CVE-2025-13919 Component Object Model (COM) Hijacking in Symantec Endpoint Protection Windows Client

Symantec Endpoint Protection, prior to 14.3 RU10 Patch 1, RU9 Patch 2, and RU8 Patch 3, may be susceptible to a COM Hijacking vulnerability, which is a type of issue whereby an attacker attempts to establish persistence and evade detection by hijacking COM references in the Windows Registry...

EUVD-2019-7537

Malware in sbrugna...

CVE-2019-17066

Ivanti WorkSpace Control prior to 10.4.40.0 is affected by a local privilege elevation vulnerability where a user can hijack certain user registry entries (HKCU) because pwrgrid.exe checks the Current User registry hives when starting an elevated application. This is the documented root cause and...

venom

This is a Metasploit framework module for generating shellcode and compiling it into an executable file. The module, named "venom", uses msfvenom to generate shellcode in various formats and injects it into a template, which is then compiled using compilers like gcc or pyinstaller. The module als...

Windows UAC Protection Bypass (Via FodHelper Registry Key)

This module will bypass Windows 10 UAC by hijacking a special key in the Registry under the current user hive, and inserting a custom command that will get invoked when the Windows fodhelper.exe application is launched. It will spawn a second shell that has the UAC flag turned off. This module...

Enigma Fileless UAC Bypass Exploit

This Metasploit module is an implementation of fileless uac bypass using cmd.exe instead of powershell.exe OJ msf module. This module will create the required registry entry in the current user's hive, set the default value to whatever you pass via the EXECCOMMAND parameter, and runs eventvwr.exe...

Enigma Fileless UAC Bypass

a This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ Exploit Title : enigmafilelessuacbypass.rb Module...

Windows Escalate UAC Protection Bypass

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'msf/core/exploit/exe' require 'msf/core/exploit/powershell' class MetasploitModule 'Windows Escalate UAC Protection Bypass Via Eventvwr Regist...

Latest Windows UAC Bypass Permits Code Execution

Less than a month after disclosing a Windows User Account Control bypass, researcher Matt Nelson today published another attack that circumvents the security feature and leaves no traces on the hard disk. This time, the bypass relies on Event Viewer eventvwr.exe, a native Windows feature used to...