Patchapalooza Exploits

312 exploits tracked across all sources.

Sort: Activity Stars
CVE-2020-1472 PATCHAPALOOZA MEDIUM
Netlogon Weak Cryptographic Authentication
An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC). An attacker who successfully exploited the vulnerability could run a specially crafted application on a device on the network. To exploit the vulnerability, an unauthenticated attacker would be required to use MS-NRPC to connect to a domain controller to obtain domain administrator access. Microsoft is addressing the vulnerability in a phased two-part rollout. These updates address the vulnerability by modifying how Netlogon handles the usage of Netlogon secure channels. For guidelines on how to manage the changes required for this vulnerability and more information on the phased rollout, see How to manage the changes in Netlogon secure channel connections associated with CVE-2020-1472 (updated September 28, 2020). When the second phase of Windows updates become available in Q1 2021, customers will be notified via a revision to this security vulnerability. If you wish to be notified when these updates are released, we recommend that you register for the security notifications mailer to be alerted of content changes to this advisory. See Microsoft Technical Security Notifications.
by trfpatriotic
CVSS 5.5
CVE-2021-1675 PATCHAPALOOZA HIGH
Microsoft Windows 10 1507 < 10.0.10240.18967 - Remote Code Execution
Windows Print Spooler Remote Code Execution Vulnerability
by digipenguin
CVSS 7.8
CVE-2023-23397 PATCHAPALOOZA CRITICAL
Microsoft Outlook - Privilege Escalation
Microsoft Outlook Elevation of Privilege Vulnerability
by cleverg0d
CVSS 9.8
CVE-2023-21716 PATCHAPALOOZA CRITICAL
Microsoft Word - RCE
Microsoft Word Remote Code Execution Vulnerability
by maldev866
CVSS 9.8
CVE-2021-1675 PATCHAPALOOZA HIGH
Microsoft Windows 10 1507 < 10.0.10240.18967 - Remote Code Execution
Windows Print Spooler Remote Code Execution Vulnerability
by trfpatriotic
CVSS 7.8
CVE-2021-27065 PATCHAPALOOZA HIGH
Microsoft Exchange Server - Path Traversal
Microsoft Exchange Server Remote Code Execution Vulnerability
by ssrsec
CVSS 7.8
CVE-2023-21746 PATCHAPALOOZA HIGH
Windows NTLM - Privilege Escalation
Windows NTLM Elevation of Privilege Vulnerability
by decoder-it
CVSS 7.8
CVE-2022-41080 PATCHAPALOOZA HIGH
Microsoft Exchange Server - Privilege Escalation
Microsoft Exchange Server Elevation of Privilege Vulnerability
by balki97
CVSS 8.8
CVE-2017-0143 PATCHAPALOOZA HIGH
Microsoft Server Message Block < 4.0e - Remote Code Execution
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0144, CVE-2017-0145, CVE-2017-0146, and CVE-2017-0148.
by fanicia
CVSS 8.8
CVE-2022-30190 PATCHAPALOOZA HIGH
Microsoft Office Word MSDTJS
A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully exploits this vulnerability can run arbitrary code with the privileges of the calling application. The attacker can then install programs, view, change, or delete data, or create new accounts in the context allowed by the user’s rights. Please see the MSRC Blog Entry for important information about steps you can take to protect your system from this vulnerability.
by 0xAbbarhSF
CVSS 7.8
CVE-2022-41040 PATCHAPALOOZA HIGH
Microsoft Exchange ProxyNotShell RCE
Microsoft Exchange Server Elevation of Privilege Vulnerability
by testanull
CVSS 8.8
CVE-2021-43890 PATCHAPALOOZA HIGH
Microsoft Windows - Spoofing
We have investigated reports of a spoofing vulnerability in AppX installer that affects Microsoft Windows. Microsoft is aware of attacks that attempt to exploit this vulnerability by using specially crafted packages that include the malware family known as Emotet/Trickbot/Bazaloader. An attacker could craft a malicious attachment to be used in phishing campaigns. The attacker would then have to convince the user to open the specially crafted attachment. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. Please see the Security Updates table for the link to the updated app. Alternatively you can download and install the Installer using the links provided in the FAQ section. Please see the Mitigations and Workaround sections for important information about steps you can take to protect your system from this vulnerability. December 27 2023 Update: In recent months, Microsoft Threat Intelligence has seen an increase in activity from threat actors leveraging social engineering and phishing techniques to target Windows OS users and utilizing the ms-appinstaller URI scheme. To address this increase in activity, we have updated the App Installer to disable the ms-appinstaller protocol by default and recommend other potential mitigations.
by yonggui-li
CVSS 7.1
CVE-2023-29336 PATCHAPALOOZA HIGH
Win32k - Privilege Escalation
Win32k Elevation of Privilege Vulnerability
by numencyber
CVSS 7.8
CVE-2022-41082 PATCHAPALOOZA HIGH
Microsoft Exchange Server - RCE
Microsoft Exchange Server Remote Code Execution Vulnerability
by ZephrFish
CVSS 8.0
CVE-2022-41082 PATCHAPALOOZA HIGH
Microsoft Exchange Server - RCE
Microsoft Exchange Server Remote Code Execution Vulnerability
by NitinYadav00
CVSS 8.0
CVE-2022-21907 PATCHAPALOOZA CRITICAL
HTTP Protocol Stack - RCE
HTTP Protocol Stack Remote Code Execution Vulnerability
by lutixiaya
CVSS 9.8
CVE-2022-34721 PATCHAPALOOZA CRITICAL
Microsoft Windows 10 - Remote Code Execution
Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability
by 78ResearchLab
CVSS 9.8
CVE-2020-0796 PATCHAPALOOZA CRITICAL
Microsoft Windows 10 1903 - Memory Corruption
A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests, aka 'Windows SMBv3 Client/Server Remote Code Execution Vulnerability'.
by ran-sama
CVSS 10.0
CVE-2020-17087 PATCHAPALOOZA HIGH
Windows Kernel - Privilege Escalation
Windows Kernel Local Elevation of Privilege Vulnerability
by hyunkk95
CVSS 7.8
CVE-2021-34473 PATCHAPALOOZA CRITICAL
Microsoft Exchange ProxyShell RCE
Microsoft Exchange Server Remote Code Execution Vulnerability
by learningsurface
CVSS 9.1
CVE-2021-1675 PATCHAPALOOZA HIGH
Microsoft Windows 10 1507 < 10.0.10240.18967 - Remote Code Execution
Windows Print Spooler Remote Code Execution Vulnerability
by auduongxuan
CVSS 7.8
CVE-2021-26855 PATCHAPALOOZA CRITICAL
Microsoft Exchange ProxyLogon RCE
Microsoft Exchange Server Remote Code Execution Vulnerability
by securitystuffbackup
CVSS 9.1
CVE-2021-42278 PATCHAPALOOZA HIGH
Active Directory Domain Services - Privilege Escalation
Active Directory Domain Services Elevation of Privilege Vulnerability
by XiaoliChan
CVSS 7.5
CVE-2021-31166 PATCHAPALOOZA CRITICAL
Windows IIS HTTP Protocol Stack DOS
HTTP Protocol Stack Remote Code Execution Vulnerability
by mauricelambert
CVSS 9.8
CVE-2021-40449 PATCHAPALOOZA HIGH
Win32k - Privilege Escalation
Win32k Elevation of Privilege Vulnerability
by SamuelTulach
CVSS 7.8
By Source
All 312 Exploitdb 50,123 Writeup 46,574 Nomisec 21,104 Metasploit 3,189 Github 2,206 Vulncheck_xdb 900 Inthewild 518 Gitlab 438 Gitee 415 Patchapalooza 312
By Language
text 31,341 ruby 5,920 python 5,721 c 3,549 perl 2,854 html 2,051 php 1,332 bash 459 java 359 javascript 256 c++ 245 shell 67 go 41 postscript 25 xml 24