Lucene search
K

77 matches found

Microsoft KB
Microsoft KB
added 2022/07/12 7:0 a.m.443 views

July 12, 2022—KB5015874 (Monthly Rollup)

July 12, 2022—KB5015874 Monthly Rollup Summary Learn more about this cumulative security update, including improvements, any known issues, and how to get the update. REMINDERWindows 8.1 will reach end of support on January 10, 2023 for all editions, at which point technical assistance and softwar...

8.8CVSS8.1AI score0.32146EPSS
Exploits4
ICS
ICS
added 2022/05/24 12:0 a.m.62 views

Rockwell Automation Logix Controllers

1. EXECUTIVE SUMMARY CVSS v3 6.8 ATTENTION: Exploitable remotely Vendor: Rockwell Automation Equipment: Logix Controllers Vulnerability: Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of this vulnerability may allow an unauthorized user to send malicious messages to...

8.6CVSS7.9AI score0.01919EPSS
Exploits0References4
ICS
ICS
added 2022/04/05 12:0 a.m.48 views

Rockwell Automation ISaGRAF

1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Low attack complexity Vendor: Rockwell Automation Equipment: ISaGRAF Vulnerability: Deserialization of Untrusted Data 2. RISK EVALUATION Successful exploitation of this vulnerability could allow arbitrary code execution. 3. TECHNICAL DETAILS 3.1...

8.6CVSS8.2AI score0.11654EPSS
Exploits0References5
Microsoft KB
Microsoft KB
added 2022/03/22 12:0 a.m.4 views

March 22, 2022—KB5011558 (OS Build 20348.617) Preview

March 22, 2022—KB5011558 OS Build 20348.617 Preview For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows Server 2022, see its update history page. Note Follow @WindowsUpdate to find ou...

6.7AI score
Exploits0
Microsoft KB
Microsoft KB
added 2021/09/14 7:0 a.m.100 views

September 14, 2021—KB5005575 (OS Build 20348.230)

September 14, 2021—KB5005575 OS Build 20348.230 Improvements and fixes This security update includes quality improvements. Key changes include: Addresses an issue that causes Windows to generate many AppLocker or SmartLocker success events in the AppLocker EXE and DLL event channel. Addresses an...

9.8CVSS8.6AI score0.99759EPSS
Exploits79
Microsoft KB
Microsoft KB
added 2021/08/10 7:0 a.m.469 views

August 10, 2021—KB5005043 (OS Build 14393.4583) - EXPIRED

August 10, 2021—KB5005043 OS Build 14393.4583 - EXPIRED EXPIRATION NOTICE As of 9/12/2023, KB5005043 is no longer available from Windows Update, the Microsoft Update Catalog, or other release channels. We recommend that you update your devices to the latest security quality update. --- 7/13/21...

9.9CVSS7.8AI score0.66023EPSS
Exploits7
Gitee
Gitee
added 2021/07/17 10:39 a.m.8 views

redpill

This is a PowerShell module repository called "redpill" that provides various post-exploitation tools for Windows systems. The repository contains several scripts that can be used to perform different tasks such as: Bypassing AppLocker restrictions Hijacking browser cookies Downloading and...

6.8AI score
Exploits0
0day.today
0day.today
added 2021/04/30 12:0 a.m.38 views

Microsoft SAFER Bypass Vulnerability

Hi @ll, Microsoft introduced SAFER alias Software Restriction Policies SRP with Windows XP about 20 years ago. See for the API, plus the TechNet articles "How Software Restriction Policies Work" and "Using Software Restriction Policies to Protect Against Unauthorized Software" for the use case...

7.4AI score
Exploits0
ICS
ICS
added 2021/02/11 12:0 a.m.126 views

Rockwell Automation DriveTools SP and Drives AOP

1. EXECUTIVE SUMMARY CVSS v3 7.5 Vendor : Rockwell Automation Equipment : DriveTools SP and Drives AOP Vulnerability : Uncontrolled Search Path Element 2. RISK EVALUATION Successful exploitation of this vulnerability may result in privilege escalation and total loss of device confidentiality,...

7.8CVSS8.1AI score0.00434EPSS
Exploits0References5
Hacker One
Hacker One
added 2020/08/16 10:58 a.m.14 views

Acronis: Arbitrary Files and Folders Deletion vulnerability with Acronis Managed Machine Service

Vulnerability description not provided...

7.1AI score
Exploits0
Kitploit
Kitploit
added 2020/08/04 12:30 p.m.27 views

Xeca - PowerShell Payload Generator

xeca is a project that creates encrypted PowerShell payloads for offensive purposes. Creating position independent shellcode from DLL files is also possible. Install Firstly ensure that rust is installed, then build the project with the following command: cargo build How It Works 1. Identify and...

7.5AI score
Exploits0References5
Microsoft KB
Microsoft KB
added 2020/04/13 12:0 a.m.17 views

Microsoft security advisory: Update to improve AppLocker certificate handling: September 8, 2015

Microsoft security advisory: Update to improve AppLocker certificate handling: September 8, 2015 Summary Microsoft has released a Microsoft security advisory about this issue for IT professionals. The security advisory contains additional security-related information. To learn more about the...

6.3AI score
Exploits0
Packet Storm
Packet Storm
added 2020/01/02 12:0 a.m.122 views

AppLocker Policy Bypass

Exploit Title: AppLocker 'Packaged App' Installation Policy Bypass Date: 2/1/20 Exploit Author: Social Engineering Neo - @EngineeringNeo Vendor Homepage: https://microsoft.com Software Link: N/A Version: Windows build 18363.535 and below. Tested on: Windows 10 build 17763.253, 18362.295, 18362.35...

7.4AI score
Exploits0
OpenVAS
OpenVAS
added 2019/12/13 12:0 a.m.9 views

SYS.1.2.2.A8

Ziel des Bausteins SYS.1.2.2 ist die Absicherung von Microsoft Windows Server 2012 und Microsoft Windows Server 2012 R2. Die Standard-Anforderung Copyright C 2019 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify...

7.3AI score
Exploits0References1
OpenVAS
OpenVAS
added 2019/12/09 12:0 a.m.9 views

SYS.2.2.2.A14

Ziel des Bausteins SYS.2.2.2 ist der Schutz von Informationen, die durch und auf Windows 8.1-Clients verarbeiten werden. Die Kern-Anforderung Copyright C 2019 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it...

7.3AI score
Exploits0References1
exploitpack
exploitpack
added 2019/12/03 12:0 a.m.28 views

NetProfiler

On .NET 4, the CLSID must be defined via the HKCR\CLSIDGUID\InprocServer32 registry key containing the path to the profiling DLL. On recent versions, the CLR uses the CORPROFILERPATH environment variable to find the DLL – and falls back to using the CLSID if CORPROFILERPATH is not defined. Author...

1.1AI score
Exploits0
Metasploit
Metasploit
added 2019/08/08 5:48 p.m.37 views

Applocker Evasion - Microsoft Workflow Compiler

This module will assist you in evading Microsoft Windows Applocker and Software Restriction Policies. This technique utilises the Microsoft signed binaries Microsoft.Workflow.Compiler.exe to execute user supplied code. This module requires Metasploit: https://metasploit.com/download Current sourc...

0.4AI score
Exploits0
Metasploit
Metasploit
added 2019/08/08 5:36 p.m.31 views

Applocker Evasion - Microsoft .NET Assembly Registration Utility

This module will assist you in evading Microsoft Windows Applocker and Software Restriction Policies. This technique utilises the Microsoft signed binaries RegAsm.exe or RegSvcs.exe to execute user supplied code. This module requires Metasploit: https://metasploit.com/download Current source:...

Exploits0
Metasploit
Metasploit
added 2019/08/01 7:40 a.m.36 views

Applocker Evasion - Windows Presentation Foundation Host

This module will assist you in evading Microsoft Windows Applocker and Software Restriction Policies. This technique utilises the Microsoft signed binary PresentationHost.exe to execute user supplied code. This module requires Metasploit: https://metasploit.com/download Current source:...

7.5AI score
Exploits0
Metasploit
Metasploit
added 2019/07/26 7:16 p.m.27 views

Applocker Evasion - MSBuild

This module will assist you in evading Microsoft Windows Applocker and Software Restriction Policies. This technique utilises the Microsoft signed binary MSBuild.exe to execute user supplied code. This module requires Metasploit: https://metasploit.com/download Current source:...

0.2AI score
Exploits0
Rows per page
Query Builder