CVE-2026-9207 Tanium addressed an unauthorized code execution vulnerability in Connect.

Tanium addressed an unauthorized code execution vulnerability in Connect...

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound in the NewNTUnicodeString function. An attacker can cause a truncated string rather than an error to be returned by convincing a user to access a filename of excessive length. Remediation Upgrade...

Microsoft Windows HTTP to LDAP Relay

This module supports running an HTTP server which validates credentials, and then attempts to execute a relay attack against an LDAP server on the configured RHOSTS hosts. It is not possible to relay NTLMv2 to LDAP due to the Message Integrity Check MIC. As a result, this will only work with...

HTTPS Fetch, Reverse TCP Stager (DNS)

Fetch and execute an x86 payload from an HTTPS server. Connect back to the attacker Module Options msf use payload/cmd/windows/https/x86/peinject/reversetcpdns msf payloadreversetcpdns show actions ...actions... msf payloadreversetcpdns set ACTION msf payloadreversetcpdns show options ...show and...

HTTPS Fetch, Reverse TCP Stager (No NX or Win7)

Fetch and execute an x86 payload from an HTTPS server. Connect back to the attacker No NX Module Options msf use payload/cmd/windows/https/x86/peinject/reversenonxtcp msf payloadreversenonxtcp show actions ...actions... msf payloadreversenonxtcp set ACTION msf payloadreversenonxtcp show options...

HTTP Fetch, Reverse TCP Stager with UUID Support

Fetch and execute an x86 payload from an HTTP server. Connect back to the attacker with UUID Support Module Options msf use payload/cmd/windows/http/x86/peinject/reversetcpuuid msf payloadreversetcpuuid show actions ...actions... msf payloadreversetcpuuid set ACTION msf payloadreversetcpuuid show...

HTTP Fetch, Hidden Bind TCP Stager

Fetch and execute an x86 payload from an HTTP server. Listen for a connection from a hidden port and spawn a command shell to the allowed host. Module Options msf use payload/cmd/windows/http/x86/meterpreter/bindhiddentcp msf payloadbindhiddentcp show actions ...actions... msf payloadbindhiddentc...

HTTPS Fetch, Reverse TCP Stager with UUID Support

Fetch and execute an x86 payload from an HTTPS server. Connect back to the attacker with UUID Support Module Options msf use payload/cmd/windows/https/x86/patchupmeterpreter/reversetcpuuid msf payloadreversetcpuuid show actions ...actions... msf payloadreversetcpuuid set ACTION msf...

HTTPS Fetch, Bind TCP Stager (No NX or Win7)

Fetch and execute an x86 payload from an HTTPS server. Listen for a connection No NX Module Options msf use payload/cmd/windows/https/x86/dllinject/bindnonxtcp msf payloadbindnonxtcp show actions ...actions... msf payloadbindnonxtcp set ACTION msf payloadbindnonxtcp show options ...show and set...

CVE-2024-22830

Anti-Cheat Expert's Windows kernel module "ACE-BASE.sys" version 1.0.2202.6217 does not perform proper access control when handling system resources. This allows a local attacker to escalate privileges from regular user to System or PPL level...

Google Pixel 安全漏洞

Google Pixel is a smartphone from Google, an American company. A security vulnerability exists in Google Pixel, which stems from a missing bounds check in the tmugetgovtimewindows module, which may result in out-of-bounds reads...

Huawei HarmonyOS Security Vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in Huawei HarmonyOS, which stems from a privilege control vulnerability in the windows module. Successful exploitation of thi...

CVE-2023-31902

creationtimestamp| type| source ---|---|--- 2022-09-28 15:17:23+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/misc/mobilemouserce.rb 2023-05-17 16:31:14+00:00| seen| https://t.me/cibsecurity/64313 2025-10-23 21:13:01+00:00| seen|...