Page 13 of 213 results (0.027 seconds)

CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 1

An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory, aka 'Windows Common Log File System Driver Elevation of Privilege Vulnerability'. ... Existe una vulnerabilidad de elevación de privilegios cuando el controlador de Common Log File System (CLFS) de Windows maneja inapropiadamente los objetos en la memoria, también se conoce como 'Windows Common Log File System Driver Elevation of Privilege Vulnerability'. • https://www.exploit-db.com/exploits/47028 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0959 •

CVSS: 10.0EPSS: 97%CPEs: 139EXPL: 120

The RDP termdd.sys driver improperly handles binds to internal-only channel MS_T120, allowing a malformed Disconnect Provider Indication message to cause a use-after-free. • https://www.exploit-db.com/exploits/47120 https://www.exploit-db.com/exploits/46946 https://www.exploit-db.com/exploits/47416 https://www.exploit-db.com/exploits/47683 https://github.com/k8gege/CVE-2019-0708 https://github.com/n1xbyte/CVE-2019-0708 https://github.com/victor0013/CVE-2019-0708 https://github.com/cbwang505/CVE-2019-0708-EXP-Windows https://github.com/Leoid/CVE-2019-0708 https://github.com/p0p0p0/CVE-2019-0708-exploit https://github.com/wora • CWE-416: Use After Free •

CVSS: 7.8EPSS: 75%CPEs: 18EXPL: 1

An elevation of privilege vulnerability exists when Windows improperly handles calls to the LUAFV driver (luafv.sys), aka 'Windows Elevation of Privilege Vulnerability'. ... Existe una vulnerabilidad de elevación de privilegios cuando Windows maneja incorrectamente las llamadas al controlador LUAFV (luafv.sys), también conocido como ' vulnerabilidad de elevación de privilegios de Windows'. ... On Microsoft Windows, the LUAFV driver has a race condition in the LuafvPostReadWrite callback if delay virtualization has occurred during a read leading to the SECTION_OBJECT_POINTERS value being reset to the underlying file resulting in elevation of privilege. • https://www.exploit-db.com/exploits/46718 http://packetstormsecurity.com/files/152538/Microsoft-Windows-LUAFV-PostLuafvPostReadWrite-SECTION_OBJECT_POINTERS-Race-Condition.html http://www.securityfocus.com/bid/107719 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0836 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •

CVSS: 5.5EPSS: 42%CPEs: 18EXPL: 1

An elevation of privilege vulnerability exists when Windows improperly handles calls to the LUAFV driver (luafv.sys), aka 'Windows Elevation of Privilege Vulnerability'. ... Existe una vulnerabilidad de elevación de privilegios en Windows, debido a que maneja incorrectamente las llamadas al controlador LUAFV (luafv.sys), también conocido como 'vulnerabilidad de elevación de privilegio de Windows'. ... On Microsoft Windows, the LUAFV driver bypasses security checks to copy short names during file virtualization which can be tricked into writing an arbitrary short name leading to elevation of privilege. • https://www.exploit-db.com/exploits/46715 http://packetstormsecurity.com/files/152535/Microsoft-Windows-LUAFV-LuafvCopyShortName-Arbitrary-Short-Name-Privilege-Escalation.html https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0796 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 7.8EPSS: 70%CPEs: 18EXPL: 1

An elevation of privilege vulnerability exists when Windows improperly handles calls to the LUAFV driver (luafv.sys), aka 'Windows Elevation of Privilege Vulnerability'. ... Existe una vulnerabilidad de elevación de privilegios en Windows, debido a que maneja incorrectamente las llamadas al controlador LUAFV (luafv.sys), también conocido como 'vulnerabilidad de elevación de privilegio de Windows'. ... On Microsoft Windows, the LUAFV driver can confuse the cache and memory manager to replace the contents of privileged file leading to elevation of privilege. • https://www.exploit-db.com/exploits/46717 http://packetstormsecurity.com/files/152537/Microsoft-Windows-LUAFV-Delayed-Virtualization-Cache-Manager-Poisoning-Privilege-Escalation.html https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0805 • CWE-345: Insufficient Verification of Data Authenticity •