2334 matches found
CVE-2019-1368
A security feature bypass exists when Windows Secure Boot improperly restricts access to debugging functionality, aka 'Windows Secure Boot Security Feature Bypass Vulnerability'...
Security feature bypass
A security feature bypass exists when Windows Secure Boot improperly restricts access to debugging functionality, aka 'Windows Secure Boot Security Feature Bypass Vulnerability'...
Microsoft Windows Secure Boot Security Feature Bypass Vulnerability
Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation, U.S.A. Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system. Windows Secure Boot is one of the secure boot components. A security feature bypas...
Metasploit HTTP(S) handler DoS
This module exploits the Metasploit HTTPS handler by sending a specially crafted HTTP request that gets added as a resource handler. Resources which come from the external connections are evaluated as RegEx in the handler server. Specially crafted input can trigger Gentle, Soft and Hard DoS. Test...
Windows Secure Boot Security Feature Bypass Vulnerability
A security feature bypass exists when Windows Secure Boot improperly restricts access to debugging functionality. An attacker who successfully exploited this vulnerability could disclose protected kernel memory. To exploit the vulnerability, an attacker must gain physical access to the target...
[SECURITY] Fedora 31 Update: libdwarf-20191002-1.fc31
Library to access the DWARF debugging file format which supports source level debugging of a number of procedural languages, such as C, C++, and Fortran. Please see http://www.dwarfstd.org for DWARF specification...
CVE-2009-0368
OpenSC before 0.11.7 allows physically proximate attackers to bypass intended PIN requirements and read private data objects via a 1 low level APDU command or 2 debugging tool, as demonstrated by reading the 4601 or 4701 file with the opensc-explorer or opensc-tool program...
Threat Roundup for September 27 to October 4
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Sept. 27 and Oct. 4. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics...
Remote Command Injection in Zingbox Inspector
A security vulnerability exists in Zingbox Inspector that allows for remote code execution if the Inspector were sent a malicious command from the Zingbox cloud, or if the Zingbox Inspector were tampered with to connect to an attacker's cloud endpoint. Ref: CVE-2019-1584 This vulnerability can on...
PT-2019-14602 · Samsung · Samsungtts
Name of the Vulnerable Software and Affected Versions: SamsungTTS versions prior to 3.0.02.7 SamsungTTS version 3.0.00.101 Description: The issue allows a local attacker to escalate privileges, for example, to system privileges. It is related to the handling of debugging flags by the package...
macOS 18.7.0 Kernel - Local Privilege Escalation Exploit
macOS-Kernel-Exploit DISCLAIMER You need to know the KASLR slide to use the exploit. Also SMAP needs to be disabled which means that it's not exploitable on Macs after 2015. These limitations make the exploit pretty much unusable for in-the-wild exploitation but still helpful for security...
macOS 18.7.0 Kernel - Local Privilege Escalation
macOS 18.7.0 Kernel - Local Privilege Escalation macOS-Kernel-Exploit DISCLAIMER You need to know the KASLR slide to use the exploit. Also SMAP needs to be disabled which means that it's not exploitable on Macs after 2015. These limitations make the exploit pretty much unusable for in-the-wild...
PostShell - Post Exploitation Bind/Backconnect Shell
PostShell is a post-exploitation shell that includes both a bind and a back connect shell. It creates a fully interactive TTY which allows for job control. The stub size is around 14kb and can be compiled on any Unix like system. Why not use a traditional Backconnect/Bind Shell? PostShell allows...
CVE-2019-1294
A security feature bypass exists when Windows Secure Boot improperly restricts access to debugging functionality, aka 'Windows Secure Boot Security Feature Bypass Vulnerability'...
Attacking the VM Worker Process
In the past year we invested a lot of time making Hyper-V research more accessible to everyone. Our first blog post, “First Steps in Hyper-V Research”, describes the tools and setup for debugging the hypervisor and examines the interesting attack surfaces of the virtualization stack components. W...
Attacking the VM Worker Process
In the past year we invested a lot of time making Hyper-V research more accessible to everyone. Our first blog post, “First Steps in Hyper-V Research”, describes the tools and setup for debugging the hypervisor and examines the interesting attack surfaces of the virtualization stack components. W...
Windows Secure Boot Security Feature Bypass Vulnerability
A security feature bypass exists when Windows Secure Boot improperly restricts access to debugging functionality. An attacker who successfully exploited this vulnerability could disclose protected kernel memory. To exploit the vulnerability, an attacker must gain physical access to the target...
CVE-2019-11248
The debugging endpoint /debug/pprof is exposed over the unauthenticated Kubelet healthz port. The go pprof endpoint is exposed over the Kubelet's healthz port. This debugging endpoint can potentially leak sensitive information such as internal Kubelet memory addresses and configuration, or for...
CVE-2019-11248
The debugging endpoint /debug/pprof is exposed over the unauthenticated Kubelet healthz port. The go pprof endpoint is exposed over the Kubelet's healthz port. This debugging endpoint can potentially leak sensitive information such as internal Kubelet memory addresses and configuration, or for...
Default configuration
The debugging endpoint /debug/pprof is exposed over the unauthenticated Kubelet healthz port. The go pprof endpoint is exposed over the Kubelet's healthz port. This debugging endpoint can potentially leak sensitive information such as internal Kubelet memory addresses and configuration, or for...