Lucene search
+L

112 matches found

The Hacker News
The Hacker News
added 2020/03/12 2:30 p.m.389 views

Critical Patch Released for 'Wormable' SMBv3 Vulnerability — Install It ASAP!

Microsoft today finally released an emergency software update to patch the recently disclosed very dangerous vulnerability in SMBv3 protocol that could let attackers launch wormable malware, which can propagate itself from one vulnerable computer to another automatically. The vulnerability, track...

10CVSS2.4AI score0.9981EPSS
Exploits125
BDU FSTEC
BDU FSTEC
added 2019/12/26 12:0 a.m.7 views

The vulnerability of the Intel Smart Sound Technology driver, related to a overflow in the unloaded pool in the operating memory, allows a hacker to execute arbitrary code.

The vulnerability of the Intel Smart Sound Technology driver is related to a overflow in the unloaded pool in the operating memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code with elevated privileges...

7.8CVSS8.1AI score0.00377EPSS
Exploits0References4Affected Software81
NVD
NVD
added 2019/09/04 12:15 p.m.25 views

CVE-2019-10709

AsusPTPFilter.sys on Asus Precision TouchPad 11.0.0.25 hardware has a Pool Overflow associated with the \.\AsusTP device, leading to a DoS or potentially privilege escalation via a crafted DeviceIoControl call...

9.8CVSS9.5AI score0.11536EPSS
Exploits5References2
OSV
OSV
added 2019/09/04 12:15 p.m.3 views

CVE-2019-10709

AsusPTPFilter.sys on Asus Precision TouchPad 11.0.0.25 hardware has a Pool Overflow associated with the \.\AsusTP device, leading to a DoS or potentially privilege escalation via a crafted DeviceIoControl call...

9.8CVSS7.3AI score0.11536EPSS
Exploits5References2
Prion
Prion
added 2019/09/04 12:15 p.m.18 views

Design/Logic Flaw

AsusPTPFilter.sys on Asus Precision TouchPad 11.0.0.25 hardware has a Pool Overflow associated with the \.\AsusTP device, leading to a DoS or potentially privilege escalation via a crafted DeviceIoControl call...

7.5CVSS9.4AI score0.11536EPSS
Exploits5References2Affected Software1
Cvelist
Cvelist
added 2019/09/04 11:14 a.m.30 views

CVE-2019-10709

AsusPTPFilter.sys on Asus Precision TouchPad 11.0.0.25 hardware has a Pool Overflow associated with the \.\AsusTP device, leading to a DoS or potentially privilege escalation via a crafted DeviceIoControl call...

9.5AI score0.11536EPSS
Exploits5References2
CVE
CVE
added 2019/09/04 11:14 a.m.102 views

CVE-2019-10709

CVE-2019-10709 affects Asus Precision TouchPad driver 11.0.0.25. A pool overflow in the AsusPTPFilter.sys/AsusTP device handling via DeviceIoControl (IOCTL 0x221408) with crafted input can trigger DoS and may enable elevation of privilege. Exploit samples show sending a 12048-byte payload to the ...

9.8CVSS9.4AI score0.11536EPSS
Exploits5References2Affected Software1
CERT
CERT
added 2019/02/05 12:0 a.m.283 views

Marvell Avastar wireless SoCs have multiple vulnerabilities

Overview Some Marvell Avastar wireless system on chip SoC models have multiple vulnerabilities, including a block pool overflow during Wi-Fi network scan. Description A presentation at the ZeroNights 2018 conference describes multiple security issues with Marvell Avastar SoCs models 88W8787,...

8.8CVSS9AI score0.06617EPSS
Exploits1References7
myhack58
myhack58
added 2019/01/29 12:0 a.m.98 views

HEVD pool overflow analysis-vulnerability warning-the black bar safety net

Prepare the environment Win 10 64-bit host + win 7 32-bit virtual machine Windbg: a debugger VirtualKD-3.0: double-click the debug tool InstDrv: the drive is installed, run the tool HEVD: a Windows kernel vulnerability training project, which almost covers the kernel may exist, all vulnerability...

7.4AI score
Exploits0
OSV
OSV
added 2018/12/23 2:29 a.m.5 views

CVE-2018-20331

Local attackers can trigger a Kernel Pool Buffer Overflow in Antiy AVL ATool v1.0.0.22. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the processing of IOCTL 0x80002004 by the...

7.8CVSS6.2AI score0.00613EPSS
Exploits2References1
NVD
NVD
added 2018/08/01 3:29 p.m.18 views

CVE-2018-3666

Driver module in Intel Smart Sound Technology before version 9.21.00.3541 potentially allows a local attacker to execute arbitrary code as administrator via a non-paged pool overflow...

8.8CVSS8.6AI score0.00377EPSS
Exploits0References1
CVE
CVE
added 2018/08/01 3:0 p.m.76 views

CVE-2018-3666

Intel Smart Sound Technology driver vulnerable to local privilege escalation (CVE-2018-3666) due to non-paged pool overflow, with variants affecting additional issues (buffer overflow and system calls) in versions prior to 9.21.00.3541. The Intel advisory and related Lenovo/HP documents confirm t...

8.8CVSS8.5AI score0.00377EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2018/08/01 3:0 p.m.22 views

CVE-2018-3666

Driver module in Intel Smart Sound Technology before version 9.21.00.3541 potentially allows a local attacker to execute arbitrary code as administrator via a non-paged pool overflow...

8.6AI score0.00377EPSS
Exploits0References1
Metasploit
Metasploit
added 2018/06/18 4:41 p.m.65 views

MS17-010 EternalBlue SMB Remote Windows Kernel Pool Corruption for Win8+

EternalBlue exploit for Windows 8, Windows 10, and 2012 by sleepya The exploit might FAIL and CRASH a target system depended on what is overwritten The exploit support only x64 target Tested on: - Windows 2012 R2 x64 - Windows 8.1 x64 - Windows 10 Pro Build 10240 x64 - Windows 10 Enterprise...

7.2AI score
Exploits0
seebug.org
seebug.org
added 2018/01/16 12:0 a.m.69 views

CODE EXECUTION (CVE-2018-5189) WALKTHROUGH ON JUNGO WINDRIVER 12.5.1

INTRODUCTION Windows kernel exploitation can be a daunting area to get into. There are tons of helpful tutorials out there and originally this post was going to add to that list. This is the story of how I found CVE-2018-5189 and a complete walkthrough of the exploit development cycle. The idea w...

8.5AI score0.01204EPSS
Exploits3
0day.today
0day.today
added 2017/10/26 12:0 a.m.46 views

HitmanPro 3.7.15 Build 281 - Kernel Pool Overflow Exploit

Exploit for windows platform in category local exploits Exploit-CVE-2017-6008 The CVE-2017-6008 is a vulnerability in the HitmanPro scan that allows privilege escalation by exploiting a kernel pool buffer overflow. The exploits here use the Quota Process Pointer Overwrite attack as described in t...

4.6CVSS0.2AI score0.01904EPSS
Exploits6
exploitpack
exploitpack
added 2017/10/26 12:0 a.m.49 views

HitmanPro 3.7.15 Build 281 - Kernel Pool Overflow

HitmanPro 3.7.15 Build 281 - Kernel Pool Overflow Exploit-CVE-2017-6008 The CVE-2017-6008 is a vulnerability in the HitmanPro scan that allows privilege escalation by exploiting a kernel pool buffer overflow. The exploits here use the Quota Process Pointer Overwrite attack as described in the...

4.6CVSS0.3AI score0.01904EPSS
Exploits6
Exploit DB
Exploit DB
added 2017/10/26 12:0 a.m.60 views

HitmanPro 3.7.15 Build 281 - Kernel Pool Overflow

Exploit-CVE-2017-6008 The CVE-2017-6008 is a vulnerability in the HitmanPro scan that allows privilege escalation by exploiting a kernel pool buffer overflow. The exploits here use the Quota Process Pointer Overwrite attack as described in the Tarjei Mandt's paper Also, the exploits use my Pool...

7.8CVSS7.7AI score0.01904EPSS
Exploits6
0day.today
0day.today
added 2017/10/06 12:0 a.m.82 views

Microsoft Windows 10 x64 RS2 - win32kfull!bFill Pool Overflow Exploit

Exploit for windows platform in category local exploits Sources: https://siberas.de/blog/2017/10/05/exploitationcasestudywildpooloverflowCVE-2016-3309reloaded.html https://github.com/siberas/CVE-2016-3309Reloaded Exploits for the recently-patched win32kfull!bFill vulnerability. Executing the...

7.2CVSS7.6AI score0.20625EPSS
Exploits8
exploitpack
exploitpack
added 2017/10/06 12:0 a.m.68 views

Microsoft Windows 10 RS2 (x64) - win32kfull!bFill Pool Overflow

Microsoft Windows 10 RS2 x64 - win32kfull!bFill Pool Overflow Sources: https://siberas.de/blog/2017/10/05/exploitationcasestudywildpooloverflowCVE-2016-3309reloaded.html https://github.com/siberas/CVE-2016-3309Reloaded Exploits for the recently-patched win32kfull!bFill vulnerability. Executing th...

7.2CVSS0.20625EPSS
Exploits8
Rows per page
Query Builder