MIMEDefang is a flexible MIME email scanner designed to protect Windows clients from viruses. Includes the ability to do many other kinds of mail processing, such as replacing parts of messages with URLs. It can alter or delete various parts of a MIME message according to a very flexible configuration file. It can also bounce messages with unacceptable attachments. MIMEDefang works with the Sendmail 8.11 and newer "Milter" API, which makes it more flexible and efficient than procmail-based approaches.
104d97ff683c19980c4a2d482e878204ff4577b27210300bf8032c8a79158635
MIMEDefang is a flexible MIME email scanner designed to protect Windows clients from viruses. Includes the ability to do many other kinds of mail processing, such as replacing parts of messages with URLs. It can alter or delete various parts of a MIME message according to a very flexible configuration file. It can also bounce messages with unacceptable attachments. MIMEDefang works with the Sendmail 8.11 and newer "Milter" API, which makes it more flexible and efficient than procmail-based approaches.
6cf72c5f0b4875d9b3fa9dfc1e7d6a36e88448c6d3de3ba2d2d2880ba29e0d7d
This Windows/x64 shellcode is an implementation of the DeleteFileA Windows API to delete a file in the C:/Windows/Temp/ directory.
5aec26b7e7e54f4fd6d0132a04967aea1827335f4327596bf01678300a0e46bb
Red Hat Security Advisory 2023-1885-01 - The OpenJDK 17 packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. This release of the Red Hat build of OpenJDK 17 for Windows serves as a replacement for the Red Hat build of OpenJDK 17 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.
6b538a7d71968b40e6dcb6cbd5c0dd3f4805a47610bce183ef11991b7b066e1d
Red Hat Security Advisory 2023-1912-01 - The OpenJDK 8 packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. This release of the Red Hat build of OpenJDK 8 for Windows serves as a replacement for the Red Hat build of OpenJDK 8 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.
47698503293cd1caddca8d00dd7b1aed7659f6930f3ae20c2dc6da7958e3ff28
Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. This is the source code release.
71b67346935fea4968c68efcae0371c06b30770d6396419c10bc443aac196b29
The Microsoft Windows Kernel has insufficient validation of new registry key names in transacted NtRenameKey.
ba4961014d277f2fb882589dbc8a7ae2231b9cbad4ecebf074ca3f4b40c660cc
The Microsoft Windows Kernel suffers from multiple issues in the prepare/commit phase of a transactional registry key rename.
7c97ca8d9eaa67f309b42a02ec5443fcab57797d0ac534a80dbe853a97cb2939
The Microsoft Windows kernel suffers from multiple issues with subkeys of transactionally renamed registry keys.
a73d43acd9edc53a2cab893ea9e5bb5beca43de488582970092616f1af85341c
FileZilla Client version 3.63.1 suffers from a dll hijacking vulnerability.
68624bbbd16a37b20f9e22748281fcf93fdd1fc0aab4b594ab2fc5ce526fe89b
373 bytes small Windows/x86 create administrator user dynamic PEB and EDT method null-free shellcode.
bc0be9163bb975df26f17d6f2ca0289dfedc8e8f35a9bd95e0682e7123f4061e
A vulnerability exists in the Windows Ancillary Function Driver for Winsock (afd.sys) can be leveraged by an attacker to escalate privileges to those of NT AUTHORITY\SYSTEM. Due to a flaw in AfdNotifyRemoveIoCompletion, it is possible to create an arbitrary kernel Write-Where primitive, which can be used to manipulate internal I/O ring structures and achieve local privilege escalation. This exploit only supports Windows 11 22H2 up to build 22621.963 (patched in January 2023 updates).
d5a189a643f3c07d66a853b96018a65f135901780840ff23dc17f6a405330ebb
WPN-XM Serverstack for Windows version 0.8.6 suffers from cross site scripting, local file inclusion, and path traversal vulnerabilities.
ba0708cc5dc30c248dff73fe133d54a07726c0ef4f797720b6548f5184c612f3
RSA NetWitness Endpoint EDR Agent version 12.x suffers from incorrect access controls that allow for code execution. It allows local users to stop the Endpoint Windows agent from sending the events to a SIEM or make the agent run user-supplied commands.
333a8ac7961133a2011484d388d8eb8b73eb8c6c85cc5b1e9b6f99f2c14747db
Proof of concept code for a critical Microsoft Outlook vulnerability for Windows that allows hackers to remotely steal hashed passwords by simply receiving an email.
82650f1794c39715f1ff003f78302ace745bb32d6a7b8594b0d5025474d9963b
Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. This is the source code release.
a4a09f6564f00639036ffe5064ac4dc2176adfa3e484c539c9c73f835436e74b
This Metasploit module can be used to execute a payload on Lucee servers that have an exposed administrative web interface. It's possible for an administrator to create a scheduled job that queries a remote ColdFusion file, which is then downloaded and executed when accessed. The payload is uploaded as a cfm file when queried by the target server. When executed, the payload will run as the user specified during the Lucee installation. On Windows, this is a service account; on Linux, it is either the root user or lucee.
79602ec0e4fd423056fa80073c3578efbd79976ee050388452b17b67fd38c488
This advisory ties together older research on a contact file handling flaw on Microsoft Windows as well as recent research discovered that uses the same methodologies.
bd483c57b86b3adc56157efdf3dd779e6e9b6a498c944d78ee46fe9d56a01c00
When Microsoft released UTF-8 support for the -A interfaces of the Windows API, it appears to have introduced buffer overrun conditions.
fd54b53140cb0a9c16fc5520fcb15b03b3915d1e37bb7f97c426270dfbc79e9b
The Microsoft Windows kernel registry virtualization can be incompatible with transactions, leading to inconsistent hive state and memory corruption issues.
ad3989abfbd2b1064cf77a22452e621958457c972d00e1fb36536a6dcdb01abb
The Microsoft Windows kernel allows deletion of keys in virtualizable hives with KEY_READ and KEY_SET_VALUE access rights.
11325236787bd3fc6dfacb61396e8f2e5b81355ef8a0da87112e34d1821a1ad8
The Microsoft Windows kernel registry has a SID table poisoning problem that leads to bad locking and other issues.
c61efe9fac6bb66fd179b7a7a24132f82e660151050984d2cf1aae1c81d256ae
The Microsoft Windows kernel suffers from multiple security issues in the key replication feature of registry virtualization.
c3387e7bd189cc7e8d8449ad27e2b524a0fc939d2cc467c5961cc148cdbb9019
The Microsoft Windows kernel suffers from a use-after-free vulnerability due to a dangling registry link node under paged pool memory pressure.
54ec3add551cac7b508b2e8157d5a658c016115390f2b327d14cac78af270263
Microsoft Windows suffers from a kernel memory corruption due to an insufficient handling of predefined keys in registry virtualization.
ded3419927998aaa3da4fea3f80263227d729920c448e2a3cf6f50b41f8c867d