147 matches found
CVE-2017-0166
CVE-2017-0166: An LDAP elevation of privilege vulnerability in Windows occurs when LDAP request buffer lengths are improperly calculated. This enables a remote attacker to send malicious traffic to a Domain Controller to achieve elevated privileges. The initial description and connected documents...
CVE-2018-0900
Technical details are not publicly available in the provided connected documents; monitor for updates.
CVE-2024-38121
CVE-2024-38121 is a Windows RRAS remote code execution vulnerability. Connected documents explicitly list CVE-2024-38121 under Windows Routing and Remote Access Service (RRAS) with an impact described as executing random code, indicating a high-severity issue (CVSS 3.1/8.8; network attack, no pri...
CVE-2017-0182
The connected Nessus plugin confirms a Hyper-V Denial of Service issue tied to CVE-2017-0182 family: a DoS affecting Microsoft Windows Hyper-V when input from a privileged guest OS is not properly validated, potentially crashing the host. Affected platforms include Windows client/server variants ...
CVE-2018-8434
CVE-2018-8434 is a Windows Hyper-V information disclosure vulnerability. It occurs when a host OS fails to properly validate input from an authenticated user on a guest OS, allowing potential disclosure of memory information. Affected platforms include Windows 7, Windows Server 2008/2012 families...
CVE-2020-17047
CVE-2020-17047: Windows Network File System (NFS) Denial of Service. The issue arises from improper handling of crafted RPC packets, allowing a remote attacker to disrupt a Windows/Windows Server target by sending malicious RPC calls. Root cause: RPC handling defect in the Windows NFS component. ...
CVE-2018-0844
The CVE-2018-0844 entry describes an elevation-of-privilege vulnerability in the Windows Common Log File System (CLFS) driver, affecting multiple Windows versions (Windows 7 SP1, Windows 8.1/RT 8.1, Server 2008 SP2/R2 SP1, 2012/R2, 2016, and 1709). The root cause is how objects in memory are hand...
CVE-2018-8116
The provided connected documents confirm CVE-2018-8116 is a DoS vulnerability in the Windows Graphics Component, arising from how the component handles objects in memory and affecting multiple Windows versions (e.g., Windows 7, Windows 10, server editions). Concrete details include the affected p...
CVE-2020-17038
Technical details for CVE-2020-17038 are not publicly available in the provided documents. No affected products, root cause, or remediation information are included. Monitor for updates.
CVE-2018-0885
CVE-2018-0885 : DoS in the Microsoft Hyper-V Network Switch triggered by unvalidated input from a guest OS. Affected: 64‑bit Windows Server 2008 SP2/ R2 SP1; Windows Server 2012/R2; Windows 10 (various builds); Windows Server 2016; and Windows Server version 1709. Root cause is described as impro...
CVE-2018-0814
Technical details for CVE-2018-0814 are not publicly available in the provided Connected documents. No explicit affected products, versions, root cause, impact, or remediation are disclosed here. Monitor for updates from official advisories.
CVE-2018-0895
Technical details for CVE-2018-0895 are not provided in the connected documents. Public information in this dataset does not specify affected products/versions/impact. Monitor for updates.
CVE-2020-17036
CVE-2020-17036 corresponds to a Windows Function Discovery SSDP Provider Information Disclosure Vulnerability. The vulnerability affects Windows Function Discovery SSDP Provider and is described as an information disclosure issue. The provided documents do not include concrete technical details s...
CVE-2016-0168
CVE-2016-0168 is a Windows GDI information-disclosure vulnerability affecting multiple Windows versions. Connected data confirms exploitation activity (Exploits listed on Exploit-DB and sightings in CIRCL) but provides no vendor-specific patch or remediation details in the supplied documents. No ...
CVE-2017-11847
CVE-2017-11847 affects the Windows kernel across multiple Windows client/server versions (Windows 7 SP1; Windows 8.1/RT; Windows 10 1511–1709; Windows Server 2008/2012/2016, etc.). The root cause is improper handling of objects in memory, enabling a local attacker to escalate privileges and run a...
CVE-2018-0883
CVE-2018-0883 is a remote code execution vulnerability in Windows Shell caused by improper validation of file copy destinations. Affected are Windows Shell components across multiple Windows platforms (Windows 7 SP1, Windows 8.1/RT 8.1, Windows Server 2008 R2/2012/2016 and Windows 10 builds up to...
CVE-2018-0901
Technical details about CVE-2018-0901 are not publicly available in the provided connected documents; monitor for updates.
CVE-2024-38128
Technical details (affected products, root cause, exploit status) are not publicly disclosed in the provided documents; monitor for updates as more information becomes available.
CVE-2024-38154
CVE-2024-38154 concerns Windows Routing and Remote Access Service (RRAS). The initial document states RRAS Remote Code Execution Vulnerability with a CVSS3.1 base score of 8.8 (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H). Connected documents do not supply concrete technical details (no vendor/product/ve...
CVE-2016-0170
CVE-2016-0170 affects the Windows GDI component across multiple Windows versions (Vista SP2, Server 2008 SP2/R2, 7 SP1, 8.1, 2012/2012 R2, RT 8.1, 10). The vulnerability enables remote code execution when processing crafted documents, due to how the Graphics Component handles objects in memory. A...
CVE-2017-8495
CVE-2017-8495 is a Kerberos security feature bypass in which Extended Protection for Authentication can be circumvented by tampering with the SNAME field during ticket exchange (Orpheus’ Lyre). Affected Windows family includes Windows 7 SP1, Windows Server 2008 SP2/R2, Windows 8.1, Windows RT 8.1...
CVE-2024-38125
CVE-2024-38125 affects the Windows Kernel Streaming WOW Thunk Service Driver and enables local elevation of privileges. The vulnerability is associated with the Kernel Streaming WOW Thunk Service Driver and can lead to obtaining elevated privileges (SYSTEM). Microsoft has issued fixes in August 2...
CVE-2018-0881
CVE-2018-0881 concerns a privilege-elevation flaw in the Microsoft Video Control component. The vulnerability stems from how objects are handled in memory, enabling an attacker who can log on and run a crafted application to execute code with elevated/system privileges on affected Windows release...
CVE-2018-0904
The CVE-2018-0904 entry concerns a Windows kernel information disclosure vulnerability affecting Windows kernel in multiple client/server OS builds (Windows 7/8.1/10, Windows Server 2008 R2/2012/2016, etc.). Root cause: memory address handling in the kernel allows partial information disclosure w...
CVE-2017-0184
Microsoft Hyper-V remote Denial of Service vulnerability (CVE-2017-0184) arises from improper validation of input from a privileged user on a guest OS, potentially allowing a guest to crash the host. Affected component: Hyper-V on Windows Server. Consequence: denial of service impacting host avai...
CVE-2018-0888
CVE-2018-0888 corresponds to a vulnerability in the Microsoft Hyper-V Network Switch where 64-bit Windows clients/servers (Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012/R2; Windows 10 versions 1511–1709; Windows Server 2016) are exposed to information disclos...
CVE-2024-38130
Technical details for CVE-2024-38130 are not publicly available in the provided documents. No vendor/dependent specifics (product version, root cause, impact, or fixes) are given here. Monitor for official disclosures and updated advisories.
CVE-2016-0171
CVE-2016-0171 is a Windows kernel‑mode elevation of privilege vulnerability affecting Win32k in several Windows releases (Vista SP2 to Windows 10 1511). The entry describes that a crafted user‑mode application can trigger a local privilege escalation via a flaw in the Win32k subsystem, with explo...
CVE-2017-0058
CVE-2017-0058 is a Windows Win32k information-disclosure vulnerability where win32k.sys fails to properly provide kernel information, allowing a local attacker to obtain sensitive data to aid compromise. Affected: Microsoft Windows Win32k component. Root cause: improper kernel information exposur...
CVE-2017-0296
CVE-2017-0296 affects Windows platforms (Windows 7 SP1 to Windows Server 2016) with a privilege-escalation via tdx.sys due to a missing length check when copying memory. The affected component is tdx.sys; root cause is inadequate buffer length validation. Impact per description: privilege escalat...
CVE-2025-24059
CVE-2025-24059 affects Windows Common Log File System Driver. Root cause: incorrect numeric type conversion leading to local privilege escalation. Impact per sources: high (privilege escalation, high confidentiality/integrity/availability impact) with local exploitation and no user interaction re...
CVE-2024-38116
Technical details for CVE-2024-38116 are not publicly available in the provided documents; monitor for updates.
CVE-2024-38141
CVE-2024-38141 is a Windows vulnerability in the Ancillary Function Driver for WinSock that enables local privilege escalation to SYSTEM. Connected sources indicate the issue is tied to the WinSock AF Dvr and that exploitation would require local access with low privileges and no user interaction...
CVE-2017-0023
CVE-2017-0023 is a remote code execution vulnerability in the Microsoft Edge PDF Library, affecting Windows 8.1, Windows Server 2012/2012 R2, Windows RT 8.1, and Windows 10 (variants such as 1511/1607). Public reports describe memory corruption in the PDF rendering library leading to arbitrary co...
CVE-2017-0076
Summary of CVE-2017-0076 and related entries : The vulnerability affects Hyper-V in multiple Windows platforms (Vista SP2; Server 2008 SP2/2008 R2; Windows 7 SP1; Windows 8.1; Server 2012/2012 R2; Windows 10 versions 1511/1607; and Windows Server 2016). The issue allows a guest OS user running in...
CVE-2018-0894
Technical details about CVE-2018-0894 are not provided in the connected documents. The initial entry describes an information disclosure vulnerability in Windows kernels across multiple versions, but no affected product specifics, fixes, or exploit data are included here. Monitor for updates.
CVE-2020-17041
CVE-2020-17041 technical details are not publicly available in the provided documents. Monitor for updates.
CVE-2017-0074
CVE-2017-0074 is a Hyper-V denial-of-service vulnerability affecting Windows Hyper-V across multiple Windows client and server editions. Connected sources (CNVD entries) describe a Hyper-V DoS where a crafted application can crash the host, affecting Hyper-V guests; specific affected versions ali...
CVE-2024-38114
Technical details for CVE-2024-38114 are not provided in the connected documents. The initial description notes a Windows IP Routing Management Snapin Remote Code Execution vulnerability with CVSS 3.1/8.8, but no affected versions, root cause, or mitigations are included here.
CVE-2024-38122
Technical details about CVE-2024-38122 are not provided in the connected documents. The initial entry only labels an LSA server information disclosure without concrete details on affected products, versions, impact, or fixes; monitor for updates.
CVE-2024-38191
Technical details for CVE-2024-38191 are not publicly provided in the supplied documents. Monitor for updates from Microsoft MSRC/NVD, NVD, or CVE listings as new information becomes available.
CVE-2025-24056
CVE-2025-24056 is a heap-based buffer overflow in the Windows Telephony Server that allows a network-based attacker to execute arbitrary code on affected systems. The issue is described as remote code execution with network access (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) and a base score of 8.8 (HIG...
CVE-2016-0180
CVE-2016-0180 is a Windows kernel elevation-of-privilege vulnerability affecting multiple Windows versions (Vista SP2, Server 2008 SP2/R2, 7 SP1, 8.1, 2012, RT 8.1, 10 variants). The root cause is how the Windows kernel mishandles symbolic links, enabling a local attacker to gain privileges via a...
CVE-2017-0163
CVE-2017-0163 affects Windows Server Hyper-V Network Switch, allowing remote code execution when input from a guest OS is not properly validated. The underlying issue is improper validation of guest-supplied input, enabling an attacker with guest access to execute arbitrary code on the host. Publ...
CVE-2018-0926
Technical details are not publicly available in the provided connected documents; monitor for updates.
CVE-2020-17029
CVE-2020-17029 is a Windows Canonical Display Driver Information Disclosure Vulnerability. Affected software: Windows Canonical Display Driver. Root cause: information disclosure vulnerability within the Canonical Display driver. Impact: confidentiality impact HIGH (per CVSS 3.1), with local atta...
CVE-2024-38214
CVE-2024-38214 is a Windows RRAS Information Disclosure Vulnerability affecting RRAS in Windows. The provided data lists RRAS as the vulnerable component with an impact of accessing sensitive data, and references Microsoft security updates (e.g., KB5041773 and related August 2024 updates) as miti...
CVE-2016-0173
CVE-2016-0173 is a Win32k Elevation of Privilege vulnerability affecting Windows kernel‑mode drivers across Windows Vista SP2 through Windows 10 (1511). A crafted user-mode application can trigger local privilege escalation, as described in the original entry. Public exploit access exists: Exploi...
CVE-2017-0192
The CVE-2017-0192 entry describes an information disclosure in the Microsoft Windows ATMFD.dll (Adobe Type Manager Font Driver). Affected products include Windows Vista SP2, Windows Server 2008 SP2/R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold/R2, Windows RT 8.1, and Windows 10 bui...
CVE-2018-1009
CVE-2018-1009 is a local privilege-escalation vulnerability in the Windows DirectX Graphics Kernel Subsystem. It arises when Windows improperly handles objects in memory and incorrectly maps kernel memory, allowing an attacker with local access to elevate privileges on affected systems. Affected ...