└── README.md /README.md: -------------------------------------------------------------------------------- 1 | # writeups about analysis CVEs and Exploits on the Windows 2 | I collect writeup about analysis CVEs and Exploits on the Windows in this repository. 3 | 4 | # 2022 5 | - [CVE-2022-22005 Microsoft Sharepoint RCE](https://hnd3884.github.io/posts/cve-2022-22005-microsoft-sharepoint-RCE/) 6 | - [CVE-2022-24527: Microsoft Connected Cache Local Privilege Escalation](https://www.rapid7.com/blog/post/2022/04/12/cve-2022-24527-microsoft-connected-cache-local-privilege-escalation-fixed/) 7 | - [Proof of Concept: CVE-2022-21907 HTTP Protocol Stack Remote Code Execution Vulnerability](https://www.coresecurity.com/core-labs/articles/proof-concept-cve-2022-21907-http-protocol-stack-remote-code-execution) 8 | - [Analysis of CVE-2022-21882 "Win32k Window Object Type Confusion Exploit"](https://www.coresecurity.com/core-labs/articles/analysis-cve-2022-21882-win32k-window-object-type-confusion-exploit) 9 | - [CVE-2022-21972: Windows Server VPN Remote Kernel Use After Free Vulnerability Part 1](https://labs.nettitude.com/blog/cve-2022-21972-windows-server-vpn-remote-kernel-use-after-free-vulnerability/) 10 | - [CVE-2022-21972: Windows Server VPN Remote Kernel Use After Free Vulnerability Part 1](https://labs.nettitude.com/blog/cve-2022-23270-windows-server-vpn-remote-kernel-use-after-free-vulnerability/) 11 | - [New Wine in Old Bottle - Microsoft Sharepoint Post-Auth Deserialization RCE (CVE-2022-29108)](https://starlabs.sg/blog/2022/05/new-wine-in-old-bottle-microsoft-sharepoint-post-auth-deserialization-rce-cve-2022-29108/) 12 | - [Recurrence and analysis of RPC high-risk Vulnerability(CVE-2022–26809)](https://medium.com/@knownsec404team/recurrence-and-analysis-of-rpc-high-risk-vulnerability-cve-2022-26809-7851cc88f81c) 13 | - [CVE-2022-26937: Microsoft Windows Network File System NLM Portmap Stack Buffer Overflow](https://www.zerodayinitiative.com/blog/2022/6/7/cve-2022-26937-microsoft-windows-network-file-system-nlm-portmap-stack-buffer-overflow) 14 | 15 | 16 | 17 | # 2021 18 | - [CVE-2021-21551 - Dell ‘dbutil_2_3.sys’ Kernel](https://connormcgarr.github.io/cve-2020-21551-sploit/) 19 | - [Analysis of CVE-2021-26897 DNS Server RCE](https://www.coresecurity.com/core-labs/articles/analysis-cve-2021-26897-dns-server-rce) 20 | - [Analysis of Cisco AnyConnect Posture (HostScan) Local Privilege Escalation: CVE-2021-1366](https://www.coresecurity.com/core-labs/articles/analysis-cisco-anyconnect-posture-hostscan-local-privilege-escalation-cve-2021) 21 | - [Crucial’s MOD Utility LPE – CVE-2021-41285](https://voidsec.com/crucial-mod-utility-lpe-cve-2021-41285/) 22 | - [Root Cause Analysis of a Printer’s Drivers Vulnerability CVE-2021-3438](https://voidsec.com/root-cause-analysis-of-cve-2021-3438/) 23 | - [Reverse Engineering & Exploiting Dell CVE-2021-21551](https://voidsec.com/reverse-engineering-and-exploiting-dell-cve-2021-21551/) 24 | - [CVE‑2021‑1079 – NVIDIA GeForce Experience Command Execution](https://voidsec.com/nvidia-geforce-experience-command-execution/) 25 | - [Fuzzing: FastStone Image Viewer & CVE-2021-26236](https://voidsec.com/fuzzing-faststone-image-viewer-cve-2021-26236/) 26 | - [Exploiting a use-after-free in Windows Common Logging File System (CLFS)](https://blog.exodusintel.com/2022/03/10/exploiting-a-use-after-free-in-windows-common-logging-file-system-clfs/) 27 | 28 | 29 | # 2019 30 | - [Analysis of a 1day (CVE-2019-0547) and discovery of a forgotten condition in the patch (CVE-2019-0726) – Part 1 of 2](https://sensepost.com/blog/2019/analysis-of-a-1day-cve-2019-0547-and-discovery-of-a-forgotten-condition-in-the-patch-cve-2019-0726-part-1-of-2/) 31 | - [Dejablue Vulnerabilities in Windows 7 to Windows 10 [CVE-2019-1181 and CVE-2019-1182]](https://www.coresecurity.com/core-labs/articles/dejablue-vulnerabilities-windows-7-windows-10-cve-2019-1181-and-cve-2019-1182) 32 | - [Low-level Reversing of BLUEKEEP vulnerability (CVE-2019-0708)](https://www.coresecurity.com/core-labs/articles/low-level-reversing-bluekeep-vulnerability-cve-2019-0708) 33 | 34 | 35 | # 2018 36 | - [Bypassing CVE-2018-15442: Another Case of DLL Hijacking](https://www.coresecurity.com/core-labs/articles/bypassing-cve-2018-15442-another-case-dll-hijacking) 37 | 38 | 39 | 40 | # 2015 41 | - [Exploiting Internet Explorer's MS15-106, Part I: VBScript Filter Type Confusion Vulnerability (CVE-2015-6055)](https://www.coresecurity.com/core-labs/articles/exploiting-internet-explorers-ms15-106-part-i-vbscript-filter-type-confusion-vulnerability-cve-2015-6055) 42 | - [Exploiting CVE-2015-0311: A Use-After-Free in Adobe Flash Player](https://www.coresecurity.com/core-labs/articles/exploiting-cve-2015-0311-a-use-after-free-in-adobe-flash-player) 43 | - [Exploiting CVE-2015-0311, Part II: Bypassing Control Flow Guard on Windows 8.1 Update 3](https://www.coresecurity.com/core-labs/articles/exploiting-cve-2015-0311-part-ii-bypassing-control-flow-guard-on-windows-8-1-update-3) 44 | 45 | 46 | 47 | 48 | 49 | 50 | --------------------------------------------------------------------------------