team-MineDEV / CVE-2024-26229View external linksLinks
Windows CSC服务特权提升漏洞。 当程序向缓冲区写入的数据超出其处理能力时,就会发生基于堆的缓冲区溢出,从而导致多余的数据溢出到相邻的内存区域。这种溢出会损坏内存,并可能使攻击者能够执行任意代码或未经授权访问系统。本质上,攻击者可以编写触发溢出的恶意代码或输入,从而控制受影响的系统、执行任意命令、安装恶意软件或访问敏感数据。 微软已发出警告成功利用此漏洞的攻击者可以获得 SYSTEM 权限,这是 Windows 系统上的最高访问级别。这增加了与 CVE-2024-26229 �相关的风险,使其成为恶意行为者的主要目标。
☆12Jun 16, 2024Updated last year
Alternatives and similar repositories for CVE-2024-26229
Users that are interested in CVE-2024-26229 are comparing it to the libraries listed below
Sorting:
- NTPWEdit is a password editor for Windows NT based systems (like Windows 2000, XP, Vista, 7, 8, 10), it can change or remove passwords fo…☆16Mar 1, 2024Updated last year
- 通达OA OfficeTask udp 2397 端口远程代码执行RCE检测工具☆21Jun 13, 2025Updated 8 months ago
- (0day)DBSyncer后台自定义插件上传-注入内存马☆16Sep 5, 2024Updated last year
- 该漏洞存在于 NtQueryInformationToken 函数中,特别是在处理AuthzBasepCopyoutInternalSecurityAttributes 函数时,该漏洞源于内核在操作对象时对锁定机制的不当管理,这一失误可能导致恶意实体意外提升权限。☆40Jul 5, 2024Updated last year
- jwtCracker是一款go语言编写的jwt常见安全问题利用工具☆23May 8, 2024Updated last year
- 快速测试是否存在FastAdmin框架相关漏洞☆26Oct 14, 2024Updated last year
- spring部分漏洞,nacos部分漏洞,禅道认证绕过漏洞☆25May 28, 2024Updated last year
- DudeSuite SQLMAP 中文版☆28Oct 3, 2024Updated last year
- ☆11Dec 23, 2018Updated 7 years ago
- KitsuneC2 is a cross-platform adversary emulation tool written in Go.☆12Oct 25, 2024Updated last year
- ruuoyi_vulnscan 是一款基于 Python 和 Tkinter 开发的图形化界面工具,用于检测若依 Vue 框架应用程序中的常见漏洞。该工具提供了多种漏洞检测模块,包括 Swagger 检测、Druid 检测、文件下载漏洞检测、SQL 注入检测、定时任务漏洞检…☆45Feb 23, 2025Updated 11 months ago
- 一款可以高度自定义的 API 信息收集与记录 Burp扩展套件☆11Dec 1, 2024Updated last year
- 🤗更优雅的微信公众号订阅方式,支持私有化部署、微信公众号RSS生成(基于微信读书)☆21Sep 23, 2025Updated 4 months ago
- SharpWxDump的64bit版本。微信客户端取证,获取用户key,解密聊天记录☆15Nov 11, 2023Updated 2 years ago
- FastjsonScan,支持版本识别、出网检测、AutoType检测、依赖检测,poc验证等功能☆13Jun 17, 2025Updated 7 months ago
- jeecg-boot密码离线爆破☆109Nov 22, 2024Updated last year
- Tomcat PUT方法任意文件写入(CVE-2017-12615)exp☆11Mar 14, 2023Updated 2 years ago
- 基于单FOFA资产搜索引擎账号部署的多人协作查询B/S模式,后端部署后通过前端网页交互查询数据和导出数据☆12Aug 1, 2025Updated 6 months ago
- Python C2 with JScript Implant☆15Nov 15, 2023Updated 2 years ago
- 解决一些软件在绕过中国大陆规则中依然会显示当前IP在国外☆14Feb 23, 2024Updated last year
- a component of red teaming for generate route map.☆11Aug 30, 2024Updated last year
- 可爬取、更新并将 K8S 官方漏洞翻译(通过 DeepSeek)成简体中文☆18Jul 19, 2025Updated 6 months ago
- OpenHashAPI provides a secure method of communicating hashes and enables lightweight workflows for security practitioners and enthusiasts…☆13Oct 27, 2024Updated last year
- Backport of SliverStager to work with DotNetToJScript for vba☆16Aug 9, 2024Updated last year
- A simple GDB server for jailbroken PS4s and PS5s☆12Dec 21, 2025Updated last month
- 检测邮件发送的可行性,可用来红队作战中对目标邮箱账户测试。The feasibility sent by the detection mail can be used for the target mailbox account test in the Red Team b…☆10May 8, 2023Updated 2 years ago
- Fakeshellは仮想的なシェル環境を提供するパッケージです。☆14Jan 17, 2023Updated 3 years ago
- 域信息收集工具☆11Jun 5, 2023Updated 2 years ago
- A PowerShell script designed to detect misconfigured Azure Storage Accounts that could potentially be exploited for privilege escalation …☆13Apr 25, 2024Updated last year
- IoM defualt mal package☆10Jul 22, 2025Updated 6 months ago
- ☆12Sep 4, 2023Updated 2 years ago
- Cobalt Strike Launcher on macOS☆12Nov 28, 2022Updated 3 years ago
- YARA detection rule for CVE-2024-4367 arbitrary javascript execution in PDF.js☆11May 27, 2024Updated last year
- 一款冰蝎内存马清除工具;冰蝎内存马卸载工具 ;内存马的查杀功能有待实现。☆12Aug 20, 2023Updated 2 years ago
- ☆16Feb 1, 2026Updated last week
- 用于若依和Jeecg数据库中密码的爆破☆23Jul 19, 2025Updated 6 months ago
- CVE-2022-25845(fastjson1.2.80) exploit in Spring Env!☆106Nov 7, 2024Updated last year
- 禅道研发项目管理系统`misc-captcha-user`认证绕过后台命令注入漏洞☆108Apr 24, 2023Updated 2 years ago
- 一个基于golang的简单漏洞扫描器☆12Feb 2, 2024Updated 2 years ago