618 matches found
CVE-2025-60703 Windows Remote Desktop Services Elevation of Privilege Vulnerability
...
Windows Remote Desktop Services Elevation of Privilege Vulnerability
Untrusted pointer dereference in Windows Remote Desktop allows an authorized attacker to elevate privileges locally...
PT-2025-46466
Name of the Vulnerable Software and Affected Versions Windows affected versions not specified Description An issue exists in Windows Remote Desktop where an untrusted pointer dereference can occur. A local attacker who successfully exploits this may be able to gain elevated privileges...
CVE-2025-34284
Nagios XI versions prior to 2024R2 contain a command injection vulnerability in the WinRM plugin. Insufficient validation of user-supplied parameters allows an authenticated administrator to inject shell metacharacters that are incorporated into backend command invocations. Successful exploitatio...
CVE-2024-14008
Nagios XI versions prior to 2024R1.3.2 contain a remote command execution vulnerability in the WinRM Configuration Wizard. Insufficient validation of user-supplied input allows an authenticated administrator to inject shell metacharacters that are incorporated into backend command invocations...
EUVD-2024-55049
Nagios XI versions prior to 2024R1.3.2 contain a remote command execution vulnerability in the WinRM Configuration Wizard. Insufficient validation of user-supplied input allows an authenticated administrator to inject shell metacharacters that are incorporated into backend command invocations...
CVE-2024-14008
Nagios XI versions prior to 2024R1.3.2 contain a remote command execution vulnerability in the WinRM Configuration Wizard. Insufficient validation of user-supplied input allows an authenticated administrator to inject shell metacharacters that are incorporated into backend command invocations...
CVE-2024-14008
Nagios XI versions prior to 2024R1.3.2 contain a remote command execution vulnerability in the WinRM Configuration Wizard. Insufficient validation of user-supplied input allows an authenticated administrator to inject shell metacharacters that are incorporated into backend command invocations...
CVE-2024-14008 Nagios XI < 2024R1.3.2 RCE via WinRM Configuration Wizard
Nagios XI versions prior to 2024R1.3.2 contain a remote command execution vulnerability in the WinRM Configuration Wizard. Insufficient validation of user-supplied input allows an authenticated administrator to inject shell metacharacters that are incorporated into backend command invocations...
CVE-2025-34284
CVE-2025-34284 affects Nagios XI versions before 2024R2, via the WinRM plugin. The issue arises from insufficient validation of user-supplied parameters in the WinRM plugin, allowing an authenticated administrator to inject shell metacharacters that are used in backend command invocations. Exploi...
CVE-2025-34284 Nagios XI < 2024R2 Authenticated Command Injection via WinRM Plugin
Nagios XI versions prior to 2024R2 contain a command injection vulnerability in the WinRM plugin. Insufficient validation of user-supplied parameters allows an authenticated administrator to inject shell metacharacters that are incorporated into backend command invocations. Successful exploitatio...
Nagios XI 安全漏洞
Nagios XI is a suite of IT infrastructure monitoring solutions from the US-based Nagios. The solution supports monitoring and alerting of applications, services, operating systems and more. A security vulnerability exists in Nagios XI versions prior to 2024R2 that stems from the WinRM plug-in not...
Nagios XI 安全漏洞
Nagios XI is a suite of IT infrastructure monitoring solutions from the US-based Nagios. The solution supports monitoring and alerting of applications, services, operating systems, and more. A security vulnerability exists in Nagios XI versions prior to 2024R1.3.2, which stems from insufficient...
CVE-2025-58737
Use after free in Windows Remote Desktop allows an unauthorized attacker to execute code locally...
CVE-2025-59202
Use after free in Windows Remote Desktop Services allows an authorized attacker to elevate privileges locally...
CVE-2025-59502
Uncontrolled resource consumption in Windows Remote Procedure Call allows an unauthorized attacker to deny service over a network...
CVE-2025-55340
Improper authentication in Windows Remote Desktop Protocol allows an authorized attacker to bypass a security feature locally...
EUVD-2025-34391
Use after free in Windows Remote Desktop Services allows an authorized attacker to elevate privileges locally...
EUVD-2025-34308
Use after free in Windows Remote Desktop allows an unauthorized attacker to execute code locally...
EUVD-2025-34417
Improper authentication in Windows Remote Desktop Protocol allows an authorized attacker to bypass a security feature locally...