On Microsoft Windows, the LUAFV driver reuses the file’s create request DesiredAccess parameter, which can include MAXIMUM_ACCESS, when virtualizing a file resulting in elevation of privilege.
On Microsoft Windows, the LUAFV driver doesn’t take into account a virtualized handle being duplicated to a more privileged process resulting in elevation of privilege.
On Microsoft Windows, the LUAFV driver bypasses security checks to copy short names during file virtualization which can be tricked into writing an arbitrary short name leading to elevation of…
On Microsoft Windows, the NtSetCachedSigningLevel system call can be tricked by the operation of LUAFV to apply a cached signature to an arbitrary file leading to a bypass of code…
On Microsoft Windows, the LUAFV driver can confuse the cache and memory manager to replace the contents of privileged file leading to elevation of privilege.
On Microsoft Windows, the LUAFV driver has a race condition in the LuafvPostReadWrite callback if delay virtualization has occurred during a read leading to the SECTION_OBJECT_POINTERS value being reset to…
2 Plan Team version 1.0.4 suffers from a cross site scripting vulnerability.
WordPress Download Manager plugin version 2.9.93 suffers from a cross site scripting vulnerability.
ASUS HG100 suffers from a denial of service vulnerability.
DHCP Server version 2.5.2 suffers from a denial of service vulnerability.