ze0r

11 exploits Active since Oct 2018
CVE-2018-8639 NOMISEC HIGH WORKING POC
Windows - Elevation of Privilege via Win32k Memory Handling
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8641.
127 stars
CVSS 7.8
CVE-2018-8453 NOMISEC HIGH WORKING POC
Windows - Elevation of Privilege in Win32k Component
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.
122 stars
CVSS 7.8
CVE-2019-0808 NOMISEC HIGH WORKING POC
Windows 7 and Windows Server 2008 - Local Privilege Escalation in Win32k Component
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0797.
48 stars
CVSS 7.8
CVE-2023-20872 NOMISEC HIGH WORKING POC
VMware Fusion and Workstation - Out-of-bounds Write in SCSI CD/DVD Device Emulation
VMware Workstation and Fusion contain an out-of-bounds read/write vulnerability in SCSI CD/DVD device emulation.
25 stars
CVSS 8.8
CVE-2019-1422 NOMISEC HIGH NO CODE
Windows - Elevation of Privilege via iphlpsvc.dll File Creation
An elevation of privilege vulnerability exists in the way that the iphlpsvc.dll handles file creation allowing for a file overwrite, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1420, CVE-2019-1423.
14 stars
CVSS 7.8
CVE-2019-0708 NOMISEC CRITICAL STUB
CVE-2019-0708 BlueKeep RDP Remote Windows Kernel Use After Free
A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'.
12 stars
CVSS 9.8
CVE-2018-8639 PATCHAPALOOZA HIGH WORKING POC
Windows - Elevation of Privilege via Win32k Memory Handling
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8641.
CVSS 7.8
CVE-2018-8453 METASPLOIT HIGH ruby WORKING POC
Windows - Elevation of Privilege in Win32k Component
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.
CVSS 7.8
CVE-2018-8453 EXPLOITDB HIGH ruby WORKING POC
Windows - Elevation of Privilege in Win32k Component
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.
CVSS 7.8
EIP-2026-116186 EXPLOITDB c WORKING POC
Rising - 'RSNTGDI.sys' Local Denial of Service
CVE-2019-0808 EXPLOITDB HIGH text WORKING POC
Windows 7 and Windows Server 2008 - Local Privilege Escalation in Win32k Component
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0797.
CVSS 7.8