Google Security Research

1,215 exploits Active since May 2013
EIP-2026-118360 EXPLOITDB html WORKING POC
Cisco WebEx - 'nativeMessaging' Remote Command Execution
CVE-2019-5512 EXPLOITDB HIGH text WORKING POC
VMware Workstation <15.0.3-14.1.6 - Privilege Escalation
VMware Workstation (15.x before 15.0.3, 14.x before 14.1.6) running on Windows does not handle COM classes appropriately. Successful exploitation of this issue may allow hijacking of COM classes used by the VMX process, on a Windows host, leading to elevation of privilege.
CVSS 8.8
CVE-2019-2721 EXPLOITDB HIGH text WORKING POC
Oracle VM VirtualBox <6.0.6 - Privilege Escalation
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.28 and prior to 6.0.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H).
CVSS 8.8
CVE-2018-5511 EXPLOITDB HIGH text WORKING POC
F5 BIG-IP <13.1.0.3 - Privilege Escalation
On F5 BIG-IP 13.1.0-13.1.0.3 or 13.0.0, when authenticated administrative users execute commands in the Traffic Management User Interface (TMUI), also referred to as the BIG-IP Configuration utility, restrictions on allowed commands may not be enforced.
CVSS 7.2
CVE-2017-10204 EXPLOITDB HIGH text WORKING POC
Oracle VM VirtualBox < 5.1.24 - Authenticated Remote Code Execution
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.1.24. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H).
CVSS 8.8
CVE-2017-10129 EXPLOITDB HIGH text WORKING POC
Oracle VM VirtualBox < 5.1.24 - Authenticated Remote Code Execution
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.1.24. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H).
CVSS 8.8
EIP-2026-118291 EXPLOITDB text WORKING POC
Avast! AntiVirus - X.509 Error Rendering Command Execution
CVE-2017-7293 EXPLOITDB HIGH text WORKING POC
Dolby DAX2/DAX3 - Privilege Escalation
The Dolby DAX2 and DAX3 API services are vulnerable to a privilege escalation vulnerability that allows a normal user to get arbitrary system privileges, because these services have .NET code for DCOM. This affects Dolby Audio X2 (DAX2) 1.0, 1.0.1, 1.1, 1.1.1, 1.2, 1.3, 1.3.1, 1.3.2, 1.4, 1.4.1, 1.4.2, 1.4.3, and 1.4.4 and Dolby Audio X3 (DAX3) 1.0 and 1.1. An example affected driver is Realtek Audio Driver 6.0.1.7898 on a Lenovo P50.
CVSS 7.8
CVE-2016-8812 EXPLOITDB HIGH text WRITEUP
NVIDIA GeForce Experience <GFE 2.11.4.125-3.1.0.52 - Buffer Overflow
For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA GeForce Experience R340 before GFE 2.11.4.125 and R375 before GFE 3.1.0.52 contains a vulnerability in the kernel mode layer (nvstreamkms.sys) allowing a user to cause a stack buffer overflow with specially crafted executable paths, leading to a denial of service or escalation of privileges.
CVSS 8.8
CVE-2015-4481 EXPLOITDB text WORKING POC
Firefox < 40.0 - Race Condition via Hard Link to Log File
Race condition in the Mozilla Maintenance Service in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 on Windows allows local users to write to arbitrary files and consequently gain privileges via vectors involving a hard link to a log file during an update.
CVE-2016-7384 EXPLOITDB HIGH text WORKING POC
NVIDIA GPU Driver R340 < 342.00 & R375 < 375.63 - DoS or Privilege Escalation via UVMLiteController IOCTL
For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer (nvlddmkm.sys) where unchecked input/output lengths in UVMLiteController Device IO Control handling may lead to denial of service or potential escalation of privileges.
CVSS 7.8
CVE-2016-3388 EXPLOITDB MEDIUM c++ WORKING POC
Microsoft Internet Explorer 10-11 and Edge - Elevation of Privilege via Private Namespace Access
Microsoft Internet Explorer 10 and 11 and Microsoft Edge do not properly restrict access to private namespaces, which allows remote attackers to gain privileges via unspecified vectors, aka "Microsoft Browser Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-3387.
CVSS 5.3
CVE-2016-3371 EXPLOITDB MEDIUM WORKING POC
Microsoft Windows - Unauthorized Information Disclosure via Kernel API
The kernel API in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 does not properly enforce permissions, which allows local users to obtain sensitive information via a crafted application, aka "Windows Kernel Elevation of Privilege Vulnerability."
CVSS 5.5
EIP-2026-117559 EXPLOITDB text WORKING POC
Microsoft Windows 8.1 - Local WebDAV NTLM Reflection Privilege Escalation
CVE-2015-0004 EXPLOITDB text WRITEUP
Microsoft Windows - Privilege Escalation via User Profile Service Junction Attack
The User Profile Service (aka ProfSvc) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges by conducting a junction attack to load another user's UsrClass.dat registry hive, aka MSRC ID 20674 or "Microsoft User Profile Service Elevation of Privilege Vulnerability."
CVE-2015-2525 EXPLOITDB text WORKING POC
Microsoft Windows 10 - Access Control
Task Scheduler in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to bypass intended filesystem restrictions and delete arbitrary files via unspecified vectors, aka "Windows Task File Deletion Elevation of Privilege Vulnerability."
CVE-2015-7865 EXPLOITDB text WORKING POC
NVIDIA GPU <341.92, <354.35, <358.87 - Privilege Escalation
nvSCPAPISvr.exe in the Stereoscopic 3D Driver Service in the NVIDIA GPU graphics driver R340 before 341.92, R352 before 354.35, and R358 before 358.87 on Windows does not properly restrict access to the stereosvrpipe named pipe, which allows local users to gain privileges via a commandline in a number 2 command, which is stored in the HKEY_LOCAL_MACHINE explorer Run registry key, a different vulnerability than CVE-2011-4784.
CVE-2019-0732 EXPLOITDB HIGH text WORKING POC
Windows - Device Guard Bypass via LUAFV Driver Improper Call Handling
A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard when Windows improperly handles calls to the LUAFV driver (luafv.sys), aka 'Windows Security Feature Bypass Vulnerability'.
CVSS 7.8
CVE-2019-0796 EXPLOITDB MEDIUM text WRITEUP
Windows - Privilege Escalation via LUAFV Driver Improper Call Handling
An elevation of privilege vulnerability exists when Windows improperly handles calls to the LUAFV driver (luafv.sys), aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0730, CVE-2019-0731, CVE-2019-0805, CVE-2019-0836, CVE-2019-0841.
CVSS 5.5
CVE-2019-0836 EXPLOITDB HIGH text WORKING POC
Windows - Elevation of Privilege via LUAFV Driver Race Condition
An elevation of privilege vulnerability exists when Windows improperly handles calls to the LUAFV driver (luafv.sys), aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0730, CVE-2019-0731, CVE-2019-0796, CVE-2019-0805, CVE-2019-0841.
CVSS 7.8
CVE-2019-0731 EXPLOITDB HIGH text WRITEUP
Windows - Privilege Escalation via LUAFV Driver Handle Duplication
An elevation of privilege vulnerability exists when Windows improperly handles calls to the LUAFV driver (luafv.sys), aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0730, CVE-2019-0796, CVE-2019-0805, CVE-2019-0836, CVE-2019-0841.
CVSS 7.8
CVE-2016-7188 EXPLOITDB HIGH c++ WORKING POC
Windows 10 - Privilege Escalation via Standard Collector Service Library Loading
The Standard Collector Service in Windows Diagnostics Hub in Microsoft Windows 10 Gold, 1511, and 1607 mishandles library loading, which allows local users to gain privileges via a crafted application, aka "Windows Diagnostics Hub Elevation of Privilege Vulnerability."
CVSS 7.8
CVE-2016-3387 EXPLOITDB HIGH c++ WORKING POC
Microsoft Internet Explorer 10-11 and Edge - Elevation of Privilege via Private Namespace Access
Microsoft Internet Explorer 10 and 11 and Microsoft Edge do not properly restrict access to private namespaces, which allows remote attackers to gain privileges via unspecified vectors, aka "Microsoft Browser Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-3388.
CVSS 7.5
EIP-2026-117582 EXPLOITDB text WRITEUP
Microsoft Windows Text Services Framework MSCTF - Multiple Vulnerabilities
CVE-2019-0805 EXPLOITDB HIGH text WORKING POC
Windows - Elevation of Privilege via LUAFV Driver Calls
An elevation of privilege vulnerability exists when Windows improperly handles calls to the LUAFV driver (luafv.sys), aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0730, CVE-2019-0731, CVE-2019-0796, CVE-2019-0836, CVE-2019-0841.
CVSS 7.8