Lucene search
K

42 matches found

Microsoft CVE
Microsoft CVE
added 2023/03/14 7:0 a.m.86 views

Client Server Run-Time Subsystem (CSRSS) Information Disclosure Vulnerability

...

5.5CVSS7.7AI score0.00465EPSS
Exploits0
Kaspersky
Kaspersky
added 2023/03/14 12:0 a.m.303 views

KLA48553 Multiple vulnerabilities in Microsoft Windows

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, obtain sensitive information, spoof user interface, cause denial of service, bypass security restrictions. Below is a complete list of...

9.8CVSS9.9AI score0.78152EPSS
Exploits1References72
OpenVAS
OpenVAS
added 2022/12/14 12:0 a.m.31 views

Microsoft Windows Multiple Vulnerabilities (KB5021235)

This host is missing an important security update according to Microsoft KB5021235 SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

8.5CVSS7.6AI score0.76106EPSS
Exploits6References3
Vulnrichment
Vulnrichment
added 2022/07/12 10:37 p.m.18 views

CVE-2022-22049 Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability

...

7.8CVSS6.8AI score0.01055EPSS
Exploits1References1
CVE
CVE
added 2022/07/12 10:36 p.m.182 views

CVE-2022-22026

CVE-2022-22026 is a Windows CSRSS Elevation of Privilege vulnerability. The connected document confirms it as one of the CSRSS issues fixed during the July 2022 Patch Tuesday cycle, noting that two other CSRSS flaws (CVE-2022-22047 and CVE-2022-22049) were also fixed. The exact affected product s...

8.8CVSS8.2AI score0.01024EPSS
Exploits1References1Affected Software10
Positive Technologies
Positive Technologies
added 2022/07/12 12:0 a.m.3 views

PT-2022-3591 · Microsoft · Windows Client Server Run-Time Subsystem +1

Name of the Vulnerable Software and Affected Versions: Windows Client Server Run-time Subsystem CSRSS affected versions not specified Description: The issue is related to insufficient access restrictions in the Client Server Run-time Subsystem CSRSS of the Windows operating system. It allows an...

8.8CVSS8.5AI score0.01024EPSS
Exploits1References11
CISA KEV Catalog
CISA KEV Catalog
added 2022/03/28 12:0 a.m.58 views

Microsoft Windows CSRSS Security Feature Bypass Vulnerability

The Client-Server Run-time Subsystem CSRSS in Microsoft mismanages process tokens, which allows local users to gain privileges via a crafted application...

7.8CVSS6AI score0.63195EPSS
In wildExploits2
Tenable Nessus
Tenable Nessus
added 2016/04/12 12:0 a.m.124 views

MS16-048: Security Update for CSRSS (3148528)

The remote Windows host is missing a security update. It is, therefore, affected by a security feature bypass vulnerability in the Client-Server Run-time Subsystem CSRSS due to improper management of process tokens in memory. A local attacker can exploit this vulnerability, via a specially crafte...

7.8CVSS8.3AI score0.63195EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2013/04/10 12:0 a.m.31 views

MS13-033: Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege (2820917)

The Windows Client/Server Run-time Subsystem CSRSS on the remote host has a privilege escalation vulnerability due to an improper handling of objects in memory. An attacker who successfully exploits this vulnerability can execute arbitrary code in the context of the local system. The attacker cou...

7.2CVSS6.1AI score0.02239EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2013/02/13 12:0 a.m.26 views

MS Windows Client/Server Run-time Subsystem Privilege Escalation Vulnerability (2790113)

This host is missing an important security update according to Microsoft Bulletin MS13-019. OpenVAS Vulnerability Test $Id: secpodms13-019.nasl 5346 2017-02-19 08:43:11Z cfi $ MS Windows Client/Server Run-time Subsystem Privilege Escalation Vulnerability 2790113 Authors: Antu Sanadi Copyright:...

7.2CVSS1AI score0.01791EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2013/02/13 12:0 a.m.23 views

Microsoft Windows Client/Server Run-time Subsystem Privilege Escalation Vulnerability (2790113)

This host is missing an important security update according to Microsoft Bulletin MS13-019. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

7.2CVSS5AI score0.01791EPSS
Exploits0References4
Prion
Prion
added 2011/12/14 12:55 a.m.24 views

Privilege escalation

Csrsrv.dll in the Client/Server Run-time Subsystem aka CSRSS in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly check permissions for sending inter-process...

7.2CVSS6.8AI score0.01791EPSS
Exploits1References3Affected Software3
OpenVAS
OpenVAS
added 2011/12/14 12:0 a.m.31 views

Windows Client/Server Run-time Subsystem Privilege Elevation Vulnerability (2620712)

This host is missing an important security update according to Microsoft Bulletin MS11-097. OpenVAS Vulnerability Test $Id: secpodms11-097.nasl 5362 2017-02-20 12:46:39Z cfi $ Windows Client/Server Run-time Subsystem Privilege Elevation Vulnerability 2620712 Authors: Rachana Shetty Copyright:...

7.2CVSS0.8AI score0.01791EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2011/08/11 12:0 a.m.33 views

Microsoft Windows Client/Server Run-time Subsystem Privilege Escalation Vulnerability (2567680)

This host is missing a critical security update according to Microsoft Bulletin MS11-063. OpenVAS Vulnerability Test $Id: secpodms11-063.nasl 8724 2018-02-08 15:02:56Z cfischer $ Microsoft Windows Client/Server Run-time Subsystem Privilege Escalation Vulnerability 2567680 Authors: Antu Sanadi...

7.2CVSS0.6AI score0.01707EPSS
Exploits0References2
Prion
Prion
added 2011/07/13 11:55 p.m.29 views

Integer overflow

Integer overflow in the Client/Server Run-time Subsystem aka CSRSS in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges or cau...

7.2CVSS7.1AI score0.02098EPSS
Exploits1References3Affected Software3
Prion
Prion
added 2011/07/13 11:55 p.m.24 views

Null pointer dereference

The Client/Server Run-time Subsystem aka CSRSS in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly initialize memory and consequently uses a NULL...

7.2CVSS6.9AI score0.01553EPSS
Exploits1References3Affected Software3
CVE
CVE
added 2011/07/13 11:0 p.m.66 views

CVE-2011-1283

The CVE-2011-1283 entry concerns the Windows CSRSS component in the Win32 subsystem. The vulnerability arises from an array index check flaw in SrvSetConsoleNumberOfCommand, allowing a local attacker to cause memory corruption and elevate privileges by triggering an incorrect memory assignment fo...

7.2CVSS6.5AI score0.02116EPSS
Exploits1References3Affected Software5
NVD
NVD
added 2011/07/13 10:55 p.m.22 views

CVE-2011-1281

The Client/Server Run-time Subsystem aka CSRSS in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly restrict the number of console objects for a...

7.2CVSS6.5AI score0.02116EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2011/02/09 12:0 a.m.31 views

Windows Client/Server Run-time Subsystem Privilege Elevation Vulnerability (2476687)

This host is missing a critical security update according to Microsoft Bulletin MS11-010. OpenVAS Vulnerability Test $Id: secpodms11-010.nasl 5362 2017-02-20 12:46:39Z cfi $ Windows Client/Server Run-time Subsystem Privilege Elevation Vulnerability 2476687 Authors: Sooraj KS Copyright: Copyright ...

4.7CVSS0.7AI score0.01764EPSS
Exploits0References3
NVD
NVD
added 2007/04/10 9:19 p.m.26 views

CVE-2007-1209

Use-after-free vulnerability in the Client/Server Run-time Subsystem CSRSS in Microsoft Windows Vista does not properly handle connection resources when starting and stopping processes, which allows local users to gain privileges by opening and closing multiple ApiPort connections, which leaves a...

7.2CVSS6.3AI score0.02686EPSS
Exploits0References13
Rows per page
Query Builder