Windows

Microsoft Windows CoreShellComServerRegistrar Open Process Local Privilege Escalation Exploit

An elevation of privilege vulnerability exists when Windows Core Shell COM Server Registrar improperly handles COM calls. An attacker who successfully exploited this vulnerability could potentially set certain items to run at a higher level and thereby elevate permissions. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The update addresses this vulnerability by correcting unprotected COM calls.

Microsoft Windows Remote Desktop DejaBlue DoS

A denial of service vulnerability exists in Remote Desktop Services -formerly known as Terminal Services- when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests.

Cisco Data Center Network Manager HostEnclHandler getVmHostData SQL Injection Vulnerability Exploit Update

This module uses an authentication bypass and a SQL injection vulnerability in order to upload and execute a JSP file in the Wildfly virtual file system webapps directory. This update fixes OS detection when detecting DCNM version.

Windows Error Reporting Manager Arbitrary File Move Elevation of Privilege Exploit (CVE-2019-1315)

An elevation of privilege vulnerability exists when Windows Error Reporting manager improperly handles hard links. An attacker who successfully exploited this vulnerability could overwrite a targeted file leading to an elevated status. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The security update addresses the vulnerability by correcting how Windows Error Reporting manager handles hard links.

MSI Afterburner RTCore64 Privilege Escalation Exploit

The driver in Micro-Star MSI Afterburner 4.6.2.15658 (aka RTCore64.sys and RTCore32.sys) allows any authenticated user to read and write to arbitrary memory, I/O ports, and MSRs.

Cisco Data Center Network Manager HostEnclHandler getVmHostData SQL Injection Vulnerability Exploit

This module uses an authentication bypass and a SQL injection vulnerability in order to upload and execute a JSP file in the Wildfly virtual file system webapps directory.

Microsoft Windows Win32k xxxMNFindWindowFromPoint Vulnerability Exploit

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Microsoft Windows Win32k Keyboard Layout Vulnerability Exploit (MS10-073) Update 3

This update adds support to Impact Professional 11.0i This module exploits a vulnerability on "win32k.sys" when a keyboard layout is loaded by the kernel.

Microsoft Windows Remote Desktop Protocol BlueKeep DoS Update

A Denial of Service exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This update corrects wrong category specification.

Viper RGB Driver Kernel Arbitrary Read Write Local Privilege Escalation Exploit

The MsIo64.sys and MsIo32.sys drivers in Patriot Viper RGB allow local users (including low integrity processes) to read and write to arbitrary memory locations, and consequently gain NT AUTHORITY\SYSTEM privileges, by mapping \Device\PhysicalMemory into the calling process via ZwOpenSection and ZwMapViewOfSection.