The vulnerability is a pointer override that is reached by calling DeviceIoControl within IRP_MJ_DEVICE_CONTROL and called using the IOCTL 0x80002018.
A dll hijacking allows to inject DLLs into some privileged processes that contain an embedded manifest file with the tags level="asInvoker" and uiAccess="true". This allows to an user in administrator group to elevate from Medium to High integrity level
A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.
A vulnerability exists in the file history service, which runs as system, and can be exploited to elevate from ordinary users to system privileges. This update adds the ability for the user to select the folder to write to.
An improper privilege management in the AMD Radeon Graphics driver may allow an authenticated attacker to craft an IOCTL request to gain I/O control over arbitrary hardware ports or physical addresses resulting in a potential arbitrary code execution.
An elevation of privilege vulnerability exists due to the MS KS Server kernel module allow accessing memory out of bounds. The vulnerability could allow an attacker to run code with elevated privileges.
An elevation of privilege vulnerability exists due to the MS KS Server kernel module allow mapping arbitrary memory addresses to user mode. The vulnerability could allow an attacker to run code with elevated privileges.
A vulnerability exists in the file history service, which runs as system, and can be exploited to elevate from ordinary users to system privileges.
The vulnerability exists due to application does not properly impose security restrictions in Windows Error Reporting Service, which leads to security restrictions bypass and privilege escalation and allows a local user (non included in Administrator group) to escalate privileges to NT AUTHORITY/SYSTEM.
This version adds BOF support.
This version adds BOF support.
An elevation of privilege vulnerability exists due to the Windows kernel improperly validating input passed from user mode to the kernel. The vulnerability could allow an attacker to run code with elevated privileges.