Lucene search
K

619 matches found

NVD
NVD
added 2026/04/14 6:16 p.m.11 views

CVE-2026-26160

Missing authentication for critical function in Windows Remote Desktop Licensing Service allows an authorized attacker to elevate privileges locally...

7.8CVSS0.00266EPSS
Exploits0References1
NVD
NVD
added 2026/04/14 6:16 p.m.3 views

CVE-2026-26151

Insufficient ui warning of dangerous operations in Windows Remote Desktop allows an unauthorized attacker to perform spoofing over a network...

7.1CVSS0.0083EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 2026/04/14 2:0 p.m.7 views

Remote Desktop Spoofing Vulnerability

Insufficient ui warning of dangerous operations in Windows Remote Desktop allows an unauthorized attacker to perform spoofing over a network...

7.1CVSS6.3AI score0.0083EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/04/14 12:0 a.m.4 views

PT-2026-32811

Name of the Vulnerable Software and Affected Versions Windows Remote Procedure Call affected versions not specified Description An issue in Windows Remote Procedure Call allows an authorized attacker to locally disclose sensitive information. This data leak can be used by attackers to map the...

5.5CVSS6.2AI score0.00443EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/04/14 12:0 a.m.4 views

PT-2026-32731

Name of the Vulnerable Software and Affected Versions Microsoft Windows 10 versions 10.0.14393.0 through 10.0.14393.9059 Description Insufficient UI warning of dangerous operations in Windows Remote Desktop allows an unauthorized attacker to perform spoofing over a network by misleading users int...

8.5CVSS6.4AI score0.0083EPSS
Exploits0References9
RedhatCVE
RedhatCVE
added 2026/03/26 3:15 p.m.5 views

CVE-2026-4434

Improper certificate validation in the PAM propagation WinRM connections allows a network attacker to perform a man-in-the-middle attack via disabled TLS certificate verification...

8.1CVSS5.8AI score0.00144EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/20 3:31 p.m.16 views

EUVD-2026-13688

Improper certificate validation in the PAM propagation WinRM connections allows a network attacker to perform a man-in-the-middle attack via disabled TLS certificate verification...

5.8AI score0.00144EPSS
Exploits0References2
NVD
NVD
added 2026/03/20 1:16 p.m.4 views

CVE-2026-4434

Improper certificate validation in the PAM propagation WinRM connections allows a network attacker to perform a man-in-the-middle attack via disabled TLS certificate verification...

8.1CVSS0.00144EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/20 12:52 p.m.2 views

CVE-2026-4434

Improper certificate validation in the PAM propagation WinRM connections allows a network attacker to perform a man-in-the-middle attack via disabled TLS certificate verification...

5.8AI score0.00144EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/20 12:52 p.m.1 views

CVE-2026-4434

Improper certificate validation in the PAM propagation WinRM connections allows a network attacker to perform a man-in-the-middle attack via disabled TLS certificate verification...

5.8AI score0.00144EPSS
Exploits0References1
CVE
CVE
added 2026/03/20 12:52 p.m.13 views

CVE-2026-4434

CVE-2026-4434: Improper certificate validation in PAM propagation WinRM connections enables a network attacker to perform a man-in-the-middle attack when TLS certificate verification is disabled. Documented across multiple feeds (Red Hat, EUVD, NVD, etc.) with a high impact concern (CVSS 8.1). Af...

8.1CVSS5.8AI score0.00144EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/03/20 12:52 p.m.22 views

CVE-2026-4434

Improper certificate validation in the PAM propagation WinRM connections allows a network attacker to perform a man-in-the-middle attack via disabled TLS certificate verification...

0.00144EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/20 12:0 a.m.8 views

PT-2026-26608

Name of the Vulnerable Software and Affected Versions versions prior to 2026-4434 Description A flaw exists in the validation of certificates during PAM propagation WinRM connections. This allows a network attacker to conduct a man-in-the-middle attack by disabling TLS certificate verification. T...

8.1CVSS5.8AI score0.00144EPSS
Exploits0References5
Information Security Automation
Information Security Automation
added 2026/03/12 9:6 a.m.13 views

About Elevation of Privilege - Windows RDS (CVE-2026-21533) vulnerability

About Elevation of Privilege - Windows RDS CVE-2026-21533 vulnerability. The vulnerability is from the February Microsoft Patch Tuesday. Remote Desktop Services RDS is a component of Microsoft Windows that allows a user to initiate and control an interactive session on a remote computer or virtua...

7.8CVSS6AI score0.03846EPSS
Exploits5
CVE
CVE
added 2026/03/10 5:4 p.m.27 views

CVE-2026-25172

CVE-2026-25172 concerns Windows Routing and Remote Access Service (RRAS). The RRAS integer overflow/wraparound vulnerability allows an authenticated attacker to execute code over a network. Connected advisories confirm this affects RRAS and note that Microsoft released updates to fix the vulnerab...

8CVSS6AI score0.00904EPSS
Exploits0References1Affected Software6
GithubExploit
GithubExploit
added 2026/03/09 9:7 p.m.138 views

Exploit for Improper Privilege Management in Microsoft

CVE-2026-21533 Scanner: Windows RDP Local Privilege Escalation...

7.8CVSS5.8AI score0.03846EPSS
Exploits5
GithubExploit
GithubExploit
added 2026/02/20 10:0 p.m.229 views

Exploit for Improper Privilege Management in Microsoft

Security Vulnerability CVE-2026-21533 Overview A HIGH v...

7.8CVSS5.5AI score0.03846EPSS
Exploits5
GithubExploit
GithubExploit
added 2026/02/20 4:17 p.m.152 views

Exploit for Improper Privilege Management in Microsoft

Security Vulnerability CVE-2026-21533 Overview A HIGH v...

7.8CVSS5.5AI score0.03846EPSS
Exploits5
Debian CVE
Debian CVE
added 2026/02/20 1:44 a.m.7 views

CVE-2026-26064

calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Versions 9.2.1 and below contain a Path Traversal vulnerability that allows arbitrary file writes anywhere the user has write permissions. On Windows, this leads to Remote Code Execution by writin...

9.3CVSS5.9AI score0.0088EPSS
Exploits1
GithubExploit
GithubExploit
added 2026/02/11 9:3 p.m.183 views

Exploit for Improper Privilege Management in Microsoft

Privilege Escalation Vulnerability in Windows Remote Desktop...

7.8CVSS5.7AI score0.03846EPSS
Exploits5
Rows per page
Query Builder