#windows #cve
[ Explore elevation of privilege of CNG Key Isolation ]
BLOGPOST
[ Explore elevation of privilege of CNG Key Isolation ]
.....When client win the race which means the property object occupy the key object hole after key object freed at SrvFreeKey function, it will finally load arbitrary dll in lsass process which finally cause appcontainer sandbox escape.
POCBLOGPOST
#windows #lpe #cve
[ CVE-2023-27470 ]
Exercise that replicates LPE: https://github.com/3lp4tr0n/CVE-2023-27470_Exercise
[ CVE-2023-27470 ]
Deleting Your Way Into SYSTEM: Why Arbitrary File Deletion Vulnerabilities MatterTechnical details & Defensive Considerations: https://www.mandiant.com/resources/blog/arbitrary-file-deletion-vulnerabilities
Exercise that replicates LPE: https://github.com/3lp4tr0n/CVE-2023-27470_Exercise
Google Cloud Blog
Deleting Your Way Into SYSTEM: Why Arbitrary File Deletion Vulnerabilities Matter | Mandiant | Google Cloud Blog
#juniper #cve #rce
JUNIPER RCE (cve-2023-36845)
JUNIPER RCE (cve-2023-36845)
не опять, а снова...https://vulncheck.com/blog/juniper-cve-2023-36845
#sharepoint #cve
Microsoft SharePoint: CVE-2023-29357
Microsoft SharePoint: CVE-2023-29357
Microsoft SharePoint Server Elevation of Privilege Vulnerabilityhttps://github.com/Chocapikk/CVE-2023-29357
#cve #exim
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Exim. Authentication is not required to exploit this vulnerability.
https://www.zerodayinitiative.com/advisories/ZDI-23-1469/
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Exim. Authentication is not required to exploit this vulnerability.
https://www.zerodayinitiative.com/advisories/ZDI-23-1469/
Zerodayinitiative
ZDI-23-1469
(0Day) Exim AUTH Out-Of-Bounds Write Remote Code Execution Vulnerability
#cve #confluence
Уже все написали, уже всё самое интересное сломали, пожалуй и я напишу
CVE-2023-22515: Confluence Broken Access Control Exploit
https://github.com/Chocapikk/CVE-2023-22515
Уже все написали, уже всё самое интересное сломали, пожалуй и я напишу
CVE-2023-22515: Confluence Broken Access Control Exploit
https://github.com/Chocapikk/CVE-2023-22515
#cisco #cve #webshell #scanner #blueteam
[ Cisco IOS XE Device Scanner for CVE-2023-20198 & CVE-2023-20273 ]
Author: Shadow0ps
https://github.com/Shadow0ps/CVE-2023-20198-Scanner
[ Cisco IOS XE Device Scanner for CVE-2023-20198 & CVE-2023-20273 ]
Webshell fingerprinting scanner designed to identify implants on Cisco IOS XE WebUI's affected by CVE-2023-20198 and CVE-2023-20273.Important! This is not a POC for exploitation. This is a OSINT/Blue Team/Research tool.
Author: Shadow0ps
https://github.com/Shadow0ps/CVE-2023-20198-Scanner
#confluence #cve
Confluence CVE-2023-22518
https://github.com/sanjai-AK47/CVE-2023-22518
Confluence CVE-2023-22518
An Exploitation tool to exploit the confluence server that are vulnerable to CVE-2023-22518 Improper Authorization Vulnerability
https://github.com/sanjai-AK47/CVE-2023-22518
#cve #openvpn
OpenVPN Access Server (cve-2023-46849, cve-2023-46850)
https://openvpn.net/security-advisory/access-server-security-update-cve-2023-46849-cve-2023-46850/
OpenVPN Access Server (cve-2023-46849, cve-2023-46850)
https://openvpn.net/security-advisory/access-server-security-update-cve-2023-46849-cve-2023-46850/
#cve #outlook
Microsoft Outlook Information Disclosure Vulnerability (leak password hash / CVE-2023-35636)
https://github.com/duy-31/CVE-2023-35636
Microsoft Outlook Information Disclosure Vulnerability (leak password hash / CVE-2023-35636)
https://github.com/duy-31/CVE-2023-35636
#cve #paloalto
[ CVE-2024-3400 ]
PAN-OS: OS Command Injection Vulnerability in GlobalProtect Gateway
An unauthenticated attacker to execute arbitrary code with root privileges on the firewall. Fixes are expected to be released by April 14, 2024.
Stay safe.
https://security.paloaltonetworks.com/CVE-2024-3400
[ CVE-2024-3400 ]
PAN-OS: OS Command Injection Vulnerability in GlobalProtect Gateway
An unauthenticated attacker to execute arbitrary code with root privileges on the firewall. Fixes are expected to be released by April 14, 2024.
Stay safe.
https://security.paloaltonetworks.com/CVE-2024-3400
#windows #lpe #cve
Exploiting the NT Kernel in 24H2: New Bugs in Old Code & Side Channels Against KASLR
https://exploits.forsale/24h2-nt-exploit/
Exploiting the NT Kernel in 24H2: New Bugs in Old Code & Side Channels Against KASLR
https://exploits.forsale/24h2-nt-exploit/
GitHub
GitHub - exploits-forsale/24h2-nt-exploit: Exploit targeting NT kernel in 24H2 Windows Insider Preview
Exploit targeting NT kernel in 24H2 Windows Insider Preview - exploits-forsale/24h2-nt-exploit
#veeam #cve
[ Bypassing Veeam Authentication ]
‼️ CVE-2024-29849 ‼️
TLDR:
Veeam published a CVSS 9.8 advisory for a authentication bypass vulnerability CVE-2024-29849, Following is a full analysis and exploit for this issue.
Blog:
https://summoning.team/blog/veeam-enterprise-manager-cve-2024-29849-auth-bypass
PoC:
https://github.com/sinsinology/CVE-2024-29849
[ Bypassing Veeam Authentication ]
‼️ CVE-2024-29849 ‼️
TLDR:
Veeam published a CVSS 9.8 advisory for a authentication bypass vulnerability CVE-2024-29849, Following is a full analysis and exploit for this issue.
Blog:
https://summoning.team/blog/veeam-enterprise-manager-cve-2024-29849-auth-bypass
PoC:
https://github.com/sinsinology/CVE-2024-29849
#vCenter #cve
VMware vCenter Server updates address heap-overflow and privilege escalation vulnerabilities
CVE-2024-37079, CVE-2024-37080, CVE-2024-37081
Марш обновляться!
https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24453
VMware vCenter Server updates address heap-overflow and privilege escalation vulnerabilities
CVE-2024-37079, CVE-2024-37080, CVE-2024-37081
Марш обновляться!
https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24453