An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system bypassing CVE-2020-1048.
An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system.
An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system.
An elevation of privilege vulnerability exists when Microsoft Windows CloudExperienceHost fails to check COM objects.
This module exploits a vulnerability in FreeBSD. The sendmsg system call in the compat32 subsystem on 64-bit platforms has a time-of-check to time-of-use vulnerability allowing a mailcious userspace program to modify control message headers after they were validation.
Multiple vulnerabilities in Cisco AnyConnect Posture for Windows could allow an authenticated local attacker, to execute arbitrary commands with SYSTEM user privileges.
Multiple stack buffer overflows were found in the MSI AmbientLink MsIo64 driver when processing IoControlCode (IOCTL) 0x80102040, 0x80102044, 0x80102050, 0x80102054. Local attackers, including low integrity processes, can exploit these vulnerabilities and consequently gain NT AUTHORITY\SYSTEM privileges.
An elevation of privilege vulnerability exists in Windows when the DNS Server component fails to properly handle certain types of request.
The vulnerability allows read and write to arbitrary memory locations, and consequently gain NT AUTHORITY\SYSTEM privileges, by mapping \Device\PhysicalMemory into the calling process via MmMapIoSpace().
Docker Desktop allows local privilege escalation to NT AUTHORITY\SYSTEM because it mishandles the collection of diagnostics with Administrator privileges, leading to arbitrary DACL permissions overwrites and arbitrary file writes. This affects Docker Desktop Enterprise before 2.1.0.9, Docker Desktop for Windows Stable before 2.2.0.4, and Docker Desktop for Windows Edge before 2.2.2.0.