A heap-based buffer overflow exists in the vkrnlintvsp.sys driver within the VkiRootAdjustSecurityDescriptorForVmwp(). The issue occurs due to improper validation of a user-controlled Dacl->AclSize value when calculating a memory allocation size.
Veeam Backup and Replication deserialization of Veeam.Backup.EsxManager.xmlFrameworkDs .NET class type allows authenticated remote attackers to execute system commands in the context of the NT AUTHORITY\SYSTEM user.
This module exploits an authentication bypass vulnerability in the CrushFTP WebInterface. Versions affected include 10.0.0 through 10.8.3 and 11.0.0 through 11.3.0. The vulnerability allows an unauthenticated attacker to bypass login by crafting a forged CrushAuth cookie and abusing the Authorization header. If a valid username is known (e.g., crushadmin), the attacker can: Retrieve a full list of users via getUserList.
A message header injection vulnerability in Apache Camel allows unauthenticated remote attackers to execute OS system commands.
The Cloud Files Mini Filter Driver (cldflt.sys) present in Microsoft Windows is vulnerable to a buffer overflow, which can result in out-of-bounds memory write to paged pool memory. This module allows a local unprivileged user to execute arbitrary code with SYSTEM privileges.
An elevation of privilege vulnerability has been identified in the Windows Error Reporting Service. This security flaw arises from improper privilege management, enabling local attackers with standard user permissions to escalate their privileges and gain unauthorized access to elevated system capabilities.
CVE-2024-28987 affects SolarWinds Web Help Desk 12.8.3 Hotfix 1 and all previous versions due to the presence of hardcoded credentials in the application. This vulnerability allows an unauthenticated attacker to access the REST API using Basic Authentication with predefined credentials (helpdeskIntegrationUser/dev-C4F8025E7), enabling them to read, modify, and create tickets.
The Common Log File System Driver (clfs.sys) present in Microsoft Windows is vulnerable to a memory corruption vulnerability. This module allows a local unprivileged user to execute arbitrary code with SYSTEM privileges by creating a specially crafted base log file.
This module exploits a vulnerability in the LoadContainerQ function within clfs.sys. The root cause of this vulnerability is that LoadContainerQ uses CLFS_CONTAINER_CONTEXT.pContainer without verifying whether the FlushImage function has invalidated the General Metadata Block.
An elevation of privilege vulnerability exists due to the MS KS WOW Thunk kernel module allowing an integer overflow which can lead into a buffer overflow. The vulnerability could allow an attacker to run code with elevated privileges.