CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 3CVE-2019-13603
https://notcve.org/view.php?id=CVE-2019-13603
16 Jul 2019 — An issue was discovered in the HID Global DigitalPersona (formerly Crossmatch) U.are.U 4500 Fingerprint Reader Windows Biometric Framework driver 5.0.0.5. ... Se detectó un problema en el controlador versión 5.0.0.5 del Framework Biometric de Windows del U.are.U 4500 Fingerprint Reader de HID Global DigitalPersona (anteriormente Crossmatch). • https://github.com/sungjungk/fp-scanner-hacking • CWE-330: Use of Insufficiently Random Values •
CVSS: 7.8EPSS: 4%CPEs: 6EXPL: 1CVE-2019-0959 – Microsoft Windows - 'CmpAddRemoveContainerToCLFSLog' Arbitrary File/Directory Creation
https://notcve.org/view.php?id=CVE-2019-0959
12 Jun 2019 — An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory, aka 'Windows Common Log File System Driver Elevation of Privilege Vulnerability'. ... Existe una vulnerabilidad de elevación de privilegios cuando el controlador de Common Log File System (CLFS) de Windows maneja inapropiadamente los objetos en la memoria, también se conoce como 'Windows Common Log File System Driver Eleva... • https://www.exploit-db.com/exploits/47028 •
CVSS: 10.0EPSS: 94%CPEs: 139EXPL: 126CVE-2019-0708 – Microsoft Remote Desktop Services Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-0708
16 May 2019 — The RDP termdd.sys driver improperly handles binds to internal-only channel MS_T120, allowing a malformed Disconnect Provider Indication message to cause a use-after-free. • https://github.com/cbwang505/CVE-2019-0708-EXP-Windows • CWE-416: Use After Free •
CVSS: 7.8EPSS: 37%CPEs: 18EXPL: 2CVE-2019-0836 – Microsoft Windows 10 1809 - LUAFV PostLuafvPostReadWrite SECTION_OBJECT_POINTERS Race Condition Privilege Escalation
https://notcve.org/view.php?id=CVE-2019-0836
09 Apr 2019 — An elevation of privilege vulnerability exists when Windows improperly handles calls to the LUAFV driver (luafv.sys), aka 'Windows Elevation of Privilege Vulnerability'. ... Existe una vulnerabilidad de elevación de privilegios cuando Windows maneja incorrectamente las llamadas al controlador LUAFV (luafv.sys), también conocido como ' vulnerabilidad de elevación de privilegios de Windows'. ... On Microsoft Windows, the LUAFV driver has a race condition in the... • http://packetstormsecurity.com/files/152538/Microsoft-Windows-LUAFV-PostLuafvPostReadWrite-SECTION_OBJECT_POINTERS-Race-Condition.html • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 5.5EPSS: 3%CPEs: 18EXPL: 2CVE-2019-0796 – Microsoft Windows 10 1809 - LUAFV LuafvCopyShortName Arbitrary Short Name Privilege Escalation
https://notcve.org/view.php?id=CVE-2019-0796
09 Apr 2019 — An elevation of privilege vulnerability exists when Windows improperly handles calls to the LUAFV driver (luafv.sys), aka 'Windows Elevation of Privilege Vulnerability'. ... Existe una vulnerabilidad de elevación de privilegios en Windows, debido a que maneja incorrectamente las llamadas al controlador LUAFV (luafv.sys), también conocido como 'vulnerabilidad de elevación de privilegio de Windows'. ... On Microsoft Windows, the LUAFV driver bypasses security c... • http://packetstormsecurity.com/files/152535/Microsoft-Windows-LUAFV-LuafvCopyShortName-Arbitrary-Short-Name-Privilege-Escalation.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 18EXPL: 2CVE-2019-0805 – Microsoft Windows 10 1809 - LUAFV Delayed Virtualization Cache Manager Poisoning Privilege Escalation
https://notcve.org/view.php?id=CVE-2019-0805
09 Apr 2019 — An elevation of privilege vulnerability exists when Windows improperly handles calls to the LUAFV driver (luafv.sys), aka 'Windows Elevation of Privilege Vulnerability'. ... Existe una vulnerabilidad de elevación de privilegios en Windows, debido a que maneja incorrectamente las llamadas al controlador LUAFV (luafv.sys), también conocido como 'vulnerabilidad de elevación de privilegio de Windows'. ... On Microsoft Windows, the LUAFV driver can confuse the cac... • http://packetstormsecurity.com/files/152537/Microsoft-Windows-LUAFV-Delayed-Virtualization-Cache-Manager-Poisoning-Privilege-Escalation.html • CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 7.8EPSS: 6%CPEs: 18EXPL: 2CVE-2019-0730 – Microsoft Windows 10 1809 - LUAFV Delayed Virtualization MAXIMUM_ACCESS DesiredAccess Privilege Escalation
https://notcve.org/view.php?id=CVE-2019-0730
09 Apr 2019 — An elevation of privilege vulnerability exists when Windows improperly handles calls to the LUAFV driver (luafv.sys), aka 'Windows Elevation of Privilege Vulnerability'. ... Existe una vulnerabilidad de elevación de de privilegios en Windows, debido a que maneja de forma incorrecta las llamadas al controlador LUAFV (luafv.sys), también conocido como 'vulnerabilidad de elevación de privilegios de Windows'. ... On Microsoft Windows, the LUAFV driver reuses the ... • http://packetstormsecurity.com/files/152533/Microsoft-Windows-LUAFV-Delayed-Virtualization-MAXIMUM_ACCESS-DesiredAccess-Privilege-Escalation.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 6%CPEs: 18EXPL: 2CVE-2019-0731 – Microsoft Windows 10 1809 - LUAFV Delayed Virtualization Cross Process Handle Duplication Privilege Escalation
https://notcve.org/view.php?id=CVE-2019-0731
09 Apr 2019 — An elevation of privilege vulnerability exists when Windows improperly handles calls to the LUAFV driver (luafv.sys), aka 'Windows Elevation of Privilege Vulnerability'. ... Existe una vulnerabilidad de elevación de privilegios en Windows, debido a que maneja incorrectamente las llamadas al controlador LUAFV (luafv.sys), también conocido como 'vulnerabilidad de elevación de privilegio de Windows'. ... On Microsoft Windows, the LUAFV driver doesn't take into a... • http://packetstormsecurity.com/files/152534/Microsoft-Windows-LUAFV-Delayed-Virtualization-Cross-Process-Handle-Duplication-Privilege-Escalation.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 1%CPEs: 18EXPL: 2CVE-2019-0732 – Microsoft Windows 10 1809 - LUAFV NtSetCachedSigningLevel Device Guard Bypass
https://notcve.org/view.php?id=CVE-2019-0732
09 Apr 2019 — A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard when Windows improperly handles calls to the LUAFV driver (luafv.sys), aka 'Windows Security Feature Bypass Vulnerability'. En Windows existe una vulnerabilidad de omisión de la característica de seguridad, que podría permitir a un atacante eludir Device Guard, debido a que Windows maneja de forma incorrecta las llamadas al controlador LUAFV (luafv.sys), ta... • http://packetstormsecurity.com/files/152536/Microsoft-Windows-LUAFV-NtSetCachedSigningLevel-Device-Guard-Bypass.html • CWE-863: Incorrect Authorization •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 1CVE-2018-3989
https://notcve.org/view.php?id=CVE-2018-3989
05 Feb 2019 — An exploitable kernel memory disclosure vulnerability exists in the 0x8200E804 IOCTL handler functionality of WIBU-SYSTEMS WibuKey.sys Version 6.40 (Build 2400).A specially crafted IRP request can cause the driver to return uninitialized memory, resulting in kernel memory disclosure. • http://www.securityfocus.com/bid/107005 • CWE-908: Use of Uninitialized Resource •