Lucene search
K

13 matches found

NVD
NVD
added 2026/03/16 2:17 p.m.3 views

CVE-2025-15554

Browser caching of LAPS passwords in Truesec’s LAPSWebUI before version 2.4 allows an attacker with access to a workstation to escalate their privileges via disclosure of local admin passwords...

7.8CVSS0.00145EPSS
Exploits0References1
Microsoft KB
Microsoft KB
added 2024/09/10 7:0 a.m.97 views

July 9, 2024—KB5040438 (OS Build 25398.1009)

July 9, 2024—KB5040438 OS Build 25398.1009 For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows Server, version 23H2, see its update history page. Improvements This security update...

9.8CVSS9.2AI score0.84345EPSS
Exploits7
OSV
OSV
added 2024/06/10 8:15 p.m.5 views

CVE-2024-37393

Multiple LDAP injections vulnerabilities exist in SecurEnvoy MFA before 9.4.514 due to improper validation of user-supplied input. An unauthenticated remote attacker could exfiltrate data from Active Directory through blind LDAP injection attacks against the DESKTOP service exposed on the...

7.5CVSS5.9AI score0.03304EPSS
Exploits2References3
Microsoft KB
Microsoft KB
added 2024/04/09 7:0 a.m.250 views

April 9, 2024—KB5036909 (OS Build 20348.2402)

April 9, 2024—KB5036909 OS Build 20348.2402 For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows Server 2022, see its update history page. Note Follow @WindowsUpdate to find out when n...

8.8CVSS9.2AI score0.62576EPSS
Exploits6
Microsoft KB
Microsoft KB
added 2024/01/09 8:0 a.m.185 views

January 9, 2024—KB5034129 (OS Build 20348.2227)

January 9, 2024—KB5034129 OS Build 20348.2227 For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows Server 2022, see its update history page. Note Follow @WindowsUpdate to find out when...

8.8CVSS8AI score0.22773EPSS
Exploits9
Microsoft KB
Microsoft KB
added 2023/05/09 7:0 a.m.183 views

May 9, 2023—KB5026370 (OS Build 20348.1726)

May 9, 2023—KB5026370 OS Build 20348.1726 For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows Server 2022, see its update history page. Note Follow @WindowsUpdate to find out when new...

9.8CVSS8AI score0.94683EPSS
Exploits0
Microsoft KB
Microsoft KB
added 2023/04/11 7:0 a.m.174 views

April 11, 2023—KB5025239 (OS Build 22621.1555)

April 11, 2023—KB5025239 OS Build 22621.1555 For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows 11, version 22H2, see its update history page. Note Follow @WindowsUpdate to find out...

9.8CVSS7.7AI score0.95454EPSS
Exploits23
OpenVAS
OpenVAS
added 2018/06/15 12:0 a.m.1291 views

Microsoft Windows: Presence of LAPS AdmPwd GPO Extension / CSE

This test checks the presence of LAPS AdmPwd GPO Extension / CSE on Windows hosts at least Windows 8.1. The Local Administrator Password Solution LAPS tool, which is free and supported software that allows an organization to automatically set randomized and unique local Administrator account...

6.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2005/03/08 12:0 a.m.91 views

Default Password (synnet) for 'debug' Account

The account 'debug' on the remote host uses the password 'synnet'. An attacker may use it to gain further privileges on this system. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. account = "debug"; password = "synnet"; include'deprecatednasllevel.inc'; include'compat.inc'; if description...

7.5CVSS8.3AI score0.51933EPSS
Exploits41References2
Tenable Nessus
Tenable Nessus
added 2005/01/19 12:0 a.m.110 views

Default Password (zebra) for Zebra

The remote host is running Zebra, a routing daemon. The remote Zebra installation uses as its password the default, 'zebra'. An attacker may log in using this password and control the routing tables of the remote host. C Tenable Network Security, Inc. include"compat.inc"; if description...

5.5AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2003/05/28 12:0 a.m.21 views

iisPROTECT Unpassworded Administrative Interface

The remote host is running iisprotect, an IIS add-on to protect the pages served by this server. However, the administration module of this interface has not been password protected. As a result, an attacker may perform administrative tasks without any authentication. %NASLMINLEVEL 70300 C Tenabl...

5.6AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2003/03/24 12:0 a.m.245 views

Microsoft Windows Administrator Default Password Detection (W32/Deloder Worm Susceptibility)

W32/Deloder is a worm that tries to connect to a remote share by using a list of built-in administrator passwords. Nessus was able to connect to this host with one of these credentials. The worm W32/Deloder may use it to break into the remote host and upload infected data in the remote shares. C...

5.6AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2000/09/06 12:0 a.m.54 views

Axis Camera Default Password

The remote host seems to be an Axis Network Camera. It was possible to log into the remote host with the default credentials 'root/pass'. An attacker may use these credentials to trivially access the system. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. Script audit and contributions from...

7.5CVSS5.5AI score0.02389EPSS
Exploits0References1
Rows per page
Query Builder