CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1946 matches found

Positive Technologies•added 2023/09/29 12:0 a.m.•2 views

PT-2023-5680 · Microsoft +1 · Windows +1

Name of the Vulnerable Software and Affected Versions: SonicWall NetExtender affected versions not specified Description: A flaw within the SonicWall NetExtender Pre-Logon feature enables an unauthorized user to gain access to the host Windows operating system with 'SYSTEM' level privileges,...

8.8CVSS7.7AI score0.00202EPSS

Exploits0References8

BDU FSTEC•added 2023/09/16 12:0 a.m.•1 views

The vulnerability of the MSHTML platform in Windows operating systems allows attackers to circumvent existing security restrictions.

The vulnerability of the MSHTML platform in Windows operating systems is related to security configuration errors. Exploiting this vulnerability can allow attackers to circumvent existing security restrictions...

7CVSS7.2AI score0.02252EPSS

Exploits0References3

BDU FSTEC•added 2023/09/14 12:0 a.m.•4 views

The vulnerability of the TCP/IP protocol implementation in Windows operating systems allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the TCP/IP protocol implementation in Windows operating systems is related to insufficient protection of sensitive data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

5.5CVSS6.8AI score0.01093EPSS

Exploits0References3

BDU FSTEC•added 2023/09/14 12:0 a.m.•2 views

The vulnerability of Microsoft Azure Kubernetes operating systems for Windows is related to deficiencies in access control, allowing attackers to escalate their privileges.

The vulnerability of Microsoft Azure Kubernetes operating systems for Windows is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to enhance their privileges remotely...

7.8CVSS7.7AI score0.02831EPSS

Exploits0References4

CNNVD•added 2023/09/12 12:0 a.m.•5 views

Microsoft Windows Common Log File System Driver Security Vulnerability

The Microsoft Windows Common Log File System Driver is Microsoft's Common Log File System CLFS API that provides a high-performance, general-purpose log file subsystem that can be used by specialized client applications and shared by multiple clients to optimize logging and access. access. A...

7.8CVSS6.9AI score0.04373EPSS

Exploits0References5

Positive Technologies•added 2023/09/12 12:0 a.m.•1 views

PT-2023-5028 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to insufficient protection of internal data in the Windows operating system kernel. It allows an attacker to gain unauthorized access to protected information. The...

5.5CVSS8.3AI score0.01037EPSS

Exploits0References14

Positive Technologies•added 2023/09/12 12:0 a.m.•2 views

PT-2023-5093 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to an information disclosure vulnerability in the DHCP server service of Windows operating systems. It allows a remote attacker to disclose protected information. The...

5.3CVSS8.8AI score0.24014EPSS

Exploits0References6

Positive Technologies•added 2023/09/12 12:0 a.m.•5 views

PT-2023-5095 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to insufficient protection of service data in the implementation of the TCP/IP protocol in Windows operating systems. This can allow an attacker to gain unauthorized...

5.5CVSS9.4AI score0.01093EPSS

Exploits0References7

CNNVD•added 2023/09/12 12:0 a.m.•6 views

Microsoft Visual Studio and Microsoft .NET Security Vulnerabilities

Microsoft Visual Studio is a family of development tool suites and a fundamentally complete development toolset that includes most of the tools needed throughout the software lifecycle. Microsoft .NET is a software framework dedicated to agile software development, rapid application development,...

7.8CVSS6.8AI score0.01441EPSS

Exploits0References6

Positive Technologies•added 2023/09/07 12:0 a.m.•3 views

PT-2023-8671 · Intel · Intel Qat Software Drivers

Name of the Vulnerable Software and Affected Versions: IntelR QAT software drivers for Windows versions prior to QAT1.7-W-1.11.0 Description: The issue is related to an out-of-bounds read in some IntelR QAT software drivers for Windows, which may allow an authenticated user to potentially enable...

6.5CVSS6.8AI score0.00205EPSS

Exploits0References9

BDU FSTEC•added 2023/08/17 12:0 a.m.•4 views

The vulnerability of the Projected File System component in the Windows operating system, which allows attackers to enhance their privileges

The vulnerability of the Projected File System component in the Windows operating system arises due to synchronization errors when using a shared resource. Exploiting this vulnerability can allow an attacker to increase their privileges...

7CVSS7.4AI score0.00348EPSS

Exploits0References2

BDU FSTEC•added 2023/08/17 12:0 a.m.•3 views

The vulnerability of the Cloud Files Mini Filter driver for the Windows operating system allows a hacker to increase their privileges.

The vulnerability of the Cloud Files Mini Filter driver for the Windows operating system is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...

7.8CVSS7.3AI score0.00572EPSS

Exploits0References2

NVD•added 2023/08/15 7:15 p.m.•13 views

CVE-2023-38402

A vulnerability in the HPE Aruba Networking Virtual Intranet Access VIA client could allow malicious users to overwrite arbitrary files as NT AUTHORITY\SYSTEM. A successful exploit could allow these malicious users to create a Denial-of-Service DoS condition affecting the Microsoft Windows...

7.1CVSS6.8AI score0.00197EPSS

Exploits0References1

Prion•added 2023/08/15 7:15 p.m.•14 views

Design/Logic Flaw

3.2CVSS6.8AI score0.00197EPSS

Exploits0References1Affected Software1

BDU FSTEC•added 2023/08/14 12:0 a.m.•1 views

The vulnerability of the Microsoft Message Queuing (MSMQ) queue service on Windows operating systems allows a attacker to cause a service failure.

The vulnerability of the Microsoft Message Queuing MSMQ service on Windows operating systems is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service failures remotely...

7.8CVSS7.3AI score0.01794EPSS

Exploits0References3

BDU FSTEC•added 2023/08/11 12:0 a.m.•1 views

The vulnerability of the Microsoft Message Queuing (MSMQ) queue service on Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the Microsoft Message Queuing MSMQ service on Windows operating systems is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

10CVSS8.2AI score0.01645EPSS

Exploits0References3

BDU FSTEC•added 2023/08/11 12:0 a.m.•3 views

The vulnerability of the Microsoft Message Queuing (MSMQ) queue service on Windows operating systems allows a attacker to cause a service failure.

7.8CVSS6.9AI score0.01855EPSS

Exploits0References3

Positive Technologies•added 2023/08/10 12:0 a.m.•2 views

PT-2023-5874 · Microsoft · Message Queuing +1

Name of the Vulnerable Software and Affected Versions: Microsoft Message Queuing MSMQ affected versions not specified Description: The issue is related to errors in processing input data in the Windows operating system's message queuing component. This can allow a remote attacker to execute...

10CVSS9.6AI score0.02784EPSS

Exploits0References7