CVE-2020-7323

Authentication Protection Bypass vulnerability in McAfee Endpoint Security ENS for Windows prior to 10.7.0 September 2020 Update allows physical local users to bypass the Windows lock screen via triggering certain detection events while the computer screen is locked and the McTray.exe is running...

VulnCheck KEV: CVE-2019-1322

A privilege escalation vulnerability exists when Windows improperly handles authentication requests. An attacker who successfully exploited this vulnerability could run processes in an elevated context...

Microsoft Windows 10 build 1809 - Local Privilege Escalation (UAC Bypass) Exploit

Exploit Title: Microsoft Windows 10 - Local Privilege Escalation UAC Bypass Author: Nassim Asrir Exploit Author: Nassim Asrir CVE: N/A Tested On: Windows 10Pro 1809 Vendor : https://www.microsoft.com Technical Details I discovered a Local Privilege Escalation in Windows 10 UAC Bypass, via an...

Windows Update Client Information Disclosure Vulnerability

An information disclosure vulnerability exists when Windows Update Client fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could potentially disclose memory contents of an elevated process. To exploit this vulnerability, an authenticated attacke...

Microsoft unistore.dll Information Disclosure Vulnerability

An information disclosure vulnerability exists when Unistore.dll fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could potentially disclose memory contents of an elevated process. To exploit this vulnerability, an authenticated attacker could r...

Enigma Fileless UAC Bypass Exploit

This Metasploit module is an implementation of fileless uac bypass using cmd.exe instead of powershell.exe OJ msf module. This module will create the required registry entry in the current user's hive, set the default value to whatever you pass via the EXECCOMMAND parameter, and runs eventvwr.exe...