Update documentation:full_moon_with_face:

CVE-2003-0352/README.md

@@ -2,7 +2,7 @@
 
 #### 描述
 
-Buffer overflow in a certain DCOM interface for RPC in Microsoft Windows NT 4.0, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary code via a malformed message, as exploited by the Blaster/MSblast/LovSAN and Nachi/Welchia worms.
+某些RPC的DCOM接口中的缓冲区溢出使远程攻击者可以通过格式错误的消息执行任意代码
 
 #### 影响版本
 

CVE-2005-1983/README.md

@@ -2,7 +2,7 @@
 
 #### 描述
 
-Stack-based buffer overflow in the Plug and Play (PnP) service for Microsoft Windows 2000 and Windows XP Service Pack 1 allows remote attackers to execute arbitrary code via a crafted packet, and local users to gain privileges via a malicious application, as exploited by the Zotob (aka Mytob) worm.
+PnP服务中基于堆栈的缓冲区溢出使远程攻击者可以通过精心制作的数据包执行任意代码，而本地用户可以通过恶意应用程序获取特权， Zotob（又名Mytob）蠕虫。
 
 #### 影响版本
 

CVE-2006-3439/README.md

@@ -2,7 +2,7 @@
 
 #### 描述
 
-Buffer overflow in the Server Service in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers, including anonymous users, to execute arbitrary code via a crafted RPC message, a different vulnerability than CVE-2006-1314.
+服务器服务中的缓冲区溢出允许包括匿名用户在内的远程攻击者通过精心制作的RPC消息执行任意代码
 
 #### 影响版本
 

CVE-2008-1084/README.md

@@ -2,7 +2,7 @@
 
 #### 描述
 
-Unspecified vulnerability in the kernel in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, through Vista SP1, and Server 2008 allows local users to execute arbitrary code via unknown vectors related to improper input validation. NOTE: it was later reported that one affected function is NtUserFnOUTSTRING in win32k.sys.
+内核中未指定的漏洞允许本地用户通过与错误输入验证有关的未知向量执行任意代码。
 
 #### 影响版本
 

CVE-2008-3464/README.md

@@ -2,7 +2,7 @@
 
 #### 描述
 
-afd.sys in the Ancillary Function Driver (AFD) component in Microsoft Windows XP SP2 and SP3 and Windows Server 2003 SP1 and SP2 does not properly validate input sent from user mode to the kernel, which allows local users to gain privileges via a crafted application, as demonstrated using crafted pointers and lengths that bypass intended ProbeForRead and ProbeForWrite restrictions, aka "AFD Kernel Overwrite Vulnerability."
+辅助功能驱动程序（AFD）组件中的afd.sys无法正确验证从用户模式发送到内核的输入，这允许本地用户通过精心设计的应用程序获取特权 ，如使用精心设计的指针和长度所说明的那样，这些指针和长度绕过了预期的ProbeForRead和ProbeForWrite限制。
 
 #### 影响版本
 

CVE-2008-4037/README.md

@@ -2,7 +2,7 @@
 
 #### 描述
 
-Microsoft Windows 2000 Gold through SP4, XP Gold through SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote SMB servers to execute arbitrary code on a client machine by replaying the NTLM credentials of a client user, as demonstrated by backrush, aka "SMB Credential Reflection Vulnerability." NOTE: some reliable sources report that this vulnerability exists because of an insufficient fix for CVE-2000-0834.
+通过远程SMB服务器可以重播客户端用户的NTLM凭据在客户端计算机上执行任意代码
 
 #### 影响版本
 

CVE-2008-4250/README.md

@@ -2,7 +2,7 @@
 
 #### 描述
 
-The Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, and 7 Pre-Beta allows remote attackers to execute arbitrary code via a crafted RPC request that triggers the overflow during path canonicalization, as exploited in the wild by Gimmiv.A in October 2008, aka "Server Service Vulnerability."
+Pre-Beta中的Server服务允许远程攻击者通过精心设计的RPC请求执行任意代码，该请求会在执行以下操作时触发溢出路径规范化。
 
 #### 影响版本
 

CVE-2009-0079/README.md

@@ -2,7 +2,7 @@
 
 #### 描述
 
-The RPCSS service in Microsoft Windows XP SP2 and SP3 and Server 2003 SP1 and SP2 does not properly implement isolation among a set of distinct processes that (1) all run under the NetworkService account or (2) all run under the LocalService account, which allows local users to gain privileges by accessing the resources of one of the processes, aka "Windows RPCSS Service Isolation Vulnerability."
+RPCSS服务不能在一组不同的进程之间正确实现隔离，这些进程全部在NetworkService帐户下运行，或者所有在LocalService帐户下运行，这允许 本地用户通过访问其中一个进程的资源来获得特权。
 
 #### 影响版本
 

CVE-2009-2532/README.md

@@ -2,7 +2,7 @@
 
 #### 描述
 
-Microsoft Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold and SP2, and Windows 7 RC do not properly process the command value in an SMB Multi-Protocol Negotiate Request packet, which allows remote attackers to execute arbitrary code via a crafted SMBv2 packet to the Server service, aka "SMBv2 Command Value Vulnerability."
+无法正确处理SMB多协议协商请求数据包中的命令值，这使远程攻击者可以通过精心制作的SMBv2执行任意代码 数据包发送到服务器服务
 
 #### 影响版本
 

CVE-2010-0233/README.md

@@ -2,7 +2,7 @@
 
 #### 描述
 
-Double free vulnerability in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows local users to gain privileges via a crafted application, aka "Windows Kernel Double Free Vulnerability."
+内核中的双重免费漏洞允许本地用户通过精心设计的应用程序获得特权。
 
 #### 影响版本
 

CVE-2010-0270/README.md

@@ -2,7 +2,7 @@
 
 #### 描述
 
-The SMB client in Microsoft Windows Server 2008 R2 and Windows 7 does not properly validate fields in SMB transaction responses, which allows remote SMB servers and man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and reboot) via a crafted (1) SMBv1 or (2) SMBv2 response, aka "SMB Client Transaction Vulnerability."
+SMB客户端无法正确验证SMB事务响应中的字段，这允许远程SMB服务器和中间人攻击者执行任意代码或导致拒绝服务（内存损坏和 通过SMBv1或SMBv2响应重新启动）。
 
 #### 影响版本
 

CVE-2010-1897/README.md

@@ -2,7 +2,7 @@
 
 #### 描述
 
-The Windows kernel-mode drivers in win32k.sys in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 do not properly validate pseudo-handle values in callback parameters during window creation, which allows local users to gain privileges via a crafted application, aka "Win32k Window Creation Vulnerability."
+win32k.sys中的Windows内核模式驱动程序无法正确验证伪句柄值 在窗口创建期间的回调参数中，它允许本地用户通过精心设计的应用程序获得特权。
 
 #### 影响版本
 

CVE-2010-2554/README.md

@@ -2,7 +2,7 @@
 
 #### 描述
 
-The Tracing Feature for Services in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 has incorrect ACLs on its registry keys, which allows local users to gain privileges via vectors involving a named pipe and impersonation, aka "Tracing Registry Key ACL Vulnerability."
+服务跟踪功能在其注册表项上具有不正确的ACL，这使本地用户可以通过涉及命名管道和模拟的向量获得特权。
 
 #### 影响版本
 

CVE-2010-3338/README.md

@@ -2,7 +2,7 @@
 
 #### 描述
 
-The Windows Task Scheduler in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly determine the security context of scheduled tasks, which allows local users to gain privileges via a crafted application, aka "Task Scheduler Vulnerability." NOTE: this might overlap CVE-2010-3888.
+Windows Task Scheduler无法正确确定计划任务的安全上下文，这使本地用户可以通过精心设计的应用程序获取特权
 
 #### 影响版本
 

CVE-2010-4398/README.md

@@ -2,7 +2,7 @@
 
 #### 描述
 
-Stack-based buffer overflow in the RtlQueryRegistryValues function in win32k.sys in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows local users to gain privileges, and bypass the User Account Control (UAC) feature, via a crafted REG_BINARY value for a SystemDefaultEUDCFont registry key, aka "Driver Improper Interaction with Windows Kernel Vulnerability."
+win32k.sys中的RtlQueryRegistryValues函数中基于堆栈的缓冲区溢出 特权，并通过为SystemDefaultEUDCFont注册表项的特制REG_BINARY值来绕过用户帐户控制（UAC）功能。
 
 #### 影响版本
 

CVE-2011-0045/README.md

@@ -2,7 +2,7 @@
 
 #### 描述
 
-The Trace Events functionality in the kernel in Microsoft Windows XP SP3 does not properly perform type conversion, which causes integer truncation and insufficient memory allocation and triggers a buffer overflow, which allows local users to gain privileges via a crafted application, related to WmiTraceMessageVa, aka "Windows Kernel Integer Truncation Vulnerability."
+内核中的跟踪事件功能无法正确执行类型转换，这会导致整数截断和不足的内存分配并触发缓冲区溢出，从而使本地用户可以通过与WmiTraceMessageVa相关的精心设计的应用程序获得特权
 
 #### 影响版本
 

CVE-2011-1249/README.md

@@ -2,7 +2,7 @@
 
 #### 描述
 
-The Ancillary Function Driver (AFD) in afd.sys in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly validate user-mode input, which allows local users to gain privileges via a crafted application, aka "Ancillary Function Driver Elevation of Privilege Vulnerability."
+afd.sys中的辅助功能驱动程序（AFD）未正确验证用户模式输入，从而使本地用户无法通过精心设计的应用程序获得特权。
 
 #### 影响版本
 

CVE-2011-1974/README.md

@@ -2,7 +2,7 @@
 
 #### 描述
 
-NDISTAPI.sys in the NDISTAPI driver in Remote Access Service (RAS) in Microsoft Windows XP SP2 and SP3 and Windows Server 2003 SP2 does not properly validate user-mode input, which allows local users to gain privileges via a crafted application, aka "NDISTAPI Elevation of Privilege Vulnerability."
+远程访问服务（RAS）中的NDISTAPI驱动程序中的NDISTAPI.sys无法正确验证用户模式输入，这允许本地用户通过精心设计的应用程序获得特权
 
 #### 影响版本
 

CVE-2011-2005/README.md

@@ -2,7 +2,7 @@
 
 #### 描述
 
-afd.sys in the Ancillary Function Driver in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly validate user-mode input passed to kernel mode, which allows local users to gain privileges via a crafted application, aka "Ancillary Function Driver Elevation of Privilege Vulnerability."
+辅助功能驱动程序中的afd.sys无法正确验证传递给内核模式的用户模式输入，这允许本地用户通过精心设计的应用程序获得特权。
 
 #### 影响版本
 

CVE-2012-0217/README.md

@@ -2,7 +2,7 @@
 
 #### 描述
 
-The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and other products; Oracle Solaris 11 and earlier; illumos before r13724; Joyent SmartOS before 20120614T184600Z; FreeBSD before 9.0-RELEASE-p3; NetBSD 6.0 Beta and earlier; Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1; and possibly other operating systems, when running on an Intel processor, incorrectly uses the sysret path in cases where a certain address is not a canonical address, which allows local users to gain privileges via a crafted application. NOTE: because this issue is due to incorrect use of the Intel specification, it should have been split into separate identifiers; however, there was some value in preserving the original mapping of the multi-codebase coordinated-disclosure effort to a single identifier.
+某些其他操作系统（在Intel处理器上运行时）在某些地址不是规范地址的情况下会错误地使用sysret路径，从而使本地用户可以通过精心设计的应用程序获得特权
 
 #### 影响版本
 

CVE-2013-0008/README.md

@@ -2,7 +2,7 @@
 
 #### 描述
 
-win32k.sys in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT does not properly handle window broadcast messages, which allows local users to gain privileges via a crafted application, aka "Win32k Improper Message Handling Vulnerability."
+内核模式驱动程序中的win32k.sys无法正确处理窗口广播消息， 它允许本地用户通过精心设计的应用程序获得特权。
 
 #### 影响版本
 

CVE-2013-1332/README.md

@@ -2,7 +2,7 @@
 
 #### 描述
 
-dxgkrnl.sys (aka the DirectX graphics kernel subsystem) in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly handle objects in memory, which allows local users to gain privileges via a crafted application, aka "DirectX Graphics Kernel Subsystem Double Fetch Vulnerability."
+核模式驱动程序中的dxgkrnl.sys（aka DirectX图形内核子系统） 在内存中，本地用户可以通过精心设计的应用程序获得特权。
 
 #### 影响版本
 

CVE-2013-1345/README.md

@@ -2,7 +2,7 @@
 
 #### 描述
 
-win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly handle objects in memory, which allows local users to gain privileges via a crafted application, aka "Win32k Vulnerability."
+内核模式驱动程序中的win32k.sys不会 正确处理内存中的对象，这允许本地用户通过精心设计的应用程序获得特权。
 
 #### 影响版本
 

CVE-2013-5065/README.md

@@ -2,7 +2,7 @@
 
 #### 描述
 
-NDProxy.sys in the kernel in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows local users to gain privileges via a crafted application, as exploited in the wild in November 2013.
+内核中的NDProxy.sys允许本地用户通过精心设计的应用程序获得特权
 
 #### 影响版本
 

CVE-2014-1767/README.md

@@ -2,7 +2,7 @@
 
 #### 描述
 
-Double free vulnerability in the Ancillary Function Driver (AFD) in afd.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application, aka "Ancillary Function Driver Elevation of Privilege Vulnerability."
+内核模式驱动程序中afd.sys的辅助功能驱动程序（AFD）中的双重释放漏洞允许本地用户通过精心设计的应用程序获得特权。
 
 #### 影响版本
 

CVE-2014-4076/README.md

@@ -2,7 +2,7 @@
 
 #### 描述
 
-Microsoft Windows Server 2003 SP2 allows local users to gain privileges via a crafted IOCTL call to (1) tcpip.sys or (2) tcpip6.sys, aka "TCP/IP Elevation of Privilege Vulnerability."
+本地用户通过对tcpip.sys或tcpip6.sys的精心制作的IOCTL调用来获得特权。
 
 #### 影响版本
 

CVE-2014-6321 /README.md

@@ -2,7 +2,7 @@
 
 #### 描述
 
-Schannel in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via crafted packets, aka "Microsoft Schannel Remote Code Execution Vulnerability."
+Schannel允许远程攻击者通过精心设计的数据包远程执行代码
 
 #### 影响版本
 

CVE-2015-0002/README.md

@@ -2,7 +2,7 @@
 
 #### 描述
 
-The AhcVerifyAdminContext function in ahcache.sys in the Application Compatibility component in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not verify that an impersonation token is associated with an administrative account, which allows local users to gain privileges by running AppCompatCache.exe with a crafted DLL file, aka MSRC ID 20544 or "Microsoft Application Compatibility Infrastructure Elevation of Privilege Vulnerability."
+应用程序兼容性组件中的ahcache.sys中的ahcache.sys中的AhcVerifyAdminContext函数不会验证模拟令牌 与一个管理帐户关联，该帐户允许本地用户通过使用精心制作的DLL文件运行AppCompatCache.exe来获得特权。
 
 #### 影响版本
 

CVE-2015-0057/README.md

@@ -2,7 +2,7 @@
 
 #### 描述
 
-win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability."
+内核模式驱动程序中的win32k.sys允许本地用户通过精心设计的应用程序获得特权。
 
 #### 影响版本
 

CVE-2015-0062/README.md

@@ -2,7 +2,7 @@
 
 #### 描述
 
-Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow local users to gain privileges via a crafted application that leverages incorrect impersonation handling in a process that uses the SeAssignPrimaryTokenPrivilege privilege, aka "Windows Create Process Elevation of Privilege Vulnerability."
+允许本地用户通过精心设计的应用程序获取特权，这些应用程序在使用过程中利用了不正确的模拟处理 SeAssignPrimaryTokenPrivilege特权。
 
 #### 影响版本
 

CVE-2016-3309/README.md

@@ -2,7 +2,7 @@
 
 #### 描述
 
-The kernel-mode drivers in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-3308, CVE-2016-3310, and CVE-2016-3311.
+内核模式驱动程序允许本地用户通过精心设计的应用程序获得特权
 
 #### 影响版本
 

CVE-2016-3371/README.md

@@ -2,7 +2,7 @@
 
 #### 描述
 
-The kernel API in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 does not properly enforce permissions, which allows local users to obtain sensitive information via a crafted application, aka "Windows Kernel Elevation of Privilege Vulnerability."
+内核API无法正确实施权限， 允许本地用户通过精心设计的应用程序特权提升
 
 #### 影响版本
 

CVE-2018-1038/README.md

@@ -2,7 +2,7 @@
 
 #### 描述
 
-The Windows kernel in Windows 7 SP1 and Windows Server 2008 R2 SP1 allows an elevation of privilege vulnerability due to the way it handles objects in memory, aka "Windows Kernel Elevation of Privilege Vulnerability."
+Windows内核由于处理内存中对象的方式而存在特权提升漏洞
 
 #### 影响版本
 

CVE-2019-0859/README.md

@@ -2,7 +2,7 @@
 
 #### 描述
 
-An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0685, CVE-2019-0803.
+当Win32k组件无法正确处理内存中的对象时，Windows即存在一个特权提升漏洞
 
 #### 影响版本