Windows

Delta Industrial Automation CNCSoft ScreenEditor DPB File Parsing Buffer Overflow Exploit

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Industrial Automation CNCSoft ScreenEditor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DPB files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length buffer. An attacker can leverage this vulnerability to execute code in the context of Administrator.

Microsoft Windows SMBv3 CoronaBlue Vulnerability DoS

An unauthenticated attacker can connect to the target system using SMBv3 and sends specially crafted requests to exploit the vulnerability. This module exploits this vulnerability in order to generate a Denial of Service

Microsoft Windows Service Tracing Privilege Escalation Exploit (CVE-2020-0668)

An arbitrary privileged file move operation exists in Microsoft Windows Service Tracing. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application. The security update addresses the vulnerability by ensuring the Windows Kernel properly handles objects in memory.

Microsoft Exchange Validation Key Remote OS Command Injection Exploit Update

.NET deserialization vulnerability in the Microsoft Exchange Control Panel web page allows authenticated attackers to execute OS commands with SYSTEM privileges. The lack of randomization in the validationKey and decryptionKey values at installation allows an attacker to create a crafted viewstate to execute OS commands via .NET deserialization.

Integard Pro NoJs Parameter Buffer Overflow Exploit

Integard Pro is prone to a buffer overflow when handling a specially crafted HTTP POST request.

CORSAIR iCUE Driver Local Privilege Escalation Exploit

The CorsairLLAccess64.sys and CorsairLLAccess32.sys drivers in CORSAIR iCUE before 3.25.60 allow local non-privileged users (including low-integrity level processes) to read and write to arbitrary physical memory locations, and consequently gain NT AUTHORITY\SYSTEM privileges, via a function call such as MmMapIoSpace.

Microsoft Exchange Validation Key Remote OS Command Injection Exploit

.NET deserialization vulnerability in the Microsoft Exchange Control Panel web page allows authenticated attackers to execute OS commands with SYSTEM privileges. The lack of randomization in the validationKey and decryptionKey values at installation allows an attacker to create a crafted viewstate to execute OS commands via .NET deserialization.

Microsoft SQL Server Reporting Services Remote OS Command Injection Exploit

A deserialization vulnerability in Microsoft SQL Server Reporting Services allows an authenticated attacker to execute arbitrary commands in the context of the Report Server service account.

Viper RGB Driver Kernel Buffer Overflow Local Privilege Escalation Exploit

This module exploits a buffer overflow vulnerability in Viper RGB MsIo64.sys vulnerability allows unprivileged local users to execute code with SYSTEM privileges.