C++ Exploits
255 exploits tracked across all sources.
Microsoft Windows 11 version 22H3 - Windows DNS Client Remote Code Execution Vulnerability
Heap-based buffer overflow in Microsoft Windows DNS allows an unauthorized attacker to execute code over a network.
by TwoSevenOneT
6 stars
ThrottleStop.sys - Privilege Escalation
ThrottleStop.sys, a legitimate driver, exposes two IOCTL interfaces that allow arbitrary read and write access to physical memory via the MmMapIoSpace function. This insecure implementation can be exploited by a malicious user-mode application to patch the running Windows kernel and invoke arbitrary kernel functions with ring-0 privileges. The vulnerability enables local attackers to execute arbitrary code in kernel context, resulting in privilege escalation and potential follow-on attacks, such as disabling security software or bypassing kernel-level protections. ThrottleStop.sys version 3.0.0.0 and possibly others are affected. Apply updates per vendor instructions.
by mein-0
Microsoft Defender Elevation of Privilege Vulnerability
Improper link resolution before file access ('link following') in Microsoft Defender allows an authorized attacker to elevate privileges locally.
by 0xBlackash
Windows Internet Key Exchange (IKE) Service Extensions Remote Code Execution Vulnerability
Double free in Windows IKE Extension allows an unauthorized attacker to execute code over a network.
by EpSiLoNPoInTOrI
CVSS 9.8
crypto: algif_aead - Revert to operating out-of-place
In the Linux kernel, the following vulnerability has been resolved:
crypto: algif_aead - Revert to operating out-of-place
This mostly reverts commit 72548b093ee3 except for the copying of
the associated data.
There is no benefit in operating in-place in algif_aead since the
source and destination come from different mappings. Get rid of
all the complexity added for in-place operation and just copy the
AD directly.
by ChernStepanov
crypto: algif_aead - Revert to operating out-of-place
In the Linux kernel, the following vulnerability has been resolved:
crypto: algif_aead - Revert to operating out-of-place
This mostly reverts commit 72548b093ee3 except for the copying of
the associated data.
There is no benefit in operating in-place in algif_aead since the
source and destination come from different mappings. Get rid of
all the complexity added for in-place operation and just copy the
AD directly.
by cxwx
CVSS 7.8
Microsoft Defender Elevation of Privilege Vulnerability
Insufficient granularity of access control in Microsoft Defender allows an authorized attacker to elevate privileges locally.
by Joe1sn
CVSS 7.8
Oracle VM VirtualBox 7.1.14 and 7.2.4 - Unauthenticated Denial of Service
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.14 and 7.2.4. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. Note: This vulnerability applies to Windows VMs only. CVSS 3.1 Base Score 7.1 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H).
by MohaBars
CVSS 7.1
Lenovo Dispatcher <3.1 - Privilege Escalation
A potential insufficient access control vulnerability was reported in the Lenovo Dispatcher 3.0 and Dispatcher 3.1 drivers used by some Lenovo consumer notebooks that could allow an authenticated local user to execute code with elevated privileges. The Lenovo Dispatcher 3.2 driver is not affected. This vulnerability does not affect systems when the Windows feature Core Isolation Memory Integrity is enabled. Lenovo systems preloaded with Windows 11 have this feature enabled by default.
by vxqs
CVSS 7.0
React Server Components <19.2.0 - RCE
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1.1, and 19.2.0 including the following packages: react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. The vulnerable code unsafely deserializes payloads from HTTP requests to Server Function endpoints.
by Pocland-db
Jenkins cli Ampersand Replacement Arbitrary File Read
Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of its CLI command parser that replaces an '@' character followed by a file path in an argument with the file's contents, allowing unauthenticated attackers to read arbitrary files on the Jenkins controller file system.
by Pocland-db
Joomla! 4.0.0-4.2.7 - Unauthenticated Improper Access Control in Webservice Endpoints
An issue was discovered in Joomla! 4.0.0 through 4.2.7. An improper access check allows unauthorized access to webservice endpoints.
by Pocland-db
cxasm notepad-- 1.22 - Denial of Service in Directory Comparison Handler
A vulnerability, which was classified as problematic, was found in cxasm notepad-- 1.22. This affects an unknown part of the component Directory Comparison Handler. The manipulation leads to denial of service. The attack needs to be approached locally. The associated identifier of this vulnerability is VDB-221475.
by cxasm
Windows Error Reporting - Privilege Escalation
Improper handling of insufficient permissions or privileges in Windows Error Reporting allows an authorized attacker to elevate privileges locally.
by oxfemale
Lenovo Dispatcher <3.1 - Privilege Escalation
A potential insufficient access control vulnerability was reported in the Lenovo Dispatcher 3.0 and Dispatcher 3.1 drivers used by some Lenovo consumer notebooks that could allow an authenticated local user to execute code with elevated privileges. The Lenovo Dispatcher 3.2 driver is not affected. This vulnerability does not affect systems when the Windows feature Core Isolation Memory Integrity is enabled. Lenovo systems preloaded with Windows 11 have this feature enabled by default.
by symeonp
Microsoft Defender < - Privilege Escalation
Microsoft Defender Security Feature Bypass Vulnerability
by ig-labs
TeamViewer <15.58.4 - Privilege Escalation
Improper verification of cryptographic signature during installation of a Printer driver via the TeamViewer_service.exe component of TeamViewer Remote Clients prior version 15.58.4 for Windows allows an attacker with local unprivileged access on a Windows system to elevate their privileges and install drivers.
by PeterGabaldon
Windows Win32k - Privilege Escalation
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'.
by piotrflorczyk
CVSS 7.8
Windows Server 2012, 2016, 2019 - Unauthenticated Remote Code Execution via RD Gateway
A remote code execution vulnerability exists in Windows Remote Desktop Gateway (RD Gateway) when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Windows Remote Desktop Gateway (RD Gateway) Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0609.
by ollypwn
CVSS 9.8
Windows Server 2012, 2016, 2019 - Unauthenticated Remote Code Execution via RD Gateway
A remote code execution vulnerability exists in Windows Remote Desktop Gateway (RD Gateway) when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Windows Remote Desktop Gateway (RD Gateway) Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0609.
by ollypwn
CVSS 9.8
Microsoft Windows 10 1507 - Improper Privilege Management
An elevation of privilege vulnerability exists in the way that ws2ifsl.sys (Winsock) handles objects in memory, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1253, CVE-2019-1278, CVE-2019-1303.
by bluefrostsec
CVSS 7.8
MikroTik RouterOS < 6.44.5 and < 6.45.6 - Unauthenticated DNS Cache Poisoning via Port 8291
RouterOS versions 6.45.6 Stable, 6.44.5 Long-term, and below allow remote unauthenticated attackers to trigger DNS queries via port 8291. The queries are sent from the router to a server of the attacker's choice. The DNS responses are cached by the router, potentially resulting in cache poisoning
by Jacob Baines
CVSS 7.5
WhatsApp < 2.19.244 - Remote Code Execution via GIF Image Parsing
A double free vulnerability in the DDGifSlurp function in decoding.c in the android-gif-drawable library before version 1.2.18, as used in WhatsApp for Android before version 2.19.244 and many other Android applications, allows remote attackers to execute arbitrary code or cause a denial of service when the library is used to parse a specially crafted GIF image.
by Valerio Brussani
CVSS 8.8
By Source