15 matches found
CVE-2024-46465
By default, dedicated folders of CRYHOD for Windows up to 2024.3 can be accessed by other users to misuse technical files and make them perform tasks with higher privileges. Configuration of CRYHOD has to be modified to prevent this vulnerability...
CVE-2023-20084
A vulnerability in the endpoint software of Cisco Secure Endpoint for Windows could allow an authenticated, local attacker to evade endpoint protection within a limited time window. This vulnerability is due to a timing issue that occurs between various software components. An attacker could...
Cisco Secure Endpoint for Windows Scanning Evasion (cisco-sa-secure-endpoint-dos-RzOgFKnd)
A vulnerability in the endpoint software of Cisco Secure Endpoint for Windows could allow an authenticated, local attacker to evade endpoint protection within a limited time window. This vulnerability is due to a timing issue that occurs between various software components. An attacker could...
CVE-2023-20084
A vulnerability in the endpoint software of Cisco Secure Endpoint for Windows could allow an authenticated, local attacker to evade endpoint protection within a limited time window. This vulnerability is due to a timing issue that occurs between various software components. An attacker could...
Design/Logic Flaw
A vulnerability in the endpoint software of Cisco Secure Endpoint for Windows could allow an authenticated, local attacker to evade endpoint protection within a limited time window. This vulnerability is due to a timing issue that occurs between various software components. An attacker could...
CVE-2023-20084
A vulnerability in the endpoint software of Cisco Secure Endpoint for Windows could allow an authenticated, local attacker to evade endpoint protection within a limited time window. This vulnerability is due to a timing issue that occurs between various software components. An attacker could...
Cisco Secure Endpoint for Windows Scanning Evasion Vulnerability
A vulnerability in the endpoint software of Cisco Secure Endpoint for Windows could allow an authenticated, local attacker to evade endpoint protection within a limited time window. This vulnerability is due to a timing issue that occurs between various software components. An attacker could...
CVE-2023-22947
Insecure folder permissions in the Windows installation path of Shibboleth Service Provider SP before 3.4.1 allow an unprivileged local attacker to escalate privileges to SYSTEM via DLL planting in the service executable's folder. This occurs because the installation goes under C:\opt rather than...
PT-2023-18789 · Unknown · Shibboleth Service Provider
Name of the Vulnerable Software and Affected Versions: Shibboleth Service Provider SP versions prior to 3.4.1 Description: The issue concerns insecure folder permissions in the Windows installation path of Shibboleth Service Provider SP. This allows an unprivileged local attacker to escalate...
Microsoft Windows 后置链接漏洞
Microsoft Windows is a suite of operating systems for use on personal devices from Microsoft Corporation USA. A backlink vulnerability exists in Microsoft Windows folder redirection. The following products and versions are affected:Windows 10 for 32-bit Systems,Windows 10 for x64-based...
Samsung Keylogger Case Revealed As False Positive
The panic that arose yesterday about Samsung allegedly shipping laptops that contained a pre-installed keylogger turns out to have been a complete mistake after further investigation by security researchers and the company itself. In fact, the controversy was the result of a false positive from o...
Shellcode - Win32 MessageBox Metasploit module
Shellcode - Win32 MessageBox Metasploit module. Shellcode exploit for win32 platform $Id: messagebox.rb 4 2010-02-26 00:28:00:00Z corelanc0d3r & rick2600 $ Installation instructions : Drop file in framework3/modules/payloads/singles/windows folder Usage : ./msfpayload windows/messagebox...
Hacking tricks of how to register a DLL or OCX file-vulnerability warning-the black bar safety net
大家 注册 DLL 或 OCX 的 方法 应该 用 Regsvr32.exe with much more everyone will certainly think in the running to write a long list of things it is annoying! Here I introduce a kind of trouble a convenient“whole life”approach. This method as long as the right-click you want to register or unregister the OCX ...
CVE-2006-1161
Absolute path traversal vulnerability in Easy File Sharing EFS Web Server 3.2 allows remote registered users to execute arbitrary code by uploading a malicious file to the Windows startup folder...
CVE-2006-1161
Absolute path traversal vulnerability in Easy File Sharing EFS Web Server 3.2 allows remote registered users to execute arbitrary code by uploading a malicious file to the Windows startup folder...