Lucene search
K

10 matches found

Saint
Saint
added 2018/06/06 12:0 a.m.630 views

Windows RRAS Service Remote Code Execution Vulnerability

Added: 06/06/2018 BID: 102055 Background Routing Remote Access Service RRAS is a Microsoft API that can be used to create client applications. These applications display RAS common dialog boxes, manage remote access connections and devices, and manipulate phone-book entries. These APIs make it...

8.5CVSS1.3AI score0.45521EPSS
Exploits6
Circl
Circl
added 2018/05/13 12:0 a.m.20 views

CVE-2017-11885

creationtimestamp| type| source ---|---|--- 2018-05-13 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/44616...

8.5CVSS6.7AI score0.45521EPSS
Exploits6References1
NVD
NVD
added 2017/12/12 9:29 p.m.23 views

CVE-2017-11885

Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allow a remote code execution vulnerability due to the way the Routing and Remote Access service...

8.5CVSS7.3AI score0.45521EPSS
Exploits6References4
CVE
CVE
added 2017/12/12 9:0 p.m.146 views

CVE-2017-11885

CVE-2017-11885 is a Windows RRAS (Routing and Remote Access) remote code execution vulnerability affecting multiple Windows versions. The vulnerability arises from how RRAS handles requests, enabling remote execution without user interaction. Public exploitation exists (e.g., Exploit-DB entry lin...

8.5CVSS8.3AI score0.45521EPSS
Exploits6References4Affected Software7
Cvelist
Cvelist
added 2017/12/12 9:0 p.m.33 views

CVE-2017-11885

Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allow a remote code execution vulnerability due to the way the Routing and Remote Access service...

7.8AI score0.45521EPSS
Exploits6References4
Qualys Blog
Qualys Blog
added 2017/12/12 7:27 p.m.64 views

December Patch Tuesday: Quiet End to the Year

This December Patch Tuesday is considerably lighter than last month’s patch releases. While only three of the fixes were for Windows operating systems, the majority of the vulnerabilities to pay attention to are Browser/Scripting Engine-based. Overall, this month's updates address are fixes for 3...

9.3CVSS8.5AI score0.45521EPSS
Exploits6
Tenable Nessus
Tenable Nessus
added 2017/12/12 12:0 a.m.107 views

Windows 8.1 and Windows Server 2012 R2 December 2017 Security Updates

The remote Windows host is missing security update 4054522 or cumulative update 4054519. It is, therefore, affected by multiple vulnerabilities : - An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft browsers. An attacke...

8.5CVSS7.9AI score0.64164EPSS
Exploits22References17
Kaspersky
Kaspersky
added 2017/12/12 12:0 a.m.125 views

KLA11156 Multiple vulnerabilities in Microsoft Windows

Multiple serious vulnerabilities have been found in Microsoft Windows. Malicious user can exploit these vulnerabilities to obtain sensitive information, bypass security restrictions and execute arbitrary code. Below is a complete list of vulnerabilities: 1. An incorrect validating of untrusted fi...

9.8CVSS8.5AI score0.45521EPSS
Exploits6References28
Tenable Nessus
Tenable Nessus
added 2017/12/12 12:0 a.m.250 views

KB4053579: Windows 10 Version 1607 and Windows Server 2016 December 2017 Security Update

The remote Windows host is missing security update 4053579. It is, therefore, affected by multiple vulnerabilities : - A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a wa...

9.8CVSS7.9AI score0.68491EPSS
Exploits38References26
Tenable Nessus
Tenable Nessus
added 2017/12/12 12:0 a.m.76 views

KB4053581: Windows 10 December 2017 Security Update

The remote Windows host is missing security update 4053581. It is, therefore, affected by multiple vulnerabilities : - A security feature bypass exists when Device Guard incorrectly validates an untrusted file. An attacker who successfully exploited this vulnerability could make an unsigned file...

9.8CVSS7.9AI score0.64164EPSS
Exploits25References21
Rows per page
Query Builder