225 results (0.057 seconds)

CVSS: 7.8EPSS: 0%CPEs: 13EXPL: 1

10 Dec 2024 — Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability The Microsoft Windows kernel is susceptible to a false file immutability attack on registry hives via the Cloud Filter API. • https://packetstorm.news/files/id/183324 • CWE-820: Missing Synchronization •

CVSS: 8.8EPSS: 0%CPEs: 10EXPL: 2

25 Sep 2024 — Improper verification of cryptographic signature during installation of a VPN driver via the TeamViewer_service.exe component of TeamViewer Remote Clients prior version 15.58.4 for Windows allows an attacker with local unprivileged access on a Windows system to elevate their privileges and install drivers. • https://packetstorm.news/files/id/182012 • CWE-347: Improper Verification of Cryptographic Signature •

CVSS: 8.8EPSS: 0%CPEs: 10EXPL: 1

25 Sep 2024 — Improper verification of cryptographic signature during installation of a Printer driver via the TeamViewer_service.exe component of TeamViewer Remote Clients prior version 15.58.4 for Windows allows an attacker with local unprivileged access on a Windows system to elevate their privileges and install drivers. • https://packetstorm.news/files/id/182012 • CWE-347: Improper Verification of Cryptographic Signature •

CVSS: 9.0EPSS: 0%CPEs: 25EXPL: 1

13 Aug 2024 — Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability • https://github.com/Dor00tkit/CVE-2024-38144 • CWE-190: Integer Overflow or Wraparound •

CVSS: 7.8EPSS: 0%CPEs: 25EXPL: 1

13 Aug 2024 — Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Microsoft Windows Ancillary Function Driver for WinSock contains an unspecified vulnerability that allows for privilege escalation, enabling a local attacker to gain SYSTEM privileges. • https://github.com/killvxk/CVE-2024-38193-Nephster • CWE-416: Use After Free •

CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 2

11 Jun 2024 — Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios del controlador del minifiltro de archivos en la nube de Windows This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the cldflt kernel ... • https://github.com/Adamkadaban/CVE-2024-30085 • CWE-122: Heap-based Buffer Overflow •

CVSS: 8.8EPSS: 0%CPEs: 17EXPL: 6

11 Jun 2024 — Windows Kernel-Mode Driver Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios del controlador en modo kernel de Windows This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. ... Microsoft Windows Kernel-Mode Driver contains an untrusted pointer dereference vulnerability that allows a local attacker to escalate privileges. • https://packetstorm.news/files/id/182984 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-822: Untrusted Pointer Dereference •

CVSS: 8.8EPSS: 0%CPEs: 17EXPL: 4

11 Jun 2024 — Windows Wi-Fi Driver Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código del controlador Wi-Fi de Windows • https://github.com/lvyitian/CVE-2024-30078- • CWE-20: Improper Input Validation •

CVSS: 7.2EPSS: 0%CPEs: 9EXPL: 1

14 May 2024 — Windows Mobile Broadband Driver Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código del controlador de banda ancha de Windows Mobile • https://github.com/EQSTSeminar/git_rce • CWE-20: Improper Input Validation •

CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 2

12 Mar 2024 — Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability Vulnerabilidad de divulgación de información del controlador del minifiltro de archivos en la nube de Windows • https://github.com/0x00Alchemist/CVE-2024-26160 • CWE-126: Buffer Over-read •