Lucene search
K

253 matches found

BDU FSTEC
BDU FSTEC
added 2023/05/15 12:0 a.m.6 views

The vulnerability of the NTLM Security Support Provider implementation in the Windows operating system allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the NTLM Security Support Provider in the Windows operating system is related to the lack of protection for service data. Exploiting this vulnerability can allow a malicious actor to gain unauthorized access to protected information...

5.9CVSS6.8AI score0.01232EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/05/09 5:2 p.m.28 views

CVE-2023-24900 Windows NTLM Security Support Provider Information Disclosure Vulnerability

...

5.9CVSS7.7AI score0.01232EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2023/05/09 7:0 a.m.61 views

Windows NTLM Security Support Provider Information Disclosure Vulnerability

...

5.9CVSS7.9AI score0.01232EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2023/05/09 12:0 a.m.5 views

PT-2023-2692 · Microsoft · Windows Ntlm Security Support Provider +1

Name of the Vulnerable Software and Affected Versions: Windows NTLM Security Support Provider affected versions not specified Description: The issue is related to the implementation of the NTLM Security Support Provider protocol in the Windows operating system, which lacks protection for service...

5.9CVSS9.4AI score0.01232EPSS
Exploits0References6
Microsoft KB
Microsoft KB
added 2023/03/14 7:0 a.m.126 views

Description of the security update for Office 2013: March 14, 2023 (KB5002198)

Description of the security update for Office 2013: March 14, 2023 KB5002198 Summary This security update resolves a Microsoft Excel remote code execution vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2023-23399. Note: To apply this...

7.8CVSS8AI score0.02532EPSS
Exploits3
OpenVAS
OpenVAS
added 2023/03/08 12:0 a.m.7 views

Debian: Security Advisory (DLA-2482-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References5
OpenVAS
OpenVAS
added 2023/03/08 12:0 a.m.7 views

Debian: Security Advisory (DLA-1657-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References3
OpenVAS
OpenVAS
added 2023/03/08 12:0 a.m.7 views

Debian: Security Advisory (DLA-3038-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References9
OpenVAS
OpenVAS
added 2023/03/08 12:0 a.m.6 views

Debian: Security Advisory (DLA-2103-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References3
OpenVAS
OpenVAS
added 2023/03/08 12:0 a.m.11 views

Debian: Security Advisory (DLA-465-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
OpenVAS
OpenVAS
added 2023/03/08 12:0 a.m.8 views

Debian: Security Advisory (DLA-2532-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References4
Microsoft KB
Microsoft KB
added 2023/02/14 8:0 a.m.112 views

Description of the security update for Office Online Server: February 14, 2023 (KB5002309)

Description of the security update for Office Online Server: February 14, 2023 KB5002309 Summary This security update resolves a Microsoft Word remote code execution vulnerability. To learn more about the vulnerability, see ​​​​​​​Microsoft Common Vulnerabilities and Exposures CVE-2023-21716...

9.8CVSS9.8AI score0.82302EPSS
Exploits11
UbuntuCve
UbuntuCve
added 2023/02/03 6:15 a.m.326 views

CVE-2023-25136

OpenSSH server sshd 9.1 introduced a double-free vulnerability during options.kexalgorithms handling. This is fixed in OpenSSH 9.2. The double free can be leveraged, by an unauthenticated remote attacker in the default configuration, to jump to any location in the sshd address space. One...

6.5CVSS7.5AI score0.89955EPSS
Exploits10References4
Kitploit
Kitploit
added 2023/01/19 11:30 a.m.26 views

DragonCastle - A PoC That Combines AutodialDLL Lateral Movement Technique And SSP To Scrape NTLM Hashes From LSASS Process

A PoC that combines AutodialDLL lateral movement technique and SSP to scrape NTLM hashes from LSASS process. Description Upload a DLL to the target machine. Then it enables remote registry to modify AutodialDLL entry and start/restart BITS service. Svchosts would load our DLL, set again AutodiaDL...

8.8AI score
Exploits0References1
Microsoft KB
Microsoft KB
added 2022/11/08 8:0 a.m.41 views

Description of the security update for SharePoint Server Subscription Edition Language Pack: November 8, 2022 (KB5002291)

Description of the security update for SharePoint Server Subscription Edition Language Pack: November 8, 2022 KB5002291 Summary This security update resolves a Microsoft Word remote code execution vulnerability and Microsoft Word information disclosure vulnerability. To learn more about the...

7.8CVSS7.2AI score0.01133EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2022/10/11 7:15 p.m.3 views

CVE-2022-38043

Windows Security Support Provider Interface Information Disclosure Vulnerability...

5.5CVSS6.3AI score0.00548EPSS
Exploits0References3Affected Software22
RedHat Linux
RedHat Linux
added 2022/10/05 12:29 p.m.11 views

squid: buffer-over-read in SSPI and SMB authentication

A flaw was found in Squid. An incorrect integer overflow protection in the Squid SSPI and SMB authentication helpers is vulnerable to a buffer overflow attack, resulting in information disclosure...

8.6CVSS6AI score0.0282EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/10/04 3:19 p.m.6 views

squid: buffer-over-read in SSPI and SMB authentication

A flaw was found in Squid. An incorrect integer overflow protection in the Squid SSPI and SMB authentication helpers is vulnerable to a buffer overflow attack, resulting in information disclosure...

8.6CVSS6AI score0.0282EPSS
Exploits0References5
Microsoft KB
Microsoft KB
added 2022/09/13 12:0 a.m.63 views

September 13, 2022-KB5017498 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10, version 20H2

September 13, 2022-KB5017498 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10, version 20H2 Release Date: September 13, 2022 Version: .NET Framework 3.5, 4.8 and 4.8.1 Summary This article describes the Cumulative Update for 3.5, 4.8 and 4.8.1 for Windows 10, version 20H2...

7.8CVSS7.6AI score0.01319EPSS
Exploits0
Microsoft KB
Microsoft KB
added 2022/08/09 7:0 a.m.52 views

Description of the security update for the remote code execution vulnerability in Microsoft Visual Studio 2012 Update 5: August 9, 2022 (KB5016314)

Description of the security update for the remote code execution vulnerability in Microsoft Visual Studio 2012 Update 5: August 9, 2022 KB5016314 Note: This security update applies to all Visual Studio 2012 Update 5 editions except Isolated and Integrated Shells, Build Tools, Remote Tools, and...

8.8CVSS8.9AI score0.01779EPSS
Exploits0
Rows per page
Query Builder