Aggregator

A vulnerability classified as critical has been found in Microsoft Windows up to Server 2022. This affects an unknown part of the component Kernel. The manipulation leads to out-of-bounds read. This vulnerability is uniquely identified as CVE-2023-35357. Attacking locally is a requirement. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability classified as critical was found in Microsoft Windows up to Server 2022. This vulnerability affects unknown code of the component Kernel. The manipulation leads to out-of-bounds read. This vulnerability was named CVE-2023-35358. It is possible to launch the attack on the local host. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Microsoft Windows. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Error Reporting Service. The manipulation leads to link following. This vulnerability is known as CVE-2023-36874. It is possible to launch the attack on the local host. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Microsoft Windows. It has been classified as critical. This affects an unknown part of the component Common Log File System Driver. The manipulation leads to out-of-bounds write. This vulnerability is uniquely identified as CVE-2023-28252. It is possible to launch the attack on the local host. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability, which was classified as critical, was found in Phplinkdirectory PHP Link Directory 4.1.0. This affects an unknown part of the file admin/conf_users_edit.php. The manipulation leads to cross-site request forgery. This vulnerability is uniquely identified as CVE-2011-0643. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability classified as critical was found in Mono. Affected by this vulnerability is an unknown functionality. The manipulation leads to improper input validation. This vulnerability is known as CVE-2008-3906. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

元旦快乐！

元旦快乐！

元旦快乐！

超级牛祝大家元旦快乐！

ShadowHound ShadowHound is a set of PowerShell scripts for Active Directory enumeration without the need for introducing known-malicious binaries like SharpHound. It leverages native PowerShell capabilities to minimize detection risks and offers two methods...

The post ShadowHound: Stealthy AD Enumeration with PowerShell appeared first on Penetration Testing Tools.

A vulnerability was found in CentOS Web Panel up to 0.9.8.763. It has been classified as problematic. This affects an unknown part of the component Package Name Handler. The manipulation of the argument add_package as part of Parameter leads to cross site scripting (Persistent). This vulnerability is uniquely identified as CVE-2019-7646. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

The Exegol project Exegol is a community-driven hacking environment, powerful and yet simple enough to be used by anyone in day to day engagements. Script kiddies use Kali Linux, real pentesters use Exegol, megachads...

The post Exegol: Fully featured and community-driven hacking environment appeared first on Penetration Testing Tools.