A message header injection vulnerability in Apache Camel allows unauthenticated remote attackers to execute OS system commands.
The Cloud Files Mini Filter Driver (cldflt.sys) present in Microsoft Windows is vulnerable to a buffer overflow, which can result in out-of-bounds memory write to paged pool memory. This module allows a local unprivileged user to execute arbitrary code with SYSTEM privileges.
An elevation of privilege vulnerability has been identified in the Windows Error Reporting Service. This security flaw arises from improper privilege management, enabling local attackers with standard user permissions to escalate their privileges and gain unauthorized access to elevated system capabilities.
The Common Log File System Driver (clfs.sys) present in Microsoft Windows is vulnerable to a memory corruption vulnerability. This module allows a local unprivileged user to execute arbitrary code with SYSTEM privileges by creating a specially crafted base log file.
This module exploits a vulnerability in the LoadContainerQ function within clfs.sys. The root cause of this vulnerability is that LoadContainerQ uses CLFS_CONTAINER_CONTEXT.pContainer without verifying whether the FlushImage function has invalidated the General Metadata Block.
An elevation of privilege vulnerability exists due to the MS KS WOW Thunk kernel module allowing an integer overflow which can lead into a buffer overflow. The vulnerability could allow an attacker to run code with elevated privileges.
A critical use-after-free vulnerability in the Windows Ancillary Function Driver (afd.sys), allows attackers to escalate privileges. It stems from a race condition in the Registered I/O (RIO) extension for Windows sockets, between the functions AfdRioGetAndCacheBuffer() and AfdRioDereferenceBuffer().
Enhance identity management in exploits. * Linked created identities in the Module Output: Added a reference to the created identity in the Module Output. * Added Validated and Validated in properties to identities: Ensured that created identities include Validated=True and are associated with the target (Validated in) where they were verified.
Ivanti Connect Secure contains a stack-based buffer overflow that allows unauthenticated remote attackers to execute system commands in the context of the nr user.
The vulnerability exploits Office URI schemes to redirect HTTP requests to UNC paths using redirection. This enables attackers to bypass URI restrictions and capture NTLMv2 hashes.