55 matches found
EUVD-2015-2647
Malware in sbrugna...
Microsoft Windows 8 SEoL
Microsoft Windows 8 is no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilities. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description...
KiTTY 0.76.1.13 - 'Start Duplicated Session Username' Buffer Overflow
Exploit Title: KiTTY 0.76.1.13 - 'Start Duplicated Session Username' Buffer Overflow Exploit Author: DEFCESCO Austin A. DeFrancesco Vendor Homepage: https://github.com/cyd01/KiTTY/= Software Link: https://github.com/cyd01/KiTTY/releases/download/v0.76.1.13/kitty-bin-0.76.1.13.zip Version: ≤...
KLA12458 Multiple vulnerabilities in Microsoft Products (ESU)
Multiple vulnerabilities were found in Microsoft Products Extended Security Update. Malicious users can exploit these vulnerabilities to gain privileges, obtain sensitive information, cause denial of service. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability ...
KLA11767 Microsoft Advisory for Windows
Original advisories ADV200006 Related products Microsoft-Windows-Server-2012 Microsoft-Windows-8 Microsoft-Windows-7 Microsoft-Windows-Server-2008 Microsoft-Windows-10 CVE list KB list Solution Install necessary updates from the KB section, that are listed in your Windows Update Windows Update...
KLA11820 Multiple vulnerabilities in Microsoft Apps
Multiple vulnerabilities were found in Microsoft Apps. Malicious users can exploit these vulnerabilities to obtain sensitive information. Below is a complete list of vulnerabilities: 1. An information disclosure vulnerability in Remote Desktop Protocol Client can be exploited remotely via special...
KLA11285 Multiple vulnerabilities in Microsoft Windows
Multiple serious vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to obtain sensitive information, bypass security restrictions, cause denial of service. Below is a complete list of vulnerabilities: 1. Multiple vulnerabilities in Windows kernel ca...
KLA11289 Information disclosure vulnerability in Microsoft Downloads
An unspecified vulnerability was found in Mail, Calendar, and People in Windows 8.1 App Store. By exploiting this vulnerability malicious users can obtain sensitive information. This vulnerability can be exploited remotely via a specially designed e-mail message. Original advisories CVE-2018-8305...
KLA11200 Multiple vulnerabilties in Microsoft Products (ESU)
Multiple vulnerabilities were found in Microsoft Products Extended Support Update. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in...
KLA11156 Multiple vulnerabilities in Microsoft Windows
Multiple serious vulnerabilities have been found in Microsoft Windows. Malicious user can exploit these vulnerabilities to obtain sensitive information, bypass security restrictions and execute arbitrary code. Below is a complete list of vulnerabilities: 1. An incorrect validating of untrusted fi...
KLA11850 Microsoft Advisory for Microsoft Device
This advisory addresses CVE-2017-15361. A security vulnerability exists in certain Trusted Platform Module TPM chipsets. The vulnerability weakens key strength. This is a firmware vulnerability, and not a vulnerability in the operating system or a specific application. Original advisories ADV1700...
Microsoft Windows 8/8.1/2012 R2 (x64) - 'EternalBlue' SMB Remote Code Execution (MS17-010)
!/usr/bin/python from impacket import smb, ntlm from struct import pack import sys import socket ''' EternalBlue exploit for Windows 8 and 2012 by sleepya The exploit might FAIL and CRASH a target system depended on what is overwritten The exploit support only x64 target EDB Note: Shellcode - x64...
KLA10922 Multiple vulnerabilities in Microsoft Windows
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in Windows Graphics Component can be exploited...
KLA11904 Multiple vulnerabilities in Microsoft Products (ESU)
Multiple vulnerabilities were found in Microsoft Products Extended Support Update. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, gain privileges. Below is a complete list of vulnerabilities: 1. An information disclosure vulnerability in...
KLA10788 Multiple vulnerabilities in Microsoft Graphics Component
Multiple serious vulnerabilities have been found in Microsoft Graphics Component as used in multiple Microsoft products. Malicious users can exploit these vulnerabilities to execute arbitrary code or gain privileges. Below is a complete list of vulnerabilities 1. An improper memory objects handli...
Microsoft Windows Winsock Elevation of Privilege Vulnerability (3104521)
This host is missing an important security update according to Microsoft Bulletin MS15-119. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
KLA10674 Multiple vulnerabilities in Microsoft Windows
Multiple serious vulnerabilities have been found in Microsoft Windows. Malicious users can exploit these vulnerabilities to bypass security restrictions, gain privileges, execute arbitrary code or obtain sensitive information. Below is a complete list of vulnerabilities 1. Improper information...
Microsoft Windows Kernel Mode Driver CVE-2015-2517 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Avaya Meeting Exchange - Client Registration Server 6.0 Avaya Meeting Exchange -...
Microsoft Windows Privilege Elevation Vulnerabilities (3060716)
This host is missing an important security update according to Microsoft Bulletin MS15-090. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
CVE-2015-2381
win32k.sys in the kernel-mode drivers in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to obtain sensitive information from kernel memory via a crafted application, aka "Win32k Information Disclosure Vulnerability," a different...