COM classes used by the VMX process on a Windows host can be hijacked leading to elevation of privilege.
This module exploits a vulnerability in Private Internet Access VPN, loading a malicious OpenSSL engine without checking.
An elevation of privilege vulnerability exists in the way the Task Scheduler Service validates certain file operations.
An elevation of privilege vulnerability exists when Windows improperly handles calls to the LUAFV driver (luafv.sys)
The LHA.sys driver before 1.1.1811.2101 in LG Device Manager exposes functionality that allows low-privileged users to read and write arbitrary physical memory via specially crafted IOCTL requests and elevate system privileges. This occurs because the device object has an associated symbolic link and an open DACL.
This module exploits a vulnerability in Panda Antivirus, executing crafted files witout checking.
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory.
An elevation of privilege vulnerability exists when Windows improperly handles calls to the LUAFV driver (luafv.sys)
This vulnerability allows local attackers to escalate privileges on vulnerable installations of VirIT eXplorer Anti-Virus. An attacker must first obtain the ability to execute non-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the processing of crafted IOCTL by the VIAGLT64.SYS kernel driver. The issue lies in the failure to properly validate user-supplied data which can result in an arbitrary write condition. An attacker can leverage this vulnerability to execute arbitrary code under the context of kernel. This module will elevate the privileges of the current agent instead of installing a new one.
The user can write 0 where he wants. This can be used to write SecurityDescriptor and write system processes.