Microsoft Windows TCP/IP 资源管理错误漏洞

Microsoft Windows TCP/IP is a component provided by Microsoft Corporation that offers TCP/IP configuration functions for Windows. There is a resource management vulnerability in Microsoft Windows TCP/IP. The following products and versions are affected: Windows 10 Version 1809 for 32-bit systems,...

Microsoft Windows Ancillary Function Driver for WinSock 安全漏洞

The Microsoft Windows Ancillary Function Driver for WinSock is a supplementary function driver for Winsock developed by Microsoft Corporation. There are security vulnerabilities associated with the Microsoft Windows Ancillary Function Driver for WinSock. Attackers can exploit these vulnerabilitie...

Microsoft Windows Kerberos 安全漏洞

Microsoft Windows Kerberos is a software for authentication in network clusters from Microsoft Corporation.Kerberos also serves as a network authentication protocol designed to provide strong authentication services to client/server applications via a key system. A security vulnerability exists i...

Microsoft Hyper-V 安全漏洞

Microsoft Hyper-V is an application from Microsoft USA. A system hypervisor virtualization technology that enables desktop virtualization. A security vulnerability exists in Microsoft Hyper-V. An attacker exploiting the vulnerability can elevate privileges. The following products and versions are...

Working Directory ignored for first application launch after upgrading to 1912 CU9 VDA

This known issue affects published applications in Multi-Session VDAs. VDAs are upgraded to 1912 CU9. Launching the first Published Application fails. Any subsequent application launch succeeds. In certain cases, the initial launch of the published application is successful but results in a...

Microsoft Windows USB Attached SCSI Security Vulnerability

Microsoft Windows USB Attached SCSI is a protocol for USB storage devices from Microsoft USA. A security vulnerability exists in Microsoft Windows USB Attached SCSI. An attacker could exploit the vulnerability to remotely execute code. The following products and editions are affected: Windows...

GLPI GZIP(Py3) 9.4.5 Remote Code Execution

!/usr/bin/env python3 Exploit Title: GLPI GZIPPy3 9.4.5 - RCE Date: 08-30-2021 Exploit Authors: Brian Peters & n3rada Vendor Homepage: https://glpi-project.org/ Software Link: https://github.com/glpi-project/glpi/releases Version: 0.8.5-9.4.5 Tested on: Exploit ran on Kali 2021. GLPI Ran on Windo...

GLPI GZIP(Py3) 9.4.5 - Remote Code Execution Exploit

!/usr/bin/env python3 Exploit Title: GLPI GZIPPy3 9.4.5 - RCE Date: 08-30-2021 Exploit Authors: Brian Peters & n3rada Vendor Homepage: https://glpi-project.org/ Software Link: https://github.com/glpi-project/glpi/releases Version: 0.8.5-9.4.5 Tested on: Exploit ran on Kali 2021. GLPI Ran on Windo...

Microsoft Windows Kerberos 安全漏洞

Microsoft Windows Kerberos is a software for authentication in network clusters from Microsoft Corporation.Kerberos also serves as a network authentication protocol designed to provide strong authentication services to client/server applications via a key system. A security vulnerability exists i...

Microsoft Windows OLE 安全漏洞

Microsoft Windows is a suite of operating systems for use on personal devices from the U.S.-based Microsoft Corporation Microsoft. A security vulnerability exists in Microsoft Windows OLE. The following products and editions are affected:Windows Server 2008 for 32-bit Systems Service Pack 2 Serve...

KLA12431 RCE vulnerability in Microsoft Windows

Remote code execution vulnerability was found in Microsoft Windows. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories CVE-2013-3900 Exploitation Public exploits exist for this vulnerability. Related products Microsoft-Windows Microsoft-Windows-Server...

Microsoft Warns of Windows Win32k Privilege Escalation

Microsoft has released a security advisory to address an escalation of privileges vulnerability, CVE-2021-1732, in Microsoft Win32k. A local attacker can exploit this vulnerability to take control of an affected system. This vulnerability was detected in exploits in the wild. CISA encourages user...

Microsoft Windows Bluetooth Service Security Vulnerability

Microsoft Windows Bluetooth Service is a Bluetooth driver from Microsoft. A security vulnerability exists in Microsoft Windows Bluetooth Service. No information about this vulnerability is available at this time, so please stay tuned to CNNVD or the vendor's announcement. The following products a...

SMB12 Information Gathering Exploit

SMB12 Information Gathering is a data gathering python script that inspects SMB1 and SMB2 endpoints. It will extract various attributes from the remote server such as OS version only supported by SMB1 as per protocol definition, DNS computer name, DNS domain name, NetBIOS computer name and NetBIO...

Memory Corruption Vulnerability Exists in Extreme Office 2019 For Windows at Beijing Haiteng Times Technology Co Ltd (CNVD-2020-44378)

Extreme Office is an independently controlled office learning software developed by Beijing Haiteng Times Technology Co. A memory corruption vulnerability exists in Extreme Office 2019 For Windows by Beijing Haiteng Times Technology Co. which can be exploited by attackers to cause a denial of...