An authentication bypass in Veeam.Backup.ServiceLib.CForeignInvokerNegotiateAuthenticator.Authenticate and a file upload present in ExecuteUploadManagerPerformUpload allows an unauthenticated attacker to execute system commands with the privileges of the "IIS Worker Process" process (NT AUTHORITY\\NETWORK SERVICE)
This bug could allow an attacker to gain code execution on an affected system by sending specially crafted packets to a system utilizing the HTTP Protocol Stack (http.sys) to process packets. No user interaction, no privileges required, and an elevated service add up to a wormable bug. And while this is definitely more server-centric, remember that Windows clients can also run http.sys, so all affected versions are affected by this bug. Test and deploy this patch quickly.
This is a remote code execution vulnerability that impacts some versions of Windows 10 32-bit and 64-bit, Windows 11 64-bit, and Windows Server 2019, 2022. The HTTP Protocol Stack enables Windows and applications to communicate with other devices. If exploited, this vulnerability could enable an unauthenticated attacker to send a specially crafted packet to a targeted server utilizing the HTTP Protocol Stack (http.sys) to process packets and ultimately, execute arbitrary code, and take control of the affected system.
This is a remote code execution vulnerability that impacts some versions of Windows 10 32-bit and 64-bit, Windows 11 64-bit, and Windows Server 2019, 2022. The HTTP Protocol Stack enables Windows and applications to communicate with other devices. If exploited, this vulnerability could enable an unauthenticated attacker to send a specially crafted packet to a targeted server utilizing the HTTP Protocol Stack (http.sys) to process packets and ultimately, execute arbitrary code, and take control of the affected system.
Description: JNDI features used in configuration, log messages, and parameters present in Apache Log4j2 do not protect against attacker controlled LDAP and other JNDI related endpoints. This library, used by Apache James, allows unauthenticated attackers to execute system commands.
This update improves the module to bypass UAC by adding support for Windows 11.
Improper initialization of the flags member of the pipe buffer structure in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel, could allow an unprivileged local user to write to pages in the page cache backed by read-only files and escalate privileges on the system.
Raspberry Pi OS through 5.10 has the raspberry default password for the pi account. If not changed, attackers can gain administrator privileges.
This update improves Python 3 support.
This update improves Python 3 support.
An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
JNDI features used in configuration, log messages, and parameters present in Apache Log4j2 do not protect against attacker controlled LDAP and other JNDI related endpoints. This library, used by VMware Horizon Connection Server, allows unauthenticated attackers to execute system commands.
This update adds the capability to Windows agents of executing .net assemblies in the target's memory.
Also, a specific module to trigger SharpHound (BloodHound data Collector) is included in it.
Also, a specific module to trigger SharpHound (BloodHound data Collector) is included in it.
This update adds SSO domain name detection.