The vulnerability of the Windows Authentication component in Microsoft Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the Windows Authentication component in Microsoft Windows operating systems is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using specially crafted data...

Remote code execution

Windows Authentication Remote Code Execution Vulnerability...

CVE-2023-21539 Windows Authentication Remote Code Execution Vulnerability

...

CVE-2023-21539 Windows Authentication Remote Code Execution Vulnerability

...

PT-2023-1161 · Microsoft · Windows Authentication +1

Name of the Vulnerable Software and Affected Versions: Windows Authentication affected versions not specified Description: The issue is related to insufficient input validation in the Windows Authentication component, allowing remote attackers to execute arbitrary code by using specially crafted...

SAP Solution Manager 安全漏洞

SAP Solution Manager is a set of system monitoring, SAP support desktop, self-service, ASAP implementation and other functions of the German SAP company as one of the system management platform. The platform can help customers establish SAP solution lifecycle management, and provide system...

The vulnerability in the implementation of the Windows operating system’s Network Authentication Protocol NTLM allows attackers to perform spoofing attacks.

The vulnerability of the Windows operating system’s Network Authentication Protocol NTLM implementation lies in the ability to bypass authentication through spoofing attacks. Exploiting this vulnerability allows a malicious actor to carry out spoofing attacks remotely...

GHSA-P2JH-44QJ-PF2V Exfiltration of hashed SMB credentials on Windows via file:// redirect

Impact When following a redirect, Electron delays a check for redirecting to file:// URLs from other schemes. The contents of the file is not available to the renderer following the redirect, but if the redirect target is a SMB URL such as file://some.website.com/, then in some cases, Windows wil...

CLSA-2022-1665680640 Fixed CVE-2022-41318 in squid-4.module_el8.4.0+2078+2063f9d1.2.tuxcare.els4

CVE-2022-41318: Fix buffer-over-read in SSPI and SMB authentication...

CVE-2022-26913

Windows Authentication Information Disclosure Vulnerability...

Information disclosure

Windows Authentication Information Disclosure Vulnerability...

CVE-2022-26913 Windows Authentication Information Disclosure Vulnerability

...

Microsoft Windows Authentication Methods 安全特征问题漏洞

Microsoft Windows is a suite of operating systems for use on personal devices from Microsoft Corporation USA. A security signature issue vulnerability exists in Microsoft Windows Authentication Methods. The following products and editions are affected: Windows 10 Version 1909 for 32-bit...

CVE-2022-27181

On F5 BIG-IP APM 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all versions of 12.1.x and 11.6.x, when APM is configured on a virtual server and the associated access profile is configured with APM AAA...

CVE-2022-27181

On F5 BIG-IP APM 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all versions of 12.1.x and 11.6.x, when APM is configured on a virtual server and the associated access profile is configured with APM AAA...

The vulnerability of the IWA (Integrated Windows Authentication) mechanism in software for managing virtual infrastructure such as VMware vCenter Server and VMware Cloud Foundation allows a perpetrator to escalate their privileges.

The vulnerability of the IWA Integrated Windows Authentication implementation in VMware vCenter Server and VMware Cloud Foundation software relates to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...

Vulnerability fixed in VMware vCenter and Cloud Foundation

VMware has fixed a vulnerability in vCenter Server and Cloud Foundation. An authenticated malicious party could, by exploiting this vulnerability obtain elevated privileges on the vulnerable system. The vulnerability is located in the Integrated Windows Authentication IWA authentication mechanism...

CVE-2021-22048

The vCenter Server contains a privilege escalation vulnerability in the IWA Integrated Windows Authentication authentication mechanism. A malicious actor with non-administrative access to vCenter Server may exploit this issue to elevate privileges to a higher privileged group...

VMware vCenter Server updates address a privilege escalation vulnerability (CVE-2021-22048)

3. VMware vCenter Server IWA privilege escalation vulnerability CVE-2021-22048 The vCenter Server contains a privilege escalation vulnerability in the IWA Integrated Windows Authentication authentication mechanism. VMware has evaluated the severity of this issue to be in the Important severity...

PT-2021-4966

Name of the Vulnerable Software and Affected Versions VMware vCenter Server versions affected versions not specified VMware Cloud Foundation versions affected versions not specified Description The issue is related to a privilege escalation vulnerability in the IWA Integrated Windows Authenticati...