James Forshaw (Project Zero)

8 exploits Active since Sep 2016
CVE-2017-0213 NOMISEC HIGH WRITEUP
Microsoft Windows - Privilege Escalation
Windows COM Aggregate Marshaler in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation privilege vulnerability when an attacker runs a specially crafted application, aka "Windows COM Elevation of Privilege Vulnerability". This CVE ID is unique from CVE-2017-0214.
58 stars
CVSS 7.3
CVE-2017-0160 EXPLOITDB HIGH text WORKING POC
.NET Framework 2.0, 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7 - Remote Code Execution
Microsoft .NET Framework 2.0, 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allows an attacker with access to the local system to execute malicious code, aka ".NET Remote Code Execution Vulnerability."
CVSS 7.8
CVE-2016-0079 EXPLOITDB MEDIUM WORKING POC
Windows 10 Gold, 1511, and 1607 - Local Privilege Escalation via Registry API Call
The kernel in Microsoft Windows 10 Gold, 1511, and 1607 allows local users to gain privileges via a crafted application that makes an API call to access sensitive information in the registry, aka "Windows Kernel Local Elevation of Privilege Vulnerability."
CVSS 5.0
CVE-2016-3373 EXPLOITDB MEDIUM WORKING POC
Microsoft Windows - Unauthenticated Information Disclosure via Registry Access Control
The kernel API in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 does not properly implement registry access control, which allows local users to obtain sensitive account information via a crafted application, aka "Windows Kernel Elevation of Privilege Vulnerability."
CVSS 5.5
CVE-2017-0213 EXPLOITDB HIGH c++ WRITEUP
Microsoft Windows - Privilege Escalation
Windows COM Aggregate Marshaler in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation privilege vulnerability when an attacker runs a specially crafted application, aka "Windows COM Elevation of Privilege Vulnerability". This CVE ID is unique from CVE-2017-0214.
CVSS 7.3
CVE-2016-7188 EXPLOITDB HIGH c++ WORKING POC
Windows 10 - Privilege Escalation via Standard Collector Service Library Loading
The Standard Collector Service in Windows Diagnostics Hub in Microsoft Windows 10 Gold, 1511, and 1607 mishandles library loading, which allows local users to gain privileges via a crafted application, aka "Windows Diagnostics Hub Elevation of Privilege Vulnerability."
CVSS 7.8
CVE-2016-3371 EXPLOITDB MEDIUM WORKING POC
Microsoft Windows - Unauthorized Information Disclosure via Kernel API
The kernel API in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 does not properly enforce permissions, which allows local users to obtain sensitive information via a crafted application, aka "Windows Kernel Elevation of Privilege Vulnerability."
CVSS 5.5
CVE-2016-7185 EXPLOITDB HIGH WORKING POC
Microsoft Windows - Local Privilege Escalation via Win32k Kernel-Mode Driver
The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability." a different vulnerability than CVE-2016-3266, CVE-2016-3376, and CVE-2016-7211.
CVSS 7.8