Windows 10 - #Windows10 Desktop Bridge Activation Arbitrary Directory Creation Privilege Escalation

Exploit for windows platform in category dos / poc Windows: Desktop Bridge Activation Arbitrary Directory Creation EoP Platform: Windows 10 1703, 1709 not tested RS4 Class: Elevation of Privilege Summary: The activator for Desktop Bridge applications calls CreateAppContainerToken while running as...

Microsoft COM for Windows - Privilege Escalation Exploit

Exploit for windows platform in category local exploits Writeup: https://codewhitesec.blogspot.com/2018/06/cve-2018-0624.html In May 2018 Microsoft patched an interesting vulnerability CVE-2018-0824 which was reported by Nicolas Joly of Microsoft's MSRC: A remote code execution vulnerability exis...

Lightweight and Practical Kernel Protector for x86: Shadow-Box

Shadow-box is a security monitoring framework for operating systems using state-of-the-art virtualization technologies. Shadow-box has a novel architecture inspired by a shadow play. We made Shadow-box from scratch, and it is primarily composed of a lightweight hypervisor and a security monitor...

Microsoft COM for Windows - Privilege Escalation

Microsoft COM for Windows - Privilege Escalation Writeup: https://codewhitesec.blogspot.com/2018/06/cve-2018-0624.html In May 2018 Microsoft patched an interesting vulnerability CVE-2018-0824 which was reported by Nicolas Joly of Microsoft's MSRC: A remote code execution vulnerability exists in...

Microsoft COM for Windows - Privilege Escalation

Writeup: https://codewhitesec.blogspot.com/2018/06/cve-2018-0624.html In May 2018 Microsoft patched an interesting vulnerability CVE-2018-0824 which was reported by Nicolas Joly of Microsoft's MSRC: A remote code execution vulnerability exists in "Microsoft COM for Windows" when it fails to...

Security Bulletin: Multiple security vulnerabilities has been identified in Websphere Application Server shipped with Jazz for Service Management (CVE-2017-1121, CVE-2016-5983, CVE-2016-8919)

Summary Websphere Application Server WAS Full profile is shipped as a component of Jazz for Service Management JazzSM and WAS has been affected by multiple security vulnerabilities. Vulnerability Details CVEID: CVE-2017-1121 DESCRIPTION: IBM WebSphere Application Server is vulnerable to cross-sit...

Security Bulletin: WebSphere Application Server vulnerability in IBM Content Collector for Email

Summary IBM WebSphere Application Server may be vulnerable to a denial of service, caused by allowing serialized objects from untrusted sources to run and cause the consumption of resources in IBM Content Collector for Email. Vulnerability Details CVEID: CVE-2016-8919 DESCRIPTION: IBM WebSphere...

CVE-2018-6497 MFSBGN03810 rev.1 - Universal CMDB, Deserialization Java Objects and CSRF

Remote Cross-site Request forgery CSRF potential has been identified in UCMBD Server version DDM Content Pack V 10.20, 10.21, 10.22, 10.22 CUP7, 10.30, 10.31, 10.32, 10.33, 10.33 CUP2, 11.0 and CMS Server version 2018.05 BACKGROUND which could allow for remote unsafe deserialization and cross-sit...

CVE-2018-6496 MFSBGN03809 rev.1 - Universal CMDB, Deserialization Java Objects and CSRF

Remote Cross-site Request forgery CSRF potential has been identified in UCMBD Browser version 4.10, 4.11, 4.12, 4.13, 4.14, 4.15, 4.15.1 which could allow for remote unsafe deserialization and cross-site request forgery CSRF...

RUSTSEC-2018-0021 Use-after-free with objects returned by `Stream`'s `get_format_info` and `get_context` methods

Affected versions contained a pair of use-after-free issues with the objects returned by the getformatinfo and getcontext methods of Stream objects. These objects were mistakenly being constructed without setting an important flag to prevent destruction of the underlying C objects they reference...

Security Bulletin: Denial of Service with WebSphere Application Server (CVE-2016-8919)

Summary There is a potential denial of service with WebSphere Application Server with SOAP connectors. Important information was added to the Remediation/Fixes section on February 22, 2017. Vulnerability Details Important information was added to the Remediation/Fixes section on February 22, 2017...

CVE-2018-8245

A remote code execution vulnerability exists when Microsoft Publisher fails to utilize features that lock down the Local Machine zone when instantiating OLE objects, aka "Microsoft Publisher Remote Code Execution Vulnerability." This affects Microsoft Publisher...

CVE-2018-8207

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows...

CVE-2018-8169

An elevation of privilege vulnerability exists when the Human Interface Device HID Parser Library driver improperly handles objects in memory, aka "HIDParser Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server...

Denial of service

A denial of service vulnerability exists when Windows improperly handles objects in memory, aka "Windows Denial of Service Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10,...

Remote code execution

A remote code execution vulnerability exists when Microsoft Publisher fails to utilize features that lock down the Local Machine zone when instantiating OLE objects, aka "Microsoft Publisher Remote Code Execution Vulnerability." This affects Microsoft Publisher...

Remote code execution

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Microsoft Office...

CVE-2018-8245

A remote code execution vulnerability exists when Microsoft Publisher fails to utilize features that lock down the Local Machine zone when instantiating OLE objects, aka "Microsoft Publisher Remote Code Execution Vulnerability." This affects Microsoft Publisher...

The vulnerability of SAP Business Objects software for data collection and analysis lies in improper session management, allowing attackers to gain unauthorized access.

The vulnerability of SAP Business Objects software for data collection and analysis is related to improper session management. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access...

Media Foundation Memory Corruption Vulnerability

A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights. There are multiple ways an...