The Microsoft Windows kernel suffers from a 64-bit pool memory disclosure vulnerability in win32k!PROXYPORT::SendRequest.
119acd7871890c34ae09087667cd36aa8bd6b2ce66a1ff14d13a2a5a53437781The Microsoft Windows kernel suffers from a 64-bit pool memory disclosure vulnerability via REG_RESOURCE_REQUIREMENTS_LIST registry values.
1550cc46fe7a3f57880f07c2504a93b23de2428f61b09def06cbb61cf5b64e8aThe Microsoft Windows kernel suffers from a 64-bit pool memory disclosure vulnerability via REG_RESOURCE_LIST registry values (videoprt.sys descriptors).
69b444dc190f17c0fe398e83b60a8120337dbed1b5a38f5316df706a0d50461dThe Microsoft Windows kernel suffers from a 64-bit pool memory disclosure vulnerability via REG_RESOURCE_LIST registry values (CmResourceTypeDevicePrivate entries).
2f32ed721390c6207af8dde961475d5f6dd8d7e5007722aeec53608034508481The Microsoft Windows kernel suffers from a stack memory disclosure vulnerability in nt!KiDispatchException.
3508f1ab03eafadda6666b45fe4e78b03c008fb28fd328748b2730d2681b11e5The Microsoft Windows kernel suffers from a stack memory disclosure vulnerability in msrpc!LRPC_CASSOCIATION::AlpcSendCancelMessage.
e15e5df1c47b5a1461e7294316b51f3a24c220e91c4dcbe7cd69ab6642ddcd19The Microsoft Windows kernel suffers from a 64-bit stack memory disclosure vulnerability in NtQueryInformationThread(ThreadBasicInformation).
2c54704b6392044c91905395b077ff12a66991f3ecdad28a2cd4cfc297d6ed93The Microsoft Window kernel suffers from a 64-bit pool memory disclosure vulnerability in NtQueryVirtualMemory(MemoryMappedFilenameInformation).
91bb1fe9d340829a19346fa19e5989ef6a06aec3e99365e37e32fada68de945bThe 64-bit Windows kernel suffers from a stack memory disclosure vulnerability in win32k!fnHkINLPMSLLHOOKSTRUCT (via user-mode callback).
39ed1a553dc5ba7854bda24d96724a606df94f6824a594b2c558d95999b97f8bThe 64-bit Windows kernel suffers from a stack memory disclosure vulnerability in win32k!SfnINLPHELPINFOSTRUCT (via user-mode callback).
9db2b6a2f72313734343e3ae0ca5ed65c710e29ce3e096990cacc40fef35204eThe 64-bit Windows kernel suffers from a stack memory disclosure vulnerability in win32k!fnHkINLPMOUSEHOOKSTRUCTEX (via user-mode callback).
9dc16fe0d908112819abe13e59b6af859aefcf4bc80c0dab0b2d415048277088The 64-bit Windows kernel suffers from a pool memory disclosure vulnerability in win32k!SfnINOUTLPWINDOWPOS (via user-mode callback).
1eed7b00222e29c978acb68fc8864908886b54f016ea6b4c09c3f1a9b30a0409The Windows Kernel suffers from double fetches in win32kfull!xxxImeWindowPosChanged and win32kfull!InternalRebuildHwndListForIMEClass.
04bd702a96710210ed2281a1b45d1698d4d195df575dc55bd9e354d475aaef45The Windows kernel suffers from a nt!RtlpCopyLegacyContextX86 stack memory disclosure vulnerability.
199235f1e50c783934bc089610c17d71c6e7359a26462fdd0048024c134ddbaeThe Microsoft Windows OpenType ATMFD.DLL kernel-mode font driver has an undocumented "escape" interface, handled by the standard DrvEscape and DrvFontManagement functions implemented by the module. The interface is very similar to Buffered IOCTL in nature, and handles 13 different operation codes in the numerical range of 0x2502 to 0x2514. It is accessible to user-mode applications through an exported (but not documented) gdi32!NamedEscape function, which internally invokes the NtGdiExtEscape syscall.
bb274850f13f39d2cc7b83f33319ed2f50d1c874d081fd6fe6774c05fbaf68fbThe Microsoft Windows OpenType ATMFD.DLL kernel-mode driver lacks any sort of sanitization of various 32-bit offsets found in .MMM files (Multiple Master Metrics), and instead uses them blindly while loading Type 1 Multiple-Master fonts in the system.
b8102ba5cbc41970fedaf8cb7c662e036805d3aff1751f055103ddb03a105367The Microsoft Windows kernel suffers from a stack memory disclosure from nt!RawMountVolume via nt!PiUEventHandleGetEvent (\Device\DeviceApi\CMNotify device).
4245759a610e4875033a8cfc4ff41296198e721a838158cc5a4f29dd1838640cThe Microsoft Windows kernel pool suffers from a memory disclosure in nt!NtQuerySystemInformation (information class 138, QueryMemoryTopologyInformation).
e572e268023cabc683d71d1229389e3c95052ecd8ab0d445337f24230815954aThe Microsoft Windows kernel suffers from a stack memory disclosure in nt!NtQueryInformationProcess (information class 76, QueryProcessEnergyValues).
bfd46a1d8d67416403423e1b59913b8c6cd67fe31a752a390b97a6aac06a5bebIt was discovered that it is possible to disclose addresses of kernel-mode Paged Pool allocations via a race-condition in the implementation of the NtQueryVirtualMemory system call (information class 2, MemoryMappedFilenameInformation). The vulnerability affects Windows 7 to 10, 32-bit and 64-bit.
d98ff684017e5e946a7321065ff44ae71f7be8af943150e911e3bcb6d1916735On Windows 10 32-bit version 1709, a kernel stack memory disclosure was discovered in win32kfull!GreUpdateSpriteInternal.
311cb2fdcf45820b4bf355d49b361e30e088454da5c387727d873126a4419ea2The win32k!NtQueryCompositionInputQueueAndTransform system call may disclose portions of uninitialized kernel stack memory to user-mode clients on Windows 10.
2767071039e2aa61b519b9c307d3d818e894164055448140c5338e42bea14511There is a Microsoft Windows kernel stack memory disclosure vulnerability in win32k!xxxSendMenuSelect via fnHkINLPMSG user-mode callback.
29ecb93fa8a796617a90f59536bcfb9ac394c28a5e7d91ca72284eb636894416It was discovered that the nt!NtQueryDirectoryFile system call discloses portions of uninitialized pool memory to user-mode clients on Windows 10, due to uninitialized fields in the output structure being copied to the application.
26b521138b8cf592b692e063a57e00a17c82cb345e491baf906a7173cc27e0ceThe Microsoft Windows Kernel suffers from multiple stack and pool memory disclosures into NTFS file system metadata.
9bb7494ef313febec2f8ee393749b8c35f9776237506d2a47110240296b5f9a0
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed