284 matches found
ATBroker Registry Security Scanner
This code is a defensive Windows security scanner designed to audit potentially sensitive Registry paths related to ATBroker Accessibility Technology Broker and core system hives. It only checks for the presence of certain registry keys to see if they're protected or accessible...
Electron: Registry key path injection in app.setAsDefaultProtocolClient on Windows
Impact On Windows, app.setAsDefaultProtocolClientprotocol did not validate the protocol name before writing to the registry. Apps that pass untrusted input as the protocol name may allow an attacker to write to arbitrary subkeys under HKCU\Software\Classes, potentially hijacking existing protocol...
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
Overview electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS. Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' in the...
CVE-2026-1716
An input validation vulnerability was reported in the DeviceSettingsSystemAddin used in Lenovo Vantage and Lenovo Baiying that could allow a local authenticated user to delete arbitrary registry keys with elevated privileges...
CVE-2026-1715
An input validation vulnerability was reported in the DeviceSettingsSystemAddin used in Lenovo Vantage and Lenovo Baiying that could allow a local authenticated user to modify arbitrary registry keys with elevated privileges...
NVIDIA B300 MCU 安全漏洞
NVIDIA B300 MCU is a micro-control unit component developed by NVIDIA Corporation, used for managing and controlling hardware devices. The NVIDIA B300 MCU has a security vulnerability; this vulnerability stems from the CX8 MCU allowing modifications to unsupported registry keys, which may lead to...
Exploit for Incorrect Permission Assignment for Critical Resource in Microsoft
RegPwn BOF for Brute Ratel C4 My Brute Ratel C4 BOF reimpleme...
Microsoft Windows Image File Execution Options (IFEO) Persistence
This PHP script leverages legitimate Windows debugging features to establish persistent remote access. This technique leverages the Image File Execution Options IFEO registry keys to configure a monitor process that automatically executes when a specified target process exits. Windows allows...
EUVD-2026-11357
An input validation vulnerability was reported in the DeviceSettingsSystemAddin used in Lenovo Vantage and Lenovo Baiying that could allow a local authenticated user to modify arbitrary registry keys with elevated privileges...
EUVD-2026-11359
An input validation vulnerability was reported in the DeviceSettingsSystemAddin used in Lenovo Vantage and Lenovo Baiying that could allow a local authenticated user to delete arbitrary registry keys with elevated privileges...
CVE-2026-1716
An input validation vulnerability was reported in the DeviceSettingsSystemAddin used in Lenovo Vantage and Lenovo Baiying that could allow a local authenticated user to delete arbitrary registry keys with elevated privileges...
CVE-2026-1715
An input validation vulnerability was reported in the DeviceSettingsSystemAddin used in Lenovo Vantage and Lenovo Baiying that could allow a local authenticated user to modify arbitrary registry keys with elevated privileges...
CVE-2026-1716
An input validation vulnerability was reported in the DeviceSettingsSystemAddin used in Lenovo Vantage and Lenovo Baiying that could allow a local authenticated user to delete arbitrary registry keys with elevated privileges...
CVE-2026-1716
An input validation vulnerability was reported in the DeviceSettingsSystemAddin used in Lenovo Vantage and Lenovo Baiying that could allow a local authenticated user to delete arbitrary registry keys with elevated privileges...
CVE-2026-1716
An input validation vulnerability was reported in the DeviceSettingsSystemAddin used in Lenovo Vantage and Lenovo Baiying that could allow a local authenticated user to delete arbitrary registry keys with elevated privileges...
CVE-2026-1716
The CVE-2026-1716 entry concerns an input validation vulnerability in Lenovo’s DeviceSettingsSystemAddin used by Lenovo Vantage and Lenovo Baiying. A local authenticated user can delete arbitrary registry keys with elevated privileges due to inadequate input validation. Impact includes potential ...
CVE-2026-1715
CVE-2026-1715 describes an input-validation vulnerability in the Lenovo ecosystem involving the DeviceSettingsSystemAddin used by Lenovo Vantage and Lenovo Baiying. The issue allows a local authenticated user to modify arbitrary registry keys with elevated privileges, indicating a failure in vali...
CVE-2026-1715
An input validation vulnerability was reported in the DeviceSettingsSystemAddin used in Lenovo Vantage and Lenovo Baiying that could allow a local authenticated user to modify arbitrary registry keys with elevated privileges...
CVE-2026-1715
An input validation vulnerability was reported in the DeviceSettingsSystemAddin used in Lenovo Vantage and Lenovo Baiying that could allow a local authenticated user to modify arbitrary registry keys with elevated privileges...
CVE-2026-1715
An input validation vulnerability was reported in the DeviceSettingsSystemAddin used in Lenovo Vantage and Lenovo Baiying that could allow a local authenticated user to modify arbitrary registry keys with elevated privileges...