Vulnerability & Exploit Database

Displaying entries 131 - 140 of 128560 in total

Microsoft CVE-2018-0970: Windows Kernel Information Disclosure Vulnerability Vulnerability

  • Severity: 4
  • Published: April 10, 2018

An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass. An attacker who successfully exploited the vulnerability could retrieve the memory address of a kernel object. To exploit the vulnerability...

Microsoft CVE-2018-0969: Windows Kernel Information Disclosure Vulnerability Vulnerability

  • Severity: 4
  • Published: April 10, 2018

An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass. An attacker who successfully exploited the vulnerability could retrieve the memory address of a kernel object. To exploit the vulnerability...

Microsoft CVE-2018-0968: Windows Kernel Information Disclosure Vulnerability Vulnerability

  • Severity: 4
  • Published: April 10, 2018

An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass. An attacker who successfully exploited the vulnerability could retrieve the memory address of a kernel object. To exploit the vulnerability...

Microsoft CVE-2018-0967: Windows SNMP Service Denial of Service Vulnerability Vulnerability

  • Severity: 4
  • Published: April 10, 2018

A denial of service vulnerability exists in the way that Windows SNMP Service handles malformed SNMP traps. An attacker who successfully exploited the vulnerability could cause a target system to stop responding. Note that the denial of service condition would not allow an attacker to execute code or to elevate user privileges. However, ...

Microsoft CVE-2018-0966: Device Guard Security Feature Bypass Vulnerability Vulnerability

  • Severity: 4
  • Published: April 10, 2018

A security feature bypass exists when Device Guard incorrectly validates an untrusted file. An attacker who successfully exploited this vulnerability could make an unsigned file appear to be signed. Because Device Guard relies on the signature to determine the file is non-malicious, Device Guard could then allow a malicious file to execu...

Microsoft CVE-2018-0964: Hyper-V Information Disclosure Vulnerability Vulnerability

  • Severity: 4
  • Published: April 10, 2018

An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker on a guest operating system could run a specially crafted application that could cause the Hyper-V host operating...

Microsoft CVE-2018-0963: Windows Kernel Elevation of Privilege Vulnerability Vulnerability

  • Severity: 4
  • Published: April 10, 2018

An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application. The security update a...

Microsoft CVE-2018-0960: Windows Kernel Information Disclosure Vulnerability Vulnerability

  • Severity: 4
  • Published: April 10, 2018

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially ...

Microsoft CVE-2018-0957: Hyper-V Information Disclosure Vulnerability Vulnerability

  • Severity: 4
  • Published: April 10, 2018

An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker on a guest operating system could run a specially crafted application that could cause the Hyper-V host operating...

Microsoft CVE-2018-0956: HTTP.sys Denial of Service Vulnerability Vulnerability

  • Severity: 4
  • Published: April 10, 2018

A denial of service vulnerability exists in the HTTP 2.0 protocol stack (HTTP.sys) when HTTP.sys improperly parses specially crafted HTTP 2.0 requests. An attacker who successfully exploited the vulnerability could create a denial of service condition, causing the target system to become unresponsive. To exploit this vulnerability, an at...