13 matches found
EUVD-2019-15712
Malware in sbrugna...
CVE-2019-6145
Forcepoint VPN Client for Windows versions lower than 6.6.1 have an unquoted search path vulnerability. This enables local privilege escalation to SYSTEM user. By default, only local administrators can write executables to the vulnerable directories. Forcepoint thanks Peleg Hadar of SafeBreach La...
LDAPNightmare PoC Exploit Crashes LSASS and Reboots Windows Domain Controllers
A proof-of-concept PoC exploit has been released for a now-patched security flaw impacting Windows Lightweight Directory Access Protocol LDAP that could trigger a denial-of-service DoS condition. The out-of-bounds reads vulnerability is tracked as CVE-2024-49113 CVSS score: 7.5. It was addressed ...
Exploit for Integer Overflow or Wraparound in Microsoft
PoC exploit for CVE-2024-49112 is uncertain. It is an offensive...
Exploit for Integer Overflow or Wraparound in Microsoft
PoC exploit for CVE-2024-49113, a Windows Server vulnerability...
Exploit for Out-of-bounds Read in Microsoft
PoC exploit for CVE-2024-49113, a Windows Server vulnerability...
PoolParty - A Set Of Fully-Undetectable Process Injection Techniques Abusing Windows Thread Pools
A collection of fully-undetectable process injection techniques abusing Windows Thread Pools. Presented at Black Hat EU 2023 Briefings under the title - injection-techniques-using-windows-thread-pools-35446"The Pool Party You Will Never Forget: New Process Injection Techniques UsingWindows Thread...
New Exploit Lets Malware Attackers Bypass Patch for Critical Microsoft MSHTML Flaw
A short-lived phishing campaign has been observed taking advantage of a novel exploit that bypassed a patch put in place by Microsoft to fix a remote code execution vulnerability affecting the MSHTML component with the goal of delivering Formbook malware. "The attachments represent an escalation ...
Confluence on Windows was vulnerable to DLL hijacking - CVE-2019-20406
The usage of Tomcat in Confluence on the Microsoft Windows operating system before version 7.0.5, from version 7.1.0 before version 7.1.1 allows local system attackers who have permission to write a dll file in a directory in the global path environmental variable variable to inject code & escala...
Confluence on Windows was vulnerable to DLL hijacking - CVE-2019-20406
The usage of Tomcat in Confluence on the Microsoft Windows operating system before version 7.0.5, from version 7.1.0 before version 7.1.1 allows local system attackers who have permission to write a dll file in a directory in the global path environmental variable variable to inject code & escala...
CVE-2019-6145
Forcepoint VPN Client for Windows versions lower than 6.6.1 have an unquoted search path vulnerability. This enables local privilege escalation to SYSTEM user. By default, only local administrators can write executables to the vulnerable directories. Forcepoint thanks Peleg Hadar of SafeBreach La...
CVE-2019-6145
CVE-2019-6145 affects Forcepoint VPN Client for Windows versions before 6.6.1. The flaw is an unquoted search path that can be exploited locally to escalate privileges to NT AUTHORITY\SYSTEM. It relies on an attacker having local access with write permissions to two locations: C:\Program.exe and ...
Debian Security Advisory DSA 3849-1 (kde4libs - security update)
Several vulnerabilities were discovered in kde4libs, the core libraries for all KDE 4 applications. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2017-6410 Itzik Kotler, Yonatan Fridburg and Amit Klein of Safebreach Labs reported that URLs are not sanitiz...