34 matches found
Microsoft Confirms Active Exploitation of Windows Shell CVE-2026-32202
Microsoft on Monday revised its advisory for a now-patched, high-severity security flaw impacting Windows Shell to acknowledge that it has been actively exploited in the wild. The vulnerability in question is CVE-2026-32202 CVSS score: 4.3, a spoofing vulnerability that could allow an attacker to...
CVE-2026-20847
Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to perform spoofing over a network...
EUVD-2000-0659
Malware in sbrugna...
EUVD-2015-2558
Malware in sbrugna...
EUVD-2025-10156
Malicious code in bioql PyPI...
CVE-2025-49679 Windows Shell Elevation of Privilege Vulnerability
...
PT-2025-28577 · Microsoft · Windows Shell +1
Name of the Vulnerable Software and Affected Versions: Windows Shell affected versions not specified Description: A numeric truncation error in Windows Shell allows an authorized attacker to elevate privileges locally. Recommendations: At the moment, there is no information about a newer version...
Windows Shortcut Files Security Feature Bypass Vulnerability
Protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a security feature over a network...
PT-2025-24860 · Microsoft · Windows Shell +1
Name of the Vulnerable Software and Affected Versions: Windows Shell affected versions not specified Description: A protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a security feature over a network. Recommendations: At the moment, there is no information...
CVE-2020-1286
A remote code execution vulnerability exists when the Windows Shell does not properly validate file paths.An attacker who successfully exploited this vulnerability could run arbitrary code in the context of the current user, aka 'Windows Shell Remote Code Execution Vulnerability'...
CVE-2025-27729
Use after free in Windows Shell allows an unauthorized attacker to execute code locally...
CVE-2025-27729 Windows Shell Remote Code Execution Vulnerability
...
Windows Shell Remote Code Execution Vulnerability
Use after free in Windows Shell allows an unauthorized attacker to execute code locally...
PT-2025-15553 · Microsoft · Windows Shell +1
Name of the Vulnerable Software and Affected Versions: Windows Shell affected versions not specified Description: The issue is related to a use after free condition in the Windows Shell, which allows an unauthorized attacker to execute code locally. Recommendations: At the moment, there is no...
The vulnerability of the Windows Shell component of Windows operating systems allows a perpetrator to execute arbitrary code.
The vulnerability of the Windows Shell component in Windows operating systems is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
CVE-2022-30222
Windows Shell Remote Code Execution Vulnerability...
CVE-2022-30222 Windows Shell Remote Code Execution Vulnerability
...
The vulnerability of the Shell infrastructure component in Windows operating systems, which allows a hacker to increase their privileges
The vulnerability of the Shell infrastructure component in Windows operating systems is related to errors in memory object handling. Exploiting this vulnerability can allow an attacker to enhance their privileges through a specially created application...
The vulnerability of the Windows shell component of the Windows operating system, which allows a hacker to increase their privileges
The vulnerability of the Windows shell component of the Windows operating system is related to errors in object handling in memory. Exploiting this vulnerability can allow an attacker to enhance their privileges through a specially created application...
Exploit for Code Injection in Microsoft
This repository contains a proof-of-concept PoC exploit for CVE-2017-8759, a vulnerability in the Windows Shell that allows for arbitrary code execution. The exploit is designed to weaponize the vulnerability, allowing an attacker to execute malicious code on a vulnerable system. The PoC is...