Wh04m1001

12 exploits Active since Jul 2021
CVE-2023-21752 NOMISEC HIGH WORKING POC
Windows Backup Service - Privilege Escalation
Windows Backup Service Elevation of Privilege Vulnerability
323 stars
CVSS 7.1
CVE-2025-48799 NOMISEC HIGH WORKING POC
Windows Update Service - Privilege Escalation
Improper link resolution before file access ('link following') in Windows Update Service allows an authorized attacker to elevate privileges locally.
264 stars
CVSS 7.8
CVE-2023-36874 NOMISEC HIGH WORKING POC
Windows Error Reporting Service - Privilege Escalation
Windows Error Reporting Service Elevation of Privilege Vulnerability
239 stars
CVSS 7.8
CVE-2023-29343 NOMISEC HIGH WORKING POC
SysInternals Sysmon - Privilege Escalation
SysInternals Sysmon for Windows Elevation of Privilege Vulnerability
161 stars
CVSS 7.8
CVE-2024-20656 NOMISEC HIGH WORKING POC
Visual Studio - Privilege Escalation
Visual Studio Elevation of Privilege Vulnerability
137 stars
CVSS 7.8
CVE-2023-20178 NOMISEC HIGH WORKING POC
Cisco AnyConnect Secure Mobility Client and Secure Client - Privilege Escalation
A vulnerability in the client update process of Cisco AnyConnect Secure Mobility Client Software for Windows and Cisco Secure Client Software for Windows could allow a low-privileged, authenticated, local attacker to elevate privileges to those of SYSTEM. The client update process is executed after a successful VPN connection is established. This vulnerability exists because improper permissions are assigned to a temporary directory that is created during the update process. An attacker could exploit this vulnerability by abusing a specific function of the Windows installer process. A successful exploit could allow the attacker to execute code with SYSTEM privileges.
90 stars
CVSS 7.8
CVE-2023-36723 NOMISEC HIGH WORKING POC
Windows Container Manager Service - Privilege Escalation
Windows Container Manager Service Elevation of Privilege Vulnerability
68 stars
CVSS 7.8
CVE-2022-3368 NOMISEC HIGH WORKING POC
Avira Security <1.1.72.30556 - Privilege Escalation
A vulnerability within the Software Updater functionality of Avira Security for Windows allowed an attacker with write access to the filesystem, to escalate his privileges in certain scenarios. The issue was fixed with Avira Security version 1.1.72.30556.
29 stars
CVSS 7.3
CVE-2021-36934 NOMISEC HIGH WORKING POC
Windows 10 1809-21H1 - Elevation of Privilege via Overly Permissive ACLs on SAM Database
<p>An elevation of privilege vulnerability exists because of overly permissive Access Control Lists (ACLs) on multiple system files, including the Security Accounts Manager (SAM) database. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.</p> <p>An attacker must have the ability to execute code on a victim system to exploit this vulnerability.</p> <p>After installing this security update, you <em>must</em> manually delete all shadow copies of system files, including the SAM database, to fully mitigate this vulnerabilty. <strong>Simply installing this security update will not fully mitigate this vulnerability.</strong> See <a href="https://support.microsoft.com/topic/1ceaa637-aaa3-4b58-a48b-baf72a2fa9e7">KB5005357- Delete Volume Shadow Copies</a>.</p>
8 stars
CVSS 7.8
CVE-2022-31262 NOMISEC HIGH WORKING POC
GOG Galaxy 2.0.46 - Privilege Escalation
An exploitable local privilege escalation vulnerability exists in GOG Galaxy 2.0.46. Due to insufficient folder permissions, an attacker can hijack the %ProgramData%\GOG.com folder structure and change the GalaxyCommunication service executable to a malicious file, resulting in code execution as SYSTEM.
5 stars
CVSS 7.8
CVE-2022-41604 WRITEUP HIGH WORKING POC
Check Point ZoneAlarm Extreme Security <15.8.211.19229 - Privilege Escalation
Check Point ZoneAlarm Extreme Security before 15.8.211.19229 allows local users to escalate privileges. This occurs because of weak permissions for the %PROGRAMDATA%\CheckPoint\ZoneAlarm\Data\Updates directory, and a self-protection driver bypass that allows creation of a junction directory. This can be leveraged to perform an arbitrary file move as NT AUTHORITY\SYSTEM.
CVSS 8.8
CVE-2022-45697 WRITEUP HIGH WRITEUP
Razer Central < 7.8.0.381 - Arbitrary File Deletion via Accounts Directory Handling
Arbitrary File Delete vulnerability in Razer Central before v7.8.0.381 when handling files in the Accounts directory.
CVSS 7.8