“Certifried” is an Active Directory privilege escalation vulnerability found in AD Certificate Services in May 2022 by Oliver Lyak.
This critical remote code execution vulnerability was announced in June 2022 and affected both Atlassian Confluence servers and data centers.
“Dirty Pipe” is a well-known Linux kernel privilege escalation vulnerability. This post includes a walkthrough of how to exploit this
PetitPotam is a NTLM relay attack vulnerability that is often checked for in Active Directory penetration testing. Attackers can become
“sAMAcountName” and “noPac” are two critical Active Directory vulnerabilities that can lead to full Domain compromise. Learn how a dollar
This vulnerability is in ExifTool, a tool for changing the metadata of video, image and pdf files. Vulnerable versions of
“SMBGhost” is a critical vulnerability that affected SMBv3 in Windows 10 Versions 1903 and 1909. The vulnerability is an integer
CVE-201-36934 is called Microsoft Windows SAM Local Privilege Escalation Vulnerability and is also known by the nicknames “HiveNightmare” or “SeriousSAM”.
In July 2020 a critical privilege escalation vulnerability emerged that affected Active Directory environments: CVE-2020-1472. Nicknamed “ZeroLogon”, the vulnerability was
CVE-2014-6287 is a remote code execution vulnerability in Rejetto HTTP File Server versions before 2.3c. Attackers could execute arbitrary code
CVE-2014-0160 is known by the nickname “Heartbleed”. It is an information disclosure vulnerability in outdated versions of OpenSSL, specifically the