Lucene search
K

20 matches found

The Hacker News
The Hacker News
added 2026/06/10 5:22 a.m.119 views

Microsoft Defender RoguePlanet Zero-Day Grants SYSTEM Access on Updated Windows

The anonymous security researcher going by the name Chaotic Eclipse aka Nightmare-Eclipse has released a proof-of-concept PoC exploit for yet another Microsoft Defender zero-day named RoguePlanet. "The exploit is a race condition, so it's a hit or miss," the researcher, who published the exploit...

7.8CVSS6.4AI score0.08371EPSS
Exploits2
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.14 views

Microsoft Hyper-V 信息泄露漏洞

Microsoft Hyper-V is an application developed by Microsoft Corporation in the United States. It is a system management program that enables desktop virtualization. Microsoft Hyper-V has a vulnerability related to information leakage. Attackers can exploit this vulnerability to obtain sensitive...

5.5CVSS5.3AI score0.00459EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2026/04/22 12:29 p.m.138 views

Exploit for Insufficient Granularity of Access Control in Microsoft

🔨 CVE-2026-33825: BlueHammer Microsoft Defender Elevation o...

7.8CVSS5.7AI score0.06749EPSS
Exploits3
Vulnrichment
Vulnrichment
added 2026/04/08 7:25 a.m.7 views

CVE-2026-4483

An exposed IOCTL with an insufficient access control vulnerability has been identified in the utility, MxGeneralIo, for Moxa’s industrial x86 computers. The affected utility, MxGeneralIo, exposes IOCTL methods that permit direct read and write access to MSR and system memory. A local attacker wit...

7CVSS5.8AI score0.00299EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/08 12:0 a.m.9 views

PT-2026-31106

Name of the Vulnerable Software and Affected Versions Moxa MxGeneralIo affected versions not specified Description A utility, MxGeneralIo, for Moxa’s industrial x86 computers has an exposed IOCTL with insufficient access control. The utility exposes IOCTL methods that allow direct read and write...

7CVSS5.8AI score0.00299EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/03/10 12:0 a.m.14 views

Microsoft Windows SMB Server 授权问题漏洞

Microsoft Windows SMB Server is a network file sharing protocol developed by Microsoft Corporation. It allows applications on computers to read and write files, as well as to request services from server programs on a computer network. There is an authorization vulnerability in Microsoft Windows...

7.8CVSS5.8AI score0.00447EPSS
Exploits1References1
Packet Storm
Packet Storm
added 2026/02/05 12:0 a.m.132 views

📄 Microsoft Windows 10 / 11 NTLM Hash Disclosure Spoofing

Microsoft Windows 10 / 11 proof of concept exploit that generates a .library-ms XML file pointing to a network share UNC. When opened/imported on Windows, the library points to the specified UNC path. Exploit Title: windows 10/11 - NTLM Hash Disclosure Spoofing Date: 2025-10-06 Exploit Author:...

6.5CVSS5.4AI score0.58974EPSS
Exploits20
Exploit DB
Exploit DB
added 2026/02/04 12:0 a.m.173 views

windows 10/11 - NTLM Hash Disclosure Spoofing

Exploit Title: windows 10/11 - NTLM Hash Disclosure Spoofing Date: 2025-10-06 Exploit Author: Beatriz Fresno Naumova Vendor Homepage: https://www.microsoft.com Software Link: N/A Version: Not applicable this is a generic Windows library file behavior Tested on: Windows 10 x64 / Windows 11 x64 lab...

6.5CVSS5.3AI score0.58974EPSS
Exploits20
Information Security Automation
Information Security Automation
added 2025/08/12 3:47 p.m.15 views

August “In the Trend of VM” (#18): vulnerabilities in Microsoft Windows and SharePoint

August "In the Trend of VM" 18: vulnerabilities in Microsoft Windows and SharePoint. A traditional monthly roundup - this time, it's extremely short. Post on Habr rus Digest on the PT website rus Only two trending vulnerabilities: Remote Code Execution - Microsoft SharePoint Server "ToolShell"...

9.8CVSS7.1AI score0.99979EPSS
Exploits45
CNNVD
CNNVD
added 2023/08/08 12:0 a.m.4 views

Microsoft Windows Kernel Security Vulnerability

Microsoft Windows Kernel is the kernel of the Windows operating system by Microsoft Corporation USA. A security vulnerability exists in Microsoft Windows Kernel. An attacker could exploit this vulnerability to gain elevated privileges. The following products and versions are affected: Windows 11...

7.8CVSS6.8AI score0.05991EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 3:50 a.m.4 views

SUSE CVE-2021-0168

Improper input validation in firmware for some IntelR PROSet/Wireless Wi-Fi in multiple operating systems and some KillerTM Wi-Fi in Windows 10 and 11 may allow a privileged user to potentially enable escalation of privilege via local access...

6.7CVSS7.1AI score0.00311EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 3:50 a.m.4 views

SUSE CVE-2021-0170

Exposure of Sensitive Information to an Unauthorized Actor in firmware for some IntelR PROSet/Wireless Wi-Fi in multiple operating systems and some KillerTM Wi-Fi in Windows 10 and 11 may allow an authenticated user to potentially enable information disclosure via local access...

5.5CVSS6AI score0.00289EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 3:50 a.m.6 views

SUSE CVE-2021-0176

Improper input validation in firmware for some IntelR PROSet/Wireless Wi-Fi in multiple operating systems and some KillerTM Wi-Fi in Windows 10 and 11 may allow a privileged user to potentially enable denial of service via local access...

4.4CVSS6.3AI score0.00266EPSS
Exploits0References6
CNNVD
CNNVD
added 2022/04/12 12:0 a.m.7 views

Microsoft Win32k 权限许可和访问控制问题漏洞

Microsoft Win32k is a system file for Windows multi-user administration by Microsoft Corporation USA. Microsoft Windows Win32K is vulnerable to privilege license and access control issues. The following products and editions are affected:Windows Server 2019,Windows Server 2019 Server Core...

7.8CVSS7.4AI score0.00793EPSS
Exploits0References6
OSV
OSV
added 2022/02/09 11:15 p.m.4 views

CVE-2021-33110

Improper input validation for some IntelR Wireless BluetoothR products and KillerTM BluetoothR products in Windows 10 and 11 before version 22.80 may allow an unauthenticated user to potentially enable denial of service via adjacent access...

6.5CVSS5.8AI score0.00504EPSS
Exploits0References1
OSV
OSV
added 2022/02/09 11:15 p.m.5 views

CVE-2021-0177

Improper Validation of Consistency within input in software for IntelR PROSet/Wireless Wi-Fi and KillerTM Wi-Fi in Windows 10 and 11 may allow an unauthenticated user to potentially enable denial of service via adjacent access...

6.5CVSS5.8AI score0.00379EPSS
Exploits0References1
OSV
OSV
added 2022/02/09 11:15 p.m.3 views

CVE-2021-0179

Improper Use of Validation Framework in software for IntelR PROSet/Wireless Wi-Fi and KillerTM Wi-Fi in Windows 10 and 11 may allow an unauthenticated user to potentially enable denial of service via adjacent access...

6.5CVSS5.8AI score0.00379EPSS
Exploits0References1
OSV
OSV
added 2022/02/09 11:15 p.m.2 views

CVE-2021-0174

Improper Use of Validation Framework in firmware for some IntelR PROSet/Wireless Wi-Fi in multiple operating systems and some KillerTM Wi-Fi in Windows 10 and 11 may allow a unauthenticated user to potentially enable denial of service via adjacent access...

6.5CVSS6AI score0.00515EPSS
Exploits0References1
OSV
OSV
added 2022/02/09 11:15 p.m.3 views

CVE-2021-0178

Improper input validation in software for IntelR PROSet/Wireless Wi-Fi and KillerTM Wi-Fi in Windows 10 and 11 may allow an unauthenticated user to potentially enable denial of service via adjacent access...

6.5CVSS5.8AI score0.00379EPSS
Exploits0References1
OSV
OSV
added 2022/02/09 11:15 p.m.2 views

UBUNTU-CVE-2021-0168

Improper input validation in firmware for some IntelR PROSet/Wireless Wi-Fi in multiple operating systems and some KillerTM Wi-Fi in Windows 10 and 11 may allow a privileged user to potentially enable escalation of privilege via local access...

6.7CVSS6AI score0.00311EPSS
Exploits0References3
Rows per page
Query Builder