31 matches found
CVE-2026-48137
There is an untrusted pointer dereference vulnerability in the NI grpc-device sideband streaming API that may allow an attacker to cause an arbitrary memory dereference, potentially resulting in remote code execution. Successful exploitation requires an attacker to supply a specially...
CVE-2026-48139
There is a NULL pointer dereference vulnerability in NI grpc-device in the data moniker service that may allow an attacker to cause a denial of service by triggering a crash. Successful exploitation requires an attacker to provide an unknown value to the data moniker service. This affects NI...
CVE-2026-48139
CVE-2026-48139 describes a NULL pointer dereference in NI grpc-device’s data moniker service that may allow a remote attacker to cause a denial of service by triggering a crash. Exploitation requires providing an unknown value to the data moniker service; affected versions are NI grpc-device 2.17...
CVE-2026-48139 NULL pointer dereference vulnerability in NI grpc-device data moniker service
There is a NULL pointer dereference vulnerability in NI grpc-device in the data moniker service that may allow an attacker to cause a denial of service by triggering a crash. Successful exploitation requires an attacker to provide an unknown value to the data moniker service. This affects NI...
CVE-2026-48137 Untrusted pointer dereference in NI grpc-device sideband streaming API
There is an untrusted pointer dereference vulnerability in the NI grpc-device sideband streaming API that may allow an attacker to cause an arbitrary memory dereference, potentially resulting in remote code execution. Successful exploitation requires an attacker to supply a specially...
CVE-2026-48137
Summary: CVE-2026-48137 is an untrusted pointer dereference in the NI grpc-device sideband streaming API affecting NI grpc-device 2.17.0 and earlier. A attacker can cause an arbitrary memory dereference and potentially remote code execution by sending a specially crafted Moniker protobuf message....
PT-2026-50890
Name of the Vulnerable Software and Affected Versions NI grpc-device versions prior to 2.17.0 Description A NULL pointer dereference occurs in the data moniker service of NI grpc-device. A NULL pointer dereference is a condition where a program attempts to read or write to a memory address that i...
PT-2026-50888
Name of the Vulnerable Software and Affected Versions NI grpc-device versions prior to 2.17.0 Description An untrusted pointer dereference exists in the sideband streaming API. This issue allows an attacker to trigger an arbitrary memory dereference, which could lead to remote code execution...
Exploit for Improper Input Validation in Microsoft
Moni...
Exploit for Improper Input Validation in Microsoft
Moniker Link CVE-2024-21413 Exploit Demo This repository co...
Exploit for Improper Input Validation in Microsoft
Email exploit Moniker Link-CVE-2024-21413-Module — Documentati...
Exploit for Improper Input Validation in Microsoft
🛡️ Moniker Link CVE-2024-21413 Room: Moniker Link C...
Microsoft Windows 10 - Browser Broker Cross Session Privilege Escalation Exploit
Exploit for windows platform in category local exploits Windows: Browser Broker Cross Session EoP Platform: Windows 10 1803 not tested anything else. Class: Elevation of Privilege Security Boundary per Windows Security Service Criteria: Session Boundary Summary: The Browser Broker COM object...
Microsoft Windows 10 - Browser Broker Cross Session Privilege Escalation
Microsoft Windows 10 - Browser Broker Cross Session Privilege Escalation Windows: Browser Broker Cross Session EoP Platform: Windows 10 1803 not tested anything else. Class: Elevation of Privilege Security Boundary per Windows Security Service Criteria: Session Boundary Summary: The Browser Broke...
Microsoft Windows URL Moniker Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Windows. Interaction with a particular library is required to exploit this vulnerability but specific attack vectors may vary. The specific flaw exists within the implementation o...
Microsoft Office - Composite Moniker Remote Code Execution Exploit
Exploit for windows platform in category local exploits What? This repo contains a Proof of Concept exploit for CVE-2017-8570, a.k.a the "Composite Moniker" vulnerability. This demonstrates using the Packager.dll trick to drop an sct file into the %TEMP% directory, and then execute it using the...
Microsoft Office - Composite Moniker Remote Code Execution
Microsoft Office - Composite Moniker Remote Code Execution What? This repo contains a Proof of Concept exploit for CVE-2017-8570, a.k.a the "Composite Moniker" vulnerability. This demonstrates using the Packager.dll trick to drop an sct file into the %TEMP% directory, and then execute it using th...
Microsoft .NET framework SOAP Moniker PrintClientProxy remote code execution vulnerability
Overview The Microsoft .NET framework fails to properly parse WSDL content, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The PrintClientProxy method in the WSDL-parsing component of the Microsoft .NET framework fails to properly...
Oolong CVE-2017-8570 samples and behind the idea-vulnerability warning-the black bar safety net
The so-called CVE-2017-8570 sample Last week, 360 days eye lab found foreign hackers on Github released a CVE-2017-8570 exploits code, but then deleted, in order to find quite a few labeled as CVE-2017-8570 Office malware samples, such as the following VirusTotal is marked as CVE-2017-8570 sample...
Microsoft Windows COM Session Moniker Privilege Escalation Exploit
Microsoft Windows has a bad fix for the COM session moniker that can allow for elevation of privilege. Windows: Bad Fix for COM Session Moniker EoP CVE-2017-0298 Windows: Bad Fix for COM Session Moniker EoP So.... The previous fix for CVE-2017-0100 sounds wrong on the face of it. Rather than fixi...