CVE-2026-33995

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol. A remote attacker could exploit a double-free vulnerability in the Kerberos security context functions, specifically kerberosAcceptSecurityContext and kerberosInitializeSecurityContextA, within the WinPR library...

CVE-2026-33995 FreeRDP: Possible double free in kerberos_AcceptSecurityContext

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, a double-free vulnerability in kerberosAcceptSecurityContext and kerberosInitializeSecurityContextA WinPR, winpr/libwinpr/sspi/Kerberos/kerberos.c can cause a crash in any FreeRDP clients on systems where...

CVE-2018-5354

The custom GINA/CP module in ANIXIS Password Reset Client before version 3.22 allows remote attackers to execute code and escalate privileges via spoofing. When the client is configured to use HTTP, it does not authenticate the intended server before opening a browser window. An unauthenticated...

PSA: Increase in RDP Attacks Means It's Time to Mind Your RDPs and Qs

This week, Rapid7 Managed Detection and Response’s MDR intrepid investigators identified an increase in RDP attacks targeting RDP servers without multi-factor authentication enabled. Given that a fair number of folks are still working remotely, it’s no wonder that attackers continue to seek out a...

CVE-2018-5353

The custom GINA/CP module in Zoho ManageEngine ADSelfService Plus before 5.5 build 5517 allows remote attackers to execute code and escalate privileges via spoofing. It does not authenticate the intended server before opening a browser window. An unauthenticated attacker capable of conducting a...

Authentication flaw

The custom GINA/CP module in ANIXIS Password Reset Client before version 3.22 allows remote attackers to execute code and escalate privileges via spoofing. When the client is configured to use HTTP, it does not authenticate the intended server before opening a browser window. An unauthenticated...

CVE-2018-5353

The custom GINA/CP module in Zoho ManageEngine ADSelfService Plus before 5.5 build 5517 allows remote attackers to execute code and escalate privileges via spoofing. It does not authenticate the intended server before opening a browser window. An unauthenticated attacker capable of conducting a...

CVE-2018-5353

The vulnerability CVE-2018-5353 affects Zoho ManageEngine ADSelfService Plus before 5.5 build 5517, due to a custom GINA/CP module that does not authenticate the intended server before opening a browser window. An unauthenticated attacker can perform a spoofing attack to redirect the browser and ...

CVE-2018-5354

The custom GINA/CP module in ANIXIS Password Reset Client before version 3.22 allows remote attackers to execute code and escalate privileges via spoofing. When the client is configured to use HTTP, it does not authenticate the intended server before opening a browser window. An unauthenticated...

Remote spring: the rise of RDP bruteforce attacks

With the spread of COVID-19, organizations worldwide have introduced remote working, which is having a direct impact on cybersecurity and the threat landscape. Alongside the higher volume of corporate traffic, the use of third-party services for data exchange, and employees working on home...

How to Use VMware Carbon Black’s Real-Time Endpoint Query to Identify BlueKeep Vulnerability Risk

Recently, security researchers revealed a Proof of Concept attack that leverages the BlueKeep vulnerability. Whenever this type of news breaks on the twittersphere, organizations are left with the question: "Are we susceptible to this type of attack?" Using CB LiveOps, a real-time endpoint query...

Blue is a color we love but can’t Keep!

Recent reports this year revealed nearly 1 million computer systems are still vulnerable and exposed to BlueKeep in the wild. These systems are still easy targets for an unauthenticated attacker or malware to execute code leveraging this patchable vulnerability. Because so many systems are still...

Exploit for Improper Input Validation in Microsoft

CVE-2019-0708 批量检测 0x01 前言 CVE-2019-0708 Windows RDP 远程命令执行漏洞 Windows系列服务器于2019年5月15号，被爆出高危漏洞，该漏洞影响范围较广，windows2003、windows2008、windows2008 R2、windows xp 系统都会遭到攻击，该服务器漏洞利用方式是通过远程桌面端口3389，RDP协议进行攻击的...

Protect against BlueKeep

Worms are the cause of many cyber headaches. They can easily replicate themselves to spread malicious malware to other computers in your network. As the field responders providing Microsoft enterprise customers with onsite assistance to serious cybersecurity threats, our Detection and Response Te...

Rdpscan - A Quick Scanner For The CVE-2019-0708 "BlueKeep" Vulnerability

This is a quick-and-dirty scanner for the CVE-2019-0708 vulnerability in Microsoft Remote Desktop. Right now, there are about 900,000 machines on the public Internet vulnerable to this vulnerability, so many are to expect a worm soon like WannaCry and notPetya. Therefore, scan your networks and...

Microsoft Operating Systems BlueKeep Vulnerability

Summary The Cybersecurity and Infrastructure Security Agency CISA is issuing this Activity Alert to provide information on a vulnerability, known as “BlueKeep,” that exists in the following Microsoft Windows Operating Systems OSs, including both 32- and 64-bit versions, as well as all Service Pac...

Unpatched Bug Let Attackers Bypass Windows Lock Screen On RDP Sessions

A security researcher today revealed details of a newly unpatched vulnerability in Microsoft Windows Remote Desktop Protocol RDP. Tracked as CVE-2019-9510 , the reported vulnerability could allow client-side attackers to bypass the lock screen on remote desktop RD sessions. Discovered by Joe...

Unpatched Bug Let Attackers Bypass Windows Lock Screen On RDP Sessions

A security researcher today revealed details of a newly unpatched vulnerability in Microsoft Windows Remote Desktop Protocol RDP. Tracked as CVE-2019-9510, the reported vulnerability could allow client-side attackers to bypass the lock screen on remote desktop RD sessions. Discovered by Joe...

Microsoft emergency release CVE-2019-0708 vulnerability fixes-bug warning-the black bar safety net

2019 5 on 14 September, Microsoft is the emergency release for the Remote Desktop service Remote Desktop Service, RDP, previously known as Terminal Services remote code execution vulnerability CVE-2019-0708 fix, the vulnerability affects some older versions of Windows system such as Windows XP,...

Windows re-aeration“WannaCry”level vulnerability CVE-2019-0708, cures XP, Win7-vulnerability warning-the black bar safety net

In WannaCry two-year anniversary, Windows is again exposed to the presence of high-risk remote vulnerability. 5 on 15 May, Microsoft official released the 5, on security update patches a total fix 82 vulnerabilities, which contains for Remote Desktop RDP services remote code execution vulnerabili...