Lucene search
K

97 matches found

CNNVD
CNNVD
added 2020/11/19 12:0 a.m.9 views

IBM DB2 代码问题漏洞

IBM DB2 is a set of relational database management system from IBM in the United States. The main execution environments for this system are UNIX, Linux, IBMi, z/OS, and Windows server versions. IBM DB2 suffers from an arbitrary code execution vulnerability that can be exploited by an attacker to...

7.8CVSS7.7AI score0.0045EPSS
Exploits0References25
FireEye
FireEye
added 2020/08/11 5:0 p.m.17 views

COOKIEJAR: Tracking Adversaries With FireEye Endpoint Security’s Logon Tracker Module

During a recent investigation at a telecommunications company led by Mandiant Managed Defense, our team was tasked with rapidly identifying systems that had been accessed by a threat actor using legitimate, but compromised domain credentials. This sometimes-challenging task was made simple becaus...

0.1AI score
Exploits0References4
Prion
Prion
added 2020/08/06 4:15 p.m.18 views

Design/Logic Flaw

The GalaxyClientService component of GOG Galaxy runs with elevated SYSTEM privileges in a Windows environment. Due to the software shipping with embedded, static RSA private key, an attacker with this key material and local user permissions can effectively send any operating system command to the...

7.2CVSS8.7AI score0.03778EPSS
Exploits5References2Affected Software1
CVE
CVE
added 2020/08/06 3:45 p.m.208 views

CVE-2020-7352

CVE-2020-7352 context : The GalaxyClientService in GOG Galaxy runs as SYSTEM on Windows. It ships with an embedded, static RSA private key and listens on localhost:9978, enabling a local attacker with user privileges to execute OS commands in elevated context via crafted inputs. The issue affects...

8.8CVSS8.7AI score0.03778EPSS
Exploits5References2Affected Software1
Cvelist
Cvelist
added 2020/08/06 3:45 p.m.30 views

CVE-2020-7352 GOG Galaxy GalaxyClientService Privilege Escalation

The GalaxyClientService component of GOG Galaxy runs with elevated SYSTEM privileges in a Windows environment. Due to the software shipping with embedded, static RSA private key, an attacker with this key material and local user permissions can effectively send any operating system command to the...

8.4CVSS8.8AI score0.03778EPSS
Exploits5References2
Kitploit
Kitploit
added 2020/01/11 9:8 p.m.190 views

CHAPS - Configuration Hardening Assessment PowerShell Script

CHAPS is a PowerShell script for checking system security settings where additional software and assessment tools, such as Microsoft Policy Analyzer, cannot be installed. The purpose of this script is to run it on a server or workstation to collect configuration information about that system. The...

7.4AI score
Exploits0References2
NVD
NVD
added 2019/11/13 6:15 p.m.20 views

CVE-2019-18279

In Phoenix SCT WinFlash 1.1.12.0 through 1.5.74.0, the included drivers could be used by a malicious Windows application to gain elevated privileges. Adverse impacts are limited to the Windows environment and there is no known direct impact to the UEFI firmware. This was fixed in late June 2019...

8.8CVSS8.8AI score0.01265EPSS
Exploits0References3
Cvelist
Cvelist
added 2019/11/13 5:34 p.m.25 views

CVE-2019-18279

In Phoenix SCT WinFlash 1.1.12.0 through 1.5.74.0, the included drivers could be used by a malicious Windows application to gain elevated privileges. Adverse impacts are limited to the Windows environment and there is no known direct impact to the UEFI firmware. This was fixed in late June 2019...

8.8AI score0.01265EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2019/08/10 12:0 a.m.9 views

PT-2019-6410 · Phoenix · Phoenix Sct Winflash

Name of the Vulnerable Software and Affected Versions: Phoenix SCT WinFlash versions 1.1.12.0 through 1.5.74.0 Description: The issue is related to the included drivers in Phoenix SCT WinFlash, which could be used by a malicious Windows application to gain elevated privileges. The adverse impacts...

10CVSS9.5AI score0.01265EPSS
Exploits0References10
OSV
OSV
added 2017/09/28 1:29 a.m.9 views

CVE-2017-12814

Stack-based buffer overflow in the CPerlHost::Add method in win32/perlhost.h in Perl before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 on Windows allows attackers to execute arbitrary code via a long environment variable...

9.8CVSS8AI score
Exploits0References6
pentestit
pentestit
added 2017/07/16 4:28 p.m.27 views

NetworkRecon: PowerShell to Identify Network Vulnerabilities!

PenTestIT RSS Feed As PowerShell becomes more prevalent in the Windows environment, so will it's use for vulnerability assessment and penetration tests. I have covered a few of them earlier such as PowerSploit, PSAttack. However none of the ones I mentioned help you detect network vulnerabilities...

7.5AI score
Exploits0
Talos
Talos
added 2017/06/30 12:0 a.m.50 views

Invincea-X SboxDrv.sys Version Number Query Local Privilege Escalation Vulnerability

Summary An exploitable double fetch vulnerability exists in the SboxDrv.sys driver functionality of Invincea-X 6.1.3-24058. A specially crafted input buffer and race condition can result in kernel memory corruption, which could result in privilege escalation. An attacker needs to execute a specia...

7.8CVSS7.7AI score0.00313EPSS
Exploits2
Packet Storm
Packet Storm
added 2017/06/30 12:0 a.m.62 views

Microsoft Machine Debug Manager (mdm) DLL Hijacking

Microsoft Machine Debug Manager mdm DLL side loading vulnerability Vulnerability: DLL Hijacking / DLL Side Loading Advisory URL: https://ipositivesecurity.com/2017/06/15/microsoft-machine-debug-manager-mdm-insecure-library-loading-allows-code-execution/ ------------------------ ABOUT...

Exploits0
Tenable Nessus
Tenable Nessus
added 2017/03/31 12:0 a.m.21 views

Exposed Localstart.asp Page

To restrict access to specific pages on a webserver, developers can implement various methods of authentication, therefore only allowing access to clients with valid credentials. There are several forms of authentication that can be used. The simplest forms of authentication are known as 'Basic'...

7.3AI score
Exploits0
myhack58
myhack58
added 2017/02/14 12:0 a.m.282 views

MS14-068-domain privilege escalation vulnerability summary-vulnerability warning-the black bar safety net

0x01 vulnerability of origin Said to ms14-068,have to say the silver ticket, that is, the cheque in. Cheque is a piece of tgs, that is, a service Ticket. The service ticket is the client is sent directly to the server and request the service resource. If the server is not the domain controller dc...

7.5AI score
Exploits0
Kitploit
Kitploit
added 2016/12/23 2:7 p.m.20 views

Noriben - Portable, Simple, Malware Analysis Sandbox

Noriben is a Python-based script that works in conjunction with Sysinternals Procmon to automatically collect, analyze, and report on runtime indicators of malware. In a nutshell, it allows you to run your malware, hit a keypress, and get a simple text report of the sample's activities. Noriben...

7.6AI score
Exploits0References1
OwnCloud
OwnCloud
added 2016/08/17 5:37 p.m.533 views

Desktop Client: Local Code Injection

The ownCloud Client was vunerable to a local code injection attack. A malicious local user could create a special path where the client would load libraries from during startup. As on Windows, everyone by default has the permission to write to the C: drive and create arbitrary directories and...

4.6CVSS8.1AI score0.00533EPSS
Exploits0Affected Software1
Kitploit
Kitploit
added 2016/03/29 10:48 p.m.24 views

PentestBox 2.0 - Portable Penetration Testing Distribution for Windows Environments

PentestBox provides all security tools as a software package, eliminating requirement of Virtual machines or dualboot environments on Windows Operating System. It is created because more than 50% of penetration testing distribution users uses windows. Source So it provides an efficient platform f...

7.4AI score
Exploits0
myhack58
myhack58
added 2016/03/08 12:0 a.m.21 views

Fix weblogic JAVA deserialization vulnerability of a variety of methods-vulnerability warning-the black bar safety net

The current oracle is also not in the publicly released weblogic JAVA deserialization vulnerability official patch currently see the repair method is nothing more than two: Use SerialKiller replace the sequence of operation of the ObjectInputStream class; In does not affect the business case, the...

0.6AI score
Exploits0
UbuntuCve
UbuntuCve
added 2015/10/21 9:59 p.m.41 views

CVE-2015-4807

Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier, when running on Windows, allows remote authenticated users to affect availability via unknown vectors related to Server : Query Cache...

3.5CVSS6.9AI score0.02729EPSS
Exploits0References2
Rows per page
Query Builder