padovah4ck

4 exploits Active since Jun 2019
CVE-2020-0683 NOMISEC HIGH WORKING POC
Windows - Elevation of Privilege via MSI Package Symbolic Link Processing
An elevation of privilege vulnerability exists in the Windows Installer when MSI packages process symbolic links, aka 'Windows Installer Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0686.
338 stars
CVSS 7.8
CVE-2019-1253 NOMISEC HIGH WORKING POC
Windows 10 1703-1903 and Windows Server 1803-2019 - Privilege Escalation via AppX Deployment Server Junction Handling
An elevation of privilege vulnerability exists when the Windows AppX Deployment Server improperly handles junctions.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1215, CVE-2019-1278, CVE-2019-1303.
155 stars
CVSS 7.8
CVE-2019-0986 NOMISEC MEDIUM WORKING POC
Windows ProfSvc - Privilege Escalation
An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks. An attacker who successfully exploited this vulnerability could delete files and folders in an elevated context. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and delete files or folders of their choosing. The security update addresses the vulnerability by correcting how the Windows User Profile Service handles symlinks.
36 stars
CVSS 6.3
CVE-2020-0683 PATCHAPALOOZA HIGH WORKING POC
Windows - Elevation of Privilege via MSI Package Symbolic Link Processing
An elevation of privilege vulnerability exists in the Windows Installer when MSI packages process symbolic links, aka 'Windows Installer Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0686.
CVSS 7.8