| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Ashlar-Vellum Cobalt CO File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of CO files. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to execute code in the context of the current process.
. Was ZDI-CAN-17909. |
| Ashlar-Vellum Cobalt Untrusted Pointer Dereference Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of CO files. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to execute code in the context of the current process.
. Was ZDI-CAN-19876. |
| Ashlar-Vellum Cobalt XE File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of XE files. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to execute code in the context of the current process.
. Was ZDI-CAN-17948. |
| A memory corruption vulnerability in StorageSecurityCommandDxe in Insyde InsydeH2O before kernel 5.2: IB19130163 in 05.29.07, kernel 5.3: IB19130163 in 05.38.07, kernel 5.4: IB19130163 in 05.46.07, kernel 5.5: IB19130163 in 05.54.07, and kernel 5.6: IB19130163 in 05.61.07 could lead to escalating privileges in SMM. |
| Windows Kernel-Mode Driver Elevation of Privilege Vulnerability |
| Windows Kernel-Mode Driver Elevation of Privilege Vulnerability |
| Untrusted pointer dereference in Windows Kernel allows an authorized attacker to elevate privileges locally. |
| Untrusted pointer dereference in Windows Kernel Memory allows an authorized attacker to elevate privileges locally. |
| Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. |
| Win32k Elevation of Privilege Vulnerability |
| Windows DWM Core Library Elevation of Privilege Vulnerability |
| Windows Hyper-V Shared Virtual Disk Elevation of Privilege Vulnerability |
| Windows Secure Kernel Mode Elevation of Privilege Vulnerability |
| Windows Secure Kernel Mode Elevation of Privilege Vulnerability |
| NT OS Kernel Elevation of Privilege Vulnerability |
| Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability |
| Windows Kernel Elevation of Privilege Vulnerability |
| Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability |
| Windows Print Spooler Elevation of Privilege Vulnerability |
| Windows Secure Kernel Mode Elevation of Privilege Vulnerability |
