k8gege

CVE-2019-0708 NOMISEC CRITICAL WORKING POC

CVE-2019-0708 BlueKeep RDP Remote Windows Kernel Use After Free

A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'.

389 stars

CVSS 9.8

View Code

CVE-2019-1821 NOMISEC HIGH WORKING POC

Cisco Prime Infrastructure/EPN Manager - RCE

A vulnerability in the web-based management interface of Cisco Prime Infrastructure (PI) and Cisco Evolved Programmable Network (EPN) Manager could allow an authenticated, remote attacker to execute code with root-level privileges on the underlying operating system. This vulnerability exist because the software improperly validates user-supplied input. An attacker could exploit this vulnerability by uploading a malicious file to the administrative web interface. A successful exploit could allow the attacker to execute code with root-level privileges on the underlying operating system.

142 stars

CVSS 8.8

View Code

CVE-2019-0604 NOMISEC CRITICAL WORKING POC

Microsoft SharePoint - RCE

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0594.

101 stars

CVSS 9.8

View Code

CVE-2019-9621 NOMISEC HIGH WORKING POC

Zimbra Collaboration Suite <8.6-8.8 - SSRF

Zimbra Collaboration Suite before 8.6 patch 13, 8.7.x before 8.7.11 patch 10, and 8.8.x before 8.8.10 patch 7 or 8.8.x before 8.8.11 patch 3 allows SSRF via the ProxyServlet component.

78 stars

CVSS 7.5

View Code

CVE-2020-1472 NOMISEC MEDIUM WORKING POC

Netlogon Weak Cryptographic Authentication

An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC). An attacker who successfully exploited the vulnerability could run a specially crafted application on a device on the network. To exploit the vulnerability, an unauthenticated attacker would be required to use MS-NRPC to connect to a domain controller to obtain domain administrator access. Microsoft is addressing the vulnerability in a phased two-part rollout. These updates address the vulnerability by modifying how Netlogon handles the usage of Netlogon secure channels. For guidelines on how to manage the changes required for this vulnerability and more information on the phased rollout, see How to manage the changes in Netlogon secure channel connections associated with CVE-2020-1472 (updated September 28, 2020). When the second phase of Windows updates become available in Q1 2021, customers will be notified via a revision to this security vulnerability. If you wish to be notified when these updates are released, we recommend that you register for the security notifications mailer to be alerted of content changes to this advisory. See Microsoft Technical Security Notifications.

57 stars

CVSS 5.5

View Code

CVE-2020-0796 NOMISEC CRITICAL SCANNER

Microsoft Windows 10 1903 - Memory Corruption

A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests, aka 'Windows SMBv3 Client/Server Remote Code Execution Vulnerability'.

51 stars

CVSS 10.0

View Code

CVE-2018-2894 NOMISEC CRITICAL SCANNER

Oracle WebLogic Server <12.2.1.3 - RCE

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS - Web Services). Supported versions that are affected are 12.1.3.0, 12.2.1.2 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

51 stars

CVSS 9.8

View Code

CVE-2021-40444 NOMISEC HIGH WRITEUP

Microsoft Office Word Malicious MSHTML RCE

<p>Microsoft is investigating reports of a remote code execution vulnerability in MSHTML that affects Microsoft Windows. Microsoft is aware of targeted attacks that attempt to exploit this vulnerability by using specially-crafted Microsoft Office documents.</p> <p>An attacker could craft a malicious ActiveX control to be used by a Microsoft Office document that hosts the browser rendering engine. The attacker would then have to convince the user to open the malicious document. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.</p> <p>Microsoft Defender Antivirus and Microsoft Defender for Endpoint both provide detection and protections for the known vulnerability. Customers should keep antimalware products up to date. Customers who utilize automatic updates do not need to take additional action. Enterprise customers who manage updates should select the detection build 1.349.22.0 or newer and deploy it across their environments. Microsoft Defender for Endpoint alerts will be displayed as: “Suspicious Cpl File Execution”.</p> <p>Upon completion of this investigation, Microsoft will take the appropriate action to help protect our customers. This may include providing a security update through our monthly release process or providing an out-of-cycle security update, depending on customer needs.</p> <p>Please see the <strong>Mitigations</strong> and <strong>Workaround</strong> sections for important information about steps you can take to protect your system from this vulnerability.</p> <p><strong>UPDATE</strong> September 14, 2021: Microsoft has released security updates to address this vulnerability. Please see the Security Updates table for the applicable update for your system. We recommend that you install these updates immediately. Please see the FAQ for important information about which updates are applicable to your system.</p>

19 stars

CVSS 8.8

View Code

CVE-2021-1675 NOMISEC HIGH WRITEUP

Microsoft Windows 10 1507 < 10.0.10240.18967 - Remote Code Execution

Windows Print Spooler Remote Code Execution Vulnerability

16 stars

CVSS 7.8

View Code

CVE-2019-11043 NOMISEC HIGH SCANNER

Php < 7.1.33 - Out-of-Bounds Write

In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution.

16 stars

CVSS 8.7

View Code

CVE-2019-0708 NOMISEC CRITICAL WORKING POC

CVE-2019-0708 BlueKeep RDP Remote Windows Kernel Use After Free

A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'.

11 stars

CVSS 9.8

View Code

CVE-2019-0708 NOMISEC CRITICAL WORKING POC

CVE-2019-0708 BlueKeep RDP Remote Windows Kernel Use After Free

A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'.

1 stars

CVSS 9.8

View Code

CVE-2019-0708 NOMISEC CRITICAL WORKING POC

CVE-2019-0708 BlueKeep RDP Remote Windows Kernel Use After Free

A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'.

1 stars

CVSS 9.8

View Code

CVE-2019-0708 NOMISEC CRITICAL WORKING POC

CVE-2019-0708 BlueKeep RDP Remote Windows Kernel Use After Free

A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'.

CVSS 9.8

View Code

CVE-2018-14847 VULNCHECK_XDB CRITICAL WORKING POC

MikroTik RouterOS <6.42 - Path Traversal

MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read arbitrary files and remote authenticated attackers to write arbitrary files due to a directory traversal vulnerability in the WinBox interface.

CVSS 9.1

View Code

CVE-2019-0708 PATCHAPALOOZA CRITICAL WORKING POC

CVE-2019-0708 BlueKeep RDP Remote Windows Kernel Use After Free

A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'.

CVSS 9.8

View Code

CVE-2019-0708 PATCHAPALOOZA CRITICAL WORKING POC

CVE-2019-0708 BlueKeep RDP Remote Windows Kernel Use After Free

A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'.

CVSS 9.8

View Code

CVE-2019-0708 PATCHAPALOOZA CRITICAL WORKING POC

CVE-2019-0708 BlueKeep RDP Remote Windows Kernel Use After Free

A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'.

CVSS 9.8

View Code

CVE-2019-0708 PATCHAPALOOZA CRITICAL WORKING POC

CVE-2019-0708 BlueKeep RDP Remote Windows Kernel Use After Free

A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'.

CVSS 9.8

View Code

CVE-2019-0708 PATCHAPALOOZA CRITICAL WORKING POC

CVE-2019-0708 BlueKeep RDP Remote Windows Kernel Use After Free

A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'.

CVSS 9.8

View Code

CVE-2019-0708 PATCHAPALOOZA CRITICAL WORKING POC

CVE-2019-0708 BlueKeep RDP Remote Windows Kernel Use After Free

A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'.

CVSS 9.8

View Code

CVE-2019-9621 EXPLOITDB HIGH python WORKING POC

Zimbra Collaboration Suite <8.6-8.8 - SSRF

Zimbra Collaboration Suite before 8.6 patch 13, 8.7.x before 8.7.11 patch 10, and 8.8.x before 8.8.10 patch 7 or 8.8.x before 8.8.11 patch 3 allows SSRF via the ProxyServlet component.

CVSS 7.5

View Code