189 matches found
CVE-2020-22057
The WinRin0x64.sys and WinRing0.sys low-level drivers in EVGA Precision XOC version v6.2.7 were discovered to be configured with the default security descriptor which allows attackers to access sensitive components and data...
Remote Code Execution (RCE)
mariadb is vulnerable to remote code execution. The vulnerability exist due to an incorrect security descriptor...
CVE-2020-28912
With MariaDB running on Windows, when local clients connect to the server over named pipes, it's possible for an unprivileged user with an ability to run code on the server machine to intercept the named pipe connection and act as a man-in-the-middle, gaining access to all the data passed between...
ALPINE-CVE-2020-28912
With MariaDB running on Windows, when local clients connect to the server over named pipes, it's possible for an unprivileged user with an ability to run code on the server machine to intercept the named pipe connection and act as a man-in-the-middle, gaining access to all the data passed between...
CVE-2020-28912
With MariaDB running on Windows, when local clients connect to the server over named pipes, it's possible for an unprivileged user with an ability to run code on the server machine to intercept the named pipe connection and act as a man-in-the-middle, gaining access to all the data passed between...
CVE-2020-28912
CVE-2020-28912 concerns MariaDB running on Windows where local clients connecting via named pipes can be intercepted by an unprivileged user who can then act as a man‑in‑the‑middle. The root cause is an incorrect security descriptor. Affects MariaDB Server before 10.1.48, 10.2.x before 10.2.35, 1...
CVE-2020-28912
Disclaimer: This data contains information about vulnerable...
CVE-2020-28912
With MariaDB running on Windows, when local clients connect to the server over named pipes, it's possible for an unprivileged user with an ability to run code on the server machine to intercept the named pipe connection and act as a man-in-the-middle, gaining access to all the data passed between...
CVE-2020-28912
With MariaDB running on Windows, when local clients connect to the server over named pipes, it's possible for an unprivileged user with an ability to run code on the server machine to intercept the named pipe connection and act as a man-in-the-middle, gaining access to all the data passed between...
CVE-2020-28912
With MariaDB running on Windows, when local clients connect to the server over named pipes, it's possible for an unprivileged user with an ability to run code on the server machine to intercept the named pipe connection and act as a man-in-the-middle, gaining access to all the data passed between...
CVE-2020-28912
With MariaDB running on Windows, when local clients connect to the server over named pipes, it's possible for an unprivileged user with an ability to run code on the server machine to intercept the named pipe connection and act as a man-in-the-middle, gaining access to all the data passed between...
Windows Secrets Dump
Dumps SAM hashes and LSA secrets including cached creds from the remote Windows target without executing any agent locally. This is done by remotely updating the registry key security descriptor, taking advantage of the WriteDACL privileges held by local administrators to set temporary read...
libyal:libfwnt_security_descriptor_fuzzer: Heap-buffer-overflow in libfwnt_access_control_entry_copy_from_byte_stream
Detailed Report: https://oss-fuzz.com/testcase?key=6301962723917824 Project: libyal Fuzzing Engine: libFuzzer Fuzz Target: libfwntsecuritydescriptorfuzzer Job Type: libfuzzerasani386libyal Platform Id: linux Crash Type: Heap-buffer-overflow READ 1 Crash Address: 0xf5100b13 Crash State:...
"Code 0x80070057 The parameter is incorrect" error when you try to display a user's "effective access" to a file
"Code 0x80070057 The parameter is incorrect" error when you try to display a user's "effective access" to a file This article describes an issue that occurs when you try to display a user's "effective access" to a file in Windows 8.1, Windows Server 2012 R2, Windows 8, or Windows Server 2012. You...
AppXSvc - Privilege Escalation Vulnerability
----------------------------------------------------------------------------- Exploit Title: AppXSvc - Arbitrary File Security Descriptor Overwrite EoP Exploit Author: Gabor Seljan Vendor Homepage: https://www.microsoft.com/ Version: 17763.1.amd64fre.rs5release.180914-1434 Tested on: Windows 10...
AppXSvc - Privilege Escalation
AppXSvc - Privilege Escalation ----------------------------------------------------------------------------- Exploit Title: AppXSvc - Arbitrary File Security Descriptor Overwrite EoP Date: Sep 4 2019 Exploit Author: Gabor Seljan Vendor Homepage: https://www.microsoft.com/ Version:...
AppXSvc - Privilege Escalation
----------------------------------------------------------------------------- Exploit Title: AppXSvc - Arbitrary File Security Descriptor Overwrite EoP Date: Sep 4 2019 Exploit Author: Gabor Seljan Vendor Homepage: https://www.microsoft.com/ Version: 17763.1.amd64fre.rs5release.180914-1434 Tested...
The vulnerability of the Sn5Crypto.sys driver of the Secret Net Studio security system, which allows a hacker to trigger a service failure.
The vulnerability of the Sn5Crypto.sys driver of the Secret Net Studio security system is related to errors in processing the SECURITYDESCRIPTOR structure. Exploiting this vulnerability can allow an attacker to cause a service failure...
Microsoft Windows - CmpAddRemoveContainerToCLFSLog Arbitrary FileDirectory Creation
Microsoft Windows - CmpAddRemoveContainerToCLFSLog Arbitrary FileDirectory Creation Windows: CmpAddRemoveContainerToCLFSLog Arbitrary File/Directory Creation EoP Platform: Windows 10 1809 not tested earlier Class: Elevation of Privilege Security Boundary per Windows Security Service Criteria: Use...
Microsoft Windows 10 1809 - 'CmKeyBodyRemapToVirtualForEnum' Arbitrary Key Enumeration Privilege Escalation
Windows: CmKeyBodyRemapToVirtualForEnum Arbitrary Key Enumeration EoP Platform: Windows 10 1809 not tested earlier Class: Elevation of Privilege Security Boundary per Windows Security Service Criteria: User boundary Summary: The kernel’s Registry Virtualization doesn’t safely open the real key fo...