0xeb-bp

6 exploits Active since May 2019
CVE-2019-0708 NOMISEC CRITICAL WORKING POC
CVE-2019-0708 BlueKeep RDP Remote Windows Kernel Use After Free
A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'.
291 stars
CVSS 9.8
CVE-2020-1054 NOMISEC HIGH WORKING POC
Windows - Local Privilege Escalation via Win32k Driver Memory Handling
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1143.
85 stars
CVSS 7.8
CVE-2020-1015 NOMISEC HIGH WORKING POC
Windows - Elevation of Privilege via User-Mode Power Service Memory Handling
An elevation of privilege vulnerability exists in the way that the User-Mode Power Service (UMPS) handles objects in memory, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0934, CVE-2020-0983, CVE-2020-1009, CVE-2020-1011.
39 stars
CVSS 7.8
CVE-2020-16898 NOMISEC HIGH WORKING POC
Windows 10 and Windows Server 2016/2019 - Remote Code Execution via ICMPv6 Router Advertisement
<p>A remote code execution vulnerability exists when the Windows TCP/IP stack improperly handles ICMPv6 Router Advertisement packets. An attacker who successfully exploited this vulnerability could gain the ability to execute code on the target server or client.</p> <p>To exploit this vulnerability, an attacker would have to send specially crafted ICMPv6 Router Advertisement packets to a remote Windows computer.</p> <p>The update addresses the vulnerability by correcting how the Windows TCP/IP stack handles ICMPv6 Router Advertisement packets.</p>
21 stars
CVSS 8.8
CVE-2020-0796 NOMISEC CRITICAL WORKING POC
Windows 10 1903/1909 and Windows Server 1903/1909 - Remote Code Execution via SMBv3 Compression Buffer Overflow
A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests, aka 'Windows SMBv3 Client/Server Remote Code Execution Vulnerability'.
6 stars
CVSS 10.0
CVE-2019-0708 EXPLOITDB CRITICAL python WORKING POC
CVE-2019-0708 BlueKeep RDP Remote Windows Kernel Use After Free
A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'.
CVSS 9.8