Lucene search
K

33 matches found

The Hacker News
The Hacker News
added 2024/02/09 4:32 p.m.71 views

Raspberry Robin Malware Upgrades with Discord Spread and New Exploits

The operators of Raspberry Robin are now using two new one-day exploits to achieve local privilege escalation, even as the malware continues to be refined and improved to make it stealthier than before. This means that "Raspberry Robin has access to an exploit seller or its authors develop the...

8.4CVSS7.9AI score0.78376EPSS
Exploits32
GithubExploit
GithubExploit
added 2023/07/11 9:29 a.m.185 views

Exploit for Out-of-bounds Write in Microsoft

Windows Privilege Escalation Exploit for CVE-2021-1732 Win32k...

7.8CVSS8.5AI score0.78376EPSS
Exploits57
GithubExploit
GithubExploit
added 2023/03/09 7:14 a.m.271 views

Exploit for Out-of-bounds Write in Microsoft

CVE-2021-1732 CVE-­2021­-1732 Microsoft Windows 10 本地提权漏 研究及Po...

7.8CVSS8.1AI score0.78376EPSS
Exploits21
GithubExploit
GithubExploit
added 2023/03/09 7:14 a.m.404 views

Exploit for Out-of-bounds Write in Microsoft

CVE-2021-1732 CVE-­2021­-1732 Microsoft Windows 10 本地提权漏 研究及Po...

7.8CVSS8.1AI score0.78376EPSS
Exploits21
GithubExploit
GithubExploit
added 2022/11/01 1:6 p.m.42 views

Exploit for Out-of-bounds Write in Microsoft

CVE-2021-1732 CVE-­2021­-1732 Microsoft Windows 10 本地提权漏 研究及Po...

7.8CVSS8.1AI score0.78376EPSS
Exploits21
GithubExploit
GithubExploit
added 2022/11/01 1:6 p.m.424 views

Exploit for Out-of-bounds Write in Microsoft

CVE-2021-1732 CVE-­2021­-1732 Microsoft Windows 10 本地提权漏 研究及Po...

7.8CVSS8.2AI score0.78376EPSS
Exploits21
0day.today
0day.today
added 2022/02/28 12:0 a.m.634 views

Win32k ConsoleControl Offset Confusion / Privilege Escalation Exploit

A vulnerability exists within win32k that can be leveraged by an attacker to escalate privileges to those of NT AUTHORITY\SYSTEM. The flaw exists in how the WndExtra field of a window can be manipulated into being treated as an offset despite being populated by an attacker-controlled value. This...

7.8CVSS8.3AI score0.80968EPSS
Exploits41
Packet Storm
Packet Storm
added 2022/02/28 12:0 a.m.397 views

Win32k ConsoleControl Offset Confusion / Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Win32k ConsoleControl Offset Confusion', 'Description' = %q A vulnerability exists within win32k that can be leveraged by an attacker to escalate...

7.8CVSS1.1AI score0.80968EPSS
Exploits41
Metasploit
Metasploit
added 2022/02/26 5:42 p.m.357 views

Win32k ConsoleControl Offset Confusion

A vulnerability exists within win32k that can be leveraged by an attacker to escalate privileges to those of NT AUTHORITY\SYSTEM. The flaw exists in how the WndExtra field of a window can be manipulated into being treated as an offset despite being populated by an attacker-controlled value. This...

7.8CVSS7.5AI score0.80968EPSS
Exploits41
GithubExploit
GithubExploit
added 2022/02/15 4:55 p.m.437 views

Exploit for Out-of-bounds Write in Microsoft

CVE-2021-1732 Win32k Elevation Of Privileges Techni...

7.8CVSS8.3AI score0.78376EPSS
Exploits22
The Hacker News
The Hacker News
added 2022/02/07 5:3 a.m.130 views

CISA Orders Federal Agencies to Patch Actively Exploited Windows Vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency CISA is urging federal agencies to secure their systems against an actively exploited security vulnerability in Windows that could be abused to gain elevated permissions on affected hosts. To that end, the agency has added CVE-2022-21882...

7.8CVSS1.4AI score0.78376EPSS
Exploits22
GithubExploit
GithubExploit
added 2022/02/01 5:58 p.m.277 views

Exploit for Out-of-bounds Write in Microsoft

CVE-2022-21882 win32k LPE bypass CVE-2021-1732 Test - only...

7.8CVSS7.9AI score0.78376EPSS
Exploits22
Malwarebytes
Malwarebytes
added 2022/02/01 11:7 a.m.221 views

Apply those updates now: CVE bypass offers up admin privileges for Windows 10

If you’re running Windows 10, it’s time to stop delaying those patches and bring your systems up to date as soon as possible. Bleeping Computer reports that a researcher has come up with a bypass for an older bug, which could serve up some major headaches if left to fester. Those headaches will...

7.2CVSS0.4AI score0.78376EPSS
Exploits22
Trend Micro Simply Security
Trend Micro Simply Security
added 2021/10/19 12:0 a.m.66 views

PurpleFox Adds New Backdoor That Uses WebSockets

In September 2021, the Trend Micro Managed XDR MDR team looked into suspicious activity related to a PurpleFox operator. Our findings led us to investigate an updated PurpleFox arsenal, which included an added vulnerability CVE-2021-1732 and optimized rootkit capabilities leveraged in their attac...

4.6CVSS7.7AI score0.78376EPSS
Exploits21
Trend Micro Simply Security
Trend Micro Simply Security
added 2021/10/19 12:0 a.m.130 views

PurpleFox Adds New Backdoor That Uses WebSockets

In September 2021, the Trend Micro Managed XDR MDR team looked into suspicious activity related to a PurpleFox operator. Our findings led us to investigate an updated PurpleFox arsenal, which included an added vulnerability CVE-2021-1732 and optimized rootkit capabilities leveraged in their attac...

4.6CVSS3AI score0.78376EPSS
Exploits21
Securelist
Securelist
added 2021/08/12 10:0 a.m.615 views

IT threat evolution Q2 2021

Targeted attacks The leap of a Cycldek-related threat actor It is quite common for Chinese-speaking threat actors to share tools and methodologies: one such example is the infamous "DLL side-loading triad": a legitimate executable, a malicious DLL to be side-loaded by it and an encoded payload,...

9.3CVSS0.99999EPSS
Exploits84
GithubExploit
GithubExploit
added 2021/04/25 12:55 p.m.158 views

Exploit for Out-of-bounds Write in Microsoft

Windows Privilege Escalation CVE-2021-1732 Affected windows ve...

7.8CVSS8.4AI score0.78376EPSS
Exploits21
GithubExploit
GithubExploit
added 2021/04/02 1:35 a.m.71 views

Exploit for Out-of-bounds Write in Microsoft

CVE-2021-1732-Exploit CVE-2021-1732 Exploit...

7.8CVSS7.3AI score0.78376EPSS
Exploits21
seebug.org
seebug.org
added 2021/03/26 12:0 a.m.215 views

Microsoft Windows本地提权漏洞(CVE-2021-1732)

CVE-2021-1732: win32kfull xxxCreateWindowEx callback out-of-bounds Mar 25, 2021 • iamelli0t CVE-2021-1732 is a 0-Day vulnerability exploited by the BITTER APT organization in one operation which was disclosed in February this year123. This vulnerability exploits a user mode callback opportunity i...

4.6CVSS0.78376EPSS
Exploits21
Packet Storm
Packet Storm
added 2021/03/19 12:0 a.m.732 views

Win32k ConsoleControl Offset Confusion

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Win32k ConsoleControl Offset Confusion', 'Description' = %q A vulnerability exists within win32k that can be leveraged by an attacker to escalate...

7.2CVSS0.80968EPSS
Exploits40
Rows per page
Query Builder