Lucene search
+L

13 matches found

Packet Storm
Packet Storm
added 2026/02/05 12:0 a.m.140 views

📄 Microsoft Windows 10 / 11 NTLM Hash Disclosure Spoofing

Microsoft Windows 10 / 11 proof of concept exploit that generates a .library-ms XML file pointing to a network share UNC. When opened/imported on Windows, the library points to the specified UNC path. Exploit Title: windows 10/11 - NTLM Hash Disclosure Spoofing Date: 2025-10-06 Exploit Author:...

6.5CVSS5.4AI score0.58974EPSS
Exploits20
Exploit DB
Exploit DB
added 2026/02/04 12:0 a.m.182 views

windows 10/11 - NTLM Hash Disclosure Spoofing

Exploit Title: windows 10/11 - NTLM Hash Disclosure Spoofing Date: 2025-10-06 Exploit Author: Beatriz Fresno Naumova Vendor Homepage: https://www.microsoft.com Software Link: N/A Version: Not applicable this is a generic Windows library file behavior Tested on: Windows 10 x64 / Windows 11 x64 lab...

6.5CVSS5.3AI score0.58974EPSS
Exploits20
GithubExploit
GithubExploit
added 2025/06/14 6:46 a.m.272 views

Exploit for External Control of File Name or Path in Microsoft

VIETNAMESE - Với file CVE-2025-24054.py và Exploit.librar...

6.5CVSS7.2AI score0.58974EPSS
Exploits20
Information Security Automation
Information Security Automation
added 2025/05/08 1:6 p.m.22 views

About Spoofing – Windows NTLM (CVE-2025-24054) vulnerability

About Spoofing - Windows NTLM CVE-2025-24054 vulnerability. It was patched in the March Microsoft Patch Tuesday. VM vendors didn't mention this vulnerability in their reviews; it was only known to be exploited via user interaction with a malicious file. A month later, on April 16, Check Point...

6.5CVSS6.9AI score0.58974EPSS
Exploits35
Exploit DB
Exploit DB
added 2025/05/01 12:0 a.m.405 views

Microsoft - NTLM Hash Disclosure Spoofing (library-ms)

Exploit title: Microsoft - NTLM Hash Disclosure Spoofing library-ms Exploit Author: John Page aka hyp3rlinx x.com/hyp3rlinx ISR: ApparitionSec Back in 2018, I reported a ".library-ms" File NTLM information disclosure vulnerability to MSRC and was told "it was not severe enough", that being said I...

6.5CVSS7.2AI score0.58974EPSS
Exploits20
Positive Technologies
Positive Technologies
added 2025/04/24 12:0 a.m.12 views

PT-2025-17846 · Undefined · Undefined

We added the following vulnerabilities to our feed: - UNDISCLOSED: Microsoft Management Console - CVE-2025-24054: Windows File Explorer NTLM Leak - CVE-2025-24985: Windows FAT DoS - CVE-2023-36205: Zemana AntiMalware LPE - CVE-2021-21551: Dell Driver LPE https://t.co/iKW6swSCtZ...

8.8CVSS8AI score0.58974EPSS
Exploits38References1
The Hacker News
The Hacker News
added 2025/04/21 10:10 a.m.54 views

⚡ Weekly Recap: iOS Zero-Days, 4Chan Breach, NTLM Exploits, WhatsApp Spyware & More

Can a harmless click really lead to a full-blown cyberattack? Surprisingly, yes — and that's exactly what we saw in last week's activity. Hackers are getting better at hiding inside everyday actions: opening a file, running a project, or logging in like normal. No loud alerts. No obvious red flag...

9.2CVSS9.4AI score0.97859EPSS
Exploits63
Positive Technologies
Positive Technologies
added 2025/04/19 12:0 a.m.8 views

PT-2025-17372

Name of the Vulnerable Software and Affected Versions Verisay Communication and Information Technology Industry and Trade Ltd. Co. Titarus versions prior to 2.144.4 Description The software contains an Improper Neutralization of Input During Web Page Generation issue, which allows for Cross-Site...

7.6CVSS7.7AI score0.00279EPSS
Exploits0References9
The Hacker News
The Hacker News
added 2025/04/18 4:29 a.m.199 views

CVE-2025-24054 Under Active Attack—Steals NTLM Credentials on File Download

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Thursday added a medium-severity security flaw impacting Microsoft Windows to its Known Exploited Vulnerabilities KEV catalog, following reports of active exploitation in the wild. The vulnerability, assigned the CVE identifier...

6.5CVSS7.4AI score0.81817EPSS
Exploits20
RedhatCVE
RedhatCVE
added 2025/03/14 12:17 p.m.22 views

CVE-2025-24054

External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network...

6.5CVSS8.5AI score0.58974EPSS
Exploits20References3
CVE
CVE
added 2025/03/11 4:59 p.m.342 views

CVE-2025-24054

CVE-2025-24054 is a Windows NTLM vulnerability allowing an attacker to induce NTLMv2-SSP hash disclosure by leveraging explorer.exe to fetch remote SMB resources via crafted file types (notably .library-ms and .lnk/.library-ms payloads). Public PoCs and exploits demonstrate creating malicious .li...

6.5CVSS6.5AI score0.58974EPSS
In wildExploits20References7Affected Software15
Cvelist
Cvelist
added 2025/03/11 4:59 p.m.29 views

CVE-2025-24054 NTLM Hash Disclosure Spoofing Vulnerability

...

6.5CVSS0.58974EPSS
Exploits20References1
Circl
Circl
added 2025/03/11 4:39 p.m.16 views

CVE-2025-24054

creationtimestamp| type| source ---|---|--- 2025-03-11 16:39:36+00:00| seen| https://www.thezdi.com/blog/2025/3/11/the-march-2025-security-update-review 2025-03-19 02:49:28+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/8014 2025-04-01 01:31:53+00:00| seen|...

6.5CVSS7.4AI score0.58974EPSS
Exploits20References138
Rows per page
Query Builder