Google Security Research

1,215 exploits Active since May 2013
CVE-2016-3373 EXPLOITDB MEDIUM WORKING POC
Microsoft Windows 10 - Access Control
The kernel API in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 does not properly implement registry access control, which allows local users to obtain sensitive account information via a crafted application, aka "Windows Kernel Elevation of Privilege Vulnerability."
CVSS 5.5
CVE-2017-0213 EXPLOITDB HIGH c++ WRITEUP
Microsoft Windows - Privilege Escalation
Windows COM Aggregate Marshaler in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation privilege vulnerability when an attacker runs a specially crafted application, aka "Windows COM Elevation of Privilege Vulnerability". This CVE ID is unique from CVE-2017-0214.
CVSS 7.3
CVE-2017-0100 EXPLOITDB HIGH WORKING POC
Microsoft Windows 10 - Authentication Bypass
A DCOM object in Helppane.exe in Microsoft Windows 7 SP1; Windows Server 2008 R2; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows local users to gain privileges via a crafted application, aka "Windows HelpPane Elevation of Privilege Vulnerability."
CVSS 7.8
CVE-2019-0805 EXPLOITDB HIGH text WORKING POC
Windows - Privilege Escalation
An elevation of privilege vulnerability exists when Windows improperly handles calls to the LUAFV driver (luafv.sys), aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0730, CVE-2019-0731, CVE-2019-0796, CVE-2019-0836, CVE-2019-0841.
CVSS 7.8
CVE-2018-0821 EXPLOITDB HIGH text WORKING POC
Microsoft Windows 10 - Improper Privilege Management
AppContainer in Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the way constrained impersonations are handled, aka "Windows AppContainer Elevation Of Privilege Vulnerability".
CVSS 7.0
CVE-2016-0007 EXPLOITDB HIGH text WORKING POC
Microsoft Windows 10 - Access Control
The sandbox implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandles reparse points, which allows local users to gain privileges via a crafted application, aka "Windows Mount Point Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0006.
CVSS 7.8
CVE-2017-11830 EXPLOITDB MEDIUM text WRITEUP
Windows - Privilege Escalation
Device Guard in Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016, and Windows Server, version 1709 allows an attacker to make an unsigned file appear to be signed, due to a security feature bypass, aka "Device Guard Security Feature Bypass Vulnerability".
CVSS 5.3
CVE-2018-6757 EXPLOITDB HIGH text WRITEUP
Mcafee True Key < 5.1.230.7 - Privilege Escalation
Privilege Escalation vulnerability in Microsoft Windows client in McAfee True Key (TK) 5.1.230.7 and earlier allows local users to execute arbitrary code via specially crafted malware.
CVSS 7.5
EIP-2026-117503 EXPLOITDB text WRITEUP
Microsoft MsMpEng - Multiple Problems Handling ntdll!NtControlChannel Commands
CVE-2015-2524 EXPLOITDB text WRITEUP
Microsoft Windows 10 - Access Control
Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 do not properly constrain impersonation levels, which allows local users to gain privileges via a crafted application, aka "Windows Task Management Elevation of Privilege Vulnerability," a different vulnerability than CVE-2015-2528.
CVE-2015-2528 EXPLOITDB text WORKING POC
Microsoft Windows 10 - Access Control
Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 do not properly constrain impersonation levels, which allows local users to gain privileges via a crafted application, aka "Windows Task Management Elevation of Privilege Vulnerability," a different vulnerability than CVE-2015-2524.
CVE-2018-0882 EXPLOITDB HIGH text WORKING POC
Windows Desktop Bridge - Privilege Escalation
The Desktop Bridge in Windows 10 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to how the virtual registry is managed, aka "Windows Desktop Bridge Elevation of Privilege Vulnerability". This CVE is unique from CVE-2018-0880.
CVSS 7.0
CVE-2016-0075 EXPLOITDB MEDIUM WORKING POC
Microsoft Windows 10 - Information Disclosure
The kernel in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows local users to gain privileges via a crafted application that makes an API call to access sensitive information in the registry, aka "Windows Kernel Local Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0073.
CVSS 5.5
CVE-2016-7185 EXPLOITDB HIGH WORKING POC
Microsoft Windows 10 - Access Control
The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability." a different vulnerability than CVE-2016-3266, CVE-2016-3376, and CVE-2016-7211.
CVSS 7.8
CVE-2018-8584 EXPLOITDB HIGH text WORKING POC
Windows - Privilege Escalation
An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC), aka "Windows ALPC Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows Server 2019, Windows 10 Servers.
CVSS 7.8
EIP-2026-117533 EXPLOITDB text WORKING POC
Microsoft Windows - Local XPS Print Spooler Sandbox Escape
CVE-2018-0823 EXPLOITDB HIGH text WRITEUP
Windows 10 <1709 - Privilege Escalation
The Named Pipe File System in Windows 10 version 1709 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the way the Named Pipe File System handles objects, aka "Named Pipe File System Elevation of Privilege Vulnerability".
CVSS 7.0
CVE-2016-0007 EXPLOITDB HIGH text WRITEUP
Microsoft Windows 10 - Access Control
The sandbox implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandles reparse points, which allows local users to gain privileges via a crafted application, aka "Windows Mount Point Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0006.
CVSS 7.8
CVE-2018-0826 EXPLOITDB HIGH text WORKING POC
Windows Storage Services - Privilege Escalation
Windows Storage Services in Windows 10 versions 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the way objects are handled in memory, aka "Windows Storage Services Elevation of Privilege Vulnerability".
CVSS 7.0
CVE-2016-7226 EXPLOITDB MEDIUM WORKING POC
Microsoft Windows 10 - Improper Access Control
Virtual Hard Disk Driver in Windows 10 Gold, 1511, and 1607 and Windows Server 2016 does not properly restrict access to files, which allows local users to gain privileges via a crafted application, aka "VHD Driver Elevation of Privilege Vulnerability."
CVSS 6.1
CVE-2016-7224 EXPLOITDB MEDIUM WORKING POC
Microsoft Windows 10 - Improper Access Control
Virtual Hard Disk Driver in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 does not properly restrict access to files, which allows local users to gain privileges via a crafted application, aka "VHD Driver Elevation of Privilege Vulnerability."
CVSS 6.1
CVE-2017-0165 EXPLOITDB HIGH WORKING POC
Microsoft Windows - Privilege Escalation
An elevation of privilege vulnerability exists when Microsoft Windows running on Windows 10, Windows 10 1511, Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 fails to properly sanitize handles in memory, aka "Windows Elevation of Privilege Vulnerability."
CVSS 7.8
CVE-2019-0566 EXPLOITDB HIGH text WORKING POC
Microsoft Edge - Privilege Escalation
An elevation of privilege vulnerability exists in Microsoft Edge Browser Broker COM object, aka "Microsoft Edge Elevation of Privilege Vulnerability." This affects Microsoft Edge.
CVSS 8.8
EIP-2026-117373 EXPLOITDB c WORKING POC
Kaspersky 17.0.0 - Local CA Root Incorrectly Protected
CVE-2015-6305 EXPLOITDB text WORKING POC
Cisco Anyconnect Secure Mobility Client - Untrusted Search Path
Untrusted search path vulnerability in the CMainThread::launchDownloader function in vpndownloader.exe in Cisco AnyConnect Secure Mobility Client 2.0 through 4.1 on Windows allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by dbghelp.dll, aka Bug ID CSCuv01279. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-4211.