Exploit for Integer Overflow or Wraparound in Microsoft

CVE-2025-47987: Windows CredSSP Elevation of Privilege 📌...

CVE-2025-47987 Credential Security Support Provider Protocol (CredSSP) Elevation of Privilege Vulnerability

...

CVE-2025-47987 Credential Security Support Provider Protocol (CredSSP) Elevation of Privilege Vulnerability

...

Credential Security Support Provider Protocol (CredSSP) Elevation of Privilege Vulnerability

Heap-based buffer overflow in Windows Cred SSProvider Protocol allows an authorized attacker to elevate privileges locally...

Privilege escalation

Credential Security Support Provider Protocol CredSSP Elevation of Privilege Vulnerability...

CVE-2021-41366 Credential Security Support Provider Protocol (CredSSP) Elevation of Privilege Vulnerability

...

CVE-2021-41366

CVE-2021-41366 : Credential Security Support Provider Protocol (CredSSP) Elevation of Privilege. The NVD entry reports a high-severity (CVSS 3.1 base 7.8) vulnerability with a LOCAL attack vector, requiring LOW privileges and NO user interaction, leading to HIGH impact on confidentiality, integri...

Microsoft Windows Multiple Vulnerabilities (KB5007247)

This host is missing a critical security update according to Microsoft KB5007247 SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

KLA12345 Multiple vulnerabilities in Microsoft Windows

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, obtain sensitive information, execute arbitrary code, bypass security restrictions, cause denial of service. Below is a complete list of vulnerabilities: 1. An elevation...

Microsoft Security Advisory: Registry update to improve credentials protection and management for Windows-based systems that have the 2919355 update installed: July 8, 2014

Microsoft Security Advisory: Registry update to improve credentials protection and management for Windows-based systems that have the 2919355 update installed: July 8, 2014 INTRODUCTION Microsoft has released a Microsoft security advisory about this issue for IT professionals. The security adviso...

CredSSP Remote Code Execution Vulnerability March 2018 Security Update

The remote Windows host allows fallback to insecure versions of Credential Security Support Provider protocol CredSSP. It is therefore, affected by a remote code execution vulnerability. An attacker who successfully exploited this vulnerability could relay user credentials and use them to execute...

rdp-ntlm-info NSE Script

This script enumerates information from remote RDP services with CredSSP NLA authentication enabled. Sending an incomplete CredSSP NTLM authentication request with null credentials will cause the remote service to respond with a NTLMSSP message disclosing information to include NetBIOS, DNS, and ...

Debian DLA-1666-1 : freerdp security update

For the FreeRDP version in Debian jessie LTS a security and functionality update has recently been provided. FreeRDP is a free re-implementation of the Microsoft RDP protocol server and client side with freerdp-x11 being the most common RDP client these days. Functional improvements : With help...

PEPPERL+FUCHS VisuNet RM, VisuNet PC, and Box Thin Client

1. EXECUTIVE SUMMARY CVSS v3 7.5 Vendor: PEPPERL+FUCHS Equipment: VisuNet RM, VisuNet PC, Box Thin Client BTC Vulnerability: Improper Authentication 2. RISK EVALUATION Successful exploitation of this vulnerability could allow attackers to intercept sensitive communications, establish a...

Microsoft Windows Multiple Vulnerabilities (KB4103725)

This host is missing a critical security update according to Microsoft KB4103725 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

May 8, 2018—KB4103725 (Monthly Rollup)

May 8, 2018—KB4103725 Monthly Rollup Improvements and fixes This security update includes improvements and fixes that were part of update KB4093121 released April 17, 2018 and addresses the following issues: Addresses an issue that prevents customers from typing Hangul correctly with Microsoft's...

Microsoft Credential Security Support Provider - Remote Code Execution Vulnerability

Exploit for windows platform in category remote exploits credssp This is a poc code for exploiting CVE-2018-0886. It should be used for educational purposes only. It relies on a fork of the rdpy projecthttps://github.com/preempt/rdpy, allowing also credssp relay. Written by Eyal Karni, Preempt...

Microsoft Windows CredSSP MITM Remote Code Execution (CVE-2018-0886)

A remote code execution vulnerability exists in CredSSP. The vulnerability due to how CredSSP validates request during the authentication process. A remote attacker can exploit this vulnerability by sending a specially crafted RDP request to the target...

CVE-2018-0886

The Credential Security Support Provider protocol CredSSP in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709 Windows Server 2016 and Windows Server, version 1709 allows a remote code...

Remote code execution

The Credential Security Support Provider protocol CredSSP in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709 Windows Server 2016 and Windows Server, version 1709 allows a remote code...