Lucene search
K

318 matches found

Kaspersky
Kaspersky
added 2022/11/08 12:0 a.m.56 views

KLA20042 Multiple vulnerabilities in Microsoft Server Software

Multiple vulnerabilities were found in Microsoft Server Software. Malicious users can exploit these vulnerabilities to spoof user interface, gain privileges. Below is a complete list of vulnerabilities: 1. A spoofing vulnerability in Microsoft Exchange Server can be exploited remotely to spoof us...

9.8CVSS9.1AI score0.77326EPSS
Exploits4References7
Kaspersky
Kaspersky
added 2022/09/30 12:0 a.m.199 views

KLA19264 Multiple vulnerabilities in Microsoft Server Software

Multiple vulnerabilities were found in Microsoft Server Software. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in Microsoft Exchange Server can be exploited...

8.8CVSS10AI score0.99964EPSS
Exploits16References6
Microsoft KB
Microsoft KB
added 2022/09/13 7:0 a.m.87 views

September 13, 2022-KB5017501 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Microsoft server operating system version 21H2 for x64

September 13, 2022-KB5017501 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Microsoft server operating system version 21H2 for x64 Release Date: September 13, 2022 Version: .NET Framework 3.5, 4.8 and 4.8.1 Summary This article describes the Cumulative Update for 3.5, 4.8 and 4.8.1 f...

7.8CVSS7.6AI score0.01319EPSS
Exploits0
Akamai Blog
Akamai Blog
added 2022/08/13 8:0 a.m.69 views

CVE-2022-30216 - Authentication coercion of the Windows “Server” service

In this blog, see how an off-by-one error could lead to domain controller access in Microsoft Server Service...

8.8CVSS8.5AI score0.88609EPSS
Exploits0
OpenVAS
OpenVAS
added 2022/06/15 12:0 a.m.34 views

Microsoft Windows Multiple Vulnerabilities (KB5014738)

This host is missing an important security update according to Microsoft KB5014738 Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This...

10CVSS7.5AI score0.99374EPSS
Exploits64References6
Microsoft KB
Microsoft KB
added 2022/05/10 12:0 a.m.87 views

May 10, 2022-KB5013630 Cumulative Update for .NET Framework 3.5 and 4.8 for Microsoft server operating system version 21H2

May 10, 2022-KB5013630 Cumulative Update for .NET Framework 3.5 and 4.8 for Microsoft server operating system version 21H2 Release Date: May 10, 2022 Version: .NET Framework 3.5 and 4.8 Summary Security Improvements This security update addresses an issue where a local user opening a specially...

5.5CVSS4.2AI score0.02515EPSS
Exploits0
Kaspersky
Kaspersky
added 2022/05/10 12:0 a.m.116 views

KLA12527 Elevation of privilege vulnerability in Microsoft Server Software

Elevation of privilege vulnerability was found in Microsoft Server Software. Malicious users can exploit this vulnerability to gain privileges. Original advisories CVE-2022-21978 Related products Microsoft-Exchange-Server CVE list CVE-2022-21978 critical KB list 5014261 5014260 Solution Install...

8.2CVSS9.4AI score0.00842EPSS
Exploits0References5
CNNVD
CNNVD
added 2022/04/12 12:0 a.m.7 views

Microsoft DNS Server代码注入漏洞

Microsoft DNS Server is a service of Microsoft Corporation USA. A code injection vulnerability exists in Microsoft Role: DNS Server. The following products and versions are affected:Windows Server 2019,Windows Server 2019 Server Core installation,Windows Server 2022,Windows Server 2022 Server Cor...

9CVSS7.6AI score0.03415EPSS
Exploits0References6
Microsoft KB
Microsoft KB
added 2022/01/11 8:0 a.m.68 views

January 11, 2022-KB5008882 Cumulative Update for .NET Framework 3.5 and 4.8 for Microsoft server operating system version 21H2

January 11, 2022-KB5008882 Cumulative Update for .NET Framework 3.5 and 4.8 for Microsoft server operating system version 21H2 Release Date: January 11, 2022 Version: .NET Framework 3.5 and 4.8 Summary Security Improvements This security update addresses an issue where an unauthenticated attacker...

7.5CVSS7AI score0.03052EPSS
Exploits0
Kaspersky
Kaspersky
added 2021/11/09 12:0 a.m.113 views

KLA12342 Multiple vulnerabilities in Microsoft Server Software

Multiple vulnerabilities were found in Microsoft Server Software. Malicious users can exploit these vulnerabilities to perform cross-site scripting attack, execute arbitrary code, spoof user interface. Below is a complete list of vulnerabilities: 1. A spoofing vulnerability in Microsoft Exchange...

8.8CVSS8.6AI score0.93877EPSS
Exploits12References7
Kaspersky
Kaspersky
added 2021/10/12 12:0 a.m.81 views

KLA12314 Multiple vulnerabilities in Microsoft Server Software

Multiple vulnerabilities were found in Microsoft Server Software. Malicious users can exploit these vulnerabilities to gain privileges, spoof user interface, execute arbitrary code, cause denial of service. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in...

9.6CVSS8.6AI score0.02674EPSS
Exploits0References8
Microsoft KB
Microsoft KB
added 2021/09/27 12:0 a.m.14 views

July 13, 2021-KB5003536 Cumulative Update for .NET Framework 3.5 and 4.8 for Microsoft server operating system version 21H2

July 13, 2021-KB5003536 Cumulative Update for .NET Framework 3.5 and 4.8 for Microsoft server operating system version 21H2 Release Date: July 13, 2021 Version: .NET Framework 3.5 and 4.8 for Microsoft server operating system version 21H2 The July 13, 2021 update for Microsoft server operating...

6.5AI score
Exploits0
Metasploit
Metasploit
added 2021/05/21 5:43 p.m.477 views

SMBv3 Compression Buffer Overflow

A vulnerability exists within the Microsoft Server Message Block 3.1.1 SMBv3 protocol that can be leveraged to execute code on a vulnerable server. This remove exploit implementation leverages this flaw to execute code in the context of the kernel, finally yielding a session as NT AUTHORITY\SYSTE...

10CVSS8.9AI score0.9981EPSS
Exploits125
ATTACKERKB
ATTACKERKB
added 2020/06/09 12:0 a.m.42 views

CVE-2020-1301 Windows SMB Remote Code Execution Vulnerability

A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 1.0 SMBv1 server handles certain requests, aka ‘Windows SMB Remote Code Execution Vulnerability’. Recent assessments: gwillcox-r7 at June 10, 2020 12:14am UTC reported: To add to @busterb’s assessment,...

8.8CVSS8.7AI score0.36708EPSS
Exploits1References2
Microsoft KB
Microsoft KB
added 2020/04/13 12:0 a.m.20 views

MS15-022: Description of the security update for SharePoint Foundation 2013: March 10, 2015

MS15-022: Description of the security update for SharePoint Foundation 2013: March 10, 2015 Introduction This security update resolves vulnerabilities in Microsoft Office server and productivity software that could allow remote code execution if an authenticated attacker sends specially crafted...

7.2AI score
Exploits0
Metasploit
Metasploit
added 2020/04/02 9:22 p.m.124 views

SMBv3 Compression Buffer Overflow

A vulnerability exists within the Microsoft Server Message Block 3.1.1 SMBv3 protocol that can be leveraged to execute code on a vulnerable server. This local exploit implementation leverages this flaw to elevate itself before injecting a payload into winlogon.exe. This module requires Metasploit...

10CVSS8.9AI score0.9981EPSS
Exploits125
Qualys Blog
Qualys Blog
added 2020/03/16 11:34 p.m.651 views

Automatically Discover, Prioritize and Remediate Microsoft SMBv3 RCE Vulnerability (CVE-2020-0796) using Qualys VMDR

This month’s Patch Tuesday, Microsoft disclosed a critical “wormable” remote code execution RCE vulnerability in Microsoft Server Message Block 3.1.1 SMBv3 protocol. The exploitation of this vulnerability opens systems up to a 'wormable' attack, which means it would be easy to move from victim to...

7.5CVSS0.2AI score0.9981EPSS
Exploits125
Vulnrichment
Vulnrichment
added 2020/03/12 3:48 p.m.13 views

CVE-2020-0796

A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 SMBv3 protocol handles certain requests, aka 'Windows SMBv3 Client/Server Remote Code Execution Vulnerability'...

9.9AI score0.9981EPSS
Exploits125References7
Microsoft KB
Microsoft KB
added 2020/03/12 7:0 a.m.188 views

March 12, 2020—KB4551762 (OS Builds 18362.720 and 18363.720) - EXPIRED

March 12, 2020—KB4551762 OS Builds 18362.720 and 18363.720 - EXPIRED NEW 8/5/21 EXPIRATION NOTICEIMPORTANT As of 8/5/2021, this KB is no longer available from Windows Update, the Microsoft Update Catalog, or other release channels. We recommend that you update your devices to the latest security...

10CVSS9.2AI score0.9981EPSS
Exploits125
Symantec
Symantec
added 2020/01/14 12:0 a.m.50 views

Microsoft Windows Search Indexer CVE-2020-0631 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for...

1.4AI score0.00756EPSS
Exploits0Affected Software3
Rows per page
Query Builder