Lucene search
+L

1981 matches found

CNNVD
CNNVD
added 2021/08/10 12:0 a.m.6 views

Microsoft Windows 信息泄露漏洞

Microsoft Windows is a suite of operating systems used by Microsoft Corporation USA for personal devices. An information disclosure vulnerability exists in Microsoft Windows Services for NFS ONCRPC XDR Driver. The following products and versions are affected:Windows 10 Version 1809 for 32-bit...

7.5CVSS7.2AI score0.03302EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2021/08/06 12:0 a.m.6 views

The vulnerability of the Compositing component in the Google Chrome web browser for Windows operating systems allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Compositing component in the Google Chrome web browser for Windows operating systems is related to improperly implemented security checks for standard elements. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information throug...

9.4CVSS5.8AI score0.01695EPSS
Exploits1References4Affected Software1
The Hacker News
The Hacker News
added 2021/07/26 7:16 a.m.243 views

New PetitPotam NTLM Relay Attack Lets Hackers Take Over Windows Domains

A newly uncovered security flaw in the Windows operating system can be exploited to coerce remote Windows servers, including Domain Controllers, to authenticate with a malicious destination, thereby allowing an adversary to stage an NTLM relay attack and completely take over a Windows domain. The...

0.9AI score
Exploits0
CNNVD
CNNVD
added 2021/07/20 12:0 a.m.6 views

Nvidia GPU Display Driver 后置链接漏洞

Nvidia GPU Display Driver is a driver software from Nvidia, Inc. that is used for interactive support of graphics card display modules in operating systems. The Nvidia GPU Display Driver suffers from a backlink vulnerability that stems from the product's mishandling of hard links, which could all...

7.1CVSS7.1AI score0.0026EPSS
Exploits0References4
CNVD
CNVD
added 2021/07/19 12:0 a.m.23 views

Microsoft Office security feature bypass vulnerability

Microsoft Office is a suite of office software developed by Microsoft Corporation based on the Windows operating system.Microsoft Office suffers from a security feature bypass vulnerability. An attacker can exploit this vulnerability to perform certain illegal operations...

8.2CVSS3.5AI score0.0334EPSS
Exploits0References1
OSV
OSV
added 2021/07/16 9:15 p.m.3 views

CVE-2021-34446

Windows HTML Platforms Security Feature Bypass Vulnerability...

8CVSS7.3AI score0.01761EPSS
Exploits0References1
OSV
OSV
added 2021/07/14 6:15 p.m.4 views

CVE-2021-33772

Windows TCP/IP Driver Denial of Service Vulnerability...

7.5CVSS7.3AI score0.03034EPSS
Exploits0References1
NVD
NVD
added 2021/07/13 7:15 p.m.22 views

CVE-2021-22000

VMware Thinapp version 5.x prior to 5.2.10 contain a DLL hijacking vulnerability due to insecure loading of DLLs. A malicious actor with non-administrative privileges may exploit this vulnerability to elevate privileges to administrator level on the Windows operating system having VMware ThinApp...

7.8CVSS0.00563EPSS
Exploits2References3
Prion
Prion
added 2021/07/13 7:15 p.m.22 views

Design/Logic Flaw

VMware Thinapp version 5.x prior to 5.2.10 contain a DLL hijacking vulnerability due to insecure loading of DLLs. A malicious actor with non-administrative privileges may exploit this vulnerability to elevate privileges to administrator level on the Windows operating system having VMware ThinApp...

6.9CVSS7.5AI score0.00563EPSS
Exploits2References3Affected Software1
Cvelist
Cvelist
added 2021/07/13 6:1 p.m.33 views

CVE-2021-22000

VMware Thinapp version 5.x prior to 5.2.10 contain a DLL hijacking vulnerability due to insecure loading of DLLs. A malicious actor with non-administrative privileges may exploit this vulnerability to elevate privileges to administrator level on the Windows operating system having VMware ThinApp...

7.7AI score0.00563EPSS
Exploits2References3
CNNVD
CNNVD
added 2021/07/13 12:0 a.m.6 views

Microsoft Windows Console Driver 权限许可和访问控制问题漏洞

Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation USA, Microsoft Windows is an operating system for personal devices, and Microsoft Windows Server is a server operating system. An elevation of privilege vulnerability exists in the Windows Console Driver in...

7.8CVSS5.6AI score0.00491EPSS
Exploits0References4
CNNVD
CNNVD
added 2021/07/13 12:0 a.m.8 views

Microsoft Win32k 输入验证错误漏洞

Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation USA.Microsoft Windows is a set of operating systems for personal devices.Microsoft Windows Server is a set of server operating systems. An elevation of privilege vulnerability exists in Win32k in Microsoft...

7.8CVSS5.5AI score0.01294EPSS
Exploits0References27
Positive Technologies
Positive Technologies
added 2021/07/13 12:0 a.m.2 views

PT-2021-5715 · Microsoft · Windows Dns Server +1

Name of the Vulnerable Software and Affected Versions: Windows DNS Server affected versions not specified Description: The issue is related to incorrect code generation management in the DNS Server component of the Microsoft Windows operating system. It allows a remote attacker to execute arbitra...

9CVSS9.1AI score0.03652EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2021/07/13 12:0 a.m.2 views

PT-2021-5647 · Microsoft · Gdi+ +1

Name of the Vulnerable Software and Affected Versions: Microsoft Windows affected versions not specified Description: The issue is related to insufficient protection of internal data in the GDI+ graphics library of Microsoft Windows operating systems. This can allow an attacker to gain unauthoriz...

5.5CVSS5.4AI score0.0076EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2021/07/13 12:0 a.m.2 views

PT-2021-5227 · Microsoft · Windows Remote Access Connection Manager +1

Name of the Vulnerable Software and Affected Versions: Windows Remote Access Connection Manager affected versions not specified Description: The issue is related to information disclosure in the Remote Access Connection Manager RASMan service of the Microsoft Windows operating system. It allows a...

5.5CVSS5.2AI score0.0076EPSS
Exploits0References9
Prion
Prion
added 2021/06/29 6:15 p.m.15 views

Design/Logic Flaw

The TIBCO Spotfire Server and TIBCO Enterprise Runtime for R components of TIBCO Software Inc.'s TIBCO Enterprise Runtime for R - Server Edition, TIBCO Enterprise Runtime for R - Server Edition, TIBCO Enterprise Runtime for R - Server Edition, TIBCO Spotfire Analytics Platform for AWS Marketplace...

7.2CVSS7.5AI score0.00249EPSS
Exploits0References2Affected Software4
BDU FSTEC
BDU FSTEC
added 2021/06/18 12:0 a.m.8 views

The vulnerability of NFS servers in Microsoft Windows systems, which allows a hacker to gain unauthorized access to protected information

The vulnerability of NFS servers on Microsoft Windows operating systems is related to security flaws in the handling of service data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information remotely...

7.8CVSS7.1AI score0.03659EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2021/06/18 12:0 a.m.6 views

The vulnerability of NFS servers in Microsoft Windows systems, which allows a hacker to gain unauthorized access to protected information

The vulnerability of NFS servers on Microsoft Windows operating systems is related to security flaws in the handling of service data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information remotely...

7.8CVSS7.1AI score0.03659EPSS
Exploits0References3
CNVD
CNVD
added 2021/06/17 12:0 a.m.94 views

Mozilla Thunderbird Permissions and Access Control Issues Vulnerability

Mozilla Thunderbird is an open source email client. Mozilla Thunderbird is vulnerable to permission permission and access control issues, which stem from the way Mozilla maintenance services are installed on the Windows operating system. No detailed vulnerability details are currently available...

6.5CVSS3AI score0.01852EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2021/06/16 12:0 a.m.9 views

The vulnerability of the ntfs.sys driver in Windows operating systems allows attackers to escalate their privileges.

The vulnerability of the ntfs.sys driver in Windows operating systems is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to increase their privileges...

7.8CVSS7.6AI score0.20268EPSS
Exploits4References5
Rows per page
Query Builder