Lucene search
K

28018 matches found

CNNVD
CNNVD
added 2026/03/10 12:0 a.m.12 views

Microsoft Windows Routing and Remote Access Service 输入验证错误漏洞

The Microsoft Windows Routing and Remote Access Service is a network service provided by Microsoft that enables network routing, virtual private networks VPNs, and dial-up connections. There is an input validation vulnerability in the Microsoft Windows Routing and Remote Access Service. Attackers...

8CVSS6AI score0.00836EPSS
Exploits3References1
CNNVD
CNNVD
added 2026/03/10 12:0 a.m.5 views

Microsoft Windows Ancillary Function Driver for WinSock 安全漏洞

The Microsoft Windows Ancillary Function Driver for WinSock is a supplementary function driver for Winsock developed by Microsoft Corporation. There are security vulnerabilities associated with the Microsoft Windows Ancillary Function Driver for WinSock. Attackers can exploit these vulnerabilitie...

7CVSS5.8AI score0.0033EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/10 12:0 a.m.6 views

Microsoft多款产品 资源管理错误漏洞

Microsoft Windows 10, among others, are products of the American company Microsoft. Microsoft Windows 10 is a desktop operating system. Microsoft Windows Server 2012 is also a desktop operating system. Microsoft Windows 11 is a set of personal computer operating systems. Several of Microsoft’s...

8.8CVSS6AI score0.00912EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/10 12:0 a.m.14 views

Microsoft Windows Resilient File System 缓冲区错误漏洞

Microsoft Windows Resilient File System ReFS is an elastic file system developed by Microsoft Corporation. The Microsoft Windows Resilient File System ReFS contains a buffer error vulnerability. Attackers can exploit this vulnerability to gain elevated privileges. The following products and...

7.8CVSS6AI score0.00383EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/10 12:0 a.m.6 views

Microsoft Windows 缓冲区错误漏洞

Microsoft Windows is an operating system used by personal devices by the American company Microsoft. Microsoft Windows has a buffer error vulnerability. Attackers can exploit this vulnerability to gain higher privileges. The following products and versions are affected: Windows 11 Version 26H1 fo...

7.8CVSS6AI score0.00345EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/10 12:0 a.m.7 views

Microsoft Windows SMB Server 授权问题漏洞

Microsoft Windows SMB Server is a network file sharing protocol developed by Microsoft Corporation. It allows applications on computers to read and write files, as well as to request services from server programs on computer networks. There is an authorization vulnerability in Microsoft Windows S...

7.8CVSS5.8AI score0.02762EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/03/10 12:0 a.m.12 views

Microsoft Windows Kerberos 竞争条件问题漏洞

Microsoft Windows Kerberos is a software developed by Microsoft for authentication in network clusters. As a network authentication protocol, its design goal is to provide robust authentication services for client/server applications through a key system. There are vulnerabilities related to...

6.5CVSS5.8AI score0.00347EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/10 12:0 a.m.8 views

Microsoft Windows 缓冲区错误漏洞

Microsoft Windows is an operating system used by personal devices by the American company Microsoft. Microsoft Windows has a buffer error vulnerability. Attackers can exploit this vulnerability to gain higher privileges. The following products and versions are affected: Windows Server 2022 Server...

7.8CVSS6AI score0.00353EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/03/10 12:0 a.m.3 views

KB5078775: Windows Server 2012 Security Update (March 2026)

The remote Windows host is missing security update 5078775. It is, therefore, affected by multiple vulnerabilities - Use after free in Windows Print Spooler Components allows an authorized attacker to execute code over a network. CVE-2026-23669 - Use after free in Windows Win32K allows an...

8.8CVSS7.8AI score0.04491EPSS
Exploits11References32
ATTACKERKB
ATTACKERKB
added 2026/02/18 9:27 a.m.6 views

CVE-2012-5239

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-3548. Reason: This candidate is a reservation duplicate of CVE-2012-3548. Notes: All CVE users should reference CVE-2012-3548 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental...

4.3CVSS5.6AI score0.01565EPSS
Exploits1References1
Microsoft KB
Microsoft KB
added 2026/02/10 4:0 p.m.14 views

February 10, 2026—KB5075971 (Monthly Rollup)

February 10, 2026—KB5075971 Monthly Rollup Important The installation of this Extended Security Update ESU might fail when you try to install it on an Azure Arc-enabled device that is running Windows Server 2012. For a successful installation, please make sure all Subset of endpoints for ESU only...

8.8CVSS7.5AI score0.25835EPSS
Exploits8
Tenable Nessus
Tenable Nessus
added 2026/02/10 12:0 a.m.8 views

KB5075971: Windows Server 2012 Security Update (February 2026)

The remote Windows host is missing security update 5075971. It is, therefore, affected by multiple vulnerabilities - Protection mechanism failure in MSHTML Framework allows an unauthorized attacker to bypass a security feature over a network. CVE-2026-21513 - Heap-based buffer overflow in Microso...

8.8CVSS7.7AI score0.25835EPSS
Exploits8References14
Tenable Nessus
Tenable Nessus
added 2026/02/10 12:0 a.m.7 views

KB5075970: Windows Server 2012 R2 Security Update (February 2026)

The remote Windows host is missing security update 5075970. It is, therefore, affected by multiple vulnerabilities - Protection mechanism failure in MSHTML Framework allows an unauthorized attacker to bypass a security feature over a network. CVE-2026-21513 - Heap-based buffer overflow in Microso...

8.8CVSS6.9AI score0.25835EPSS
Exploits8References16
CNNVD
CNNVD
added 2026/02/10 12:0 a.m.10 views

Teknolist Okulistik 代码问题漏洞

Teknolist Okulistik is an online education platform owned by the Turkish company Teknolist. Versions of Teknolist Okulistik from 2012/02/20 onwards have code vulnerabilities related to server-side request forgery, which may lead to such attacks...

9.8CVSS5.9AI score0.00301EPSS
Exploits0References1
NVD
NVD
added 2026/02/03 6:16 p.m.21 views

CVE-2020-37108

PhpIX 2012 Professional contains a SQL injection vulnerability in the 'id' parameter of productdetail.php that allows remote attackers to manipulate database queries. Attackers can inject malicious SQL code through the 'id' parameter to potentially extract or modify database information...

7.1CVSS0.00272EPSS
Exploits0References4
CVE
CVE
added 2026/02/03 4:52 p.m.15 views

CVE-2020-37108

The CVE-2020-37108 issue affects PhpIX 2012 Professional and is caused by an SQL injection in the id parameter of product_detail.php, enabling remote manipulation of database queries. Affected component: product_detail.php (id parameter). Underlying cause: improper handling/sanitization of user i...

7.1CVSS5.8AI score0.00272EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/02/03 4:52 p.m.8 views

CVE-2020-37108

PhpIX 2012 Professional contains a SQL injection vulnerability in the 'id' parameter of productdetail.php that allows remote attackers to manipulate database queries. Attackers can inject malicious SQL code through the 'id' parameter to potentially extract or modify database information...

7.1CVSS5.8AI score0.00272EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/02/03 4:52 p.m.29 views

CVE-2020-37108 PhpIX 2012 Professional - 'id' SQL Injection

PhpIX 2012 Professional contains a SQL injection vulnerability in the 'id' parameter of productdetail.php that allows remote attackers to manipulate database queries. Attackers can inject malicious SQL code through the 'id' parameter to potentially extract or modify database information...

7.1CVSS0.00272EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/02/03 12:0 a.m.6 views

PT-2026-5854

PhpIX 2012 Professional contains a SQL injection vulnerability in the 'id' parameter of product detail.php that allows remote attackers to manipulate database queries. Attackers can inject malicious SQL code through the 'id' parameter to potentially extract or modify database information...

7.1CVSS6AI score0.00272EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.6 views

Azure Linux 3.0 Security Update: accountsservice (CVE-2012-6655)

The version of accountsservice installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2012-6655 advisory. - An issue exists AccountService 0.6.37 in the userchangepasswordauthorizedcb function in user.c which...

3.3CVSS5.6AI score0.00448EPSS
Exploits1References2
Rows per page
Query Builder