back to home

SecWiki / windows-kernel-exploits

windows-kernel-exploits Windows平台提权漏洞集合

8,617 stars
2,865 forks
10 issues
CPythonC++
Chat with CodebaseArchitecture ScanSecurity AuditExplain Codebase

AI Architecture Analysis

This repository is indexed by RepoMind. By analyzing SecWiki/windows-kernel-exploits in our AI interface, you can instantly generate complete architecture diagrams, visualize control flows, and perform automated security audits across the entire codebase.

Our Agentic Context Augmented Generation (Agentic CAG) engine loads full source files into context on-demand, avoiding the fragmentation of traditional RAG systems. Ask questions about the architecture, dependencies, or specific features to see it in action.

Source files are only loaded when you start an analysis to optimize performance.
Click here to launch the interactive analysis workspace

Embed this Badge

Showcase RepoMind's analysis directly in your repository's README.

[![Analyzed by RepoMind](https://img.shields.io/badge/Analyzed%20by-RepoMind-4F46E5?style=for-the-badge)](https://repomind.in/repo/SecWiki/windows-kernel-exploits)
Preview:Analyzed by RepoMind

Repository Overview (README excerpt)

Crawler view

windows-kernel-exploits 简介 windows-kernel-exploits *** 漏洞列表 #Security Bulletin   #KB     #Description    #Operating System   • CVE-2021-33739 [Microsoft DWM Core Library Elevation of Privilege Vulnerability] (Windows 10, 20) • CVE-2021-1732 [Windows Win32k Elevation of Privilege Vulnerability] (Windows 10, 2019/20H2) • CVE-2020-0787 [Windows Background Intelligent Transfer Service Elevation of Privilege Vulnerability] (Windows 7/8/10, 2008/2012/2016/2019) • CVE-2020-0796 [A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests, aka 'Windows SMBv3 Client/Server Remote Code Execution Vulnerability'] (Windows 1903/1909) • CVE-2019-1458 [An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory] (Windows 7/8/10/2008/2012/2016) • CVE-2019-0803 [An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory] (Windows 7/8/10/2008/2012/2016/2019) • CVE-2018-8639 [An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory] (Windows 7/8/10/2008/2012/2016) • CVE-2018-1038 [Windows Kernel Elevation of Privilege Vulnerability] (Windows 7 SP1/Windows Server 2008 R2 SP1) • CVE-2018-0743 [Windows Subsystem for Linux Elevation of Privilege Vulnerability] (Windows 10 version 1703/Windows 10 version 1709/Windows Server version 1709) • CVE-2018-8453 [An elevation of privilege vulnerability in Windows Win32k component] (>= windows 8.1) • CVE-2018-8440 [Windows ALPC Elevation of Privilege Vulnerability] (windows 7/8.1/10/2008/2012/2016) • MS17-017  [KB4013081]  [GDI Palette Objects Local Privilege Escalation]  (windows 7/8) • CVE-2017-8464  [LNK Remote Code Execution Vulnerability]  (windows 10/8.1/7/2016/2010/2008) • CVE-2017-0213  [Windows COM Elevation of Privilege Vulnerability]  (windows 10/8.1/7/2016/2010/2008) • CVE-2018-0833 [SMBv3 Null Pointer Dereference Denial of Service]  (Windows 8.1/Server 2012 R2) • CVE-2018-8120 [Win32k Elevation of Privilege Vulnerability] (Windows 7 SP1/2008 SP2,2008 R2 SP1) • MS17-010  [KB4013389]  [Windows Kernel Mode Drivers]  (windows 7/2008/2003/XP) • MS16-135  [KB3199135]  [Windows Kernel Mode Drivers]  (2016) • MS16-111  [KB3186973]  [kernel api]  (Windows 10 10586 (32/64)/8.1) • MS16-098  [KB3178466]  [Kernel Driver]  (Win 8.1) • MS16-075  [KB3164038]  [Hot Potato]  (2003/2008/7/8/2012) • MS16-034  [KB3143145]  [Kernel Driver]  (2008/7/8/10/2012) • MS16-032  [KB3143141]  [Secondary Logon Handle]  (2008/7/8/10/2012) • MS16-016  [KB3136041]  [WebDAV]  (2008/Vista/7) • MS16-014  [K3134228]  [remote code execution]  (2008/Vista/7) • MS15-097  [KB3089656]  [remote code execution]  (win8.1/2012) • MS15-076  [KB3067505]  [RPC]  (2003/2008/7/8/2012) • MS15-077  [KB3077657]  [ATM]  (XP/Vista/Win7/Win8/2000/2003/2008/2012) • MS15-061  [KB3057839]  [Kernel Driver]  (2003/2008/7/8/2012) • MS15-051  [KB3057191]  [Windows Kernel Mode Drivers]  (2003/2008/7/8/2012) • MS15-015  [KB3031432]  [Kernel Driver]  (Win7/8/8.1/2012/RT/2012 R2/2008 R2) • MS15-010  [KB3036220]  [Kernel Driver]  (2003/2008/7/8) • MS15-001  [KB3023266]  [Kernel Driver]  (2008/2012/7/8) • MS14-070  [KB2989935]  [Kernel Driver]  (2003) • MS14-068  [KB3011780]  [Domain Privilege Escalation]  (2003/2008/2012/7/8) • MS14-058  [KB3000061]  [Win32k.sys]  (2003/2008/2012/7/8) • MS14-066  [KB2992611]  [Windows Schannel Allowing remote code execution] (VistaSP2/7 SP1/8/Windows 8.1/2003 SP2/2008 SP2/2008 R2 SP1/2012/2012 R2/Windows RT/Windows RT 8.1) • MS14-040  [KB2975684]  [AFD Driver]  (2003/2008/2012/7/8) • MS14-002  [KB2914368]  [NDProxy]  (2003/XP) • MS13-053  [KB2850851]  [win32k.sys]  (XP/Vista/2003/2008/win 7) • MS13-046  [KB2840221]  [dxgkrnl.sys]  (Vista/2003/2008/2012/7) • MS13-005  [KB2778930]  [Kernel Mode Driver]  (2003/2008/2012/win7/8) • MS12-042  [KB2972621]  [Service Bus]  (2008/2012/win7) • MS12-020  [KB2671387]  [RDP]  (2003/2008/7/XP) • MS11-080  [KB2592799]  [AFD.sys]  (2003/XP) • MS11-062  [KB2566454]  [NDISTAPI]  (2003/XP) • MS11-046  [KB2503665]  [AFD.sys]  (2003/2008/7/XP) • MS11-011  [KB2393802]  [kernel Driver]  (2003/2008/7/XP/Vista) • MS10-092  [KB2305420]  [Task Scheduler]  (2008/7) • MS10-065  [KB2267960]  [FastCGI]  (IIS 5.1, 6.0, 7.0, and 7.5) • MS10-059  [KB982799]   [ACL-Churraskito]  (2008/7/Vista) • MS10-048  [KB2160329]  [win32k.sys]  (XP SP2 & SP3/2003 SP2/Vista SP1 & SP2/2008 Gold & SP2 & R2/Win7) • MS10-015  [KB977165]   [KiTrap0D]  (2003/2008/7/XP) • MS10-012  [KB971468]  [SMB Client Trans2 stack overflow]  (Windows 7/2008R2) • MS09-050  [KB975517]   [Remote Code Execution]  (2008/Vista) • MS09-020  [KB970483]   [IIS 6.0]  (IIS 5.1 and 6.0) • MS09-012  [KB959454]   [Chimichurri]  (Vista/win7/2008/Vista) • MS08-068  [KB957097]   [Remote Code Execution]  (2000/XP) • MS08-067  [KB958644]   [Remote Code Execution]  (Windows 2000/XP/Server 2003/Vista/Server 2008) • MS08-066  [KB956803]   [AFD.sys]  (Windows 2000/XP/Server 2003) • MS08-025  [KB941693]   [Win32.sys]  (XP/2003/2008/Vista) • MS06-040  [KB921883]   [Remote Code Execution]  (2003/xp/2000) • MS05-039  [KB899588]   [PnP Service]  (Win 9X/ME/NT/2000/XP/2003) • MS03-026  [KB823980]   [Buffer Overrun In RPC Interface]  (/NT/2000/XP/2003) 工具 • 缺失补丁检测 @GDSSecurity 项目维护 • **ourren**(sina weibo @ourren ) • **hx**(sina weibo @hx ) • **Bearcat**(github @Bearcat ) • **CaledoniaProject**(github @CaledoniaProject ) 免责说明 请勿用于非法的用途,否则造成的严重后果与本项目无关。 参考链接 • Windows Kernel Exploits • Windows-Exploit-Suggester • WindowsExploits • Privilege-Escalation • Windows Privilege Escalation Fundamentals • brianwrf/WinSystemHelper • Vulners • Windows Exploits 转载 转载请注明来自https://github.com/SecWiki/windows-kernel-exploits 补充完善 欢迎大家补充完善 git_man@outlook.com © SecWiki 2017