Lucene search
K

364 matches found

CNNVD
CNNVD
added 2023/01/10 12:0 a.m.11 views

Microsoft Windows Task Scheduler 安全漏洞

Microsoft Windows is a suite of operating systems for use on personal devices from Microsoft Corporation USA. A security vulnerability exists in Microsoft Windows Task Scheduler. An attacker can exploit the vulnerability to elevate privileges...

7.8CVSS7.6AI score0.00562EPSS
Exploits0References5
Cvelist
Cvelist
added 2023/01/10 12:0 a.m.49 views

CVE-2023-21541 Windows Task Scheduler Elevation of Privilege Vulnerability

...

7.8CVSS8.3AI score0.00562EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/01/10 12:0 a.m.4 views

PT-2023-1138 · Microsoft · Windows Task Scheduler +1

Name of the Vulnerable Software and Affected Versions: Windows Task Scheduler affected versions not specified Description: The issue is related to insufficient access control in the Windows Task Scheduler, which can be exploited to elevate privileges. This allows an attacker to affect the system...

7.8CVSS7.5AI score0.00562EPSS
Exploits0References8
CVE
CVE
added 2023/01/10 12:0 a.m.214 views

CVE-2023-21541

Technical details about CVE-2023-21541 are not provided in the connected documents. Based on available data, no specifics on affected components, root cause, or fixes are included here. Monitor for updates from authoritative sources.

7.8CVSS7.7AI score0.00562EPSS
Exploits0References1Affected Software15
Kaspersky
Kaspersky
added 2023/01/10 12:0 a.m.96 views

KLA20158 Multiple vulnerabilities in Microsoft Products (ESU)

Multiple vulnerabilities were found in Microsoft Products Extended Security Update. Malicious users can exploit these vulnerabilities to cause denial of service, gain privileges, execute arbitrary code, bypass security restrictions, obtain sensitive information. Below is a complete list of...

9.1CVSS9.7AI score0.41538EPSS
Exploits3References63
Kitploit
Kitploit
added 2022/06/04 10:30 p.m.35 views

COM-Hunter - COM Hijacking VOODOO

COM Hijacking VOODOO COM-hunter is a COM Hijacking persistnce tool written in C. This tool was inspired during the RTO course of @zeropointsecltd Features Finds out entry valid CLSIDs in the victim's machine. Finds out valid CLSIDs via Task Scheduler in the victim's machine. Finds out if someone...

7.2AI score
Exploits0References2
GithubExploit
GithubExploit
added 2022/05/25 10:47 a.m.58 views

Exploit for Improper Authentication in Atlassian Jira_Data_Center

Atlassian Jira Seraph Authentication Bypass RCE(CVE-2022-0540)...

9.8CVSS7.6AI score0.88057EPSS
Exploits2
Microsoft Secure
Microsoft Secure
added 2022/04/12 4:0 p.m.65 views

Tarrask malware uses scheduled tasks for defense evasion

As Microsoft continues to track the high-priority state-sponsored threat actor HAFNIUM, new activity has been uncovered that leverages unpatched zero-day vulnerabilities as initial vectors. The Microsoft Detection and Response Team DART in collaboration with the Microsoft Threat Intelligence Cent...

Exploits0
Malwarebytes
Malwarebytes
added 2022/04/05 6:36 p.m.20 views

Colibri Loader combines Task Scheduler and PowerShell in clever persistence technique

This blog post was authored by Ankur Saini, with contributions from Hossein Jazi and Jérôme Segura 2022-04-07: Added MITRE ATT&CK mappings 2022-04-07: Changed the name of the final payload from Vidar to Mars Stealer Colibri Loader is a relatively new piece of malware that first appeared on...

6.9AI score
Exploits0
CISA KEV Catalog
CISA KEV Catalog
added 2022/03/15 12:0 a.m.55 views

Microsoft Task Scheduler Privilege Escalation Vulnerability

A privilege escalation vulnerability exists in the way the Task Scheduler Service validates certain file operations...

7.8CVSS7.6AI score0.06117EPSS
In wildExploits1
CNNVD
CNNVD
added 2022/02/26 12:0 a.m.7 views

KDE KCron 权限许可和访问控制问题漏洞

KDE KCron is a task scheduler. KDE Kcron is vulnerable to privilege permission and access control issues, which could be exploited by an attacker to run unauthorized commands...

7.8CVSS5.6AI score0.00249EPSS
Exploits0References6
VulnCheck KEV
VulnCheck KEV
added 2021/12/15 12:0 a.m.3 views

VulnCheck KEV: CVE-2010-3338

The Windows Task Scheduler in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly determine the security context of scheduled tasks, which allows local users to gain privileges via a crafted application, aka "Task Scheduler Vulnerability."...

7.2CVSS5.8AI score0.1986EPSS
Exploits6References1
RedhatCVE
RedhatCVE
added 2021/10/06 12:59 a.m.47 views

CVE-2021-32810

crossbeam-deque is a package of work-stealing deques for building task schedulers when programming in Rust. In versions prior to 0.7.4 and 0.8.0, the result of the race condition is that one or more tasks in the worker queue can be popped twice instead of other tasks that are forgotten and never...

9.8CVSS2AI score0.01923EPSS
Exploits0References3
OSV
OSV
added 2021/06/21 11:15 a.m.6 views

CVE-2021-31769

MyQ Server in MyQ X Smart before 8.2 allows remote code execution by unprivileged users because administrative session data can be read in the %PROGRAMFILES%\MyQ\PHP\Sessions directory. The "Select server file" feature is only intended for administrators but actually does not require authorizatio...

8.8CVSS6.4AI score0.04062EPSS
Exploits1References1
NVD
NVD
added 2021/06/21 11:15 a.m.21 views

CVE-2021-31769

MyQ Server in MyQ X Smart before 8.2 allows remote code execution by unprivileged users because administrative session data can be read in the %PROGRAMFILES%\MyQ\PHP\Sessions directory. The "Select server file" feature is only intended for administrators but actually does not require authorizatio...

9CVSS0.04062EPSS
Exploits1References1
Prion
Prion
added 2021/06/21 11:15 a.m.15 views

Design/Logic Flaw

MyQ Server in MyQ X Smart before 8.2 allows remote code execution by unprivileged users because administrative session data can be read in the %PROGRAMFILES%\MyQ\PHP\Sessions directory. The "Select server file" feature is only intended for administrators but actually does not require authorizatio...

9CVSS8.9AI score0.04062EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2021/06/21 10:59 a.m.54 views

CVE-2021-31769

CVE-2021-31769 affects MyQ X Smart prior to 8.2. The vulnerability allows remote code execution because administrative session data can be read from %PROGRAMFILES%\MyQ\PHP\Sessions, and the non‑administration‑restricted “Select server file” feature enables attackers to inject arbitrary OS command...

9CVSS8.9AI score0.04062EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/06/21 10:59 a.m.23 views

CVE-2021-31769

MyQ Server in MyQ X Smart before 8.2 allows remote code execution by unprivileged users because administrative session data can be read in the %PROGRAMFILES%\MyQ\PHP\Sessions directory. The "Select server file" feature is only intended for administrators but actually does not require authorizatio...

9.2AI score0.04062EPSS
Exploits1References1
CNNVD
CNNVD
added 2021/06/21 12:0 a.m.4 views

MyQ X 操作系统命令注入漏洞

MyQ X is an application of myq-solution. It neatly organizes past and active projects in one place and centralizes their management in one interface. A security vulnerability exists in MyQ X Smart versions prior to 8.2, which can be exploited by an attacker to inject arbitrary OS commands via the...

9CVSS8.1AI score0.04062EPSS
Exploits1References1
CNVD
CNVD
added 2021/06/16 12:0 a.m.8 views

Logic flaw vulnerability in hera task scheduling system

hera task scheduler is a distributed task scheduler based on zeus rewrite. The hera Task Scheduler suffers from a logic flaw that can be exploited by an attacker to forge arbitrary login credentials via a built-in hard-coded key...

7.1AI score
Exploits0
Rows per page
Query Builder