV cli...
CVE-2013-0007
CVE-2013-0007 impacts Microsoft XML Core Services (MSXML) versions 4.0–6.0. A parsing fault in MSXML can allow remote code execution when a user visits a crafted web page (MSXML XSLT vulnerability). Affected components include MSXML DLLs; root cause is improper XML content parsing. Mitigation is ...
CVE-2012-0006
CVE-2012-0006 affects Microsoft Windows DNS Server (Server 2003 SP2, 2008 SP2, R2, R2 SP1). The vulnerability arises from improper handling of in-memory objects during resource-record lookups, which can be triggered by a crafted DNS query, enabling a remote attacker to cause a denial-of-service c...
CVE-2012-1851
CVE-2012-1851 is a format string vulnerability in the Windows Print Spooler service that allows remote code execution. Affected: Windows XP SP2/SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2/R2 SP1, and Windows 7 SP1. Root cause: Print Spooler mishandles crafted response...
CVE-2010-2729
CVE-2010-2729 is a remote code execution vulnerability in the Windows Print Spooler service. It stems from insufficient validation of spooler access permissions, allowing a remote attacker to create files in a system directory and execute arbitrary code by sending a crafted print request over RPC...
CVE-2012-0159
CVE-2012-0159 is a kernel-level remote code execution vulnerability in Microsoft Windows related to TrueType font parsing. The root cause is a sign extension error in the kernel’s handling of TrueType compound glyphs within win32k.sys, which can be triggered by a crafted TTF file. Affected produc...
CVE-2012-4786
CVE-2012-4786 affects Windows kernel-mode drivers handling TrueType/OpenType font parsing. The advisory set shows remote code execution via crafted TTF/OTF files affecting Windows XP SP2/SP3, Server 2003 SP2, Vista SP2, Server 2008 SP2/R2, Windows 7 SP1, Windows 8, Server 2012, and RT. Root cause...