14 matches found
Exploit for Integer Underflow (Wrap or Wraparound) in Microsoft
" CVE-2021-31956" WIP PoC code for CVE-2021-31956 in preparat...
Exploit for Integer Underflow (Wrap or Wraparound) in Microsoft
CVE-2021-31956 pretty stable exploit on win10 20h2...
Microsoft Windows Multiple Vulnerabilities (KB5003646)
This host is missing a critical security update according to Microsoft KB5003646 SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Microsoft fixes seven zero-days, including two PuzzleMaker targets, Google fixes serious Android flaw
This patch Tuesday harvest was another big one. The Windows updates alone included seven zero-day vulnerability updates, two of them are actively being used in the wild by a group called PuzzleMaker, four others that have also been seen in the wild, plus one other zero-day vulnerability not known...
CVE-2021-31956
creationtimestamp| type| source ---|---|--- 2021-06-09 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=593 2021-06-09 04:51:08+00:00| seen| https://t.me/alexmakus/4121 2021-06-10 08:24:58+00:00| seen| MISP/df23874b-e926-4e6f-b80e-c8a58279bcb0 2021-06-15 10:49:56+00:00| see...
CVE-2021-31956 Windows NTFS Elevation of Privilege Vulnerability
...
CVE-2021-31956
CVE-2021-31956 is a Windows NTFS local privilege-escalation vulnerability that Microsoft and security researchers have shown can be exploited via manipulation of the Windows kernel’s WNF/NTFS interaction and pool-heap exploitation techniques to obtain SYSTEM-level access. Public materials describ...
PuzzleMaker attacks with Chrome zero-day exploit chain
On April 14-15, 2021, Kaspersky technologies detected a wave of highly targeted attacks against multiple companies. Closer analysis revealed that all these attacks exploited a chain of Google Chrome and Microsoft Windows zero-day exploits. While we were not able to retrieve the exploit used for...
KB5003697: Windows Server 2012 Security Update (June 2021)
The remote Windows host is missing security update 5003697. It is, therefore, affected by multiple vulnerabilities %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the Microsoft Security Updates API. The text itself is...
CVE-2021-31956
Windows NTFS Elevation of Privilege Vulnerability To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. Additionally, an attacker...
CVE-2021-31956
Windows NTFS Elevation of Privilege Vulnerability Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
KB5003694: Windows 7 and Windows Server 2008 R2 Security Update (June 2021)
The remote Windows host is missing security update 5003694. It is, therefore, affected by multiple vulnerabilities %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the Microsoft Security Updates API. The text itself is...
KB5003646: Windows 10 version 1809 / Windows Server 2019 Security Update (June 2021)
The remote Windows host is missing security update 5003646. It is, therefore, affected by multiple vulnerabilities %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the Microsoft Security Updates API. The text itself is...
VulnCheck KEV: CVE-2021-31956
Microsoft Windows New Technology File System NTFS contains an unspecified vulnerability that allows attackers to escalate privileges via a specially crafted application...