CVE-2022-26923 Active Directory Domain Services Elevation of Privilege Vulnerability.
A remote code execution vulnerability exists in the way that AD DS authenticates user identity. A remote attacker can exploit this vulnerability to take control
CVE-2022-26925 Windows LSA Spoofing Vulnerability.
In this blog post, we will explain how to exploit this vulnerability with a PoC application. The Windows LSA vulnerability allows to spoof requests for
CVE-2022-30333 - RARLAB UnRAR Path Traversal Vulnerability Explained (with Exploit Example)
CVE-2022-30333 is a critical security vulnerability found in RARLAB’s UnRAR utility (before version 6.12) running on Linux and UNIX-like systems. This bug can
CVE-2022-1619 - Heap-Based Buffer Overflow in Vim’s cmdline_erase_chars Function
Vim is one of the world’s most popular text editors, used by developers, sysadmins, and even casual power users across Linux, macOS, and Windows.
CVE-2022-1053 Keylime doesn't enforce the agent registrar data being the same when the tenant uses it for validation of the EK and identity quote and verifier for validating the integrity quote.
but it is not validated and the attacker can forge one. If the verifier validates the agent data and the agent data is forged, the
Episode
00:00:00
00:00:00