15 matches found
Exploit for Improper Certificate Validation in Microsoft
ADVulnScanner Detects common vulnerabilities in...
Metasploit Weekly Wrap-Up
ICPR Certificate Management This week Metasploit has a new ICPR Certificate Management module from Oliver Lyak and our very own Spencer McIntyre, which can be utilized for issuing certificates via Active Directory Certificate Services. It has the capability to issue certificates which is useful i...
CISA wants you to patch these actively exploited vulnerabilities before September 8
On Thursday, CISA the US Cybersecurity and Infrastructure Security Agency updated its catalog of actively exploited vulnerabilities by adding seven new entries. These flaws were found in Apple, Google, Microsoft, Palo Alto Networks, and SAP products. CISA set the due date for everyone to patch th...
Exploit for Improper Certificate Validation in Microsoft
CVE-2022-26923-Powershell-POC A powershell poc to load and aut...
CVE-2022-26923
creationtimestamp| type| source ---|---|--- 2022-05-11 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=801 2022-05-12 02:37:16+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/2166 2022-05-12 11:01:01+00:00| seen| https://t.me/CyberSecurityTechnologies/5987...
Microsoft Windows Multiple Vulnerabilities (KB5013952)
This host is missing an important security update according to Microsoft KB5013952 SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...
CVE-2022-26923
Active Directory Domain Services Elevation of Privilege Vulnerability...
CVE-2022-26923
Active Directory Domain Services Elevation of Privilege Vulnerability...
CVE-2022-26923
CVE-2022-26923 affects Microsoft Active Directory Domain Services with AD CS involvement. The vulnerability stems from certificates issued by AD CS where an attacker who manages computer accounts can modify the dNSHostName attribute to impersonate a Domain Controller in a certificate, enabling pr...
CVE-2022-26923
Active Directory Domain Services Elevation of Privilege Vulnerability Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
KB5013945: Windows 10 version 1909 Security Update (May 2022)
The remote Windows host is missing security update 5013945. It is, therefore, affected by multiple vulnerabilities - Windows LDAP Remote Code Execution Vulnerability CVE-2022-22012, CVE-2022-22013, CVE-2022-22014, CVE-2022-29128, CVE-2022-29129, CVE-2022-29130, CVE-2022-29131, CVE-2022-29137,...
Microsoft Active Directory Domain Services Elevation of Privilege (CVE-2022-26923)
An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
KB5013952: Windows 10 Version 1607 and Windows Server 2016 Security Update (May 2022)
The remote Windows host is missing security update 5013952. It is, therefore, affected by multiple vulnerabilities - Windows LDAP Remote Code Execution Vulnerability CVE-2022-22012, CVE-2022-22013, CVE-2022-22014, CVE-2022-29128, CVE-2022-29129, CVE-2022-29130, CVE-2022-29137, CVE-2022-29139,...
KB5013963: Windows 10 LTS 1507 Security Update (May 2022)
The remote Windows host is missing security update 5013963. It is, therefore, affected by multiple vulnerabilities - Windows LDAP Remote Code Execution Vulnerability CVE-2022-22012, CVE-2022-22013, CVE-2022-22014, CVE-2022-29128, CVE-2022-29129, CVE-2022-29130, CVE-2022-29137, CVE-2022-29139,...
KB5014001: Windows 8.1 and Windows Server 2012 R2 Security Update (May 2022)
The remote Windows host is missing security update 5014001. It is, therefore, affected by multiple vulnerabilities - Windows LDAP Remote Code Execution Vulnerability CVE-2022-22012, CVE-2022-22013, CVE-2022-22014, CVE-2022-29128, CVE-2022-29129, CVE-2022-29130, CVE-2022-29137, CVE-2022-29139,...