Google Security Research

1,215 exploits Active since May 2013
CVE-2019-0667 EXPLOITDB HIGH html WORKING POC
Internet Explorer - Remote Code Execution via VBScript Engine Memory Handling
A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'Windows VBScript Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0665, CVE-2019-0666, CVE-2019-0772.
CVSS 7.5
CVE-2018-8449 EXPLOITDB LOW text WORKING POC
Windows 10 and Windows Server 2016 - Security Feature Bypass via Device Guard File Validation
A security feature bypass exists when Device Guard incorrectly validates an untrusted file, aka "Device Guard Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.
CVSS 3.3
CVE-2015-2462 EXPLOITDB text WORKING POC
.NET Framework - Remote Code Execution via Crafted OpenType Font
ATMFD.DLL in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10, and .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, and 4.6 allows remote attackers to execute arbitrary code via a crafted OpenType font, aka "OpenType Font Parsing Vulnerability."
CVE-2017-11890 EXPLOITDB HIGH html WORKING POC
Microsoft Windows - Memory Corruption
Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user, due to how Internet Explorer handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11886, CVE-2017-11889, CVE-2017-11893, CVE-2017-11894, CVE-2017-11895, CVE-2017-11901, CVE-2017-11903, CVE-2017-11905, CVE-2017-11907, CVE-2017-11908, CVE-2017-11909, CVE-2017-11910, CVE-2017-11911, CVE-2017-11912, CVE-2017-11913, CVE-2017-11914, CVE-2017-11916, CVE-2017-11918, and CVE-2017-11930.
CVSS 7.5
CVE-2017-11906 EXPLOITDB MEDIUM html WORKING POC
Internet Explorer - Info Disclosure
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to obtain information to further compromise the user's system, due to how Internet Explorer handles objects in memory, aka "Scripting Engine Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-11887 and CVE-2017-11919.
CVSS 5.3
CVE-2019-0959 EXPLOITDB HIGH text WORKING POC
Windows Common Log File System - Privilege Escalation
An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. To exploit the vulnerability, an attacker would first have to log on to the system, and then run a specially crafted application to take control over the affected system. The security update addresses the vulnerability by correcting how CLFS handles objects in memory.
CVSS 7.0
CVE-2017-0313 EXPLOITDB HIGH text WORKING POC
NVIDIA Windows GPU Display Driver - Denial of Service or Privilege Escalation via SubmitCommandVirtual DDI
All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) implementation of the SubmitCommandVirtual DDI (DxgkDdiSubmitCommandVirtual) where untrusted input is used to reference memory outside of the intended boundary of the buffer leading to denial of service or escalation of privileges.
CVSS 7.8
CVE-2016-7385 EXPLOITDB HIGH text WORKING POC
NVIDIA GPU Driver R340 < 342.00 & R375 < 375.63 - DoS or Privilege Escalation via Unvalidated Array Index
For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape ID 0x700010d where a value passed from a user to the driver is used without validation as the index to an internal array, leading to denial of service or potential escalation of privileges.
CVSS 7.8
CVE-2017-0312 EXPLOITDB HIGH text WORKING POC
NVIDIA Windows GPU Display Driver - Denial of Service or Privilege Escalation via DxgkDdiEscapeID 0x100008b
All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscapeID 0x100008b where user provided input is used as the limit for a loop may lead to denial of service or potential escalation of privileges
CVSS 7.8
CVE-2016-8806 EXPLOITDB HIGH text WORKING POC
NVIDIA Windows GPU Display Driver and R375 before 375.63 <342.00-375.63 - Privilege Escalation
For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape ID 0x5000027 where a pointer passed from an user to the driver is used without validation, leading to denial of service or potential escalation of privileges.
CVSS 7.8
CVE-2016-8805 EXPLOITDB HIGH text WORKING POC
NVIDIA Windows GPU Display Driver - Privilege Escalation
For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape ID 0x7000014 where a value passed from an user to the driver is used without validation as the index to an internal array, leading to denial of service or potential escalation of privileges.
CVSS 7.8
CVE-2016-7387 EXPLOITDB HIGH text WORKING POC
NVIDIA GPU Driver R340 < 342.00 and R375 < 375.63 - Denial of Service or Privilege Escalation via DxgDdiEscape Handler
For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape ID 0x600000D where a value passed from a user to the driver is used without validation as the index to an internal array, leading to denial of service or potential escalation of privileges.
CVSS 7.8
CVE-2016-8810 EXPLOITDB HIGH text WORKING POC
NVIDIA GPU Driver R340 < 342.00 & R375 < 375.63 - DoS or Privilege Escalation via Unvalidated Array Index
For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape ID 0x100009a where a value passed from an user to the driver is used without validation as the index to an internal array, leading to denial of service or potential escalation of privileges.
CVSS 7.8
CVE-2016-8809 EXPLOITDB HIGH text WORKING POC
NVIDIA Windows GPU Display Driver <342.00-375.63 - DoS/Privilege Es...
For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape ID 0x70001b2 where the size of an input buffer is not validated, leading to denial of service or potential escalation of privileges.
CVSS 7.8
CVE-2016-8808 EXPLOITDB HIGH text WORKING POC
NVIDIA Windows GPU Display Driver and R375 <342.00-375.63 - Privilege Escalation
For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape ID 0x70000d5 where a value passed from an user to the driver is used without validation as the index to an internal array, leading to denial of service or potential escalation of privileges.
CVSS 7.8
CVE-2016-7391 EXPLOITDB HIGH text WORKING POC
NVIDIA GPU Driver R340 < 342.00 and R375 < 375.63 - Denial of Service or Privilege Escalation via DxgDdiEscape Handler
For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape ID 0x100010b where a missing array bounds check can allow a user to write to kernel memory, leading to denial of service or potential escalation of privileges.
CVSS 7.8
CVE-2018-0744 EXPLOITDB HIGH text WORKING POC
Windows Kernel - Elevation of Privilege via Memory Object Handling
The Windows kernel in Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the way objects are handled in memory, aka "Windows Elevation of Privilege Vulnerability".
CVSS 7.0
CVE-2016-7386 EXPLOITDB MEDIUM text WRITEUP
NVIDIA GPU Driver R340 < 342.00 and R375 < 375.63 - Kernel Memory Leak via DxgDdiEscape Handler
For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape ID 0x70000D4 which may lead to leaking of kernel memory contents to user space through an uninitialized buffer.
CVSS 5.5
CVE-2016-8811 EXPLOITDB HIGH text WORKING POC
NVIDIA Windows GPU Display Driver R340 <342.00 and R375 <375.63 - DoS
For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape ID 0x7000170 where the size of an input buffer is not validated, leading to denial of service or potential escalation of privileges.
CVSS 7.8
CVE-2016-3376 EXPLOITDB HIGH text WORKING POC
Windows Kernel-Mode Drivers - Privilege Escalation via Crafted Application
The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability." a different vulnerability than CVE-2016-3266, CVE-2016-7185, and CVE-2016-7211.
CVSS 7.8
CVE-2016-0070 EXPLOITDB MEDIUM text WORKING POC
Microsoft Windows - Unauthorized Registry Information Disclosure via Kernel API
The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows local users to gain privileges via a crafted application that makes an API call to access sensitive information in the registry, aka "Windows Kernel Local Elevation of Privilege Vulnerability."
CVSS 5.5
CVE-2019-1364 EXPLOITDB HIGH text WORKING POC
Windows 7 and Windows Server 2008 - Elevation of Privilege in Win32k Kernel-Mode Driver
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1362.
CVSS 7.8
CVE-2016-7216 EXPLOITDB MEDIUM text WORKING POC
Microsoft Windows Vista/Server 2008/7 Privilege Escalation via Kernel API Mishandling
The kernel API in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 mishandles permissions, which allows local users to gain privileges via a crafted application, aka "Windows Kernel Elevation of Privilege Vulnerability."
CVSS 5.5
CVE-2019-1347 EXPLOITDB MEDIUM text WORKING POC
Windows 10, 8.1, RT 8.1, Server 2012, 2016, 2019 - Denial of Service via Memory Object Handling
A denial of service vulnerability exists when Windows improperly handles objects in memory, aka 'Windows Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-1343, CVE-2019-1346.
CVSS 6.5
CVE-2017-0103 EXPLOITDB HIGH text WRITEUP
Microsoft Windows Privilege Escalation via Registry Object Mishandling
The kernel API in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Windows Server 2012 mishandles registry objects in memory, which allows local users to gain privileges via a crafted application, aka "Windows Registry Elevation of Privilege Vulnerability."
CVSS 7.0