Lucene search
K

13 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2019-15712

Malware in sbrugna...

7.2CVSS6.6AI score0.00665EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/05/22 10:18 a.m.6 views

CVE-2019-6145

Forcepoint VPN Client for Windows versions lower than 6.6.1 have an unquoted search path vulnerability. This enables local privilege escalation to SYSTEM user. By default, only local administrators can write executables to the vulnerable directories. Forcepoint thanks Peleg Hadar of SafeBreach La...

7.2CVSS7.1AI score0.00665EPSS
Exploits1References1
The Hacker News
The Hacker News
added 2025/01/03 8:16 a.m.30 views

LDAPNightmare PoC Exploit Crashes LSASS and Reboots Windows Domain Controllers

A proof-of-concept PoC exploit has been released for a now-patched security flaw impacting Windows Lightweight Directory Access Protocol LDAP that could trigger a denial-of-service DoS condition. The out-of-bounds reads vulnerability is tracked as CVE-2024-49113 CVSS score: 7.5. It was addressed ...

9.8CVSS9.3AI score0.83642EPSS
Exploits8
GithubExploit
GithubExploit
added 2025/01/02 2:2 p.m.174 views

Exploit for Integer Overflow or Wraparound in Microsoft

PoC exploit for CVE-2024-49112 is uncertain. It is an offensive...

9.8CVSS9.8AI score0.70906EPSS
Exploits3
GithubExploit
GithubExploit
added 2025/01/01 3:48 p.m.117 views

Exploit for Integer Overflow or Wraparound in Microsoft

PoC exploit for CVE-2024-49113, a Windows Server vulnerability...

9.8CVSS9.4AI score0.83642EPSS
Exploits8
GithubExploit
GithubExploit
added 2025/01/01 3:48 p.m.147 views

Exploit for Out-of-bounds Read in Microsoft

PoC exploit for CVE-2024-49113, a Windows Server vulnerability...

7.5CVSS8.8AI score0.83642EPSS
Exploits6
Kitploit
Kitploit
added 2024/05/24 12:30 p.m.73 views

PoolParty - A Set Of Fully-Undetectable Process Injection Techniques Abusing Windows Thread Pools

A collection of fully-undetectable process injection techniques abusing Windows Thread Pools. Presented at Black Hat EU 2023 Briefings under the title - injection-techniques-using-windows-thread-pools-35446"The Pool Party You Will Never Forget: New Process Injection Techniques UsingWindows Thread...

7.7AI score
Exploits0References1
The Hacker News
The Hacker News
added 2021/12/22 7:45 a.m.406 views

New Exploit Lets Malware Attackers Bypass Patch for Critical Microsoft MSHTML Flaw

A short-lived phishing campaign has been observed taking advantage of a novel exploit that bypassed a patch put in place by Microsoft to fix a remote code execution vulnerability affecting the MSHTML component with the goal of delivering Formbook malware. "The attachments represent an escalation ...

8.8CVSS8.3AI score0.96843EPSS
Exploits38
Atlassian
Atlassian
added 2020/02/04 11:56 p.m.76 views

Confluence on Windows was vulnerable to DLL hijacking - CVE-2019-20406

The usage of Tomcat in Confluence on the Microsoft Windows operating system before version 7.0.5, from version 7.1.0 before version 7.1.1 allows local system attackers who have permission to write a dll file in a directory in the global path environmental variable variable to inject code & escala...

7.8CVSS4.6AI score0.0048EPSS
Exploits0Affected Software1
Atlassian
Atlassian
added 2020/02/04 11:56 p.m.33 views

Confluence on Windows was vulnerable to DLL hijacking - CVE-2019-20406

The usage of Tomcat in Confluence on the Microsoft Windows operating system before version 7.0.5, from version 7.1.0 before version 7.1.1 allows local system attackers who have permission to write a dll file in a directory in the global path environmental variable variable to inject code & escala...

7.8CVSS4.6AI score0.0048EPSS
Exploits0
NVD
NVD
added 2019/09/20 8:15 p.m.20 views

CVE-2019-6145

Forcepoint VPN Client for Windows versions lower than 6.6.1 have an unquoted search path vulnerability. This enables local privilege escalation to SYSTEM user. By default, only local administrators can write executables to the vulnerable directories. Forcepoint thanks Peleg Hadar of SafeBreach La...

7.2CVSS6.7AI score0.00665EPSS
Exploits1References2
CVE
CVE
added 2019/09/20 7:56 p.m.334 views

CVE-2019-6145

CVE-2019-6145 affects Forcepoint VPN Client for Windows versions before 6.6.1. The flaw is an unquoted search path that can be exploited locally to escalate privileges to NT AUTHORITY\SYSTEM. It relies on an attacker having local access with write permissions to two locations: C:\Program.exe and ...

7.2CVSS6.7AI score0.00665EPSS
Exploits1References2Affected Software1
OpenVAS
OpenVAS
added 2017/05/12 12:0 a.m.35 views

Debian Security Advisory DSA 3849-1 (kde4libs - security update)

Several vulnerabilities were discovered in kde4libs, the core libraries for all KDE 4 applications. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2017-6410 Itzik Kotler, Yonatan Fridburg and Amit Klein of Safebreach Labs reported that URLs are not sanitiz...

7.2CVSS0.4AI score0.01805EPSS
Exploits3References1
Rows per page
Query Builder