Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
windows nt vulnerabilities and exploits
(subscribe to this query)
2.1
CVSSv2
CVE-2019-1345
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1334.
Microsoft Windows Server 2019 -
Microsoft Windows Server 2016 1903
Microsoft Windows 10 1803
Microsoft Windows 10 1607
Microsoft Windows 10 1809
Microsoft Windows Server 2016 1803
Microsoft Windows Server 2016 -
Microsoft Windows 10 -
Microsoft Windows 10 1709
Microsoft Windows 10 1903
1 EDB exploit
1 Article
7.1
CVSSv2
CVE-2019-1347
A denial of service vulnerability exists when Windows improperly handles objects in memory, aka 'Windows Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-1343, CVE-2019-1346.
Microsoft Windows 10 1607
Microsoft Windows 10 1903
Microsoft Windows Rt 8.1 -
Microsoft Windows 10 1703
Microsoft Windows 10 1709
Microsoft Windows 10 1803
Microsoft Windows 10 1809
Microsoft Windows Server 2016 -
Microsoft Windows Server 2016 1803
Microsoft Windows Server 2016 1903
Microsoft Windows Server 2019 -
Microsoft Windows 10 -
Microsoft Windows 8.1 -
Microsoft Windows Server 2012 R2
1 EDB exploit
1 Article
7.2
CVSSv2
CVE-2019-17180
Valve Steam Client prior to 2019-09-12 allows placing or appending partially controlled filesystem content, as demonstrated by file modifications on Windows in the context of NT AUTHORITY\SYSTEM. This could lead to denial of service, elevation of privilege, or unspecified other i...
Valvesoftware Steam Client
6.9
CVSSv2
CVE-2019-15316
Valve Steam Client for Windows through 2019-08-20 has weak folder permissions, leading to privilege escalation (to NT AUTHORITY\SYSTEM) via crafted use of CreateMountPoint.exe and SetOpLock.exe to leverage a TOCTOU race condition.
Valvesoftware Steam Client
7.2
CVSSv2
CVE-2019-15315
Valve Steam Client for Windows through 2019-08-16 allows privilege escalation (to NT AUTHORITY\SYSTEM) because local users can replace the current versions of SteamService.exe and SteamService.dll with older versions that lack the CVE-2019-14743 patch.
Valvesoftware Steam Client
1 Github repository
1 Article
6.9
CVSSv2
CVE-2019-12889
An unauthenticated privilege escalation exists in SailPoint Desktop Password Reset 7.2. A user with local access to only the Windows logon screen can escalate their privileges to NT AUTHORITY\System. An attacker would need local access to the machine for a successful exploit. The...
Sailpoint Desktop Password Reset 7.2
1 Github repository
7.2
CVSSv2
CVE-2019-14743
In Valve Steam Client for Windows through 2019-08-07, HKLM\SOFTWARE\Wow6432Node\Valve\Steam has explicit "Full control" for the Users group, which allows local users to gain NT AUTHORITY\SYSTEM access.
Valvesoftware Steam Client
1 Article
7.2
CVSSv2
CVE-2018-19666
The agent in OSSEC up to and including 3.1.0 on Windows allows local users to gain NT AUTHORITY\SYSTEM access via Directory Traversal by leveraging full access to the associated OSSEC server.
Ossec Ossec
Wazuh Wazuh
7.1
CVSSv2
CVE-2018-8175
An denial of service vulnerability exists when Windows NT WEBDAV Minirdr attempts to query a WEBDAV directory, aka "WEBDAV Denial of Service Vulnerability." This affects Windows 10 Servers, Windows 10.
Microsoft Windows 10 1709
Microsoft Windows Server 2016 1709
Microsoft Windows 10 1803
Microsoft Windows Server 1803 -
2.1
CVSSv2
CVE-2018-0971
An information disclosure vulnerability exists in the Windows kernel that could allow an malicious user to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass, aka "Windows Kernel Information Disclosure Vulnerability." This ...
Microsoft Windows 7 -
Microsoft Windows Server 2012 R2
Microsoft Windows Rt 8.1 -
Microsoft Windows Server 2008 -
Microsoft Windows 8.1
Microsoft Windows Server 2008 R2
Microsoft Windows 10 1709
Microsoft Windows 10
Microsoft Windows 10 1511
Microsoft Windows 10 1607
Microsoft Windows 10 1703
Microsoft Windows Server 2012 -
Microsoft Windows Server 2016
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »