CVSS: 8.8EPSS: 0%CPEs: 14EXPL: 1CVE-2020-0557 – Intel Wi-Fi Link Driver Netwtw06 Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-0557
15 Apr 2020 — Insecure inherited permissions in Intel(R) PROSet/Wireless WiFi products before version 21.70 on Windows 10 may allow an authenticated user to potentially enable escalation of privilege via local access. Los permisos heredados no seguros en los productos Intel® PROSet/Wireless WiFi versiones anteriores a la versión 21.70, en Windows 10 pueden permitir a un usuario autenticado habilitar potencialmente una escalada de privilegios por medio de un acceso local. This vulnerability allows network-ad... • https://github.com/hessandrew/CVE-2020-0557_INTEL-SA-00338 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 7.8EPSS: 8%CPEs: 8EXPL: 5CVE-2019-19363 – Ricoh Printer Drivers - Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2019-19363
24 Jan 2020 — Affected drivers and versions are: PCL6 Driver for Universal Print - Version 4.0 or later PS Driver for Universal Print - Version 4.0 or later PC FAX Generic Driver - All versions Generic PCL5 Driver - All versions RPCS Driver - All versions PostScript3 Driver - All versions PCL6 (PCL XL) Driver - All versions RPCS Raster Driver - All version Se detectó un problema en los controladores de impresora de Windows de Ricoh (incluidos Savin y Lanier) ... • http://packetstormsecurity.com/files/156082/Ricoh-Printer-Driver-Local-Privilege-Escalation.html • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 8.6EPSS: 0%CPEs: 6EXPL: 1CVE-2019-5098
https://notcve.org/view.php?id=CVE-2019-5098
05 Dec 2019 — An exploitable out-of-bounds read vulnerability exists in AMD ATIDXX64.DLL driver, version 26.20.13001.29010. • https://talosintelligence.com/vulnerability_reports/TALOS-2019-0890 • CWE-125: Out-of-bounds Read •
CVSS: 6.9EPSS: 0%CPEs: 3EXPL: 1CVE-2019-5695
https://notcve.org/view.php?id=CVE-2019-5695
12 Nov 2019 — NVIDIA GeForce Experience (versiones anteriores a 3.20.1) y Windows GPU Display Driver (todas las versiones), contienen una vulnerabilidad en el componente del proveedor de servicios local en la que un atacante con sistema local y acceso privilegiado puede cargar incorrectamente las DLL del sistema Windows sin comprobar la ruta o la firma (también se conoce como ataque de siembra binaria o de precarga de DLL), lo que puede conllevar a una denegación de servicio o una divulgación de info... • https://safebreach.com/Post/NVIDIA-GPU-Display-Drivers-for-Windows-and-GFE-Software-DLL-Preloading-and-Potential-Abuses-CVE-2019-5694-CVE-2019-5695 • CWE-427: Uncontrolled Search Path Element •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 1CVE-2019-5694
https://notcve.org/view.php?id=CVE-2019-5694
09 Nov 2019 — NVIDIA Windows GPU Display Driver, R390 driver version, contains a vulnerability in NVIDIA Control Panel in which it incorrectly loads Windows system DLLs without validating the path or signature (also known as a binary planting or DLL preloading attack), which may lead to denial of service or information disclosure through code execution. ... NVIDIA Windows GPU Display Driver, versión del controlador R390, contiene una vulnerabilidad en el Panel de control de NVIDI... • https://safebreach.com/Post/NVIDIA-GPU-Display-Drivers-for-Windows-and-GFE-Software-DLL-Preloading-and-Potential-Abuses-CVE-2019-5694-CVE-2019-5695 • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.8EPSS: 6%CPEs: 4EXPL: 2CVE-2019-1364 – Microsoft Windows Kernel - win32k.sys TTF Font Processing Pool Corruption in win32k!
https://notcve.org/view.php?id=CVE-2019-1364
10 Oct 2019 — An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. ... Se presenta una vulnerabilidad de elevación de privilegios en Windows cuando el controlador del modo kernel de Windows no puede manejar apropiadamente los objetos en la memoria, también se conoce como "Win32k Elevation of Privilege Vulnerability". ... Microsoft Windows Kernel ... • http://packetstormsecurity.com/files/154797/Microsoft-Windows-Kernel-win32k.sys-TTF-Font-Processing-win32k-ulClearTypeFilter-Pool-Corruption.html •
CVSS: 8.8EPSS: 2%CPEs: 4EXPL: 2CVE-2019-1170 – Windows NTFS Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2019-1170
14 Aug 2019 — An attacker who successfully exploited the vulnerability could use the sandbox escape to elevate privileges on an affected system. To exploit the vulnerability, an attacker would first have to log on to the system, and then run a specially crafted application to take control over the affected system. The security update addresses the vulnerability by preventing sandboxed processes from creating reparse points targeting inaccessible files. existe una vulnerabilidad de elevación de privilegios cuando los punt... • http://packetstormsecurity.com/files/154192/Microsoft-Windows-SET_REPARSE_POINT_EX-Mount-Point-Security-Feature-Bypass.html • CWE-862: Missing Authorization •
CVSS: 5.9EPSS: 15%CPEs: 26EXPL: 3CVE-2019-1125 – Windows Kernel Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2019-1125
07 Aug 2019 — Se presenta una vulnerabilidad de divulgación de información cuando ciertas unidades de procesamiento central (CPU) acceden especulativamente a la memoria, también conocida como "Windows Kernel Information Disclosure Vulnerability". ... It was discovered that a heap buffer overflow existed in the Marvell Wireless LAN device driver for the Linux kernel. • https://packetstorm.news/files/id/156337 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 1%CPEs: 2EXPL: 1CVE-2019-5685
https://notcve.org/view.php?id=CVE-2019-5685
06 Aug 2019 — NVIDIA Windows GPU Display Driver (all versions) contains a vulnerability in DirectX drivers, in which a specially crafted shader can cause an out of bounds access to a shader local temporary array, which may lead to denial of service or code execution. Windows GPU Display Driver de NVIDIA (todas las versiones) contiene una vulnerabilidad en los controladores DirectX, en la que un shader especialmente diseñado puede causar un acceso fuera de límites a una matriz temporal local de... • https://nvidia.custhelp.com/app/answers/detail/a_id/4841 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 1%CPEs: 2EXPL: 1CVE-2019-5684
https://notcve.org/view.php?id=CVE-2019-5684
06 Aug 2019 — NVIDIA Windows GPU Display Driver (all versions) contains a vulnerability in DirectX drivers, in which a specially crafted shader can cause an out of bounds access of an input texture array, which may lead to denial of service or code execution. Windows GPU Display Driver de NVIDIA (todas las versiones) contiene una vulnerabilidad en los controladores DirectX, en la que un shader especialmente diseñado puede causar un acceso fuera de límites de una matriz de textura de entrada, l... • http://www.vmware.com/security/advisories/VMSA-2019-0012.html • CWE-787: Out-of-bounds Write •