Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2018-8170

Summary
Assigner-microsoft
Assigner Org ID-f38d906d-7342-40ea-92c1-6c4a2c6478c8
Published At-09 May, 2018 | 19:00
Updated At-05 Aug, 2024 | 06:46
Rejected At-
Credits

An elevation of privilege vulnerability exists in the way that the Windows kernel image handles objects in memory, aka "Windows Image Elevation of Privilege Vulnerability." This affects Windows 10, Windows 10 Servers.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:microsoft
Assigner Org ID:f38d906d-7342-40ea-92c1-6c4a2c6478c8
Published At:09 May, 2018 | 19:00
Updated At:05 Aug, 2024 | 06:46
Rejected At:
▼CVE Numbering Authority (CNA)

An elevation of privilege vulnerability exists in the way that the Windows kernel image handles objects in memory, aka "Windows Image Elevation of Privilege Vulnerability." This affects Windows 10, Windows 10 Servers.

Affected Products
Vendor
Microsoft CorporationMicrosoft
Product
Windows 10
Versions
Affected
  • Version 1703 for 32-bit Systems
  • Version 1703 for x64-based Systems
  • Version 1709 for 32-bit Systems
  • Version 1709 for x64-based Systems
Vendor
Microsoft CorporationMicrosoft
Product
Windows 10 Servers
Versions
Affected
  • version 1709 (Server Core Installation)
Problem Types
TypeCWE IDDescription
textN/AElevation of Privilege
Type: text
CWE ID: N/A
Description: Elevation of Privilege
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.securitytracker.com/id/1040849
vdb-entry
x_refsource_SECTRACK
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8170
x_refsource_CONFIRM
http://www.securityfocus.com/bid/104068
vdb-entry
x_refsource_BID
Hyperlink: http://www.securitytracker.com/id/1040849
Resource:
vdb-entry
x_refsource_SECTRACK
Hyperlink: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8170
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.securityfocus.com/bid/104068
Resource:
vdb-entry
x_refsource_BID
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.securitytracker.com/id/1040849
vdb-entry
x_refsource_SECTRACK
x_transferred
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8170
x_refsource_CONFIRM
x_transferred
http://www.securityfocus.com/bid/104068
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://www.securitytracker.com/id/1040849
Resource:
vdb-entry
x_refsource_SECTRACK
x_transferred
Hyperlink: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8170
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.securityfocus.com/bid/104068
Resource:
vdb-entry
x_refsource_BID
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:secure@microsoft.com
Published At:09 May, 2018 | 19:29
Updated At:03 Oct, 2019 | 00:03

An elevation of privilege vulnerability exists in the way that the Windows kernel image handles objects in memory, aka "Windows Image Elevation of Privilege Vulnerability." This affects Windows 10, Windows 10 Servers.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.07.0HIGH
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary2.04.4MEDIUM
AV:L/AC:M/Au:N/C:P/I:P/A:P
Type: Primary
Version: 3.0
Base score: 7.0
Base severity: HIGH
Vector:
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 4.4
Base severity: MEDIUM
Vector:
AV:L/AC:M/Au:N/C:P/I:P/A:P
CPE Matches
Microsoft Corporation
microsoft
>>windows_10>>1703
cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*
Microsoft Corporation
microsoft
>>windows_10>>1709
cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*
Microsoft Corporation
microsoft
>>windows_server_2016>>1709
cpe:2.3:o:microsoft:windows_server_2016:1709:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-404Primarynvd@nist.gov
CWE ID: CWE-404
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://www.securityfocus.com/bid/104068secure@microsoft.com
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1040849secure@microsoft.com
Third Party Advisory
VDB Entry
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8170secure@microsoft.com
Patch
Vendor Advisory
Hyperlink: http://www.securityfocus.com/bid/104068
Source: secure@microsoft.com
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.securitytracker.com/id/1040849
Source: secure@microsoft.com
Resource:
Third Party Advisory
VDB Entry
Hyperlink: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8170
Source: secure@microsoft.com
Resource:
Patch
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

216Records found
CVE-2018-8333
Matching Score-10
Assigner-Microsoft Corporation
ShareView Details
Matching Score-10
Assigner-Microsoft Corporation
CVSS Score-7||HIGH
EPSS-1.01% / 76.17%
||
7 Day CHG~0.00%
Published-10 Oct, 2018 | 13:00
Updated-05 Aug, 2024 | 06:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An Elevation of Privilege vulnerability exists in Filter Manager when it improperly handles objects in memory, aka "Microsoft Filter Manager Elevation Of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_server_2012windows_8.1windows_7windows_10windows_server_2019windows_server_2008Windows Server 2008 R2Windows 10 ServersWindows Server 2012 R2Windows Server 2016Windows 10Windows Server 2019Windows Server 2012Windows 8.1Windows 7Windows RT 8.1Windows Server 2008
CWE ID-CWE-404
Improper Resource Shutdown or Release
CVE-2018-8399
Matching Score-10
Assigner-Microsoft Corporation
ShareView Details
Matching Score-10
Assigner-Microsoft Corporation
CVSS Score-7||HIGH
EPSS-1.71% / 81.57%
||
7 Day CHG~0.00%
Published-15 Aug, 2018 | 17:00
Updated-05 Aug, 2024 | 06:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows 10 Servers, Windows 10. This CVE ID is unique from CVE-2018-8404.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_serverwindows_10Windows 10 ServersWindows 10
CWE ID-CWE-404
Improper Resource Shutdown or Release
CVE-2018-8404
Matching Score-10
Assigner-Microsoft Corporation
ShareView Details
Matching Score-10
Assigner-Microsoft Corporation
CVSS Score-7||HIGH
EPSS-0.69% / 70.78%
||
7 Day CHG~0.00%
Published-15 Aug, 2018 | 17:00
Updated-05 Aug, 2024 | 06:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8399.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_server_2012windows_8.1windows_7windows_10windows_server_2008Windows Server 2008 R2Windows 10 ServersWindows Server 2012 R2Windows 10Windows Server 2012Windows 8.1Windows 7Windows Server 2016
CWE ID-CWE-404
Improper Resource Shutdown or Release
CVE-2018-8166
Matching Score-10
Assigner-Microsoft Corporation
ShareView Details
Matching Score-10
Assigner-Microsoft Corporation
CVSS Score-7||HIGH
EPSS-0.84% / 73.78%
||
7 Day CHG~0.00%
Published-09 May, 2018 | 19:00
Updated-05 Aug, 2024 | 06:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8120, CVE-2018-8124, CVE-2018-8164.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_server_2012windows_8.1windows_rt_8.1windows_7windows_10windows_server_2008Windows Server 2008 R2Windows 10 ServersWindows Server 2012 R2Windows Server 2016Windows 10Windows Server 2012Windows 8.1Windows 7Windows RT 8.1Windows Server 2008
CWE ID-CWE-404
Improper Resource Shutdown or Release
CVE-2018-8169
Matching Score-10
Assigner-Microsoft Corporation
ShareView Details
Matching Score-10
Assigner-Microsoft Corporation
CVSS Score-7||HIGH
EPSS-1.45% / 79.98%
||
7 Day CHG~0.00%
Published-14 Jun, 2018 | 12:00
Updated-05 Aug, 2024 | 06:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An elevation of privilege vulnerability exists when the (Human Interface Device) HID Parser Library driver improperly handles objects in memory, aka "HIDParser Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_server_2012windows_8.1windows_rt_8.1windows_7windows_10windows_server_2008Windows Server 2008 R2Windows 10 ServersWindows Server 2012 R2Windows Server 2016Windows 10Windows Server 2012Windows 8.1Windows 7Windows RT 8.1Windows Server 2008
CWE ID-CWE-404
Improper Resource Shutdown or Release
CVE-2018-8224
Matching Score-10
Assigner-Microsoft Corporation
ShareView Details
Matching Score-10
Assigner-Microsoft Corporation
CVSS Score-7||HIGH
EPSS-1.45% / 79.98%
||
7 Day CHG~0.00%
Published-14 Jun, 2018 | 12:00
Updated-05 Aug, 2024 | 06:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka "Windows Kernel Elevation of Privilege Vulnerability." This affects Windows Server 2008, Windows 7, Windows Server 2008 R2.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_7windows_server_2008Windows 7Windows Server 2008Windows Server 2008 R2
CWE ID-CWE-404
Improper Resource Shutdown or Release
CVE-2018-8167
Matching Score-10
Assigner-Microsoft Corporation
ShareView Details
Matching Score-10
Assigner-Microsoft Corporation
CVSS Score-7||HIGH
EPSS-0.55% / 67.06%
||
7 Day CHG+0.14%
Published-09 May, 2018 | 19:00
Updated-05 Aug, 2024 | 06:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory, aka "Windows Common Log File System Driver Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_server_2012windows_8.1windows_rt_8.1windows_7windows_10windows_server_2008Windows Server 2008 R2Windows 10 ServersWindows Server 2012 R2Windows Server 2016Windows 10Windows Server 2012Windows 8.1Windows 7Windows RT 8.1Windows Server 2008
CWE ID-CWE-404
Improper Resource Shutdown or Release
CVE-2018-8124
Matching Score-10
Assigner-Microsoft Corporation
ShareView Details
Matching Score-10
Assigner-Microsoft Corporation
CVSS Score-7||HIGH
EPSS-1.26% / 78.61%
||
7 Day CHG~0.00%
Published-09 May, 2018 | 19:00
Updated-05 Aug, 2024 | 06:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8120, CVE-2018-8164, CVE-2018-8166.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_server_2012windows_8.1windows_7windows_10windows_server_2008Windows Server 2008 R2Windows 10 ServersWindows Server 2012 R2Windows Server 2016Windows 10Windows Server 2012Windows 8.1Windows 7Windows RT 8.1Windows Server 2008
CWE ID-CWE-404
Improper Resource Shutdown or Release
CVE-2017-8574
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7||HIGH
EPSS-0.97% / 75.70%
||
7 Day CHG~0.00%
Published-11 Jul, 2017 | 21:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Graphics in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows an elevation of privilege vulnerability when it fails to properly handle objects in memory, aka "Microsoft Graphics Component Elevation of Privilege Vulnerability". This CVE ID is unique from CVE-2017-8573 and CVE-2017-8556.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10windows_server_2016Microsoft Windows 10 1607, 1703, and Windows Server 2016
CWE ID-CWE-281
Improper Preservation of Permissions
CVE-2017-8689
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7||HIGH
EPSS-1.13% / 77.45%
||
7 Day CHG~0.00%
Published-13 Oct, 2017 | 13:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Microsoft Windows Kernel Mode Driver on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability when it fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability". This CVE ID is unique from CVE-2017-8694.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2008windows_7windows_server_2012windows_server_2016windows_8.1windows_rt_8.1windows_10Kernel Mode Driver
CVE-2017-8566
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7||HIGH
EPSS-0.55% / 67.06%
||
7 Day CHG~0.00%
Published-11 Jul, 2017 | 21:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Microsoft Windows 1607, 1703, and Windows Server 2016 allows an elevation of privilege vulnerability due to Windows Input Method Editor (IME) improperly handling parameters in a method of a DCOM class, aka "Windows IME Elevation of Privilege Vulnerability".

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10windows_server_2016Microsoft Windows 1607, 1703, and Windows Server 2016.
CWE ID-CWE-20
Improper Input Validation
CVE-2017-8467
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7||HIGH
EPSS-0.97% / 75.70%
||
7 Day CHG~0.00%
Published-11 Jul, 2017 | 21:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Graphics in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an elevation of privilege vulnerability due to the way it handles objects in memory, aka "Win32k Elevation of Privilege Vulnerability".

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2008windows_7windows_server_2012windows_server_2016windows_8.1windows_rt_8.1windows_10Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016.
CWE ID-CWE-281
Improper Preservation of Permissions
CVE-2017-8577
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7||HIGH
EPSS-0.97% / 75.70%
||
7 Day CHG~0.00%
Published-11 Jul, 2017 | 21:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Win32k in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability when it fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability". This CVE ID is unique from CVE-2017-8578, CVE-2017-8580, CVE-2017-8581, and CVE-2017-8467.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2008windows_7windows_server_2012windows_server_2016windows_8.1windows_rt_8.1windows_10Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016
CWE ID-CWE-281
Improper Preservation of Permissions
CVE-2017-8580
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7||HIGH
EPSS-1.05% / 76.60%
||
7 Day CHG~0.00%
Published-11 Jul, 2017 | 21:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Win32k in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability when it fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability". This CVE ID is unique from CVE-2017-8577, CVE-2017-8578, CVE-2017-8581, and CVE-2017-8467.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2008windows_7windows_server_2012windows_server_2016windows_8.1windows_rt_8.1windows_10Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016
CWE ID-CWE-281
Improper Preservation of Permissions
CVE-2017-8581
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7||HIGH
EPSS-3.23% / 86.57%
||
7 Day CHG~0.00%
Published-11 Jul, 2017 | 21:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Win32k in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability when it fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability". This CVE ID is unique from CVE-2017-8578, CVE-2017-8580, CVE-2017-8577, and CVE-2017-8467.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2008windows_7windows_server_2012windows_server_2016windows_8.1windows_rt_8.1windows_10Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016
CWE ID-CWE-281
Improper Preservation of Permissions
CVE-2017-8556
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7||HIGH
EPSS-0.97% / 75.70%
||
7 Day CHG~0.00%
Published-11 Jul, 2017 | 21:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Graphics in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability when it fails to properly handle objects in memory, aka "Microsoft Graphics Component Elevation of Privilege Vulnerability". This CVE ID is unique from CVE-2017-8573 and CVE-2017-8574.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2008windows_7windows_server_2012windows_server_2016windows_8.1windows_rt_8.1windows_10Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016
CWE ID-CWE-281
Improper Preservation of Permissions
CVE-2017-8562
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7||HIGH
EPSS-0.47% / 63.79%
||
7 Day CHG~0.00%
Published-11 Jul, 2017 | 21:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability due to Windows improperly handling calls to Advanced Local Procedure Call (ALPC), aka "Windows ALPC Elevation of Privilege Vulnerability".

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2012windows_server_2016windows_8.1windows_rt_8.1windows_10Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703.
CWE ID-CWE-281
Improper Preservation of Permissions
CVE-2017-8460
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.3||HIGH
EPSS-1.93% / 82.62%
||
7 Day CHG~0.00%
Published-15 Jun, 2017 | 01:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Windows PDF in Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows information disclosure when a user opens a specially crafted PDF file, aka "Windows PDF Information Disclosure Vulnerability".

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2012windows_server_2016windows_8.1windows_rt_8.1windows_10Windows PDF
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2017-8579
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7||HIGH
EPSS-0.66% / 70.12%
||
7 Day CHG~0.00%
Published-29 Jun, 2017 | 13:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The DirectX component in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an authenticated attacker to run arbitrary code in kernel mode via a specially crafted application, aka "DirectX Elevation of Privilege Vulnerability."

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10windows_server_2016Microsoft Windows
CWE ID-CWE-281
Improper Preservation of Permissions
CVE-2017-8694
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7||HIGH
EPSS-1.13% / 77.45%
||
7 Day CHG~0.00%
Published-13 Oct, 2017 | 13:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Microsoft Windows Kernel Mode Driver on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability when it fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability". This CVE ID is unique from CVE-2017-8689.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2008windows_7windows_server_2012windows_server_2016windows_8.1windows_rt_8.1windows_10Kernel Mode Driver
CVE-2017-8576
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7||HIGH
EPSS-1.28% / 78.72%
||
7 Day CHG~0.00%
Published-29 Jun, 2017 | 13:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The graphics component in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an authenticated attacker to run arbitrary code in kernel mode via a specially crafted application, aka "Microsoft Graphics Component Elevation of Privilege Vulnerability."

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10windows_server_2016Microsoft Windows
CWE ID-CWE-665
Improper Initialization
CVE-2017-8573
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7||HIGH
EPSS-0.97% / 75.70%
||
7 Day CHG~0.00%
Published-11 Jul, 2017 | 21:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Graphics in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability when it fails to properly handle objects in memory, aka "Microsoft Graphics Component Elevation of Privilege Vulnerability". This CVE ID is unique from CVE-2017-8574 and CVE-2017-8556.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2008windows_7windows_server_2012windows_server_2016windows_8.1windows_rt_8.1windows_10Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016
CWE ID-CWE-281
Improper Preservation of Permissions
CVE-2017-8675
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7||HIGH
EPSS-1.05% / 76.66%
||
7 Day CHG~0.00%
Published-13 Sep, 2017 | 01:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Windows Kernel-Mode Drivers component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability".. This CVE ID is unique from CVE-2017-8720.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2008windows_7windows_server_2012windows_server_2016windows_8.1windows_rt_8.1windows_10Windows Kernel-Mode Drivers
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2019-5702
Matching Score-8
Assigner-NVIDIA Corporation
ShareView Details
Matching Score-8
Assigner-NVIDIA Corporation
CVSS Score-7.8||HIGH
EPSS-0.05% / 14.19%
||
7 Day CHG~0.00%
Published-24 Dec, 2019 | 21:05
Updated-04 Aug, 2024 | 20:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NVIDIA GeForce Experience, all versions prior to 3.20.2, contains a vulnerability when GameStream is enabled in which an attacker with local system access can corrupt a system file, which may lead to denial of service or escalation of privileges.

Action-Not Available
Vendor-NVIDIA CorporationMicrosoft Corporation
Product-windowsgeforce_experienceGeForce Experience
CVE-2021-44206
Matching Score-8
Assigner-Acronis International GmbH
ShareView Details
Matching Score-8
Assigner-Acronis International GmbH
CVSS Score-7.3||HIGH
EPSS-0.05% / 15.49%
||
7 Day CHG~0.00%
Published-04 Feb, 2022 | 22:29
Updated-16 Sep, 2024 | 22:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Local privilege escalation due to DLL hijacking vulnerability in Acronis Media Builder service

Local privilege escalation due to DLL hijacking vulnerability in Acronis Media Builder service. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 39612, Acronis True Image 2021 (Windows) before build 39287

Action-Not Available
Vendor-Microsoft CorporationAcronis (Acronis International GmbH)
Product-true_imagewindowscyber_protect_home_officeAcronis Cyber Protect Home OfficeAcronis True Image 2021
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2006-7037
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.4||MEDIUM
EPSS-0.07% / 22.11%
||
7 Day CHG~0.00%
Published-23 Feb, 2007 | 01:00
Updated-07 Aug, 2024 | 20:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Mathcad 12 through 13.1 allows local users to bypass the security features by directly accessing or editing the XML representation of the worksheet with a text editor or other program, which allows attackers to (1) bypass password protection by replacing the password field with a hash of a known password, (2) modify timestamps to avoid detection of modifications, (3) remove locks by removing the "is-locked" attribute, and (4) view locked data, which is stored in plaintext.

Action-Not Available
Vendor-mathsoftn/aMicrosoft Corporation
Product-mathcadwindows_2003_serverwindows_95windows_xpwindows_98windows_ntwindows_2000windows_mewindows_98sen/a
CVE-2021-44205
Matching Score-8
Assigner-Acronis International GmbH
ShareView Details
Matching Score-8
Assigner-Acronis International GmbH
CVSS Score-7.3||HIGH
EPSS-0.05% / 15.49%
||
7 Day CHG~0.00%
Published-04 Feb, 2022 | 22:29
Updated-17 Sep, 2024 | 01:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Local privilege escalation due to DLL hijacking vulnerability

Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 39612, Acronis True Image 2021 (Windows) before build 39287

Action-Not Available
Vendor-Microsoft CorporationAcronis (Acronis International GmbH)
Product-true_imagewindowscyber_protect_home_officeAcronis Cyber Protect Home OfficeAcronis True Image 2021
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2006-6579
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.4||MEDIUM
EPSS-0.20% / 42.12%
||
7 Day CHG~0.00%
Published-15 Dec, 2006 | 19:00
Updated-07 Aug, 2024 | 20:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Microsoft Windows XP has weak permissions (FILE_WRITE_DATA and FILE_READ_DATA for Everyone) for %WINDIR%\pchealth\ERRORREP\QHEADLES, which allows local users to write and read files in this folder, as demonstrated by an ASP shell that has write access by IWAM_machine and read access by IUSR_Machine.

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-internet_information_serverinternet_information_servicesn/a
CVE-2019-5443
Matching Score-8
Assigner-HackerOne
ShareView Details
Matching Score-8
Assigner-HackerOne
CVSS Score-7.8||HIGH
EPSS-0.95% / 75.45%
||
7 Day CHG~0.00%
Published-02 Jul, 2019 | 18:31
Updated-04 Aug, 2024 | 19:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A non-privileged user or program can put code and a config file in a known non-privileged path (under C:/usr/local/) that will make curl <= 7.65.1 automatically run the code (as an openssl "engine") on invocation. If that curl is invoked by a privileged user it can do anything it wants.

Action-Not Available
Vendor-n/aNetApp, Inc.CURLOracle CorporationMicrosoft Corporation
Product-http_serveroncommand_insightoncommand_unified_managerwindowsoss_support_toolsoncommand_workflow_automationcurlsnapcenterenterprise_manager_ops_centermysql_servercurl
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2019-5539
Matching Score-8
Assigner-VMware by Broadcom
ShareView Details
Matching Score-8
Assigner-VMware by Broadcom
CVSS Score-7.8||HIGH
EPSS-0.21% / 43.11%
||
7 Day CHG~0.00%
Published-23 Dec, 2019 | 19:20
Updated-04 Aug, 2024 | 20:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

VMware Workstation (15.x prior to 15.5.1) and Horizon View Agent (7.10.x prior to 7.10.1 and 7.5.x prior to 7.5.4) contain a DLL hijacking vulnerability due to insecure loading of a DLL by Cortado Thinprint. Successful exploitation of this issue may allow attackers with normal user privileges to escalate their privileges to administrator on a Windows machine where Workstation or View Agent is installed.

Action-Not Available
Vendor-VMware (Broadcom Inc.)Microsoft Corporation
Product-workstationwindowshorizon_view_agentVMware WorkstationHorizon View Agent
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2019-5694
Matching Score-8
Assigner-NVIDIA Corporation
ShareView Details
Matching Score-8
Assigner-NVIDIA Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.19% / 41.41%
||
7 Day CHG~0.00%
Published-09 Nov, 2019 | 01:42
Updated-04 Aug, 2024 | 20:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NVIDIA Windows GPU Display Driver, R390 driver version, contains a vulnerability in NVIDIA Control Panel in which it incorrectly loads Windows system DLLs without validating the path or signature (also known as a binary planting or DLL preloading attack), which may lead to denial of service or information disclosure through code execution. The attacker requires local system access.

Action-Not Available
Vendor-NVIDIA CorporationMicrosoft Corporation
Product-windowsgpu_driverNVIDIA GPU Display Driver
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2021-40683
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.07% / 21.62%
||
7 Day CHG~0.00%
Published-04 Oct, 2021 | 16:29
Updated-04 Aug, 2024 | 02:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Akamai EAA (Enterprise Application Access) Client before 2.3.1, 2.4.x before 2.4.1, and 2.5.x before 2.5.3, an unquoted path may allow an attacker to hijack the flow of execution.

Action-Not Available
Vendor-akamain/aMicrosoft Corporation
Product-windowsenterprise_application_accessn/a
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2021-38571
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.29%
||
7 Day CHG~0.00%
Published-11 Aug, 2021 | 21:14
Updated-04 Aug, 2024 | 01:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. It allows DLL hijacking, aka CNVD-C-2021-68000 and CNVD-C-2021-68502.

Action-Not Available
Vendor-n/aMicrosoft CorporationFoxit Software Incorporated
Product-phantompdfwindowsfoxit_readern/a
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2018-5457
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-7||HIGH
EPSS-0.08% / 24.34%
||
7 Day CHG~0.00%
Published-06 Feb, 2018 | 20:00
Updated-05 Aug, 2024 | 05:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A uncontrolled search path element issue was discovered in Vyaire Medical CareFusion Upgrade Utility used with Windows XP systems, Versions 2.0.2.2 and prior versions. A successful exploit of this vulnerability requires the local user to install a crafted DLL on the target machine. The application loads the DLL and gives the attacker access at the same privilege level as the application.

Action-Not Available
Vendor-vyairen/aMicrosoft Corporation
Product-carefusion_upgrade_utilitywindows_xpVyaire Medical CareFusion Upgrade Utility Vulnerability
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2021-37713
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-8.2||HIGH
EPSS-0.82% / 73.47%
||
7 Day CHG-0.12%
Published-31 Aug, 2021 | 16:50
Updated-04 Aug, 2024 | 01:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Arbitrary File Creation/Overwrite on Windows via insufficient relative path sanitization

The npm package "tar" (aka node-tar) before versions 4.4.18, 5.0.10, and 6.1.9 has an arbitrary file creation/overwrite and arbitrary code execution vulnerability. node-tar aims to guarantee that any file whose location would be outside of the extraction target directory is not extracted. This is, in part, accomplished by sanitizing absolute paths of entries within the archive, skipping archive entries that contain `..` path portions, and resolving the sanitized paths against the extraction target directory. This logic was insufficient on Windows systems when extracting tar files that contained a path that was not an absolute path, but specified a drive letter different from the extraction target, such as `C:some\path`. If the drive letter does not match the extraction target, for example `D:\extraction\dir`, then the result of `path.resolve(extractionDirectory, entryPath)` would resolve against the current working directory on the `C:` drive, rather than the extraction target directory. Additionally, a `..` portion of the path could occur immediately after the drive letter, such as `C:../foo`, and was not properly sanitized by the logic that checked for `..` within the normalized and split portions of the path. This only affects users of `node-tar` on Windows systems. These issues were addressed in releases 4.4.18, 5.0.10 and 6.1.9. The v3 branch of node-tar has been deprecated and did not receive patches for these issues. If you are still using a v3 release we recommend you update to a more recent version of node-tar. There is no reasonable way to work around this issue without performing the same path normalization procedures that node-tar now does. Users are encouraged to upgrade to the latest patched versions of node-tar, rather than attempt to sanitize paths themselves.

Action-Not Available
Vendor-npmjsnpmOracle CorporationMicrosoft CorporationSiemens AG
Product-sinec_infrastructure_network_serviceswindowstargraalvmnode-tar
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2021-37712
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-8.2||HIGH
EPSS-0.02% / 4.39%
||
7 Day CHG~0.00%
Published-31 Aug, 2021 | 00:00
Updated-04 Aug, 2024 | 01:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Arbitrary File Creation/Overwrite via insufficient symlink protection due to directory cache poisoning using symbolic links

The npm package "tar" (aka node-tar) before versions 4.4.18, 5.0.10, and 6.1.9 has an arbitrary file creation/overwrite and arbitrary code execution vulnerability. node-tar aims to guarantee that any file whose location would be modified by a symbolic link is not extracted. This is, in part, achieved by ensuring that extracted directories are not symlinks. Additionally, in order to prevent unnecessary stat calls to determine whether a given path is a directory, paths are cached when directories are created. This logic was insufficient when extracting tar files that contained both a directory and a symlink with names containing unicode values that normalized to the same value. Additionally, on Windows systems, long path portions would resolve to the same file system entities as their 8.3 "short path" counterparts. A specially crafted tar archive could thus include a directory with one form of the path, followed by a symbolic link with a different string that resolves to the same file system entity, followed by a file using the first form. By first creating a directory, and then replacing that directory with a symlink that had a different apparent name that resolved to the same entry in the filesystem, it was thus possible to bypass node-tar symlink checks on directories, essentially allowing an untrusted tar file to symlink into an arbitrary location and subsequently extracting arbitrary files into that location, thus allowing arbitrary file creation and overwrite. These issues were addressed in releases 4.4.18, 5.0.10 and 6.1.9. The v3 branch of node-tar has been deprecated and did not receive patches for these issues. If you are still using a v3 release we recommend you update to a more recent version of node-tar. If this is not possible, a workaround is available in the referenced GHSA-qq89-hq3f-393p.

Action-Not Available
Vendor-npmjsnpmDebian GNU/LinuxOracle CorporationMicrosoft CorporationSiemens AG
Product-sinec_infrastructure_network_servicesdebian_linuxgraalvmwindowstarnode-tar
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2021-35982
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-7.3||HIGH
EPSS-0.31% / 53.45%
||
7 Day CHG~0.00%
Published-29 Sep, 2021 | 15:36
Updated-16 Sep, 2024 | 19:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Adobe Reader DC Windows Installer Uncontrolled Search Path element could lead to Arbitrary Code Execution

Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by an Uncontrolled Search Path Element vulnerability. A local attacker with non-administrative privileges can plant a malicious DLL to achieve arbitrary code execution in the context of the current user via DLL hijacking. Exploitation of this issue requires user interaction.

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-acrobat_dcwindowsmacosacrobat_reader_dcAcrobat Reader
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2021-3606
Matching Score-8
Assigner-OpenVPN Inc.
ShareView Details
Matching Score-8
Assigner-OpenVPN Inc.
CVSS Score-7.8||HIGH
EPSS-0.13% / 32.64%
||
7 Day CHG~0.00%
Published-02 Jul, 2021 | 12:30
Updated-03 Aug, 2024 | 17:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

OpenVPN before version 2.5.3 on Windows allows local users to load arbitrary dynamic loadable libraries via an OpenSSL configuration file if present, which allows the user to run arbitrary code with the same privilege level as the main OpenVPN process (openvpn.exe).

Action-Not Available
Vendor-openvpnn/aMicrosoft Corporation
Product-windowsopenvpnOpenVPN-GUI
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2019-4588
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-7.4||HIGH
EPSS-0.12% / 30.98%
||
7 Day CHG~0.00%
Published-26 May, 2021 | 16:20
Updated-16 Sep, 2024 | 17:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow a local user to execute arbitrary code and conduct DLL hijacking attacks.

Action-Not Available
Vendor-Microsoft CorporationIBM Corporation
Product-windowsdb2DB2 for Linux, UNIX and Windows
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2021-33063
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.07% / 22.23%
||
7 Day CHG~0.00%
Published-17 Nov, 2021 | 19:09
Updated-03 Aug, 2024 | 23:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in the Intel(R) RealSense(TM) D400 Series UWP driver for Windows 10 before version 6.1.160.22 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aMicrosoft CorporationIntel Corporation
Product-realsense_d400_series_universal_windows_platform_driverwindows_10Intel(R) RealSense(TM) D400 Series UWP driver for Windows 10
CWE ID-CWE-426
Untrusted Search Path
CVE-2021-31519
Matching Score-8
Assigner-Trend Micro, Inc.
ShareView Details
Matching Score-8
Assigner-Trend Micro, Inc.
CVSS Score-7.3||HIGH
EPSS-0.09% / 27.01%
||
7 Day CHG~0.00%
Published-12 May, 2021 | 14:57
Updated-03 Aug, 2024 | 23:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An incorrect permission vulnerability in the product installer folders for Trend Micro HouseCall for Home Networks version 5.3.1179 and below could allow an attacker to escalate privileges by placing arbitrary code on a specified folder and have that code be executed by an Administrator who is running a scan. Please note that an attacker must first obtain the ability to execute low-privileged code on the target system to exploit this vulnerability.

Action-Not Available
Vendor-Microsoft CorporationTrend Micro Incorporated
Product-windowshousecall_for_home_networksTrend Micro HouseCall for Home Networks
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2021-28581
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-7.3||HIGH
EPSS-0.11% / 30.79%
||
7 Day CHG~0.00%
Published-08 Sep, 2021 | 13:29
Updated-17 Sep, 2024 | 03:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Adobe Creative Cloud Desktop uncontrolled search path element vulnerability could lead to local privilege escalation

Adobe Creative Cloud Desktop 3.5 (and earlier) is affected by an uncontrolled search path vulnerability that could result in elevation of privileges. Exploitation of this issue requires user interaction in that a victim must log on to the attacker's local machine.

Action-Not Available
Vendor-Microsoft CorporationAdobe Inc.
Product-windowscreative_cloudCreative Cloud (desktop component)
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2021-28649
Matching Score-8
Assigner-Trend Micro, Inc.
ShareView Details
Matching Score-8
Assigner-Trend Micro, Inc.
CVSS Score-7.3||HIGH
EPSS-0.09% / 27.01%
||
7 Day CHG~0.00%
Published-12 May, 2021 | 14:57
Updated-03 Aug, 2024 | 21:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An incorrect permission vulnerability in the product installer for Trend Micro HouseCall for Home Networks version 5.3.1179 and below could allow an attacker to escalate privileges by placing arbitrary code on a specified folder and have that code be executed by an Administrator who is running a scan. Please note that an attacker must first obtain the ability to execute low-privileged code on the target system to exploit this vulnerability.

Action-Not Available
Vendor-Microsoft CorporationTrend Micro Incorporated
Product-windowshousecall_for_home_networksTrend Micro HouseCall for Home Networks
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2021-27893
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7||HIGH
EPSS-0.05% / 15.49%
||
7 Day CHG~0.00%
Published-15 Mar, 2021 | 14:05
Updated-03 Aug, 2024 | 21:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SSH Tectia Client and Server before 6.4.19 on Windows allow local privilege escalation in nonstandard conditions. ConnectSecure on Windows is affected.

Action-Not Available
Vendor-sshn/aMicrosoft Corporation
Product-windowstectia_clienttectia_connectsecuretectia_servern/a
CVE-2011-0754
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.4||MEDIUM
EPSS-0.04% / 10.05%
||
7 Day CHG~0.00%
Published-02 Feb, 2011 | 21:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The SplFileInfo::getType function in the Standard PHP Library (SPL) extension in PHP before 5.3.4 on Windows does not properly detect symbolic links, which might make it easier for local users to conduct symlink attacks by leveraging cross-platform differences in the stat structure, related to lack of a FILE_ATTRIBUTE_REPARSE_POINT check.

Action-Not Available
Vendor-n/aThe PHP GroupMicrosoft Corporation
Product-phpwindowsn/a
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2019-19166
Matching Score-8
Assigner-KrCERT/CC
ShareView Details
Matching Score-8
Assigner-KrCERT/CC
CVSS Score-7.8||HIGH
EPSS-0.07% / 21.54%
||
7 Day CHG~0.00%
Published-06 May, 2020 | 12:44
Updated-05 Aug, 2024 | 02:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tobesoft XPlatform Arbitrary File Execution Vulnerability

Tobesoft XPlatform v9.1, 9.2.0, 9.2.1 and 9.2.2 have a vulnerability that can load unauthorized DLL files. It allows attacker to cause remote code execution.

Action-Not Available
Vendor-tobesoftTobesoftMicrosoft Corporation
Product-windowsxplatformXPlatform
CWE ID-CWE-494
Download of Code Without Integrity Check
CVE-2021-25247
Matching Score-8
Assigner-Trend Micro, Inc.
ShareView Details
Matching Score-8
Assigner-Trend Micro, Inc.
CVSS Score-7.8||HIGH
EPSS-0.09% / 26.14%
||
7 Day CHG~0.00%
Published-27 Jan, 2021 | 19:10
Updated-03 Aug, 2024 | 19:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A DLL hijacking vulnerability Trend Micro HouseCall for Home Networks version 5.3.1063 and below could allow an attacker to use a malicious DLL to escalate privileges and perform arbitrary code execution. An attacker must already have user privileges on the machine to exploit this vulnerability.

Action-Not Available
Vendor-Microsoft CorporationTrend Micro Incorporated
Product-windowshousecall_for_home_networksTrend Micro HouseCall for Home Networks
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2017-1297
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-7.3||HIGH
EPSS-0.27% / 49.81%
||
7 Day CHG~0.00%
Published-27 Jun, 2017 | 16:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM DB2 for Linux, UNIX and Windows 9.2, 10.1, 10.5, and 11.1 (includes DB2 Connect Server) is vulnerable to a stack-based buffer overflow, caused by improper bounds checking which could allow a local attacker to execute arbitrary code. IBM X-Force ID: 125159.

Action-Not Available
Vendor-IBM CorporationLinux Kernel Organization, IncMicrosoft Corporation
Product-data_server_driver_for_odbc_and_clidata_server_runtime_clientlinux_kerneldb2_connectdb2data_server_driver_packagedata_server_clientwindowsDB2 for Linux, UNIX and Windows
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-11818
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-4.5||MEDIUM
EPSS-1.72% / 81.63%
||
7 Day CHG~0.00%
Published-13 Oct, 2017 | 13:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Microsoft Windows Storage component on Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a security feature bypass vulnerability when it fails to validate an integrity-level check, aka "Windows Storage Security Feature Bypass Vulnerability".

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2012windows_server_2016windows_8.1windows_rt_8.1windows_10Microsoft Windows Storage
CVE-2021-21068
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-6.1||MEDIUM
EPSS-0.10% / 28.29%
||
7 Day CHG~0.00%
Published-12 Mar, 2021 | 18:12
Updated-23 Apr, 2025 | 19:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Adobe Creative Cloud installer arbitrary file overwrite vulnerability

Adobe Creative Cloud Desktop Application version 5.3 (and earlier) is affected by a file handling vulnerability that could allow an attacker to cause arbitrary file overwriting. Exploitation of this issue requires physical access and user interaction.

Action-Not Available
Vendor-Adobe Inc.Apple Inc.Microsoft Corporation
Product-creative_cloud_desktop_applicationwindowsmacosCreative Cloud (desktop component)
CWE ID-CWE-379
Creation of Temporary File in Directory with Insecure Permissions
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • Next
Details not found