Latest Updates
“Certifried” Active Directory Privilege Escalation Vulnerability (CVE-2022-26923)
“Certifried” is an Active Directory privilege escalation vulnerability found in AD Certificate Services in May 2022 by Oliver Lyak.
Atlassian Confluence Server and Data Center RCE Vulnerability (CVE-2022-26134)
This critical remote code execution vulnerability was announced in June 2022 and affected both Atlassian Confluence servers and data centers.
“Dirty Pipe” Linux Kernel Vulnerability (CVE-2022-0847)
“Dirty Pipe” is a well-known Linux kernel privilege escalation vulnerability. This post includes a walkthrough of how to exploit this
“PetitPotam” Windows LSA Spoofing Vulnerability (CVE-2021-36942)
PetitPotam is a NTLM relay attack vulnerability that is often checked for in Active Directory penetration testing. Attackers can become
KEV Catalog: “sAMAccountName” “noPac” Privilege Escalation (CVE-2021-42278 and CVE-2021-42287)
“sAMAcountName” and “noPac” are two critical Active Directory vulnerabilities that can lead to full Domain compromise. Learn how a dollar
KEV Catalog: ExifTool Remote Code Execution Vulnerability (CVE-2021-22204)
This vulnerability is in ExifTool, a tool for changing the metadata of video, image and pdf files. Vulnerable versions of
KEV Catalog: “SMBGhost” Microsoft SMBv3 Remote Code Execution Vulnerability (CVE-2020-0796)
“SMBGhost” is a critical vulnerability that affected SMBv3 in Windows 10 Versions 1903 and 1909. The vulnerability is an integer
KEV Catalog: “HiveNightmare” aka ”SeriousSAM” Vulnerability CVE-2021-36934
CVE-201-36934 is called Microsoft Windows SAM Local Privilege Escalation Vulnerability and is also known by the nicknames “HiveNightmare” or “SeriousSAM”.
KEV Catalog: “PrintNightmare” (CVE-2021-34527)
CVE-2021-34527 is a critical Windows Print Spooler vulnerability that allowed malicious actors to remotely inject DLLs and get administrative rights.
KEV Catalog: “ZeroLogon” NetLogon Privilege Escalation Vulnerability (CVE-2020-1472)
In July 2020 a critical privilege escalation vulnerability emerged that affected Active Directory environments: CVE-2020-1472. Nicknamed “ZeroLogon”, the vulnerability was
KEV Catalog: Rejetto HTTP File Server Remote Code Execution Vulnerability (CVE-2014-6287)
CVE-2014-6287 is a remote code execution vulnerability in Rejetto HTTP File Server versions before 2.3c. Attackers could execute arbitrary code
KEV Catalog: “Heartbleed” OpenSSL Vulnerability (CVE-2014-0160)
CVE-2014-0160 is known by the nickname “Heartbleed”. It is an information disclosure vulnerability in outdated versions of OpenSSL, specifically the