exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 6,647 RSS Feed

Operating System: Windows

Windows Kernel Subkey List Use-After-Free
Posted Apr 11, 2024
Authored by Google Security Research, mjurczyk

The Windows Kernel suffers from a subkey list use-after-free vulnerability due to a mishandling of partial success in CmpAddSubKeyEx.

tags | exploit, kernel
systems | windows
advisories | CVE-2024-26182
SHA-256 | 371f9505662bb6a768bb624f24a62e46fef4ad9feab889c6189fe75092e31989
Trojan.Win32.Razy.abc MVID-2024-0678 Insecure Permissions
Posted Apr 8, 2024
Authored by malvuln | Site malvuln.com

Trojan.Win32.Razy.abc malware suffers from an insecure permissions vulnerability.

tags | exploit, trojan
systems | windows
SHA-256 | f42f962b787317ec42e0f8896a6024f38f8e96776bcebf7c0600a7ee39d21c1f
SUPERAntiSpyware Professional X 10.0.1264 DLL Hijacking / Privilege Escalation
Posted Apr 3, 2024
Authored by M. Akil Gundogan

SUPERAntiSpyware Professional X versions 10.0.1264 and below suffer from a privilege escalation vulnerability via dll hijacking.

tags | exploit
systems | windows
advisories | CVE-2024-27518
SHA-256 | 51e69d31c1c8fb597a06f072d218ce2b5cab6a6aa62de2abc66818247fc4d320
Microsoft Windows 10.0.17763.5458 Privilege Escalation
Posted Apr 2, 2024
Authored by E1.Coders

Microsoft Windows version 10.0.17763.5458 kernel IOCTL privilege escalation exploit.

tags | exploit, kernel
systems | windows
advisories | CVE-2024-21338
SHA-256 | 8707efbb61bde9a6bad7e9f41e2e2aa406ec325770b5e4cf2822308facf677cb
Wireshark Analyzer 4.2.4
Posted Mar 28, 2024
Authored by Gerald Combs | Site wireshark.org

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. This is the source code release.

Changes: pcap and pcapng have been updated.
tags | tool, sniffer, protocol
systems | windows, unix
SHA-256 | 46bd0f4474337144b30816fb2d8f14e72a26d0391f24fe0b7b619acdcdad8c0c
Win32.STOP.Ransomware (Smokeloader) MVID-2024-0676 Remote Code Execution
Posted Mar 22, 2024
Authored by malvuln | Site malvuln.com

Win32.STOP.Ransomware (smokeloader) malware suffers from both local and remote code execution vulnerabilities. The remote code execution can be achieved by leveraging a man-in-the-middle attack.

tags | exploit, remote, local, vulnerability, code execution
systems | windows
SHA-256 | 9740a4e0b25da98023aa4b00d3dc186e1ae19f18ff322ffbd1efa8acd634f49a
Red Hat Security Advisory 2024-1325-03
Posted Mar 19, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1325-03 - Red Hat JBoss Web Server 6.0.1 zip release is now available for Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9, and Windows Server. Issues addressed include HTTP request smuggling, denial of service, and open redirection vulnerabilities.

tags | advisory, web, denial of service, vulnerability
systems | linux, redhat, windows
advisories | CVE-2023-5678
SHA-256 | 540b7b318053beca6c43ca6421f58215e773d779e7565d7f8f9ce37a4534795f
Red Hat Security Advisory 2024-1319-03
Posted Mar 19, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1319-03 - Red Hat JBoss Web Server 5.7.8 zip release is now available for Red Hat Enterprise Linux 7, Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9, and Windows Server. Issues addressed include HTTP request smuggling and denial of service vulnerabilities.

tags | advisory, web, denial of service, vulnerability
systems | linux, redhat, windows
advisories | CVE-2023-5678
SHA-256 | deeb75081668151356b5819e0c3c816565bd06d4cde4092321e55c63446fff67
Hunting Down The HVCI Bug In UEFI
Posted Mar 14, 2024
Authored by Satoshi TANDA, Andrea Allievi | Site tandasat.github.io

This post details the story and technical details of the non-secure Hypervisor-Protected Code Integrity (HVCI) configuration vulnerability disclosed and fixed with the January 9th update on Windows. This vulnerability, CVE-2024-21305, allowed arbitrary kernel-mode code execution, effectively bypassing HVCI within the root partition.

tags | advisory, arbitrary, kernel, root, code execution
systems | windows
advisories | CVE-2024-21305
SHA-256 | 9d64188a47060dad96a12b2b5fc06e5f3f52c1141722943d26696fa195cc355b
Backdoor.Win32.Emegrab.b MVID-2024-0675 Buffer Overflow
Posted Mar 14, 2024
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Emegrab.b malware suffers from a buffer overflow vulnerability.

tags | exploit, overflow
systems | windows
SHA-256 | c0d8137645859e14608a0b7a84c3cadd70d3be3e7d59a937b20c600dbcc88162
Backdoor.Win32.Beastdoor.oq MVID-2024-0674 Remote Command Execution
Posted Mar 11, 2024
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Beastdoor.oq malware suffers from a remote command execution vulnerability.

tags | exploit, remote
systems | windows
SHA-256 | 72378386669ae9759edcef742e72bbceb8bebb4fef342a5fb8f58cf8290dd75a
Red Hat Security Advisory 2024-1203-03
Posted Mar 7, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-1203-03 - The components for Red Hat OpenShift for Windows Containers 9.0.1 are now available. This product release includes bug fixes and security updates for the following packages: windows-machine-config-operator and windows-machine-config-operator-bundle. Issues addressed include a privilege escalation vulnerability.

tags | advisory
systems | linux, redhat, windows
advisories | CVE-2023-5528
SHA-256 | 949fbe611112995312a21e905528d00484f0a440915ad36ba225e2cb84799929
SumatraPDF 3.5.2 DLL Hijacking
Posted Mar 4, 2024
Authored by Krishna Vamshi Katta Rokkaiah

SumatraPDF version 3.5.2 suffers from a DLL hijacking vulnerability using CRYPTBASE.DLL. DLL hijacking in this version was already discovered by Ravishanka Silva in February of 2024 but the findings did not include this DLL.

tags | exploit
systems | windows
advisories | CVE-2024-25884
SHA-256 | b54fc4aa8aa9cd1b68c0fee0e8f8f071f44a503ec283e0947fb0c29cce53475a
Qognify VMS Client Viewer 7.1 DLL Hijacking
Posted Mar 4, 2024
Authored by Sandro Einfeldt | Site sec-consult.com

Qognify VMS Client Viewer version 7.1 suffers from a local privilege escalation vulnerability via DLL hijacking.

tags | exploit, local
systems | windows
advisories | CVE-2023-49114
SHA-256 | fdb1bbc1d16c28cae32902f7d1fe190a3d993b678a937d26c6c7a57c07f09736
Backdoor.Win32.Agent.amt MVID-2024-0673 Authentication Bypass / Code Execution
Posted Feb 29, 2024
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Agent.amt malware suffers from bypass and code execution vulnerabilities.

tags | exploit, vulnerability, code execution
systems | windows
SHA-256 | b6b18194f2e689d34f31467983fac3c6ef3ca487f56d307bb7a3aba5b961cffd
Backdoor.Win32.Jeemp.c MVID-2024-0672 Hardcoded Credential
Posted Feb 29, 2024
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Jeemp.c malware suffers from a hardcoded credential vulnerability.

tags | exploit
systems | windows
SHA-256 | 5e4ddaa4fb20fd54762a11e5e3b4f3336161f26cd683100a9b9009e19ba332e0
Red Hat Security Advisory 2024-0954-03
Posted Feb 28, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-0954-03 - The components for Red Hat OpenShift for Windows Containers 10.15.0 are now available. This product release includes bug fixes and security updates for the following packages: windows-machine-config-operator and windows-machine-config-operator-bundle. Issues addressed include a privilege escalation vulnerability.

tags | advisory
systems | linux, redhat, windows
advisories | CVE-2023-5528
SHA-256 | b30c62396fd2061eed0ac23a59b4a56c6bf20a79bab17aaa66538177c1f1e0e8
Backdoor.Win32.AutoSpy.10 MVID-2024-0671 Remote Command Execution
Posted Feb 26, 2024
Authored by malvuln | Site malvuln.com

Backdoor.Win32.AutoSpy.10 malware suffers from a remote command execution vulnerability.

tags | exploit, remote
systems | windows
SHA-256 | 01433d0ad222e5da0927202b151b19c29afd6ce5f59f4e0b3302a97ed91a29bb
Tosibox Key Service 3.3.0 Local Privilege Escalation / Unquoted Service Path
Posted Feb 24, 2024
Authored by LiquidWorm | Site zeroscience.mk

Tosibox Key Service versions 3.3.0 and below suffer from an unquoted search path issue impacting the service Tosibox Key Service for Windows. This could potentially allow an authorized but non-privileged local user to execute arbitrary code with elevated privileges on the system.

tags | exploit, arbitrary, local
systems | windows
SHA-256 | 7820f9f7d9af81913956c26707d4acc215ad499c129864227adf8ac1f2345e47
Backdoor.Win32.Armageddon.r MVID-2024-0670 Hardcoded Credential
Posted Feb 24, 2024
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Armageddon.r malware suffers from a hardcoded credential vulnerability.

tags | exploit
systems | windows
SHA-256 | a63aee2a17b2de0fd0b66bd203d4a2c97938d4d3f44312228c88c11909ae9131
Microsoft Windows Defender / Backdoor_JS.Relvelshe.A Detection / Mitigation Bypass
Posted Feb 19, 2024
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Back in 2022, the researcher released a proof of concept to bypass the Backdoor:JS/Relvelshe.A detection in Windows Defender but it no longer works as it was mitigated. However, adding a simple javascript try catch error statement and eval'ing the hex string, it executes as of the time of this post.

tags | exploit, javascript, proof of concept
systems | windows
SHA-256 | 7ab1d57cbbb29f8168521971a747af06eab9ef184d9f61ee316413db3f71e0c9
Microsoft Windows Defender / Trojan.Win32/Powessere.G VBScript Detection Bypass
Posted Feb 19, 2024
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

This is additional research regarding a mitigation bypass in Windows Defender. Back in 2022, the researcher disclosed how it could be easily bypassed by passing an extra path traversal when referencing mshtml but that issue has since been mitigated. However, the researcher discovered using multiple commas can also be used to achieve the bypass. This issue was addressed. The fix was short lived as the researcher found yet another third trivial bypass. Previously, the researcher disclosed 3 bypasses using rundll32 javascript, but this example leverages the VBSCRIPT and ActiveX engines.

tags | exploit, javascript, activex
systems | windows
SHA-256 | 59fee3164e2fd340144dd80b39280328ebce07f8d7f86686261fc6d4a98c71eb
Microsoft Windows Defender / Detection Bypass Part 3
Posted Feb 19, 2024
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

This is additional research regarding a mitigation bypass in Windows Defender. Back in 2022, the researcher disclosed how it could be easily bypassed by passing an extra path traversal when referencing mshtml but that issue has since been mitigated. However, the researcher discovered using multiple commas can also be used to achieve the bypass. This issue was addressed. The fix was short lived as the researcher has found yet another third trivial bypass.

tags | exploit
systems | windows
SHA-256 | 09eed6afe6c6a0d197c6fce088deb76b497d50bef2a85bdfb38c66cb355c03b0
Wireshark Analyzer 4.2.3
Posted Feb 15, 2024
Authored by Gerald Combs | Site wireshark.org

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. This is the source code release.

Changes: 20 bug fixes along with updated protocol support for ASAM CMP, CAN, CFLOW, CMIP, CMP, DAP, DICOM, DISP, E2AP, GLOW, GOOSE, GTP, GTPv2, H.225, H.245, H.248, HTTP2, IEEE 1609.2, IEEE 1722, IPv4, IPv6, ISO 15765, ISUP, ITS, Kerberos, LDAP, MMS, NBT, NRUP, openSAFETY, P22, P7, PARLAY, RTMPT, RTP, SCSI, SOME/IP, T.38, TCP, TECMP, TFTP, WOW, X.509if, X.509sat, X.75, X11, Z39.50, and ZigBee Green Power.
tags | tool, sniffer, protocol
systems | windows, unix
SHA-256 | 958bd5996f543d91779b1a4e7e952dcd7b0245fe82194202c3333a8f78795811
Windows Defender Detection Mitigation Bypass
Posted Feb 12, 2024
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

This is additional research regarding a mitigation bypass in Windows Defender. Back in 2022, the researcher disclosed how it could be easily bypassed by passing an extra path traversal when referencing mshtml but that issue has since been mitigated. However, the researcher discovered using multiple commas can also be used to achieve the bypass.

tags | exploit
systems | windows
SHA-256 | e971dc3b534b295048fd3f54dd5db062074da676f542175f826bc2b31edb7eb1
Page 1 of 266
Back12345Next

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    0 Files
  • 16
    Apr 16th
    0 Files
  • 17
    Apr 17th
    0 Files
  • 18
    Apr 18th
    0 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close