ollypwn - Security Researcher - Exploit Intelligence Platform

CVE-2020-0601 NOMISEC HIGH WORKING POC

Windows 10 and Windows Server - Certificate Spoofing via ECC Certificate Validation

A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source, aka 'Windows CryptoAPI Spoofing Vulnerability'.

892 stars

CVSS 8.1

View Code

CVE-2020-0609 NOMISEC CRITICAL WORKING POC

Windows Server 2012, 2016, 2019 - Unauthenticated Remote Code Execution via RD Gateway

A remote code execution vulnerability exists in Windows Remote Desktop Gateway (RD Gateway) when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Windows Remote Desktop Gateway (RD Gateway) Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0610.

2 stars

CVSS 9.8

View Code

CVE-2020-0796 NOMISEC CRITICAL SCANNER

Windows 10 1903/1909 and Windows Server 1903/1909 - Remote Code Execution via SMBv3 Compression Buffer Overflow

A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests, aka 'Windows SMBv3 Client/Server Remote Code Execution Vulnerability'.

1 stars

CVSS 10.0

View Code

CVE-2020-0609 GITLAB CRITICAL WORKING POC

Windows Server 2012, 2016, 2019 - Unauthenticated Remote Code Execution via RD Gateway

A remote code execution vulnerability exists in Windows Remote Desktop Gateway (RD Gateway) when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Windows Remote Desktop Gateway (RD Gateway) Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0610.

CVSS 9.8

View Code

CVE-2020-0796 NOMISEC CRITICAL SCANNER

Windows 10 1903/1909 and Windows Server 1903/1909 - Remote Code Execution via SMBv3 Compression Buffer Overflow

A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests, aka 'Windows SMBv3 Client/Server Remote Code Execution Vulnerability'.

CVSS 10.0

View Code

CVE-2020-0796 NOMISEC CRITICAL WORKING POC

Windows 10 1903/1909 and Windows Server 1903/1909 - Remote Code Execution via SMBv3 Compression Buffer Overflow

A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests, aka 'Windows SMBv3 Client/Server Remote Code Execution Vulnerability'.

CVSS 10.0

View Code

CVE-2020-0796 PATCHAPALOOZA CRITICAL SCANNER

Windows 10 1903/1909 and Windows Server 1903/1909 - Remote Code Execution via SMBv3 Compression Buffer Overflow

A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests, aka 'Windows SMBv3 Client/Server Remote Code Execution Vulnerability'.

CVSS 10.0

View Code

CVE-2020-0610 PATCHAPALOOZA CRITICAL WORKING POC

Windows Server 2012, 2016, 2019 - Unauthenticated Remote Code Execution via RD Gateway

A remote code execution vulnerability exists in Windows Remote Desktop Gateway (RD Gateway) when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Windows Remote Desktop Gateway (RD Gateway) Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0609.

CVSS 9.8

View Code

CVE-2020-0610 EXPLOITDB CRITICAL c++ WORKING POC

Windows Server 2012, 2016, 2019 - Unauthenticated Remote Code Execution via RD Gateway

A remote code execution vulnerability exists in Windows Remote Desktop Gateway (RD Gateway) when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Windows Remote Desktop Gateway (RD Gateway) Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0609.

CVSS 9.8

View Code

CVE-2020-0610 EXPLOITDB CRITICAL c++ WORKING POC

Windows Server 2012, 2016, 2019 - Unauthenticated Remote Code Execution via RD Gateway

A remote code execution vulnerability exists in Windows Remote Desktop Gateway (RD Gateway) when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Windows Remote Desktop Gateway (RD Gateway) Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0609.

CVSS 9.8

View Code