COOEY // HUBcompliance · community · intelligence

FAIL › dossier

Win32k product

25
failure events
0
zero-days
1
RCEs
25
on KEV
7
critical
95
worst shame

Dossier not yet built — the RAG curator builds one for players with ≥2 failure events (factory/dossier.py). The failure history and sentiment below are live.

Failure history 25 events

DateEventSevFlagsShameSummary
2022-03-03 CVE-2015-1701 critical ⚡RCE ⌖KEV 95 An unspecified vulnerability exists in the Win32k.sys kernel-mode driver in Microsoft Windows Server that allows a local attacker to execute arbitrary code with elevated privileges.
2022-03-15 CVE-2018-8120 critical ⌖KEV 80 A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory.
2022-03-15 CVE-2015-2546 critical ⌖KEV 80 The kernel-mode driver in Microsoft Windows OS and Server allows local users to gain privileges via a crafted application.
2022-01-21 CVE-2018-8453 critical ⌖KEV 80 Microsoft Windows Win32k contains a vulnerability that allows an attacker to escalate privileges.
2022-01-10 CVE-2019-1458 critical ⌖KEV 80 A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k EoP.
2021-11-03 CVE-2016-0167 critical ⌖KEV 80 Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation via a crafted application
2021-11-03 CVE-2021-1732 critical ⌖KEV 80 Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation.
2023-06-22 CVE-2016-0165 high ⌖KEV 50 Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation.
2023-05-09 CVE-2023-29336 high ⌖KEV 50 Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation up to SYSTEM privileges.
2022-05-25 CVE-2015-2360 high ⌖KEV 50 Win32k.sys in the kernel-mode drivers in Microsoft Windows allows local users to gain privileges or cause denial-of-service (DoS).
2022-05-23 CVE-2018-8589 high ⌖KEV 50 A privilege escalation vulnerability exists when Windows improperly handles calls to Win32k.sys. An attacker who successfully exploited this vulnerability could run remote code in the security context of the local system.
2022-05-04 CVE-2014-4113 high ⌖KEV 50 Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation.
2022-04-25 CVE-2021-41357 high ⌖KEV 50 Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation.
2022-04-25 CVE-2021-40450 high ⌖KEV 50 Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation.
2022-03-28 CVE-2013-3660 high ⌖KEV 50 The EPATHOBJ::pprFlattenRec function in win32k.sys in the kernel-mode drivers in Microsoft does not properly initialize a pointer for the next object in a certain list, which allows local users to gain privileges.
2022-03-15 CVE-2019-1132 high ⌖KEV 50 A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory.
2022-02-10 CVE-2017-0263 high ⌖KEV 50 Microsoft Win32k contains a privilege escalation vulnerability due to the Windows kernel-mode driver failing to properly handle objects in memory.
2022-02-04 CVE-2022-21882 high ⌖KEV 50 Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation.
2021-11-03 CVE-2019-0803 high ⌖KEV 50 Microsoft Win32k contains an unspecified vulnerability due to it failing to properly handle objects in memory causing privilege escalation. Successful exploitation allows an attacker to run code in kernel mode.
2021-11-03 CVE-2021-28310 high ⌖KEV 50 Microsoft Windows Win32k contains an unspecified vulnerability that allows for privilege escalation.
2021-11-03 CVE-2019-0797 high ⌖KEV 50 Microsoft Win32k contains a privilege escalation vulnerability when the Win32k component fails to properly handle objects in memory. Successful exploitation allows an attacker to execute code in kernel mode.
2021-11-03 CVE-2019-0859 high ⌖KEV 50 Microsoft Win32k fails to properly handle objects in memory causing privilege escalation. Successful exploitation allows an attacker to run code in kernel mode.
2021-11-03 CVE-2020-1054 high ⌖KEV 50 Microsoft Win32k contains a privilege escalation vulnerability when the Windows kernel-mode driver fails to properly handle objects in memory. Successful exploitation allows an attacker to execute code in kernel mode.
2021-11-03 CVE-2016-7255 high ⌖KEV 50 Microsoft Win32k kernel-mode driver fails to properly handle objects in memory which allows for privilege escalation. Successful exploitation allows an attacker to run code in kernel mode.
2021-11-03 CVE-2019-0808 high ⌖KEV 50 Microsoft Win32k contains a privilege escalation vulnerability due to the component failing to properly handle objects in memory. Successful exploitation allows an attacker to run code in kernel mode.