1844 matches found
CVE-2024-21429
The CVE-2024-21429 entry covers a remote code execution vulnerability in the Windows USB Hub Driver. According to the description, the issue affects the USB Hub Driver and could lead to arbitrary code execution with high impact on confidentiality, integrity, and availability. Exploitation details...
CVE-2024-49039
CVE-2024-49039 is a Windows Task Scheduler privilege-escalation vulnerability. An authenticated local attacker can elevate privileges outside of AppContainer and access privileged RPC functions via the Task Scheduler, enabling local privilege escalation with high impact (CVE-2024-49039). There ar...
CVE-2026-20862
CVE-2026-20862 is a Windows Management Services information disclosure vulnerability. The description in the initial document states that it allows an authorized attacker to disclose sensitive information locally. The connected Nessus/NCSC/ENISA entries confirm this is a local-impact issue tied t...
CVE-2024-21340
Technical details for CVE-2024-21340 are not provided in the supplied documents. Monitor for updates.
CVE-2026-41089
CVE-2026-41089 is a Windows Netlogon RCE via a stack-based buffer overflow in CLDAP handling. Affected: Windows Server 2012 through 2025 domain controllers. Mechanism (per provided PoCs): unauthenticated remote is possible by sending crafted CLDAP UDP packets; a 528-byte stack buffer overflow occ...
CVE-2025-33073
CVE-2025-33073 is a network-accessible elevation of privilege in the Windows SMB Client caused by improper access control in the SMB protocol stack. The initial description confirms privilege escalation with network access. Connected documents provide concrete exploit presence: PoCs and proof‑of‑...
CVE-2024-38112
CVE-2024-38112 Windows MSHTML Platform Spoofing is a Windows/MSHTML vulnerability exploited in the wild by the Void Banshee group. The issue involves spoofing UI within the MSHTML/IE rendering path, enabling code execution when a user opens a crafted .url payload that references an embedded MHTML...
CVE-2024-43451
CVE-2024-43451 is a Windows NTLMv2 hash disclosure spoofing vulnerability. Affected: Windows; root cause: NTLM hash leakage occurs when the shell processes .URL shortcuts, triggering NTLM authentication over SMB to an attacker-controlled server. Impact: attackers can obtain NTLMv2 hashes and perf...
CVE-2025-26633
CVE-2025-26633 is a local-privilege-escalation in Microsoft Management Console (MMC) caused by improper neutralization in how MMC loads language-twin .msc files. A malicious “evil twin” .msc in a language directory can execute payloads with the user’s privileges when a user opens a legitimate MMC...
CVE-2025-33053
Summary of CVE-2025-33053 : A vulnerability in Windows WebDAV/Internet Shortcut handling allows remote code execution when a vulnerable host opens a crafted .url file that points to a WebDAV share. Exploitation relies on the WebClient service resolving UNC paths via WebDAV and may trigger arbitra...
CVE-2024-43583
CVE-2024-43583 is a Winlogon elevation of privilege vulnerability. Connected PoC details show an attacker with low local privileges can escalate to SYSTEM by abusing the Image File Execution Options (IFEO) registry hijack to replace a legitimate system process with a malicious payload. Affected W...
CVE-2024-49112
CVE-2024-49112 affects Windows LDAP on Domain Controllers. Connected sources describe an integer-overflow flaw in the LDAP server that can allow unauthenticated remote code execution via crafted CLDAP/LDAP traffic, leading to arbitrary code execution and potential DoS. Exploitation may require lo...
CVE-2025-30394
Technical details for CVE-2025-30394 are not publicly provided in the supplied documents. The description notes a memory locking issue causing a network denial of service, but no vendor/version/impact/fix specifics are available here. Monitor for updates.
CVE-2024-29988
CVE-2024-29988 is a Microsoft Windows SmartScreen security feature bypass vulnerability (MotW bypass) that enables arbitrary code execution when a user opens a zip/executable delivered in a crafted file. Public exploit activity exists (GitHub exploit repository) and reports indicate in-the-wild u...
CVE-2025-29974
Technical details about CVE-2025-29974 are not publicly provided in the supplied documents. Monitor for updates from Microsoft and other security bulletins to obtain confirmed affected products, scope, and remediation.
CVE-2025-21420
CVE-2025-21420 is evidenced by PoCs showing a Disk Cleanup Tool (cleanmgr.exe) elevation via a DLL sideload approach. The GitHub PoCs demonstrate loading dokan1.dll/dokannp1.dll to trigger arbitrary code paths, with the exploit chain listing SetProcessMitigationPolicy (ProcessRedirectionTrustPoli...
CVE-2024-30092
CVE-2024-30092 corresponds to a Windows Hyper-V remote code execution vulnerability. Connected sources corroborate a Hyper-V RCE issue affecting Windows Hyper-V with an entry showing 8.0 base-vector severity and adjacent attack vector; Microsoft has released updates to fix vulnerabilities in Wind...
CVE-2025-21337
CVE-2025-21337 is a Windows vulnerability categorized as an elevation of privileges (impact: obtaining elevated privileges) with a low base score (CVSS v3.1: 3.3) and local attack vector. The connected advisory from NCSC-2025-0047 aligns this CVE to a Windows component issue with a CVSS ~3.3 and ...
CVE-2026-0386
CVE-2026-0386 : Windows Deployment Services has an improper access control vulnerability that can allow an adjacent-network attacker to execute code remotely. This entry is supported by multiple sources confirming the issue and indicating Microsoft has released January 2026 security updates to ad...
CVE-2023-20588
CVE-2023-20588 is a division-by-zero vulnerability on some AMD Zen1 CPUs that could cause speculative data leakage and affect confidentiality. The connected Amazon Linux 2 advisory (ALAS2KERNEL-5.4-2025-116) confirms the Linux kernel fix for kernel-5.4 series (e.g., 5.4.254-169.358.amzn2.aarch64/...
CVE-2024-43461
CVE-2024-43461 — Windows MSHTML Platform Spoofing Vulnerability : A UI misrepresentation in MSHTML that can be used to spoof a web page. Affected component: Windows MSHTML Platform. Underlying issue is a UI spoofing flaw; CVSSv3.1 score 8.8 ( NETWORK, LOW, NONE, UI: REQUIRED; Confidentiality/Inte...
CVE-2026-20962
CVE-2026-20962 is described as a local-information-disclosure vulnerability in the Dynamic Root of Trust for Measurement (DRTM) mechanism. The initial and connected sources indicate an issue arising from use of an uninitialized resource, allowing an authorized attacker with local access to disclo...
CVE-2023-1017
CVE-2023-1017 describes an out-of-bounds write in TPM2.0/Module Library CryptParameterDecryption. A local attacker could crash the TPM or gain arbitrary code execution in the TPM context. Affected scope includes TPM2.0 implementations via libtpms in VM TPM support and TPM modules. Public details ...
CVE-2024-26229
CVE-2024-26229 is a Windows local privilege-escalation vulnerability in the CSC service (csc.sys) that can enable kernel R/W access via a vulnerable IOCTL, permitting DKOM-based token replacement to achieve SYSTEM-level LPE. Exploitation details in connected docs describe using kernel memory acce...
CVE-2026-21510
CVE-2026-21510 is a Windows Shell security feature bypass vulnerability (Protection Mechanism Failure) that can allow remote code execution by bypassing SmartScreen prompts and shell warnings. Affected component: Windows Shell (explorer.exe) and related UI elements. Exploitation requires social e...
CVE-2024-26161
CVE-2024-26161 affects the Microsoft WDAC OLE DB provider for SQL Server and is described as a Remote Code Execution vulnerability. The CVE entry lists a CVSS v3.1 base score of 8.8 (HIGH) with NETWORK attack vector, LOW attack complexity, and NONE privileges required, but user interaction is REQ...
CVE-2025-21189
CVE-2025-21189 is listed as MapUrlToZone Security Feature Bypass. Connected sources categorize its impact as circumvention of a security measure. Public technical detail in the provided documents is limited; no explicit root-cause, vulnerable product/version, or exploitation information is given....
CVE-2023-24023
CVE-2023-24023 describes a Bluetooth BR/EDR MITM vulnerability (BLUFFS) where Secure Simple Pairing and Secure Connections in Bluetooth Core 4.2–5.4 can be forced to use short keys, potentially enabling encryption-key discovery and live injection. Connected IBM/AS/Android material confirms the sa...
CVE-2022-38028
CVE-2022-38028 is a Windows Print Spooler privilege-escalation vulnerability. It arises from improper privilege assignment in the Print Spooler service, enabling a local attacker with low privileges and no user interaction to escalate to SYSTEM. Public exploits have been observed; CISA/KEV and MS...
CVE-2025-21293
CVE-2025-21293 — Active Directory Domain Services Elevation of Privilege. The vulnerability affects Active Directory Domain Services and enables an attacker to obtain elevated privileges via network access, with a CVSS v3.1 base score of 8.8 (High) and impact on confidentiality, integrity, and av...
CVE-2025-21418
CVE-2025-21418 is a heap-based buffer overflow in the Windows Ancillary Function Driver for WinSock that enables local privilege escalation to SYSTEM. Affected: Windows components exposed to local attack surface; exploitability is local with low attack complexity and no user interaction. Public r...
CVE-2024-21407
CVE-2024-21407 is a Windows Hyper-V Remote Code Execution vulnerability tied to the Hyper-V component. Exploitation requires an authenticated attacker on a guest to send specially crafted file operation requests to hardware resources on the VM, which could lead to remote code execution on the hos...
CVE-2025-24054
CVE-2025-24054 is a Windows NTLM vulnerability allowing an attacker to induce NTLMv2-SSP hash disclosure by leveraging explorer.exe to fetch remote SMB resources via crafted file types (notably .library-ms and .lnk/.library-ms payloads). Public PoCs and exploits demonstrate creating malicious .li...
CVE-2024-38193
CVE-2024-38193 concerns the Windows Ancillary Function Driver for WinSock (AFD) used by Winsock. The vulnerability is a local privilege-escalation issue in the AFD/WinSock stack, with a resource-management error cited by CNNVD and a privilege-escalation capability described by CISA KEV. Public ex...
CVE-2025-33052
CVE-2025-33052 is a local-information-disclosure in the Windows DWM Core Library caused by use of an uninitialized resource. In NVD, it’s rated CVSSv3.1: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N; impact: confidentiality High. The Connected docs confirm affected component (Windows DWM Core Library) and...
CVE-2026-47291
The CVE-2026-47291 entry describes an integer overflow/ wraparound in Windows HTTP.sys that enables a remote attacker to execute code over the network. Affected software component: Windows HTTP.sys. Root cause: integer overflow/wraparound in the HTTP.sys processing path. Impact: unauthenticated n...
CVE-2024-30040
CVE-2024-30040 is a Windows MSHTML Platform Security Feature Bypass vulnerability. The affected component is MSHTML (Windows), with a root cause described as a security feature bypass in the MSHTML engine. Impact per CVSS: CVSS 3.1 base score 8.8 (High) affecting confidentiality, integrity, and a...
CVE-2025-33065
CVE-2025-33065 is an information-disclosure vulnerability: an out-of-bounds read in Windows Storage Management Provider could allow an authorized attacker (local access, low privileges) to disclose information. CVSS v3.1 base metrics indicate Local access, Low attack complexity, Privileges requir...
CVE-2024-21416
CVE-2024-21416 refers to a Windows TCP/IP Remote Code Execution vulnerability in the Windows TCP/IP stack. The CVE entry is corroborated by multiple sources (NVD, CVE list, and MSRC advisories) and is rated with high impact; the NVD metrics list a critical base score (9.8) with network access and...
CVE-2024-21408
Microsoft’s CVE-2024-21408 is a Windows Hyper-V Denial of Service vulnerability that can be triggered by a guest to cause a host crash. The available connected sources confirm Hyper-V as the affected product, the host compromise from a guest as the attack scenario, and a DoS impact. The CVSS vect...
CVE-2024-38213
CVE-2024-38213 is a Windows Mark of the Web (MoTW) security feature bypass vulnerability. Affected software involves Windows MoTW handling; the flaw allows downloaded web-origin files to bypass warnings/ protections, enabling potentially malicious content to execute. Exploitation information in c...
CVE-2026-21533
CVE-2026-21533 affects Windows Remote Desktop Services (RDS) and is caused by improper privilege management (CWE-269), allowing a local authenticated attacker with low privileges to elevate to SYSTEM. Multiple connected sources corroborate that the issue is a local EoP in RDS with CVSSv3 7.8 (HIG...
CVE-2024-38178
CVE-2024-38178 is a Microsoft Windows Scripting Engine memory corruption vulnerability that exists in Edge when running Internet Explorer mode. It enables remote code execution and is being actively exploited in the wild, with public pressure reflected in multiple advisories and exploit catalogs....
CVE-2025-24993
CVE-2025-24993 is a Windows NTFS heap-based buffer overflow that allows a locally authenticated attacker to execute arbitrary code. Affected component is NTFS on Windows; root cause is a heap-based overflow in NTFS handling. CVSS v3.1 indicates local attack vector, no privileges required, user in...
CVE-2025-24985
CVE-2025-24985 affects the Windows Fast FAT File System Driver and is caused by an integer overflow/wraparound, enabling local code execution. The vulnerability has seen exploitation in the wild (per Krebs/Microsoft Patch Tuesday coverage), and mitigation is to install the MSRC-released updates l...
CVE-2026-33824
CVE-2026-33824 is a Windows IKE Extension (ikeext) remote code execution vulnerability caused by a double-free in IKEEXT. ZDI notes it is wormable and affects systems with IKE enabled; exploitation can occur over UDP/500-4500 and may enable lateral movement from inside networks. Microsoft has iss...
CVE-2023-1018
CVE-2023-1018 is an out-of-bounds read in TPM 2.0’s Module Library (CryptParameterDecryption) that could allow a local attacker to read sensitive data stored in the TPM. Connected advisories confirm a local, authenticated access scenario and note TPM exposure on affected IBM Power firmware (Power...
CVE-2024-21438
Technical details for CVE-2024-21438 are not provided in the supplied documents. Monitor for updates from the connected sources to obtain affected product, root cause, impact, and remediation information.
CVE-2024-26207
CVE-2024-26207 is a Windows Remote Access Connection Manager information disclosure vulnerability. Affected component: Windows Remote Access Connection Manager (local attacker? per CVSS v3.1 shows LOCAL with low complexity and low privileges). Documented impact in the connected NCSC advisory (NCS...
CVE-2024-38106
CVE-2024-38106 is a Windows kernel local privilege escalation vulnerability. The Windows kernel race condition allows a local attacker with low privileges to gain SYSTEM-level access and execute code with high impact. Microsoft lists this CVE as being actively exploited in the wild. The advisory ...