KB5021296: Windows 8.1 and Windows Server 2012 R2 Security Update (December 2022)

The remote Windows host is missing security update 5021296. It is, therefore, affected by multiple vulnerabilities - PowerShell Remote Code Execution Vulnerability CVE-2022-41076 - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorize...

Microsoft Windows PowerShell 安全漏洞

PowerShell is a task automation and configuration management framework developed by Microsoft Corporation USA, consisting of a command line interface shell layer related manuscript language built from . exploit this vulnerability to bypass sandbox restrictions and execute arbitrary code on the...

KLA20123 Multiple vulnerabilities in Microsoft Developer Tools

Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in Microsoft Windows Sysmon can be exploited...

KB5021234: Windows 11 Security Update (December 2022)

The remote Windows host is missing security update 5021234. It is, therefore, affected by multiple vulnerabilities - PowerShell Remote Code Execution Vulnerability CVE-2022-41076 - Windows Subsystem for Linux WSL2 Kernel Elevation of Privilege Vulnerability CVE-2022-44689 - A remote code executio...

KB5021293: Windows Server 2008 Security Update (December 2022)

The remote Windows host is missing security update 5021293. It is, therefore, affected by multiple vulnerabilities - PowerShell Remote Code Execution Vulnerability CVE-2022-41076 - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorize...

KB5021249: Windows Server 2022 Security Update (December 2022)

The remote Windows host is missing security update 5021249. It is, therefore, affected by multiple vulnerabilities - PowerShell Remote Code Execution Vulnerability CVE-2022-41076 - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorize...

Judging Management System 1.0 Shell Upload

Exploit Title: Judging Management System v1.0 - Remote Code Execution RCE Date: 12/11/2022 Exploit Author: Angelo Pio Amirante Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/15910/judging-management-system-using-php-and-mysql-free-source-code.ht...

AzureGraph - Azure AD Enumeration Over MS Graph

AzureGraph is an Azure AD information gathering tool over Microsoft Graph. Thanks to Microsoft Graph technology, it is possible to obtain all kinds of information from Azure AD, such as users, devices, applications, domains and much more. This application, allows you to query this data through th...

Chinese Hackers Target Middle East Telecoms in Latest Cyber Attacks

A malicious campaign targeting the Middle East is likely linked to BackdoorDiplomacy, an advanced persistent threat APT group with ties to China. The espionage activity, directed against a telecom company in the region, is said to have commenced on August 19, 2021 through the successful...

Shells - Little Script For Generating Revshells

A script for generating common revshells fast and easy. Especially nice when in need of PowerShell and Python revshells, which can be a PITA getting correctly formated. PowerShell revshells Shows username@computer, above the prompt and working-directory Has a partial AMSI-bypass, making some stuf...

Russia-based RansomBoggs Ransomware Targeted Several Ukrainian Organizations

Ukraine has come under a fresh onslaught of ransomware attacks that mirror previous intrusions attributed to the Russia-based Sandworm nation-state group. Slovak cybersecurity company ESET, which dubbed the new ransomware strain RansomBoggs, said the attacks against several Ukrainian entities wer...

Exploit for CVE-2022-30190

...

Important Photon OS Security Update - PHSA-2022-3.0-0488

Updates of 'linux-esx', 'linux-rt', 'powershell', 'linux-aws', 'linux', 'linux-secure' packages of Photon OS have been released...

CVE-2022-45184

The Web Server in Ironman Software PowerShell Universal v3.x and v2.x allows for directory traversal outside of the configuration directory, which allows a remote attacker with administrator privilege to create, delete, update, and display files outside of the configuration directory via a crafte...

CVE-2022-45184

The Web Server in Ironman Software PowerShell Universal v3.x and v2.x allows for directory traversal outside of the configuration directory, which allows a remote attacker with administrator privilege to create, delete, update, and display files outside of the configuration directory via a crafte...

CVE-2022-45184

The Web Server in Ironman Software PowerShell Universal v3.x and v2.x allows for directory traversal outside of the configuration directory, which allows a remote attacker with administrator privilege to create, delete, update, and display files outside of the configuration directory via a crafte...

CVE-2022-45183

Escalation of privileges in the Web Server in Ironman Software PowerShell Universal 2.x and 3.x allows an attacker with a valid app token to retrieve other app tokens by ID via an HTTP web request. Patched Versions are 3.5.3, 3.4.7, and 2.12.6...

Privilege escalation

Escalation of privileges in the Web Server in Ironman Software PowerShell Universal 2.x and 3.x allows an attacker with a valid app token to retrieve other app tokens by ID via an HTTP web request. Patched Versions are 3.5.3, 3.4.7, and 2.12.6...

Directory traversal

The Web Server in Ironman Software PowerShell Universal v3.x and v2.x allows for directory traversal outside of the configuration directory, which allows a remote attacker with administrator privilege to create, delete, update, and display files outside of the configuration directory via a crafte...

Worok Hackers Abuse Dropbox API to Exfiltrate Data via Backdoor Hidden in Images

A recently discovered cyber espionage group dubbed Worok has been found hiding malware in seemingly innocuous image files, corroborating a crucial link in the threat actor's infection chain. Czech cybersecurity firm Avast said the purpose of the PNG files is to conceal a payload that's used to...