Spring Framework 安全漏洞

The Spring Framework is an application development framework developed by Spring in a open-source manner. There are security vulnerabilities in Spring Framework versions 7.0.0 and earlier, 6.2.0 and earlier, 6.1.0 and earlier, and 5.3.0 and earlier. These vulnerabilities stem from the SpEL...

EUVD-2024-53110

Malicious code in bioql PyPI...

Invoke-Transfer - PowerShell Clipboard Data Transfer

Invoke-Transfer Invoke-Transfer is a PowerShell Clipboard Data Transfer. This tool helps you to send files in highly restricted environments such as Citrix, RDP, VNC, Guacamole.. using the clipboard function. As long as you can send text through the clipboard, you can send files in text format, i...

Minimalistic-offensive-security-tools - A Repository Of Tools For Pentesting Of Restricted And Isolated Environments

Minimalistic SMB loginbruteforcer smblogin.ps1 A simple SMB login attack and password spraying tool. It takes a list of targets and credentials username and password as parameters and it tries to authenticate against each target using the provided credentials. Despite its minimalistic design, the...

Mssqlproxy - A Toolkit Aimed To Perform Lateral Movement In Restricted Environments Through A Compromised Microsoft SQL Server Via Socket Reuse

mssqlproxy is a toolkit aimed to perform lateral movement in restricted environments through a compromised Microsoft SQL Server via socket reuse. The client requires impacket and sysadmin privileges on the SQL server. Please read this article carefully before continuing. It consists of three part...

Microsoft Windows Search Indexer CVE-2020-0633 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for...

Microsoft Windows Graphics Component CVE-2020-0622 Information Disclosure Vulnerability

Description Microsoft Windows is prone to a information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 160...

Microsoft Windows Update Notification Manager CVE-2020-0638 Local Privilege Escalation Vulnerability

Description Microsoft Windows Update Notification Manager is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges. Technologies Affected Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1803 for...

Microsoft Windows GDI+ Component CVE-2020-0643 Local Information Disclosure Vulnerability

Description Microsoft Windows is prone to a local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information that may lead to further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version...

Microsoft Windows CVE-2020-0641 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to gain elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft...

Microsoft Windows CVE-2020-0644 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version...

Oracle Database Server CVE-2020-2731 Local Security Vulnerability

Description Oracle Database Server is prone to a local security vulnerability. The vulnerability can be exploited over the 'Local Logon' protocol. The 'Core RDBMS' component is affected. This vulnerability affects the following supported versions: 12.1.0.2, 12.2.0.1, 18c and 19c Technologies...

Oracle Database Server CVE-2020-2568 Local Security Vulnerability

Description Oracle Database Server is prone to a local security vulnerability that exists in Oracle Applications DBA. The vulnerability can be exploited over the 'Local Logon' protocol. For an exploit to succeed, the attacker must have 'Local Logon' privilege. This vulnerability affects the...

Oracle WebLogic Server CVE-2020-2550 Local Security Vulnerability

Description Oracle WebLogic Server is prone to a local security vulnerability. The 'WLS Core Components' component is affected. This vulnerability affects the following supported versions: 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 Technologies Affected Oracle Weblogic Server 10.3.6.0.0 Oracl...

Oracle Hospitality Suites Management CVE-2020-2697 Local Security Vulnerability

Description Oracle Hospitality Suites Management is prone to a local security vulnerability. The vulnerability can be exploited over the 'HTTP' protocol. The 'Request Tracker' package is affected. This vulnerability affects the following supported versions: 3.7, 3.8 Technologies Affected Oracle...

Oracle Solaris CVE-2020-2696 Local Security Vulnerability

Description Oracle Solaris is prone to a local security vulnerability. This issue affects the 'Common Desktop Environment' component. This vulnerability affects the following supported version: 10 Technologies Affected Oracle Solaris 10 Recommendations Permit local access for trusted individuals...

Oracle Solaris cpujan2020 Multiple Local Security Vulnerabilities

Description Oracle Solaris is prone to multiple local security vulnerabilities. These vulnerabilities affect the following supported versions: 11 Technologies Affected Oracle Solaris 11 Recommendations Permit local access for trusted individuals only. Where possible, use restricted environments a...

Norton Power Eraser CVE-2019-19548 Local Privilege Escalation Vulnerability

Description Norton Power Eraser is prone to a local privilege escalation vulnerability. A local attacker can leverage this issue to gain elevated privileges. Versions prior to Norton Power Eraser Prior to 5.3.0.67 are vulnerable. Technologies Affected Symantec Norton Power Eraser NPE 2.0.0.52...

Oracle Hospitality Cruise Materials Management CVE-2020-2599 Local Security Vulnerability

Description Oracle Hospitality Cruise Materials Management is prone to a local security vulnerability. This issue affects the 'MMS All' component. This vulnerability affects the following supported version: 7.30.567 Technologies Affected Oracle Hospitality Cruise Materials Management 7.30.567...

Oracle Solaris cpujan2020 Multiple Local Security Vulnerabilities

Description Oracle Solaris is prone to multiple local security vulnerabilities. These vulnerabilities affect the following supported versions: 10, 11 Technologies Affected Oracle Solaris 10 Oracle Solaris 11 Recommendations Permit local access for trusted individuals only. Where possible, use...