The Cloud Files Mini Filter Driver (cldflt.sys) present in Microsoft Windows is vulnerable to a Time-of-check Time-of-use (TOCTOU) Race Condition, which can result in arbitrary file write. This module allows a local unprivileged user to execute arbitrary code with SYSTEM privileges.
An elevation of privilege vulnerability exists due to the Agere Windows Modem kernel module allowing untrusted pointer dereference. The vulnerability could allow an attacker to run code with elevated privileges.
The Common Log File System Driver (clfs.sys) present in Microsoft Windows is vulnerable to a memory corruption vulnerability. This module allows a local unprivileged user to execute arbitrary code with SYSTEM privileges.
An elevation of privilege vulnerability exists due to the Application Identity kernel module allowing untrusted pointer dereference. The vulnerability could allow an attacker to run code with elevated privileges.
The Windows Disk Cleanup tool (cleanmgr.exe) has a DLL side-loading vulnerability. A crafted DLL could be loaded by the Disk Cleanup tool, hijacking its execution path. This could allow an attacker to gain system privileges on a vulnerable system.
This module exploits a privilege escalation vulnerability in the way sudo handles the chroot parameter.
The IMF ForceDelete Filter Driver (IMFForceDelete.sys) present in IObit Malware Fighter v12.1.0 allows attackers to arbitrarily delete files. This module allows a local unprivileged user to delete an arbitrary file, regardless of the current user privileges.
A heap-based buffer overflow exists in the vkrnlintvsp.sys driver within the VkiRootAdjustSecurityDescriptorForVmwp(). The issue occurs due to improper validation of a user-controlled Dacl->AclSize value when calculating a memory allocation size.
The Cloud Files Mini Filter Driver (cldflt.sys) present in Microsoft Windows is vulnerable to a buffer overflow, which can result in out-of-bounds memory write to paged pool memory. This module allows a local unprivileged user to execute arbitrary code with SYSTEM privileges.
An elevation of privilege vulnerability has been identified in the Windows Error Reporting Service. This security flaw arises from improper privilege management, enabling local attackers with standard user permissions to escalate their privileges and gain unauthorized access to elevated system capabilities.