[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"project-6306":3},{"id":4,"name":5,"fullName":6,"owner":7,"repo":5,"description":8,"homepage":9,"htmlUrl":10,"language":11,"languages":10,"totalLinesOfCode":10,"stars":12,"forks":13,"watchers":14,"openIssues":15,"contributorsCount":16,"subscribersCount":16,"size":16,"stars1d":16,"stars7d":15,"stars30d":17,"stars90d":16,"forks30d":16,"starsTrendScore":18,"compositeScore":19,"rankGlobal":10,"rankLanguage":10,"license":20,"archived":21,"fork":21,"defaultBranch":22,"hasWiki":23,"hasPages":21,"topics":24,"createdAt":10,"pushedAt":10,"updatedAt":31,"readmeContent":32,"aiSummary":33,"trendingCount":16,"starSnapshotCount":16,"syncStatus":18,"lastSyncTime":34,"discoverSource":35},6306,"windows-kernel-exploits","SecWiki\u002Fwindows-kernel-exploits","SecWiki","windows-kernel-exploits   Windows平台提权漏洞集合","",null,"C",8671,2852,434,9,0,19,2,72.4,"MIT License",false,"master",true,[25,26,27,28,29,30],"collections","exploit","kernel","pentest","tool","windows","2026-06-12 04:00:28","# windows-kernel-exploits\n\n### 简介\n\nwindows-kernel-exploits\n\n***\n\n#### 漏洞列表\n\n##### #Security Bulletin&nbsp;&nbsp;&nbsp;#KB &nbsp;&nbsp;&nbsp;&nbsp;#Description&nbsp;&nbsp;&nbsp;&nbsp;#Operating System  \n\n- [CVE-2021-33739](https:\u002F\u002Fgithub.com\u002Fmavillon1\u002FCVE-2021-33739-POC) [Microsoft DWM Core Library Elevation of Privilege Vulnerability] (Windows 10, 20)\n- [CVE-2021-1732](https:\u002F\u002Fgithub.com\u002FKaLendsi\u002FCVE-2021-1732-Exploit) [Windows Win32k Elevation of Privilege Vulnerability] (Windows 10, 2019\u002F20H2)\n- [CVE-2020-0787](https:\u002F\u002Fgithub.com\u002Fcbwang505\u002FCVE-2020-0787-EXP-ALL-WINDOWS-VERSION) [Windows Background Intelligent Transfer Service Elevation of Privilege Vulnerability] (Windows 7\u002F8\u002F10, 2008\u002F2012\u002F2016\u002F2019)\n- [CVE-2020-0796](https:\u002F\u002Fgithub.com\u002Fdanigargu\u002FCVE-2020-0796) [A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests, aka 'Windows SMBv3 Client\u002FServer Remote Code Execution Vulnerability'] (Windows 1903\u002F1909)\n- [CVE-2019-1458](https:\u002F\u002Fgithub.com\u002Funamer\u002FCVE-2019-1458) [An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory] (Windows 7\u002F8\u002F10\u002F2008\u002F2012\u002F2016)\n- [CVE-2019-0803](https:\u002F\u002Fgithub.com\u002FExpLife0011\u002FCVE-2019-0803) [An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory] (Windows 7\u002F8\u002F10\u002F2008\u002F2012\u002F2016\u002F2019)\n- [CVE-2018-8639](https:\u002F\u002Fgithub.com\u002Fze0r\u002FCVE-2018-8639-exp) [An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory] (Windows 7\u002F8\u002F10\u002F2008\u002F2012\u002F2016)\n- [CVE-2018-1038](https:\u002F\u002Fgist.github.com\u002Fxpn\u002F3792ec34d712425a5c47caf5677de5fe) [Windows Kernel Elevation of Privilege Vulnerability]  (Windows 7 SP1\u002FWindows Server 2008 R2 SP1)\n- [CVE-2018-0743](https:\u002F\u002Fgithub.com\u002Fsaaramar\u002Fexecve_exploit) [Windows Subsystem for Linux Elevation of Privilege Vulnerability]  (Windows 10 version 1703\u002FWindows 10 version 1709\u002FWindows Server version 1709)\n- [CVE-2018-8453](https:\u002F\u002Fgithub.com\u002Fze0r\u002Fcve-2018-8453-exp) [An elevation of privilege vulnerability in Windows Win32k component]  (>= windows 8.1)\n- [CVE-2018-8440](https:\u002F\u002Fgithub.com\u002Fsourceincite\u002FCVE-2018-8440) [Windows ALPC Elevation of Privilege Vulnerability]  (windows 7\u002F8.1\u002F10\u002F2008\u002F2012\u002F2016)\n- [MS17-017](.\u002FMS17-017) 　[KB4013081]　　[GDI Palette Objects Local Privilege Escalation]　　(windows 7\u002F8)\n- [CVE-2017-8464](.\u002FCVE-2017-8464) 　[LNK Remote Code Execution Vulnerability]　　(windows 10\u002F8.1\u002F7\u002F2016\u002F2010\u002F2008)\n- [CVE-2017-0213](.\u002FCVE-2017-0213) 　[Windows COM Elevation of Privilege Vulnerability]　　(windows 10\u002F8.1\u002F7\u002F2016\u002F2010\u002F2008)\n- [CVE-2018-0833](.\u002FCVE-2018-0833)   [SMBv3 Null Pointer Dereference Denial of Service]  (Windows 8.1\u002FServer 2012 R2)\n- [CVE-2018-8120](.\u002FCVE-2018-8120)   [Win32k Elevation of Privilege Vulnerability]  (Windows 7 SP1\u002F2008 SP2,2008 R2 SP1)\n- [MS17-010](.\u002FMS17-010) 　[KB4013389]　　[Windows Kernel Mode Drivers]　　(windows 7\u002F2008\u002F2003\u002FXP)\n- [MS16-135](.\u002FMS16-135) 　[KB3199135]　　[Windows Kernel Mode Drivers]　　(2016)\n- [MS16-111](.\u002FMS16-111) 　[KB3186973]　　[kernel api]　　(Windows 10 10586 (32\u002F64)\u002F8.1)\n- [MS16-098](.\u002FMS16-098) 　[KB3178466]　　[Kernel Driver]　　(Win 8.1)\n- [MS16-075](.\u002FMS16-075) 　[KB3164038]　　[Hot Potato]　　(2003\u002F2008\u002F7\u002F8\u002F2012)\n- [MS16-034](.\u002FMS16-034) 　[KB3143145]　　[Kernel Driver]　　(2008\u002F7\u002F8\u002F10\u002F2012)\n- [MS16-032](.\u002FMS16-032) 　[KB3143141]　　[Secondary Logon Handle]　　(2008\u002F7\u002F8\u002F10\u002F2012)\n- [MS16-016](.\u002FMS16-016) 　[KB3136041]　　[WebDAV]　　(2008\u002FVista\u002F7)\n- [MS16-014](.\u002FMS16-014) 　[K3134228]　　[remote code execution]　　(2008\u002FVista\u002F7)\n- [MS15-097](.\u002FMS15-097) 　[KB3089656]　　[remote code execution]　　(win8.1\u002F2012)\n- [MS15-076](.\u002FMS15-076) 　[KB3067505]　　[RPC]　　(2003\u002F2008\u002F7\u002F8\u002F2012)\n- [MS15-077](.\u002FMS15-077) 　[KB3077657]　　[ATM]　　(XP\u002FVista\u002FWin7\u002FWin8\u002F2000\u002F2003\u002F2008\u002F2012)\n- [MS15-061](.\u002FMS15-061) 　[KB3057839]　　[Kernel Driver]　　(2003\u002F2008\u002F7\u002F8\u002F2012)\n- [MS15-051](.\u002FMS15-051) 　[KB3057191]　　[Windows Kernel Mode Drivers]　　(2003\u002F2008\u002F7\u002F8\u002F2012)\n- [MS15-015](.\u002FMS15-015) 　[KB3031432]　　[Kernel Driver]　　(Win7\u002F8\u002F8.1\u002F2012\u002FRT\u002F2012 R2\u002F2008 R2)\n- [MS15-010](.\u002FMS15-010) 　[KB3036220]　　[Kernel Driver]　　(2003\u002F2008\u002F7\u002F8)\n- [MS15-001](.\u002FMS15-001) 　[KB3023266]　　[Kernel Driver]　　(2008\u002F2012\u002F7\u002F8)\n- [MS14-070](.\u002FMS14-070) 　[KB2989935]　　[Kernel Driver]　　(2003)\n- [MS14-068](.\u002FMS14-068) 　[KB3011780]　　[Domain Privilege Escalation]　　(2003\u002F2008\u002F2012\u002F7\u002F8)\n- [MS14-058](.\u002FMS14-058) 　[KB3000061]　　[Win32k.sys]　　(2003\u002F2008\u002F2012\u002F7\u002F8)\n- [MS14-066](.\u002FMS14-066) 　[KB2992611]　　[Windows Schannel Allowing remote code execution] (VistaSP2\u002F7 SP1\u002F8\u002FWindows 8.1\u002F2003 SP2\u002F2008 SP2\u002F2008 R2 SP1\u002F2012\u002F2012 R2\u002FWindows RT\u002FWindows RT 8.1)\n- [MS14-040](.\u002FMS14-040) 　[KB2975684]　　[AFD Driver]　　(2003\u002F2008\u002F2012\u002F7\u002F8)\n- [MS14-002](.\u002FMS14-002) 　[KB2914368]　　[NDProxy]　　(2003\u002FXP)  \n- [MS13-053](.\u002FMS13-053) 　[KB2850851]　　[win32k.sys]　　(XP\u002FVista\u002F2003\u002F2008\u002Fwin 7)  \n- [MS13-046](.\u002FMS13-046) 　[KB2840221]　　[dxgkrnl.sys]　　(Vista\u002F2003\u002F2008\u002F2012\u002F7)  \n- [MS13-005](.\u002FMS13-005) 　[KB2778930]　　[Kernel Mode Driver]　　(2003\u002F2008\u002F2012\u002Fwin7\u002F8)  \n- [MS12-042](.\u002FMS12-042) 　[KB2972621]　　[Service Bus]　　(2008\u002F2012\u002Fwin7)\n- [MS12-020](.\u002FMS12-020) 　[KB2671387]　　[RDP]　　(2003\u002F2008\u002F7\u002FXP)\n- [MS11-080](.\u002FMS11-080) 　[KB2592799]　　[AFD.sys]　　(2003\u002FXP)\n- [MS11-062](.\u002FMS11-062) 　[KB2566454]　　[NDISTAPI]　　(2003\u002FXP)\n- [MS11-046](.\u002FMS11-046) 　[KB2503665]　　[AFD.sys]　　(2003\u002F2008\u002F7\u002FXP)\n- [MS11-011](.\u002FMS11-011) 　[KB2393802]　　[kernel Driver]　　(2003\u002F2008\u002F7\u002FXP\u002FVista)\n- [MS10-092](.\u002FMS10-092) 　[KB2305420]　　[Task Scheduler]　　(2008\u002F7)  \n- [MS10-065](.\u002FMS10-065) 　[KB2267960]　　[FastCGI]　　(IIS 5.1, 6.0, 7.0, and 7.5)  \n- [MS10-059](.\u002FMS10-059) 　[KB982799]　　 [ACL-Churraskito]　　(2008\u002F7\u002FVista)  \n- [MS10-048](.\u002FMS10-048) 　[KB2160329]　　[win32k.sys]　　(XP SP2 & SP3\u002F2003 SP2\u002FVista SP1 & SP2\u002F2008 Gold & SP2 & R2\u002FWin7)  \n- [MS10-015](.\u002FMS10-015) 　[KB977165]　　 [KiTrap0D]　　(2003\u002F2008\u002F7\u002FXP)  \n- [MS10-012](.\u002FMS10-012) 　[KB971468]　　[SMB Client Trans2 stack overflow]　　(Windows 7\u002F2008R2)  \n- [MS09-050](.\u002FMS09-050) 　[KB975517]　　 [Remote Code Execution]　　(2008\u002FVista)  \n- [MS09-020](.\u002FMS09-020) 　[KB970483]　　 [IIS 6.0]　　(IIS 5.1 and 6.0)  \n- [MS09-012](.\u002FMS09-012) 　[KB959454]　　 [Chimichurri]　　(Vista\u002Fwin7\u002F2008\u002FVista)  \n- [MS08-068](.\u002FMS08-068) 　[KB957097]　　 [Remote Code Execution]　　(2000\u002FXP)  \n- [MS08-067](.\u002FMS08-067) 　[KB958644]　　 [Remote Code Execution]　　(Windows 2000\u002FXP\u002FServer 2003\u002FVista\u002FServer 2008)  \n- [MS08-066](.\u002FMS08-066) 　[KB956803]　　 [AFD.sys]　　(Windows 2000\u002FXP\u002FServer 2003)  \n- [MS08-025](.\u002FMS08-025) 　[KB941693]　　 [Win32.sys]　　(XP\u002F2003\u002F2008\u002FVista)  \n- [MS06-040](.\u002FMS06-040) 　[KB921883]　　 [Remote Code Execution]　　(2003\u002Fxp\u002F2000)  \n- [MS05-039](.\u002FMS05-039) 　[KB899588]　　 [PnP Service]　　(Win 9X\u002FME\u002FNT\u002F2000\u002FXP\u002F2003)  \n- [MS03-026](.\u002FMS03-026) 　[KB823980]　　 [Buffer Overrun In RPC Interface]　　(\u002FNT\u002F2000\u002FXP\u002F2003)  \n\n### 工具\n- [缺失补丁检测](.\u002Fwin-exp-suggester)　[@GDSSecurity](https:\u002F\u002Fgithub.com\u002FGDSSecurity\u002FWindows-Exploit-Suggester)\n\n### 项目维护\n\n+ **ourren**(sina weibo \u003Ca href=\"http:\u002F\u002Fweibo.com\u002Fcodesec\">@ourren\u003C\u002Fa>) \n+ **hx**(sina weibo \u003Ca href=\"http:\u002F\u002Fweibo.com\u002FHexajon\">@hx\u003C\u002Fa>)\n+ **Bearcat**(github \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FiBearcat\">@Bearcat\u003C\u002Fa>)\n+ **CaledoniaProject**(github \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FCaledoniaProject\">@CaledoniaProject\u003C\u002Fa>)\n\n### 免责说明\n\n请勿用于非法的用途，否则造成的严重后果与本项目无关。\n\n### 参考链接\n\n- [Windows Kernel Exploits](https:\u002F\u002Fpentestlab.blog\u002F2017\u002F04\u002F24\u002Fwindows-kernel-exploits\u002F)\n- [Windows-Exploit-Suggester](https:\u002F\u002Fgithub.com\u002FGDSSecurity\u002FWindows-Exploit-Suggester)  \n- [WindowsExploits](https:\u002F\u002Fgithub.com\u002Fabatchy17\u002FWindowsExploits)\n- [Privilege-Escalation](https:\u002F\u002Fgithub.com\u002FAusJock\u002FPrivilege-Escalation)  \n- [Windows Privilege Escalation Fundamentals](http:\u002F\u002Ffuzzysecurity.com\u002Ftutorials\u002F16.html)  \n- [brianwrf\u002FWinSystemHelper](https:\u002F\u002Fgithub.com\u002Fbrianwrf\u002FWinSystemHelper)  \n- [Vulners](https:\u002F\u002Fvulners.com\u002Flanding)  \n- [Windows Exploits](https:\u002F\u002Fgithub.com\u002FWindowsExploits\u002FExploits)  \n\n### 转载\n\n转载请注明来自https:\u002F\u002Fgithub.com\u002FSecWiki\u002Fwindows-kernel-exploits\n\n### 补充完善\n欢迎大家补充完善　[git_man@outlook.com](git_man@outlook.com)\n\n&copy;\u003Ca href=\"https:\u002F\u002Fwww.sec-wiki.com\" target=\"_blank\">SecWiki\u003C\u002Fa> 2017\n\n\n","SecWiki\u002Fwindows-kernel-exploits 是一个收集了多个 Windows 平台提权漏洞的项目。该项目以 C 语言编写，汇集了包括 CVE-2021-33739、CVE-2021-1732 在内的多个已知漏洞及其利用代码，这些漏洞主要影响 Windows 内核组件，如 DWM 核心库、Win32k 和 SMBv3 协议等，可能导致权限提升或远程代码执行。它适用于安全研究人员、渗透测试人员以及系统管理员在受控环境下进行漏洞研究与验证，帮助理解 Windows 操作系统的安全性问题并采取相应防护措施。","2026-06-11 03:06:22","top_language"]