Windows Credential Guard KerbIumCreateApReqAuthenticator Key Information Disclosure
Authored by James Forshaw, Google Security Research
On Windows, CG API KerbIumCreateApReqAuthenticator can be used to decrypt arbitrary encrypted Kerberos keys leading to information disclosure.
advisories | CVE-2022-34711
Windows Credential Guard KerbIumGetNtlmSupplementalCredential Information Disclosure
Authored by James Forshaw, Google Security Research
On Windows, the KerbIumGetNtlmSupplementalCredential CG API does not check the encryption key type leading to information disclosure of key material.
advisories | CVE-2022-34712
InTouch Access Anywhere Secure Gateway 2020 R2 Path Traversal
Authored by Jens Regel | Site crisec.de
InTouch Access Anywhere Secure Gateway versions 2020 R2 and below suffer from a path traversal vulnerability.
advisories | CVE-2022-23854
Change Mirror Download
Title:======AVEVA InTouch Access Anywhere...
Windows Credential Guard TGT Renewal Information Disclosure
Authored by James Forshaw, Google Security Research
On Windows, the Kerberos ticket renewal process can be used with CG to get an unencrypted TGT session key for a currently authenticated...
Windows Credential Guard Kerberos Change Password Privilege Escalation
Authored by James Forshaw, Google Security Research
Windows Credential guard does not prevent using encrypted Kerberos keys to change a user's password leading to elevation of privilege.
advisories | CVE-2022-35771
AirDisk 7.5.5 Cross Site Scripting
Authored by Chokri Hammedi
AirDisk version 7.5.5 suffers from a persistent cross site scripting vulnerability.
Change Mirror Download
# Exploit Title: AirDisk 7.5.5 File Manager Stored XSS# Date: Sep 8, 2022# Exploit...
mbDrive Lite WiFi Flash Disk 1.4.0 Cross Site Scripting
Authored by Chokri Hammedi
mbDrive Lite WiFi Flash Disk version 1.4.0 suffers from a cross site scripting vulnerability.
Change Mirror Download
# Exploit Title: mbDrive Lite - WiFi flash disk 1.4.0 Reflected...
Online Notice Board 2022 SQL Injection
Authored by nu11secur1ty
Online Notice Board 2022 suffers from a remote SQL injection vulnerability.
Change Mirror Download
## Title: ONLINE-NOTICE-BOARD-2022 SQLi## Author: nu11secur1ty## Date: 09.09.2022## Vendor: https://www.sourcecodester.com/users/razormist## Software: https://www.sourcecodester.com/php/14317/online-notice-board-system.html## Reference: https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/razormist/2022/ONLINE-NOTICE-BOARD-2022## Description:The...
Wifi HD Wireless Disk Drive 11 Local File Inclusion
Authored by Chokri Hammedi
Wifi HD Wireless Disk Drive version 11 suffers from a local file inclusion vulnerability.
Change Mirror Download
# Exploit Title: Wifi HD Wireless Disk Drive Local File Inclusion#...
Trojan.Win32.Autoit.fhj MVID-2022-0637 Insecure Permissions
Authored by malvuln | Site malvuln.com
Trojan.Win32.Autoit.fhj malware suffers from an insecure permissions vulnerability.
Change Mirror Download
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022Original source: https://malvuln.com/advisory/d871836f77076eeed87eb0078c1911c7.txtContact: [email protected]: twitter.com/malvulnThreat: Trojan.Win32.Autoit.fhjVulnerability:...





