CVE-2025-11955 Incorrect validation of OCSP certificates in TheGreenBow VPN Client Windows Enterprise

Incorrect validation of OCSP certificates vulnerability in TheGreenBow VPN, versions 7.5 and 7.6. During the IKEv2 authentication step, the OCSP-enabled VPN client establishes the tunnel even if it does not receive an OCSP response or if the OCSP response signature is invalid...

CVE-2025-11955

The CVE-2025-11955 describes an OCSP certificate validation flaw in TheGreenBow VPN Client, affecting version 7.5 and 7.6. The vulnerability lets the IKEv2 VPN tunnel be established even if no OCSP response is received or if the OCSP signature is invalid, due to incorrect OCSP validation during a...

EUVD-2020-8877

Malware in sbrugna...

EUVD-2022-38714

Malicious code in bioql PyPI...

CVE-2023-47267

An issue discovered in TheGreenBow Windows Enterprise Certified VPN Client 6.52, Windows Standard VPN Client 6.87, and Windows Enterprise VPN Client 6.87 allows attackers to gain escalated privileges via crafted changes to memory mapped file...

Design/Logic Flaw

An issue discovered in TheGreenBow Windows Enterprise Certified VPN Client 6.52, Windows Standard VPN Client 6.87, and Windows Enterprise VPN Client 6.87 allows attackers to gain escalated privileges via crafted changes to memory mapped file...

CMLoot - Find Interesting Files Stored On (System Center) Configuration Manager (SCCM/CM) SMB Shares

CMLoot was created to easily find interesting files stored on System Center Configuration Manager SCCM/CM SMB shares. The shares are used for distributing software to Windows clients in Windows enterprise environments and can contains scripts/configuration files with passwords, certificates pfx,...

CVE-2022-35841 Windows Enterprise App Management Service Remote Code Execution Vulnerability

...

PT-2022-5744 · Microsoft · Windows Enterprise App Management Service +1

Name of the Vulnerable Software and Affected Versions: Windows Enterprise App Management Service affected versions not specified Description: The issue exists due to insufficient input validation in the Windows Enterprise App Management Service, allowing remote attackers to execute arbitrary code...

Microsoft Windows Autopatch is Now Generally Available for Enterprise Systems

Microsoft on Monday announced the general availability of a feature called Autopatch that automatically keeps Windows and Office software up-to-date on enrolled endpoints. The launch, which comes a day before Microsoft is expected to release its monthly round of security patches, is available for...

WiFi Mouse 1.7.8.5 - Remote Code Execution Exploit (2)

Exploit Title: WiFi Mouse 1.7.8.5 - Remote Code Execution Author: H4rk3nz0 Vendor Homepage: http://necta.us/ Software Link: http://wifimouse.necta.us/download Version: 1.7.8.5 Tested on: Windows Enterprise Build 17763 ​ Python 3 port done by RedHatAugust Original exploit:...

Microsoft's New Autopatch Feature to Help Businesses Keep Their Systems Up-to-Date

Microsoft last week announced that it intends to make generally available a feature called Autopatch as part of Windows Enterprise E3 in July 2022. "This service will keep Windows and Office software on enrolled endpoints up-to-date automatically, at no additional cost," said Lior Bela, senior...

WiFi Mouse 1.7.8.5 - Remote Code Execution Exploit

Exploit Title: WiFi Mouse 1.7.8.5 - Remote Code Execution Author: H4rk3nz0 Vendor Homepage: http://necta.us/ Software Link: http://wifimouse.necta.us/download Version: 1.7.8.5 Tested on: Windows Enterprise Build 17763 Desktop Server software used by mobile app has PIN option which does not to...

WiFi Mouse 1.7.8.5 Remote Code Execution

Exploit Title: WiFi Mouse 1.7.8.5 - Remote Code Execution Date: 25-02-2021 Author: H4rk3nz0 Vendor Homepage: http://necta.us/ Software Link: http://wifimouse.necta.us/download Version: 1.7.8.5 Tested on: Windows Enterprise Build 17763 Desktop Server software used by mobile app has PIN option whic...

CVE-2020-16919

An information disclosure vulnerability exists when the Windows Enterprise App Management Service improperly handles certain file operations. An attacker who successfully exploited this vulnerability could read arbitrary files. An attacker with unprivileged access to a vulnerable system could...

Windows Enterprise App Management Service Information Disclosure Vulnerability

An information disclosure vulnerability exists when the Windows Enterprise App Management Service improperly handles certain file operations. An attacker who successfully exploited this vulnerability could read arbitrary files. An attacker with unprivileged access to a vulnerable system could...