Umar Farook

10 exploits Active since May 2019
CVE-2019-0708 NOMISEC CRITICAL SCANNER
CVE-2019-0708 BlueKeep RDP Remote Windows Kernel Use After Free
A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'.
40 stars
CVSS 9.8
CVE-2020-10860 WRITEUP HIGH WRITEUP
Avast Antivirus <20 - Use After Free
An issue was discovered in Avast Antivirus before 20. An Arbitrary Memory Address Overwrite vulnerability in the aswAvLog Log Library results in Denial of Service of the Avast Service (AvastSvc.exe).
CVSS 7.5
CVE-2020-10861 WRITEUP HIGH WRITEUP
Avast Antivirus <20 - RCE
An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows attackers to achieve Arbitrary File Deletion from Avast Program Path via RPC, when Self Defense is Enabled.
CVSS 7.5
CVE-2020-10862 WRITEUP HIGH WRITEUP
Avast Antivirus <20 - Privilege Escalation
An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows attackers to achieve Local Privilege Escalation (LPE) via RPC.
CVSS 7.8
CVE-2020-10863 WRITEUP HIGH WRITEUP
Avast Antivirus <20 - DoS
An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows attackers to trigger a shutdown via RPC from a Low Integrity process via TempShutDownMachine.
CVSS 7.5
CVE-2020-10864 WRITEUP MEDIUM WRITEUP
Avast Antivirus <20 - RCE
An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows attackers to trigger a reboot via RPC from a Low Integrity process.
CVSS 6.5
CVE-2020-10865 WRITEUP HIGH WRITEUP
Avast Antivirus <20 - Privilege Escalation
An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows attackers to make arbitrary changes to the Components section of the Stats.ini file via RPC from a Low Integrity process.
CVSS 7.5
CVE-2020-10866 WRITEUP HIGH WRITEUP
Avast Antivirus <20 - Info Disclosure
An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows attackers to enumerate the network interfaces and access points from a Low Integrity process via RPC.
CVSS 7.5
CVE-2020-10867 WRITEUP CRITICAL WRITEUP
Avast Antivirus <20 - Auth Bypass
An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows attackers to bypass intended access restrictions on tasks from an untrusted process, when Self Defense is enabled.
CVSS 9.8
CVE-2020-10868 WRITEUP HIGH WRITEUP
Avast Antivirus <20 - Privilege Escalation
An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows attackers to launch the Repair App RPC call from a Low Integrity process.
CVSS 7.5