806 matches found
Polkit pkexec Local Privilege Escalation
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Local Privilege Escalation in polkits pkexec', 'Description' = %q A bug exists in the polkit pkexec binary in how it processes arguments. If the...
QEMU Monitor HMP 'migrate' Command Execution
This module uses QEMU's Monitor Human Monitor Interface HMP TCP server to execute system commands using the migrate command. This module has been tested successfully on QEMU version 6.2.0 on Ubuntu 20.04. Module Options msf use exploit/multi/misc/qemumonitorhmpmigratecmdexec msf...
February 8, 2022-KB5010483 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10, version 1909
February 8, 2022-KB5010483 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10, version 1909 Release Date: February 8, 2022 Version: .NET Framework 3.5 and 4.8 The February 8, 2022 update for Windows 10, version 1909 includes cumulative reliability improvements in .NET Framework 3.5 a...
February 8, 2022-KB5010460 Cumulative Update for .NET Framework 4.8 for Windows 10, version 1607 and Windows Server, version 2016
February 8, 2022-KB5010460 Cumulative Update for .NET Framework 4.8 for Windows 10, version 1607 and Windows Server, version 2016 Release Date: February 8, 2022 Version: .NET Framework 4.8 The February 8, 2022 update for Windows 10, version 1607 and Windows Server, version 2016 includes cumulativ...
February 8, 2022-KB5009470 Cumulative Update for .NET Framework 3.5 and 4.8 for Microsoft server operating system version 21H2
February 8, 2022-KB5009470 Cumulative Update for .NET Framework 3.5 and 4.8 for Microsoft server operating system version 21H2 Release Date: February 8, 2022 Version: .NET Framework 3.5 and 4.8 The February 8, 2022 update for Microsoft server operating system version 21H2 includes cumulative...
February 8, 2022-KB5009469 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 11
February 8, 2022-KB5009469 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 11 Release Date: February 8, 2022 Version: .NET Framework 3.5 and 4.8 The February 8, 2022 update for Windows 11 includes cumulative reliability improvements in .NET Framework 3.5 and 4.8. We recommend that yo...
Moderate: Red Hat Security Advisory: Red Hat Data Grid 8.2.3 security update
An update for Red Hat Data Grid is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...
Grandstream GXV3175 Unauthenticated Command Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Grandstream GXV3175 'settimezone' Unauthenticated Command Execution", 'Description' = %q This module exploits a command injection vulnerability i...
January 11, 2022-KB5008879 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10, version 1909
January 11, 2022-KB5008879 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10, version 1909 Release Date: January 11, 2022 Version: .NET Framework 3.5 and 4.8 Summary Security Improvements This security update addresses an issue where an unauthenticated attacker could cause a denial ...
January 11, 2022-KB5008876 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10, version 20H2, Windows Server, version 20H2, Windows 10 Version 21H1, and Windows 10 Version 21H2
January 11, 2022-KB5008876 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10, version 20H2, Windows Server, version 20H2, Windows 10 Version 21H1, and Windows 10 Version 21H2 Release Date: January 11, 2022 Version: .NET Framework 3.5 and 4.8 Summary Security Improvements This securi...
ManageEngine ServiceDesk Plus Remote Code Execution Exploit
This Metasploit module exploits CVE-2021-44077, an unauthenticated remote code execution vulnerability in ManageEngine ServiceDesk Plus, to upload an EXE msiexec.exe and execute it as the SYSTEM account. Note that build 11305 is vulnerable to the authentication bypass but not the file upload. The...
Microsoft Office Word MSHTML Remote Code Execution Exploit
This Metasploit module creates a malicious docx file that when opened in Word on a vulnerable Windows system will lead to code execution. This vulnerability exists because an attacker can craft a malicious ActiveX control to be used by a Microsoft Office document that hosts the browser rendering...
November 19, 2021-KB5007293 Cumulative Update Preview for .NET Framework 3.5 and 4.8 for Microsoft server operating system version 21H2
November 19, 2021-KB5007293 Cumulative Update Preview for .NET Framework 3.5 and 4.8 for Microsoft server operating system version 21H2 Release Date: November 19, 2021 Version: .NET Framework 3.5 and 4.8 The November 19, 2021 update for Microsoft server operating system version 21H2 includes...
November 22, 2021-KB5007292 Cumulative Update Preview for .NET Framework 3.5 and 4.8 for Windows 11
November 22, 2021-KB5007292 Cumulative Update Preview for .NET Framework 3.5 and 4.8 for Windows 11 Release Date: November 22, 2021 Version: .NET Framework 3.5 and 4.8 The November 22, 2021 update for Windows 11 includes cumulative reliability improvements in .NET Framework 3.5 and 4.8. We...
Important: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.4 images and security updates
Red Hat Advanced Cluster Management for Kubernetes 2.4.0 General Availability release images, which fix several bugs and security issues. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a...
November 9, 2021-KB5007152 Cumulative Update for .NET Framework 4.8 for Windows 10, version 1607 and Windows Server, version 2016
November 9, 2021-KB5007152 Cumulative Update for .NET Framework 4.8 for Windows 10, version 1607 and Windows Server, version 2016 Release Date: November 9, 2021 Version: .NET Framework 4.8 The November 9, 2021 update for Windows 10, version 1607 and Windows Server, version 2016 includes cumulativ...
.NET 3.1 Update
.NET 3.1 Update .NET Core 3.1 has been refreshed with the latest update as of November 08, 2021. This update contains reliability and other non-security fixes. See the release notes for details on updated packages. .NET Core 3.1 servicing updates are upgrades, that is, the latest servicing update...
Browse the session filesystem in a Web Browser
This module allows you to browse the session filesystem via a local browser window. Module Options msf use post/multi/manage/fileshare msf postfileshare show actions ...actions... msf postfileshare set ACTION msf postfileshare show options ...show and set options... msf postfileshare run This...
November 9, 2021-KB5006365 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10, version 2004, Windows Server, version 2004, Windows 10, version 20H2, and Windows Server, version 20H2, and Windows Version 21H1
November 9, 2021-KB5006365 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10, version 2004, Windows Server, version 2004, Windows 10, version 20H2, and Windows Server, version 20H2, and Windows Version 21H1 Release Date: November 9, 2021 Version: .NET Framework 3.5 and 4.8 The...
November 9, 2021-KB5006364 Cumulative Update for .NET Framework 3.5 and 4.8 for Microsoft server operating system version 21H2
November 9, 2021-KB5006364 Cumulative Update for .NET Framework 3.5 and 4.8 for Microsoft server operating system version 21H2 Release Date: November 9, 2021 Version: .NET Framework 3.5 and 4.8 The November 9, 2021 update for Microsoft server operating system version 21H2 includes cumulative...