Lucene search
K

17 matches found

Gitee
Gitee
added 2020/04/01 3:16 p.m.4 views

Exploit for Improper Resource Shutdown or Release in Microsoft

CVE-2018-8120 CVE-2018-8120 Windows LPE exploit 测试支持: Win7 x32, Win7 x64, Win2008 x32, Win2008 R2 x32, Win2008 R2 Datacenter x64, Win2008 Enterprise x64 WinXP x32, Win2003 x32,Win2003 x64 原exp不支持xp,2003,当前代码在原基础上增加了对这两个系统的支持。 Usage shell CVE-2018-8120 exploit by...

7.2CVSS7AI score0.73721EPSS
Exploits18
ThreatPost
ThreatPost
added 2019/05/13 4:46 p.m.175 views

ScarCruft APT Adds Bluetooth Harvester to its Malware Bag of Tricks

The ScarCruft Korean-speaking APT is changing up its espionage tactics to include an unusual piece of malware devoted to harvesting Bluetooth information – while also showing some overlap with the DarkHotel APT. An analysis of ScarCruft’s binary infection procedure by Kaspersky Lab shows that in ...

7.2CVSS0.8AI score0.73721EPSS
Exploits18References10
Packet Storm
Packet Storm
added 2018/10/19 12:0 a.m.112 views

Microsoft Windows SetImeInfoEx Win32k NULL Pointer Dereference

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Windows SetImeInfoEx Win32k NULL Pointer Dereference', 'Description' = %q This module exploits elevation of privilege vulnerability that exists i...

7.2CVSS0.2AI score0.73721EPSS
Exploits18
myhack58
myhack58
added 2018/06/01 12:0 a.m.1129 views

CVE-2018-4990 Adobe Reader code execution exploit analysis-exploit warning-the black bar safety net

2018 5 on 15 September, ESET released the article“A tale of two zero-days”, the article disclosed this year 3 month ESET in malware scan engine VirusTotal on the capture of the one used to attack the test PDF document. The PDF document contains a sample of two pieces of 0-day Vulnerability,...

0.8AI score0.73721EPSS
Exploits18
seebug.org
seebug.org
added 2018/05/21 12:0 a.m.3020 views

Microsoft Windows Kernel 'Win32k.sys' Local Privilege Escalation Vulnerability(CVE-2018-8120)

作者:bigric3 作者博客: 5月15日ESET发文其在3月份捕获了一个 pdf远程代码执行(cve-2018-4990)+windows本地权限提升(cve-2018-8120)的样本。ESET发文后,我从vt上下载了这样一份样本()。初步逆向,大致明确如外界所传,该漏洞处于开发测试阶段,不慎被上传到了公网样本检测的网上,由ESET捕获并提交微软和adobe修补。测试特征字符串如下 定位样本中关键的代码并调试分析...

7.2CVSS0.2AI score0.73721EPSS
Exploits18
canvas
canvas
added 2018/05/09 7:29 p.m.86 views

Immunity Canvas: SETIMEINFOEX_LPE

Name| setimeinfoexlpe ---|--- CVE| CVE-2018-8120 Exploit Pack| CANVAS Description| SetImeInfoEx LPE Notes| CVE Name: CVE-2018-8120 Notes: Tested: Windows 7 x64 Windows 7 x86 Windows Vista x86 Windows 2008 R2 x64 VENDOR: Microsoft CVE Url: https://nvd.nist.gov/vuln/detail/CVE-2018-8120 CVSS: 7.0...

7.2CVSS0.4AI score0.73721EPSS
Exploits18
Prion
Prion
added 2018/05/09 7:29 p.m.36 views

Privilege escalation

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1,...

7.2CVSS6.8AI score0.73721EPSS
Exploits18References2Affected Software5
Vulnrichment
Vulnrichment
added 2018/05/09 7:0 p.m.6 views

CVE-2018-8120

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows Server 2008, Windows 7, Windows Server 2008 R2. This CVE ID is unique from CVE-2018-8124,...

7.1AI score0.73721EPSS
Exploits18References4
CVE
CVE
added 2018/05/09 7:0 p.m.1675 views

CVE-2018-8120

CVE-2018-8120 is a Windows Win32k privilege-escalation vulnerability where the Win32k.sys component fails to properly handle objects in memory, enabling local kernel-mode code execution. Affected products include Windows 7, Windows Server 2008/2008 R2, and related Win32k components. The root caus...

7.2CVSS7.4AI score0.73721EPSS
In wildExploits18References5Affected Software2
The Hacker News
The Hacker News
added 2018/05/09 6:14 a.m.1405 views

Microsoft Patches Two Zero-Day Flaws Under Active Attack

It's time to gear up for the latest May 2018 Patch Tuesday. Microsoft has today released security patches for a total of 67 vulnerabilities, including two zero-days that have actively been exploited in the wild by cybercriminals, and two publicly disclosed bugs. In brief, Microsoft is addressing ...

7.6CVSS1AI score0.87814EPSS
Exploits27
Circl
Circl
added 2018/05/09 4:0 a.m.11 views

CVE-2018-8120

creationtimestamp| type| source ---|---|--- 2018-05-09 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=289 2018-05-15 15:31:03+00:00| seen| MISP/5afafce0-0598-4ca0-b52a-41f4950d210f 2018-05-16 19:48:00+00:00| published-proof-of-concept| https://t.me/canyoupwnme/3768...

7.2CVSS6.9AI score0.73721EPSS
Exploits18References15
OpenVAS
OpenVAS
added 2018/05/09 12:0 a.m.261 views

Microsoft Windows Multiple Vulnerabilities (KB4103718)

This host is missing a critical security update according to Microsoft KB4103718 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS7.3AI score0.87814EPSS
Exploits49References3
ATTACKERKB
ATTACKERKB
added 2018/05/09 12:0 a.m.82 views

CVE-2018-8120

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka “Win32k Elevation of Privilege Vulnerability.” This affects Windows Server 2008, Windows 7, Windows Server 2008 R2. This CVE ID is unique from CVE-2018-8124,...

7.8CVSS6.7AI score0.73721EPSS
In wildExploits18References6
ThreatPost
ThreatPost
added 2018/05/08 8:42 p.m.125 views

May Patch Tuesday Fixes Two Bugs Under Active Attack

Microsoft’s May Patch Tuesday fixes include two critical remote code-execution vulnerabilities, both of which are under active attack. The most serious of the two is tied to a Windows 10 VBScript engine and can be triggered when a victim visits a malicious website. “A user need only visit a...

7.6CVSS0.4AI score0.87814EPSS
Exploits27References7
Microsoft KB
Microsoft KB
added 2018/05/08 7:0 a.m.179 views

Description of the security update for the vulnerability in Windows Server 2008, Windows Embedded POSReady 2009, and Windows Embedded Standard 2009: May 08, 2018

Description of the security update for the vulnerability in Windows Server 2008, Windows Embedded POSReady 2009, and Windows Embedded Standard 2009: May 08, 2018 Summary An elevation of privilege vulnerability and an information disclosure vulnerability exist in Windows when the Win32k component...

7.8CVSS7.3AI score0.73721EPSS
Exploits18
VulnCheck KEV
VulnCheck KEV
added 2018/05/08 12:0 a.m.4 views

VulnCheck KEV: CVE-2018-8120

A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory...

7.2CVSS6.9AI score0.73721EPSS
Exploits18References1
Symantec
Symantec
added 2018/05/08 12:0 a.m.475 views

Microsoft Windows Kernel 'Win32k.sys' CVE-2018-8120 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP1...

2.5AI score0.73721EPSS
Exploits18Affected Software2
Rows per page
Query Builder