All Breakdowns

#1DAY#NET-SNMP#BUFFER-OVERFLOW

CVE-2025-68615 - Net-SNMP Buffer Overflow Vulnerability via Type Confusion

CVE-2025-68615 is a buffer overflow vulnerability in the Net-SNMP library. The flaw resides in the conditional check of the `snmp_input` function during the parsing of the incoming trap message. Lack of bound check on the length of the `snmpTrapOID` variable binding allows an attacker to cause a buffer overflow by providing a malformed OID in the PDU message.

5 min read
#1DAY#AFD.SYS#WINDOWS#KERNEL

CVE-2025-60719 - Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Race condition use-after-free vulnerability in Windows AFD driver (`afd.sys`) allowing local privilege escalation to SYSTEM. Occurs when one thread queries socket information (`AFD_MAX_PATH_SEND_SIZE`) while another thread simultaneously unbinds the socket, causing the first thread to dereference freed kernel memory.

3 min read
#1DAY#CLFS.SYS#WINDOWS#KERNEL

CVE-2025-60709 - Windows Common Log File System Driver Elevation of Privilege Vulnerability

A vulnerability in the Windows Common Log File System (CLFS) driver allows out-of-bounds memory reads due to insufficient bounds checking in ClfsGetFirstRecord(). The function validates that attacker-controlled record offsets don't exceed `buffer_size + 40` instead of `buffer_size`, enabling reads of up to 40 bytes beyond allocated buffers, potentially leaking sensitive kernel memory for information disclosure or exploit chain development.

3 min read
#1DAY#CLDFLT.SYS#WINDOWS#KERNEL

CVE-2025-55680 - Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability

A vulnerability in Windows Cloud Files Mini Filter Driver arises from mapping user-controlled buffers into kernel space and relying on them for both path validation and file creation. By racing a single-byte change in the shared buffer between these steps, an attacker can bypass validation and create arbitrary files in System32 via a junction, enabling SYSTEM-level privilege escalation through DLL hijacking.

9 min read
#1DAY#APPID.SYS#WINDOWS#KERNEL#LEAK

CVE-2024-38041 - Windows AppLocker Exposure of Sensitive Information to an Unauthorized Actor

CVE-2024-38041 is an information leak vulnerability in the Windows AppID driver (appid.sys). The flaw lies in the handler for IOCTL code 0x22A014, which lacks proper validation of the caller's access mode. Specifically, the AipDeviceIoControlDispatch function does not verify that the request originates from kernel mode. As a result, a user-mode process running as LOCAL SERVICE can trigger this IOCTL to leak kernel pointers via a shared SystemBuffer. By impersonating the LOCAL SERVICE account and invoking the vulnerable IOCTL, an attacker can leak kernel addresses, bypassing KASLR and paving the way for further kernel exploitation.

3 min read
#1DAY#APPID.SYS#WINDOWS#KERNEL#PRIVESC

CVE-2024-21338 - Windows AppLocker Kernel Elevation of Privilege Vulnerability

CVE-2024-21338 is a privilege escalation vulnerability in the Windows AppLocker driver (appid.sys). The flaw resides in the AipSmartHashImageFile function, reachable via IOCTL 0x22A018, which allows user-mode input to control code execution. Specifically, the function dereferences two user-provided pointers from a shared SystemBuffer without verifying their validity or origin. One of these pointers is treated as a function pointer and is called directly from kernel mode.

5 min read
#1DAY#VKRNLINTVSP.SYS#WINDOWS#KERNEL#HEAP

CVE-2025-21333 - Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerabilities

A vulnerability in the Windows Hyper-V NT Kernel Integration VSP driver exists due to a vulnerable function, VkiRootAdjustSecurityDescriptorForVmwp(), which can be invoked from user mode. This leads to a heap-based buffer overflow, ultimately resulting in privilege escalation.

4 min read
#1DAY#KS.SYS#WINDOWS#KERNEL#HEAP

CVE-2024-30084 - Windows Kernel Streaming Driver Elevation of Privilege Vulnerability

CVE-2024-30084 is a privilege escalation vulnerability in the Microsoft Kernel Streaming driver (ks.sys) caused by a race condition in how user-supplied data is handled.

6 min read
#1DAY#KS.SYS#WINDOWS#KERNEL#HEAP

CVE-2024-35250 - Windows Kernel Streaming Driver Elevation of Privilege Vulnerability

CVE-2024-35250 is a logic flaw in the Windows kernel's streaming (KS.sys) IOCTL_KS_PROPERTY handler: its UnserializePropertySet path copies a user-provided request and re-issues the IOCTL in kernel mode.

10 min read