20 matches found
Microsoft Defender RoguePlanet Zero-Day Grants SYSTEM Access on Updated Windows
The anonymous security researcher going by the name Chaotic Eclipse aka Nightmare-Eclipse has released a proof-of-concept PoC exploit for yet another Microsoft Defender zero-day named RoguePlanet. "The exploit is a race condition, so it's a hit or miss," the researcher, who published the exploit...
Microsoft Hyper-V 信息泄露漏洞
Microsoft Hyper-V is an application developed by Microsoft Corporation in the United States. It is a system management program that enables desktop virtualization. Microsoft Hyper-V has a vulnerability related to information leakage. Attackers can exploit this vulnerability to obtain sensitive...
Exploit for Insufficient Granularity of Access Control in Microsoft
🔨 CVE-2026-33825: BlueHammer Microsoft Defender Elevation o...
CVE-2026-4483
An exposed IOCTL with an insufficient access control vulnerability has been identified in the utility, MxGeneralIo, for Moxa’s industrial x86 computers. The affected utility, MxGeneralIo, exposes IOCTL methods that permit direct read and write access to MSR and system memory. A local attacker wit...
PT-2026-31106
Name of the Vulnerable Software and Affected Versions Moxa MxGeneralIo affected versions not specified Description A utility, MxGeneralIo, for Moxa’s industrial x86 computers has an exposed IOCTL with insufficient access control. The utility exposes IOCTL methods that allow direct read and write...
Microsoft Windows SMB Server 授权问题漏洞
Microsoft Windows SMB Server is a network file sharing protocol developed by Microsoft Corporation. It allows applications on computers to read and write files, as well as to request services from server programs on a computer network. There is an authorization vulnerability in Microsoft Windows...
📄 Microsoft Windows 10 / 11 NTLM Hash Disclosure Spoofing
Microsoft Windows 10 / 11 proof of concept exploit that generates a .library-ms XML file pointing to a network share UNC. When opened/imported on Windows, the library points to the specified UNC path. Exploit Title: windows 10/11 - NTLM Hash Disclosure Spoofing Date: 2025-10-06 Exploit Author:...
windows 10/11 - NTLM Hash Disclosure Spoofing
Exploit Title: windows 10/11 - NTLM Hash Disclosure Spoofing Date: 2025-10-06 Exploit Author: Beatriz Fresno Naumova Vendor Homepage: https://www.microsoft.com Software Link: N/A Version: Not applicable this is a generic Windows library file behavior Tested on: Windows 10 x64 / Windows 11 x64 lab...
August “In the Trend of VM” (#18): vulnerabilities in Microsoft Windows and SharePoint
August "In the Trend of VM" 18: vulnerabilities in Microsoft Windows and SharePoint. A traditional monthly roundup - this time, it's extremely short. Post on Habr rus Digest on the PT website rus Only two trending vulnerabilities: Remote Code Execution - Microsoft SharePoint Server "ToolShell"...
Microsoft Windows Kernel Security Vulnerability
Microsoft Windows Kernel is the kernel of the Windows operating system by Microsoft Corporation USA. A security vulnerability exists in Microsoft Windows Kernel. An attacker could exploit this vulnerability to gain elevated privileges. The following products and versions are affected: Windows 11...
SUSE CVE-2021-0168
Improper input validation in firmware for some IntelR PROSet/Wireless Wi-Fi in multiple operating systems and some KillerTM Wi-Fi in Windows 10 and 11 may allow a privileged user to potentially enable escalation of privilege via local access...
SUSE CVE-2021-0170
Exposure of Sensitive Information to an Unauthorized Actor in firmware for some IntelR PROSet/Wireless Wi-Fi in multiple operating systems and some KillerTM Wi-Fi in Windows 10 and 11 may allow an authenticated user to potentially enable information disclosure via local access...
SUSE CVE-2021-0176
Improper input validation in firmware for some IntelR PROSet/Wireless Wi-Fi in multiple operating systems and some KillerTM Wi-Fi in Windows 10 and 11 may allow a privileged user to potentially enable denial of service via local access...
Microsoft Win32k 权限许可和访问控制问题漏洞
Microsoft Win32k is a system file for Windows multi-user administration by Microsoft Corporation USA. Microsoft Windows Win32K is vulnerable to privilege license and access control issues. The following products and editions are affected:Windows Server 2019,Windows Server 2019 Server Core...
CVE-2021-33110
Improper input validation for some IntelR Wireless BluetoothR products and KillerTM BluetoothR products in Windows 10 and 11 before version 22.80 may allow an unauthenticated user to potentially enable denial of service via adjacent access...
CVE-2021-0177
Improper Validation of Consistency within input in software for IntelR PROSet/Wireless Wi-Fi and KillerTM Wi-Fi in Windows 10 and 11 may allow an unauthenticated user to potentially enable denial of service via adjacent access...
CVE-2021-0179
Improper Use of Validation Framework in software for IntelR PROSet/Wireless Wi-Fi and KillerTM Wi-Fi in Windows 10 and 11 may allow an unauthenticated user to potentially enable denial of service via adjacent access...
CVE-2021-0174
Improper Use of Validation Framework in firmware for some IntelR PROSet/Wireless Wi-Fi in multiple operating systems and some KillerTM Wi-Fi in Windows 10 and 11 may allow a unauthenticated user to potentially enable denial of service via adjacent access...
CVE-2021-0178
Improper input validation in software for IntelR PROSet/Wireless Wi-Fi and KillerTM Wi-Fi in Windows 10 and 11 may allow an unauthenticated user to potentially enable denial of service via adjacent access...
UBUNTU-CVE-2021-0168
Improper input validation in firmware for some IntelR PROSet/Wireless Wi-Fi in multiple operating systems and some KillerTM Wi-Fi in Windows 10 and 11 may allow a privileged user to potentially enable escalation of privilege via local access...