Microsoft Windows SMBv3 suffers from a null pointer dereference in versions of Windows prior to the April, 2022 patch set. By sending a malformed FileNormalizedNameInformation SMBv3 request over a named pipe, an attacker can cause a Blue Screen of Death (BSOD) crash of the Windows kernel. For most systems, this attack requires authentication, except in the special case of Windows Domain Controllers, where unauthenticated users can always open named pipes as long as they can establish an SMB session. Typically, after the BSOD, the victim SMBv3 server will reboot.
Microsoft Windows could allow a remote attacker to execute arbitrary code or BSOD the system, caused by a design flaw in the Network File System component.
A denial of service vulnerability exists in Point-to-Point Tunneling Protocol service when an unauthenticated attacker connects to the target system and sends specially crafted requests.
This bug could allow an attacker to gain code execution on an affected system by sending specially crafted packets to a system utilizing the HTTP Protocol Stack (http.sys) to process packets. No user interaction, no privileges required, and an elevated service add up to a wormable bug. And while this is definitely more server-centric, remember that Windows clients can also run http.sys, so all affected versions are affected by this bug. Test and deploy this patch quickly.
This is a remote code execution vulnerability that impacts some versions of Windows 10 32-bit and 64-bit, Windows 11 64-bit, and Windows Server 2019, 2022. The HTTP Protocol Stack enables Windows and applications to communicate with other devices. If exploited, this vulnerability could enable an unauthenticated attacker to send a specially crafted packet to a targeted server utilizing the HTTP Protocol Stack (http.sys) to process packets and ultimately, execute arbitrary code, and take control of the affected system.
This is a remote code execution vulnerability that impacts some versions of Windows 10 32-bit and 64-bit, Windows 11 64-bit, and Windows Server 2019, 2022. The HTTP Protocol Stack enables Windows and applications to communicate with other devices. If exploited, this vulnerability could enable an unauthenticated attacker to send a specially crafted packet to a targeted server utilizing the HTTP Protocol Stack (http.sys) to process packets and ultimately, execute arbitrary code, and take control of the affected system.
Description: JNDI features used in configuration, log messages, and parameters present in Apache Log4j2 do not protect against attacker controlled LDAP and other JNDI related endpoints. This library, used by Apache James, allows unauthenticated attackers to execute system commands.
Raspberry Pi OS through 5.10 has the raspberry default password for the pi account. If not changed, attackers can gain administrator privileges.
This update improves Python 3 support.
This update improves Python 3 support.
Raspberry Pi OS through 5.10 has the raspberry default password for the pi account. If not changed, attackers can gain administrator privileges.
A reverse proxy bypass vulnerability allows attackers to access restricted endpoints as declared in the analytics-proxy.conf file.
Combined with a unrestricted file upload vulnerability present in the DataAppAgentController class, when using the action=collect parameter, allows attackers to execute systems commands as root.
Combined with a unrestricted file upload vulnerability present in the DataAppAgentController class, when using the action=collect parameter, allows attackers to execute systems commands as root.
The vulnerability has been dubbed PrintNightmare and is tracked as CVE-2021-34527. The flaw is due to the Windows Print Spooler service improperly performing privileged file operations. Microsoft says the flaw can be exploited by an authenticated user calling RpcAddPrinterDriverEx(). When exploited, an attacker gains SYSTEM privileges and can execute arbitrary code, install programs, view, change, or delete data or create new accounts with full user rights.
This update adds the ability to choose an external agent for the smb file share.
It adds more connexion methods and pivoting support.
It adds the ability to login using an identity.
It warns when the target can be patched or not to be vulnerable.
This update adds the ability to choose an external agent for the smb file share.
It adds more connexion methods and pivoting support.
It adds the ability to login using an identity.
It warns when the target can be patched or not to be vulnerable.
This update adds a drop-down menu in which users can select different scenarios with its corresponding "NON-PAGED POOL START ADDRESS" predefined.