実際の悪用を確認
CVE-2016-0165 Microsoft Win32k Privilege Escalation
- 実環境での悪用(CISA KEV)
- CISA KEV に掲載
- 管理者/root への権限昇格の可能性
Microsoft Win32k Privilege Escalation は CISA KEV に掲載 — 実環境での悪用が確認されています。掲載中は継続的な標的化が想定されます。
日次の脆弱性動向:KEV 追加、公開 exploit、重大開示、EPSS リスクの変化。
最優先の 3 件の変化 — アナリストによる短評。CVE ダンプではありません。
実際の悪用を確認
Microsoft Win32k Privilege Escalation は CISA KEV に掲載 — 実環境での悪用が確認されています。掲載中は継続的な標的化が想定されます。
悪用活動を確認
公開エクスプロイトまたは PoC が関連 — 開示のみの CVE より悪用のハードルが低いです。
重大な露出リスク
新たな重大 Tp-link Tl-wr940n Firmware Buffer Overflow(CVSS 9.9)— 公開直後のウィンドウ。成熟した悪用チェーンの前にインターネットスキャンが先行しがちです。
CISA KEV — 実環境での悪用が確認
Vmware Aria Operations for Networks Command Injection
Roundcube Webmail SQL Injection
Roundcube Webmail Cross-Site Scripting (XSS)
Roundcube Webmail Remote Code Execution
Mozilla Firefox, Firefox ESR, and Thunderbird Use-After-Free
Microsoft Win32k Privilege Escalation
An issue was discovered in Smart Office Web 20.28 and earlier allows attackers to download sensitive information via the action name para...
An issue was discovered in Smart Office Web 20.28 and earlier allows attackers to view sensitive information via DisplayParallelLogData.a...
本ダイジェストではこのカテゴリに該当なし。
Advantech R-SeeNet versions 2.4.22 is installed with a hidden root-level user that is not available in the users list.
An incorrect access control issue was discovered in Interlink PSG-5124 version 1.0.4, allows attackers to execute arbitrary code via craf...
Fortra Globalscape EFT versions before 8.1.0.16 suffer from an out of bounds memory read in their administration server, which can allow...
Grafana is validating Azure AD accounts based on the email claim.
Dynamic Linq 1.0.7.10 through 1.2.25 before 1.3.0 allows attackers to execute arbitrary code and commands when untrusted input to methods...
pam_krb5 authenticates a user by essentially running kinit with the password, getting a ticket-granting ticket (tgt) from the Kerberos KD...
Jeesite before commit 10742d3 was discovered to contain a SQL injection vulnerability via the component ${businessTable} at /act/ActDao.xml.
Onlyoffice Community Server before v12.5.2 was discovered to contain a remote code execution (RCE) vulnerability via the component Upload...
funadmin v3.3.2 and v3.3.3 are vulnerable to Insecure file upload via the plugins install.
TP-Link TL-WR940N V4 was discovered to contain a buffer overflow via the ipStart parameter at /userRpm/WanDynamicIpV6CfgRpm.