Lucene search
+L

663 matches found

cve
cve
added 2006/05/12 12:0 a.m.70 views

CVE-2006-2334

The CVE-2006-2334 issue affects the Windows NT kernel user-mode path conversion: the RtlDosPathNameToNtPathName_U API in NTDLL.DLL on Windows 2000 SP4 and XP SP2 mishandles DOS-style paths with trailing spaces, allowing context-dependent attackers to create files that aren’t accessible via the ex...

2.1CVSS6.5AI score0.04361EPSS
cve
cve
added 2006/12/28 3:0 p.m.70 views

CVE-2006-6797

CVE-2006-6797 is a Windows CSRSS vulnerability where local users can cause a DoS crash or read arbitrary memory in csrss.exe by crafting arguments to NtRaiseHardError (status 0x50000018). It is tied to MS07-021 and attributed to improper CSRSS error message handling. Affected component: Client/Se...

6.6CVSS6.2AI score0.06786EPSS
cve
cve
added 2009/10/14 10:0 a.m.70 views

CVE-2009-2515

CVE-2009-2515 is a Windows kernel local elevation-of-privilege vulnerability caused by an incorrect truncation of a 64-bit value to 32-bit. The issue affects multiple Windows editions listed in MS09-058 (including Windows 2000 SP4, XP SP2/SP3, Server 2003 SP2, Vista SP1/SP2, and Server 2008). An ...

7.2CVSS6.1AI score0.01546EPSS
cve
cve
added 2009/10/14 10:0 a.m.70 views

CVE-2009-2516

CVE-2009-2516 concerns a Windows kernel vulnerability where the kernel does not properly validate data while parsing PE files. The issue stems from traversing a chain in user-mode data and can trigger a NULL pointer dereference, potentially allowing local privilege escalation and system instabili...

7.1CVSS6AI score0.0133EPSS
cve
cve
added 2010/08/11 6:0 p.m.70 views

CVE-2010-1894

Win32k Exception Handling Vulnerability (CVE-2010-1894) affects Windows XP SP2/SP3 and Windows Server 2003 SP2 via win32k.sys. Description: the kernel-mode driver does not properly handle certain exceptions, enabling local privilege escalation by a crafted application. Impact: attacker could exec...

7.2CVSS6.4AI score0.02959EPSS
cve
cve
added 2011/04/13 6:0 p.m.70 views

CVE-2011-0041

CVE-2011-0041 affects gdiplus.dll (GDI+) across Windows XP SP2/SP3, Server 2003 SP2, Vista SP1/SP2, Server 2008 Gold/SP2 and Office XP SP3. Root cause: integer overflow in gdiplus!GpPath::CreateDashedPath when processing EMF/EMF+ images, enabling remote code execution. Verified references indicat...

9.3CVSS7.6AI score0.28157EPSS
cve
cve
added 2011/12/14 12:0 a.m.70 views

CVE-2011-3397

This CVE affects the Microsoft Windows Time component (DATIME.DLL) on Windows XP SP2/SP3 and Windows Server 2003 SP2. The vulnerability allows remote code execution via a crafted web page that leverages an unspecified binary behavior in Internet Explorer. The issue is documented as CVE-2011-3397 ...

9.3CVSS8AI score0.19804EPSS
cve
cve
added 2012/11/14 12:0 a.m.70 views

CVE-2012-2553

CVE-2012-2553 is a use-after-free in the Windows kernel-mode driver component win32k.sys that impacts multiple Windows client/server editions (XP SP3, Server 2003 SP2, Vista SP2, Server 2008 SP2, Windows 7 Gold/SP1). The flaw allows local users to gain privileges through a crafted application, ca...

7.2CVSS6.4AI score0.0175EPSS
cve
cve
added 2013/02/13 11:0 a.m.70 views

CVE-2013-1272

CVE-2013-1272 is a race-condition in win32k.sys (kernel-mode driver) that allows local users on affected Windows platforms to gain privileges and read arbitrary kernel memory. The vulnerability affects Windows XP SP2/SP3, Server 2003 SP2, Vista SP2, Server 2008 SP2/R2 SP1, and Windows 7 (Gold/SP1...

4.9CVSS6.4AI score0.01525EPSS
cve
cve
added 2013/05/15 1:0 a.m.70 views

CVE-2013-1334

CVE-2013-1334 concerns a local privilege-escalation in Windows via the Win32k.sys kernel-mode driver. The exposed issue is that Win32k window/object handling can be abused to gain kernel-level privileges through a crafted application, enabling arbitrary code execution with high impact. Affected p...

7.2CVSS6.4AI score0.01737EPSS
cve
cve
added 2002/12/17 5:0 a.m.69 views

CVE-2002-1258

CVE-2002-1258 affects Microsoft Virtual Machine (VM) up to build 5.0.3805, as used in Internet Explorer and other applications. The vulnerability allows remote attackers to read files via a Java applet whose CODEBASE parameter in the APPLET tag is spoofed, likely due to a parsing error. Documents...

5CVSS6.8AI score0.15304EPSS
cve
cve
added 2004/12/15 5:0 a.m.69 views

CVE-2004-0894

CVE-2004-0894 is a local elevation-of-privilege issue in LSASS on Microsoft Windows 2000 Server and Windows Server 2003. The vulnerability stems from incomplete validation of connection information by LSASS, allowing a locally authenticated user to gain complete control of the system by running a...

7.2CVSS6.5AI score0.03629EPSS
cve
cve
added 2005/02/08 5:0 a.m.69 views

CVE-2005-0047

CVE-2005-0047 relates to a local privilege-escalation vulnerability in Windows OLE/COM Structured Storage handling (CAN-2005-0047) affecting Windows 2000, Windows XP, and Windows Server 2003. The root cause is improper validation of memory regions when processing COM structured storage files, ena...

7.2CVSS7.1AI score0.05132EPSS
cve
cve
added 2005/11/17 11:0 a.m.69 views

CVE-2005-3644

CVE-2005-3644 describes a memory exhaustion/DoS condition in the Windows Plug and Play (PnP) service. The issue arises in UPnP handling via RPC calls (PNP_GetDeviceList) in Windows 2000 SP4 and earlier, and possibly Windows XP SP1 and earlier, where a remote attacker can request a large output bu...

7.8CVSS6.7AI score0.47127EPSS
cve
cve
added 2007/02/13 8:0 p.m.69 views

CVE-2006-1311

CVE-2006-1311 is a remote code execution vulnerability in Microsoft RichEdit. The RichEdit components in Windows 2000 SP4, XP SP2, 2003 SP1 and Office suites (2000 SP3, XP SP3, 2003 SP2) plus Office for Mac 2004 and Learning Essentials are affected. The flaw arises from insufficient validation wh...

9.3CVSS7.4AI score0.31102EPSS
cve
cve
added 2006/06/13 7:0 p.m.69 views

CVE-2006-1313

CVE-2006-1313 is the Microsoft JScript memory corruption remote code execution vulnerability documented in MS06-023. It affects JScript in Windows 98/Me, Windows 2000 SP4, Windows XP (incl. SP1/SP2), and Windows Server 2003 families, including x64/Itanium variants, where JScript may release objec...

6.8CVSS7.4AI score0.28602EPSS
cve
cve
added 2006/11/14 10:0 p.m.69 views

CVE-2006-4689

CVE-2006-4689 covers a NetWare Driver Denial of Service in the Microsoft Client Service for NetWare (CSNW). Affected systems include Windows 2000 SP4, Windows XP SP2, and Windows Server 2003 with SP1. The vulnerability arises from an unchecked handling of a crafted network message that could caus...

5CVSS6.6AI score0.34456EPSS
cve
cve
added 2008/01/08 8:0 p.m.69 views

CVE-2007-0066

CVE-2007-0066 describes a denial-of-service in the Windows kernel TCP/IP/ICMP handling when Router Discovery Protocol (RDP) is enabled. The vulnerability arises from how fragmented router advertisement ICMP queries are processed, potentially causing an out-of-bounds read and system unresponsivene...

7.1CVSS6.2AI score0.31525EPSS
cve
cve
added 2010/04/14 3:44 p.m.69 views

CVE-2010-0486

CVE-2010-0486 describes a remote code execution vulnerability in Windows Authenticode Signature Verification (WinVerifyTrust) affecting PE and cabinet (.CAB) handling. The flaw arises from improper use of certain file digest fields during signing/verifying, enabling a modified signed file to exec...

9.3CVSS7.6AI score0.22037EPSS
cve
cve
added 2010/05/05 6:0 p.m.69 views

CVE-2010-1735

The CVE-2010-1735 issue affects the Windows kernel component win32k.sys (SfnLOGONNOTIFY) in Windows 2000, XP and Server 2003. It allows a local attacker to trigger a denial-of-service (system crash) by sending a 0x4c value in the Msg argument of a PostMessage call to the DDEMLEvent window. This i...

4.9CVSS6.3AI score0.02491EPSS
cve
cve
added 2011/04/13 8:7 p.m.69 views

CVE-2011-0677

CVE-2011-0677 targets win32k.sys in Windows kernel-mode drivers, enabling local privilege escalation via a NULL pointer de-reference. A crafted application can trigger the vulnerability on affected Windows versions (XP SP2/SP3, Server 2003 SP2, Vista SP1/SP2, Server 2008 Gold/SP2/R2, Windows 7 Go...

7.2CVSS6.4AI score0.01398EPSS
cve
cve
added 2011/07/13 11:0 p.m.69 views

CVE-2011-1870

CVE-2011-1870 is an integer overflow vulnerability in the Windows CSRSS component of the Win32 subsystem. The flaw occurs in SrvWriteConsoleOutputString, allowing a local attacker to cause memory corruption and potentially elevate privileges to kernel mode on affected systems (Windows XP SP2/SP3 ...

7.2CVSS6.8AI score0.02244EPSS
cve
cve
added 2011/07/13 11:0 p.m.69 views

CVE-2011-1874

CVE-2011-1874 is a local privilege-escalation vulnerability in Windows kernel-mode drivers, caused by a use-after-free in Win32k.sys due to incorrect driver object management. Affected products span Windows XP SP2–SP3, Server 2003 SP2, Vista SP1–SP2, Server 2008 Gold/SP2/R2/R2 SP1, and Windows 7 ...

7.8CVSS6.4AI score0.01164EPSS
cve
cve
added 2011/07/13 11:0 p.m.69 views

CVE-2011-1882

The CVE-2011-1882 entry documents a local privilege-escalation vulnerability in Windows kernel-mode drivers, specifically in win32k.sys. The issue arises from a use-after-free condition due to incorrect driver object management, enabling a crafted user-space application to trigger privilege escal...

7.2CVSS6.5AI score0.01405EPSS
cve
cve
added 2012/07/10 9:0 p.m.69 views

CVE-2012-1890

CVE-2012-1890 affects win32k.sys in multiple Windows platforms (XP SP2/SP3, Server 2003 SP2, Vista SP2, Server 2008 SP2/R2, Windows 7 SP1) where keyboard-layout files are not properly validated, enabling local privilege escalation via a memory‑corruption bug in ReadLayoutFile that overwrites a ke...

7.2CVSS6.3AI score0.01791EPSS
cve
cve
added 2013/02/13 11:0 a.m.69 views

CVE-2013-1248

CVE-2013-1248 is a race-condition in win32k.sys (Windows kernel-mode driver) that enables local privilege escalation and kernel-memory disclosure across multiple Windows versions (XP SP2/3, Server 2003 SP2, Vista SP2, Server 2008 SP2/R2 SP1, Windows 7, 8, Server 2012, Windows RT). Root cause desc...

4.9CVSS6.4AI score0.01466EPSS
cve
cve
added 2013/02/13 11:0 a.m.69 views

CVE-2013-1249

The CVE-2013-1249 entry describes a race condition in the Windows kernel-mode driver win32k.sys that could allow local privilege escalation and arbitrary kernel memory reads. Affected products include multiple Windows versions from XP SP2/SP3 to Windows 8 and Windows Server 2012 (as cited in MS13...

4.9CVSS6.4AI score0.01466EPSS
cve
cve
added 2013/02/13 11:0 a.m.69 views

CVE-2013-1252

CVE-2013-1252 describes a race condition in the Windows kernel-mode driver win32k.sys that lets local attackers gain privileges and read arbitrary kernel memory on affected Windows families (XP SP2/SP3, Server 2003 SP2, Vista SP2, Server 2008 SP2/R2, Windows 7 SP1). Root cause: race condition in ...

4.9CVSS6.4AI score0.01466EPSS
cve
cve
added 2013/02/13 11:0 a.m.69 views

CVE-2013-1259

CVE-2013-1259 is a Windows kernel-mode race-condition vulnerability in win32k.sys that allows local privilege escalation and reading arbitrary kernel memory. Affected products include Windows XP SP2/SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2/R2, and Windows 7 SP1+. T...

4.9CVSS6.3AI score0.01466EPSS
cve
cve
added 2013/10/09 2:44 p.m.69 views

CVE-2013-3894

CVE-2013-3894 affects Windows kernel-mode drivers and is triggered by a crafted CMAP table in a TrueType font, enabling remote code execution. Affected: Windows XP SP2/SP3, Server 2003 SP2, Vista SP2, Server 2008 SP2/R2 SP1, Windows 7 SP1, Windows 8, Server 2012, Windows RT. Impact per sources: r...

9.3CVSS7.5AI score0.43101EPSS
cve
cve
added 2001/11/22 5:0 a.m.68 views

CVE-2001-0721

The CVE-2001-0721 entry concerns Universal Plug and Play (UPnP) in Windows 98, 98SE, ME, and XP. The flaw allows remote attackers to cause a denial of service (memory consumption or crash) by sending a malformed UPnP request. The affected stack is UPnP handling in Windows, with NETWORK attack vec...

5CVSS7AI score0.17341EPSS
cve
cve
added 2007/11/01 5:0 p.m.68 views

CVE-2002-2401

NTVDM.EXE in Windows 2000/NT/XP fails to verify user execution permissions for 16‑bit executables, allowing local users to bypass the loader and run arbitrary programs. Root cause: missing permission verification on 16‑bit file execution. Mitigation/remediation details are not provided in the con...

3.6CVSS7.4AI score0.01808EPSS
cve
cve
added 2005/05/18 4:0 a.m.68 views

CVE-2005-1649

CVE-2005-1649 affects Windows XP SP2, Windows Server 2003 SP1, and Longhorn. It describes a LAND-like denial-of-service vector in IPv6 TCP/IP where a crafted TCP SYN packet uses the same source and destination IP and port, causing high CPU or unresponsiveness. The vulnerability is a variant of CV...

5CVSS6.5AI score0.21776EPSS
cve
cve
added 2005/10/21 4:0 a.m.68 views

CVE-2005-2126

The CVE-2005-2126 entry concerns a tampering vulnerability in the Windows FTP client. Public documentation (MS05-044/MSKB 905495 and CERT 415828) describes that when Enable Folder View for FTP Sites is enabled and a user initiates an FTP transfer, a remote server can craft file names to cause the...

2.6CVSS6.7AI score0.1383EPSS
cve
cve
added 2008/12/10 1:33 p.m.68 views

CVE-2008-3465

CVE-2008-3465 describes a heap overflow in the GDI API used when processing WMF images. The vulnerability arises from parsing a malformed file-size parameter in WMF files, which could allow a remote attacker to cause a denial of service or execute arbitrary code on affected Windows variants. Affe...

9.8CVSS7.8AI score0.13674EPSS
cve
cve
added 2009/03/10 8:0 p.m.68 views

CVE-2009-0081

The CVE-2009-0081 issue is a Windows kernel vulnerability in the Graphics Device Interface (GDI). The flaw occurs when input from user mode is not properly validated by the kernel’s GDI path, enabling remote code execution via crafted WMF/EMF image files. Affected: multiple Windows versions histo...

9.3CVSS7.4AI score0.32106EPSS
cve
cve
added 2009/11/11 7:0 p.m.68 views

CVE-2009-1127

Microsoft Windows kernel Win32k subsystem (Win32k.sys) contains multiple vulnerabilities disclosed under CVE-2009-1127, CVE-2009-2513, and CVE-2009-2514 (MS09-065). The common root cause across the entries is improper validation of arguments passed to kernel/system calls (and related GDI input ha...

7.2CVSS6.1AI score0.01546EPSS
cve
cve
added 2010/02/10 6:0 p.m.68 views

CVE-2010-0023

CVE-2010-0023 affects the Client/Server Runtime Subsystem (CSRSS) on Windows 2000 SP4, XP SP2/SP3, and Server 2003 SP2. The vulnerability stems from CSRSS not properly terminating processes after user logout, enabling a local attacker to gain privileges or access sensitive information via a craft...

6.9CVSS6.1AI score0.01812EPSS
cve
cve
added 2010/03/31 7:0 p.m.68 views

CVE-2010-0491

CVE-2010-0491 is the IE HTML Object Memory Corruption vulnerability (Use-after-free) affecting Internet Explorer 5.01 SP4, 6, and 6 SP1. Exploitation requires crafting a page with an onreadystatechange handler to trigger arbitrary code execution; Microsoft documented this as part of MS10-018 and ...

9.3CVSS7.5AI score0.29284EPSS
cve
cve
added 2011/02/09 12:0 a.m.68 views

CVE-2011-0030

CVE-2011-0030 describes a CSRSS Elevation of Privilege vulnerability in Windows XP SP2/SP3 and Windows Server 2003 SP2. The Client/Server Run-time Subsystem (CSRSS) does not properly terminate processes after a user logs out, allowing a local attacker to keep a crafted process running into the ne...

4.7CVSS6.1AI score0.01764EPSS
cve
cve
added 2011/04/13 8:7 p.m.68 views

CVE-2011-1230

CVE-2011-1230 affects Windows kernel components, specifically win32k.sys in the kernel-mode drivers. The vulnerability is a NULL pointer de-reference in win32k.sys, leading to local privilege escalation. Affected products include Windows XP (SP2–SP3), Windows Server 2003 (SP2), Windows Vista (SP1...

7.2CVSS6.4AI score0.01398EPSS
cve
cve
added 2011/04/13 8:7 p.m.68 views

CVE-2011-1238

CVE-2011-1238 describes a use-after-free bug in the Windows kernel driver component win32k.sys. The issue affects multiple Windows lineages (XP SP2/SP3, Server 2003 SP2, Vista SP1/SP2, Server 2008 Gold, R2, and R2 SP1, and Windows 7 Gold/SP1) and is triggered by incorrect management of kernel-mod...

7.2CVSS6.4AI score0.01434EPSS
cve
cve
added 2011/07/13 11:0 p.m.68 views

CVE-2011-1883

CVE-2011-1883 is a use-after-free vulnerability in win32k.sys (kernel-mode drivers) across Windows XP SP2/SP3, Server 2003 SP2, Vista SP1/SP2, Server 2008 Gold/SP2/R2, and Windows 7 SP1. The flaw stems from incorrect driver object management in kernel-mode, enabling local privilege escalation to ...

7.2CVSS6.5AI score0.01405EPSS
cve
cve
added 2012/03/13 9:0 p.m.68 views

CVE-2012-0157

CVE-2012-0157 affects Windows kernel Win32k.sys, where local users can elevate privileges by crafting inputs to PostMessage. Public sources (MS12-018) and multiple vulnerability feeds confirm a kernel-mode privilege-escalation flaw exploitable via PostMessage handling in win32k.sys on affected Wi...

8.4CVSS6.3AI score0.0144EPSS
cve
cve
added 2012/11/14 12:0 a.m.68 views

CVE-2012-2530

CVE-2012-2530 is a local privilege-escalation vulnerability in the Windows kernel component win32k.sys (kernel-mode drivers). The issue is described as a use-after-free condition in win32k.sys that affects multiple Windows platforms, including Windows XP SP2/SP3, Windows Server 2003 SP2, Windows ...

7.2CVSS6.4AI score0.0175EPSS
cve
cve
added 2013/02/13 11:0 a.m.68 views

CVE-2013-1257

The CVE-2013-1257 issue is a race condition in the Windows kernel‑mode driver win32k.sys that affects multiple Windows variants (XP SP2/SP3, Server 2003 SP2, Vista SP2, Server 2008 SP2/R2 SP1, and Windows 7 SP0/SP1). The underlying vulnerability allows local attackers to escalate privileges and r...

4.9CVSS6.4AI score0.01466EPSS
cve
cve
added 2013/02/13 11:0 a.m.68 views

CVE-2013-1275

The CVE-2013-1275 issue is a race condition in the win32k.sys kernel-mode driver on multiple Windows versions (XP SP2/SP3, Server 2003 SP2, Vista SP2, Server 2008 SP2/R2, and Windows 7 SP1). Exploitation enables local users to gain privileges and read arbitrary kernel memory via a crafted applica...

7CVSS6.4AI score0.01047EPSS
cve
cve
added 2013/02/13 11:0 a.m.68 views

CVE-2013-1279

CVE-2013-1279 is described as a kernel race condition in Microsoft Windows platforms, including Windows XP SP2/SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT. The vulnerability arises from race conditions ...

7.2CVSS6.2AI score0.01188EPSS
cve
cve
added 2004/01/14 5:0 a.m.67 views

CVE-2002-0034

The CVE-2002-0034 issue concerns Microsoft CONVERT.EXE on Windows 2000/XP when converting FAT32 to NTFS. The vulnerability arises because default NTFS permissions are not applied during conversion, potentially producing a filesystem with less secure permissions than expected. Public sources (NVD/...

4.6CVSS6.5AI score0.01949EPSS
cve
cve
added 2003/10/17 4:0 a.m.67 views

CVE-2003-0660

The CVE-2003-0660 issue is a vulnerability in the Authenticode verification mechanism used by Windows NT through Server 2003. Under low-memory conditions, an ActiveX control could be downloaded and installed without prompting the user, enabling remote code execution with the user’s privileges whe...

7.5CVSS7.4AI score0.22932EPSS
Total number of security vulnerabilities663