Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

OSV
OSVadded 2024/12/03 8:56 p.m.13 views

GHSA-66Q9-2RVX-QFJ5 Kolide Agent Privilege Escalation (Windows, Versions >= 1.5.3, < 1.12.3)

An implementation bug in the Kolide Agent known as launcher allows for local privilege escalation to the SYSTEM user on Windows 10 and 11. Impacted versions include versions = 1.5.3 and the fix has been released in 1.12.3. The bug was introduced in version 1.5.3 when launcher started storing...

7.3CVSS6.8AI score0.00074EPSS
Exploits0References3
Github Security Blog
Github Security Blogadded 2024/12/03 8:56 p.m.16 views

Kolide Agent Privilege Escalation (Windows, Versions >= 1.5.3, < 1.12.3)

An implementation bug in the Kolide Agent known as launcher allows for local privilege escalation to the SYSTEM user on Windows 10 and 11. Impacted versions include versions = 1.5.3 and the fix has been released in 1.12.3. The bug was introduced in version 1.5.3 when launcher started storing...

7.3CVSS7.6AI score0.00074EPSS
Exploits0References3Affected Software1
Packet Storm
Packet Stormadded 2024/08/31 12:0 a.m.254 views

IBM BigFix Relay Server Sites and Package Enum

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'IBM BigFix Relay Server Sites and Package Enum', 'Description' = %q This module retrieves masthead, site, and available package information from...

5.3CVSS7.1AI score0.74625EPSS
Exploits2
Metasploit
Metasploitadded 2022/12/20 7:51 p.m.570 views

SolarWinds Orion Secrets Dump

This module exports and decrypts credentials from SolarWinds Orion Network Performance Monitor NPM to a CSV file; it is intended as a post-exploitation module for Windows hosts with SolarWinds Orion NPM installed. The module supports decryption of AES-256, RSA, and XMLSEC secrets. Separate action...

7.7AI score
Exploits0
GithubExploit
GithubExploitadded 2021/08/29 11:8 a.m.145 views

Exploit for OS Command Injection in Sophos Unified_Threat_Management

sophucked CVE-2020-25223 RCE PoC, gets reverse shell. Pre-auth...

10CVSS9.7AI score0.94293EPSS
Exploits9
Saint
Saintadded 2021/08/27 12:0 a.m.252 views

Sophos UTM Webadmin remote command execution

Added: 08/27/2021 Background Sophos UTM is a network security appliance. Problem A vulnerability in the Webadmin interface allows remote attackers to execute arbitrary commands by sending a specially crafted POST request. Resolution Upgrade to Sophos SG UTM v9.511 MR11, v9.607 MR7, or v9.705 MR5 ...

10CVSS9.9AI score0.94293EPSS
Exploits9
ICS
ICSadded 2018/05/08 12:0 a.m.75 views

Silex Technology SX-500/SD-320AN or GE Healthcare MobileLink (Update B)

1. EXECUTIVE SUMMARY CVSS v3 7.4 ATTENTION : Exploitable Remotely / Low skill level to exploit / Public exploits are available Vendors : Silex Technology, GE Healthcare Equipment : SX-500, SD-320AN, MobileLink Vulnerabilities : Improper Authentication, OS Command Injection 2. UPDATE INFORMATION...

7.4CVSS7.9AI score0.00554EPSS
Exploits0References5
Rows per page
Query Builder