Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Microsoft

CVE-2025-24071PoC CVE-2025-24071: NTLM Hash Leak via RAR/ZIP...

CVE-2025-47165 Microsoft Excel Remote Code Execution Vulnerability

...

CVE-2023-32029 Microsoft Excel Remote Code Execution Vulnerability

...

How to Upgrade .NET and ASP.NET Runtimes When Using Veeam ONE 12 GA (build 12.0.0.2498) or Lower

Article Applicability This article applies to Veeam ONE deployments running version 12 GA build 12.0.0.2498 or lower. The affected version of .NET discussed in this KB article is no longer used by Veeam ONE in version 12 P20230314 build 12.0.1.2591 or higher. We strongly recommend upgrading to th...

Barapass, Tsunami scanner, vulnerabilities in Windows DNS Server and SAP products, weird attack on Twitter

This episode is based on posts from my Telegram channel avleonovcom, published in the last 2 weeks. So, if you use Telegram, please subscribe. I update it frequently. Barapass update I recently released an update to my password manager barapass. BTW, it seems to be my only pet project at the MVP...

Description of the security update for Outlook 2010: August 13, 2019

Description of the security update for Outlook 2010: August 13, 2019 Summary This security update resolves a remote code execution vulnerability that exists in Microsoft Outlook software if it does not correctly handle objects in memory. To learn more about the vulnerability, see Microsoft Common...

Exploit for Use After Free in Microsoft

CVE-2019-0708 Unauthenticated CVE-2019-0708 "BlueKeep" Scanner...

Project Zero Chains Bugs for ‘aPAColypse Now’ Attack on Windows 10

Google’s Project Zero released details of a local proof-of-concept attack against a fully patched Windows 10 PC that allows an adversary to execute untrusted JavaScript outside a sandboxed environment on targeted systems. The attack is a variation of a WPAD/PAC attack. In Project Zero’s case, the...

TippingPoint Threat Intelligence and Zero-Day Coverage – Week of October 2, 2017

Have you ever read something online and you read a word as something else? Sometimes the weight of our eyelids makes our eyes deceive us after hours staring at a computer screen. As I stated to read a Zero Day Initiative blog published this week by Simon Zuckerbraun, instead of reading the word...

Microsoft Excel - SxView Record Parsing Heap Memory Corruption

''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | day 29 binary analysis | | | | || / \ || | | | || ||// \/|/ ''' Title : Microsoft Excel SxView Record Parsing Heap Memory Corruption Version : Excel 2002 SP3 Analysis : http://www.abysssec.com Vendor :...

Immunity Canvas: MS03_022

Name| ms03022 ---|--- CVE| CVE-2003-0349 Exploit Pack| CANVAS Description| IIS 5.0 Windows Media Services ISAPI nsisslog.dll Overflow Notes| CVE Name: CVE-2003-0349 VENDOR: Microsoft MSADV: MS03-022 VersionsAffected: Repeatability: Repeatable References:...

Internet Explorer help

None None...