GHSA-66Q9-2RVX-QFJ5 Kolide Agent Privilege Escalation (Windows, Versions >= 1.5.3, < 1.12.3)

An implementation bug in the Kolide Agent known as launcher allows for local privilege escalation to the SYSTEM user on Windows 10 and 11. Impacted versions include versions = 1.5.3 and the fix has been released in 1.12.3. The bug was introduced in version 1.5.3 when launcher started storing...

Kolide Agent Privilege Escalation (Windows, Versions >= 1.5.3, < 1.12.3)

An implementation bug in the Kolide Agent known as launcher allows for local privilege escalation to the SYSTEM user on Windows 10 and 11. Impacted versions include versions = 1.5.3 and the fix has been released in 1.12.3. The bug was introduced in version 1.5.3 when launcher started storing...

SolarWinds Orion Secrets Dump

This module exports and decrypts credentials from SolarWinds Orion Network Performance Monitor NPM to a CSV file; it is intended as a post-exploitation module for Windows hosts with SolarWinds Orion NPM installed. The module supports decryption of AES-256, RSA, and XMLSEC secrets. Separate action...

Silex Technology SX-500/SD-320AN or GE Healthcare MobileLink (Update B)

1. EXECUTIVE SUMMARY CVSS v3 7.4 ATTENTION : Exploitable Remotely / Low skill level to exploit / Public exploits are available Vendors : Silex Technology, GE Healthcare Equipment : SX-500, SD-320AN, MobileLink Vulnerabilities : Improper Authentication, OS Command Injection 2. UPDATE INFORMATION...