25 matches found
CVE-2026-41373 OpenClaw < 2026.3.31 - Compiler Binary Substitution via Environment Variable Override in Host Execution Policy
OpenClaw before 2026.3.31 contains an incomplete host-env-security-policy.json that fails to restrict compiler binary environment variables, allowing untrusted models to substitute CC, CXX, CARGOBUILDRUSTC, and CMAKECCOMPILER via environment overrides. Attackers with approved host-exec requests c...
OpenClaw 安全漏洞
OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.3.31 contained security vulnerabilities. These vulnerabilities were caused by an issue with environment variable overrides in the host execution policy, which could allow attacker...
EUVD-2017-15311
Malware in sbrugna...
PT-2023-5323 · Microsoft +1 · Powershell +2
Name of the Vulnerable Software and Affected Versions: Adobe Acrobat Reader versions 23.003.20244 and earlier Adobe Acrobat Reader versions 20.005.30467 and earlier Adobe Acrobat 2020 Adobe Acrobat Reader 2020 Description: The issue is related to an Untrusted Search Path vulnerability and imprope...
April 21, 2022—KB5012636 (OS Build 17763.2867) Preview
April 21, 2022—KB5012636 OS Build 17763.2867 Preview 11/17/20 For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows 10, version 1809, see its update history page. Highlights Updates...
February 15, 2022—KB5010421 (OS Build 20348.558) Preview
February 15, 2022—KB5010421 OS Build 20348.558 Preview For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows Server 2022, see its update history page. Note Follow @WindowsUpdate to find...
nishang
This repository is an offensive tool for Windows exploitation, specifically for adding backdoors to Windows systems. It contains a collection of PowerShell scripts that can be used to add various types of backdoors, including constrained delegation backdoors, registry backdoors, and screensaver...
Persistent CDF Tracing Enabler - For Citrix Windows Receiver
Persistent CDF Tracing Enabler - For Citrix Windows Receiver Created Date: July 2014 Where to download ? Certain legacy Citrix tools are now available on request only. Please submit the request here - https://forms.gle/obA39PEz5qpDiSPq8 Once we verify your request, we will provide access to the...
Powershell-Reverse-Tcp - PowerShell Script For Connecting To A Remote Host.
PowerShell script for connecting to a remote host. Remote host will have full control over client's PowerShell and all its underlying commands. Tested with PowerShell v5.1.18362.752 on Windows 10 Enterprise OS 64 bit. Made for educational purposes. I hope it will help! How to Run Change the IP...
Update Rollup 3 for System Center 2016 Operations Manager
Update Rollup 3 for System Center 2016 Operations Manager Introduction This article describes the issues that are fixed in Update Rollup 3 for Microsoft System Center 2016 Operations Manager. This article also contains the installation instructions for this update. Issues that are fixed When you...
Security feature bypass
A security feature bypass vulnerability exists when Internet Explorer VBScript execution policy does not properly restrict VBScript under specific conditions, and to allow requests that should otherwise be ignored, aka 'Internet Explorer Security Feature Bypass Vulnerability'. This CVE ID is uniq...
Microsoft Internet Explorer 11 - VBScript Execution Policy Bypass in MSHTML
!-- Windows: Windows: IE11 VBScript execution policy bypass in MSHTML Platform: Windows 10 1809 not tested earlier Class: Security Feature Bypass Summary: MSHTML only checks for the CLSID associated with VBScript when blocking in the Internet Zone, but doesn’t check other VBScript CLSIDs which...
VBScript - MSXML Execution Policy Bypass Exploit
According to https://blogs.windows.com/msedgedev/2017/07/07/update-disabling-vbscript-internet-explorer-11/, Starting from Windows 10 Fall Creators Update, VBScript execution in IE 11 should be disabled for websites in the Internet Zone and the Restricted Sites Zone by default. However, the...
VBScript - MSXML Execution Policy Bypass
According to https://blogs.windows.com/msedgedev/2017/07/07/update-disabling-vbscript-internet-explorer-11/, Starting from Windows 10 Fall Creators Update, VBScript execution in IE 11 should be disabled for websites in the Internet Zone and the Restricted Sites Zone by default. However, the...
What is the difference between Basic DEP and Authorized DEP?
What is the difference between Basic DEP and Authorized DEP?...
Powershell-RAT - Python Based Backdoor That Uses Gmail To Exfiltrate Data Through Attachment
Python based backdoor that uses Gmail to exfiltrate data as an e-mail attachment. This RAT will help someone during red team engagements to backdoor any Windows machines. It tracks the user activity using screen capture and sends the information to an attacker as an e-mail attachment. Note: This...
Learning PowerShell: The basics
I bet I went about learning PowerShell the wrong way, so I may need your help, readers of this blog. If only to organize my knowledge and use it for the fight against malware and not just to figure out how it was used in malware. The first serious look I had at PowerShell was when I was trying to...
Design/Logic Flaw
NVIDIA GeForce Experience contains a vulnerability in NVIDIA Web Helper.exe, where untrusted script execution may lead to violation of application execution policy and local code execution...
CVE-2017-6250
NVIDIA GeForce Experience contains a vulnerability in NVIDIA Web Helper.exe, where untrusted script execution may lead to violation of application execution policy and local code execution...
Microsoft Windows PowerShell Execution Policy
Nessus was able to collect and report the PowerShell execution policy for the remote Windows host. C Tenable Network Security, Inc. include"compat.inc"; if !definedfunc"nasllevel" || nasllevel 5200 exit0, "Not Nessus 5.2+"; if description scriptid92367; scriptversion"1.6";...