CVE-2026-32085

Exposure of sensitive information to an unauthorized actor in Windows Remote Procedure Call allows an authorized attacker to disclose information locally...

Remote Access Management service/API (RPC server) Elevation of Privilege Vulnerability

Improper access control in Windows RPC API allows an authorized attacker to elevate privileges locally...

EUVD-2008-0778

Malware in sbrugna...

PT-2025-15520 · Microsoft · Windows Rpc Endpoint Mapper Service +1

Name of the Vulnerable Software and Affected Versions: Windows RPC Endpoint Mapper Service affected versions not specified Description: The issue is related to a use after free vulnerability in the RPC Endpoint Mapper Service, which allows an authorized attacker to elevate privileges locally. Thi...

QNAP QTS / QuTS hero Vulnerabilities in Samba (QSA-23-20)

The version of QNAP QTS / QuTS hero installed on the remote host is affected by multiple vulnerabilities as referenced in the QSA-23-20 advisory. - A path traversal vulnerability was identified in Samba when processing client pipe names connecting to Unix domain sockets within a private directory...

Ubuntu 20.04 LTS / 22.04 LTS / 23.04 : Samba vulnerabilities (USN-6425-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6425-1 advisory. Sri Nagasubramanian discovered that the Samba aclxattr VFS module incorrectly handled read-only files. When Samba is configured to...

CVE-2023-28297

Windows Remote Procedure Call Service RPCSS Elevation of Privilege Vulnerability...

Microsoft Windows RPC API 安全漏洞

Microsoft Windows is a suite of operating systems for use on personal devices from the U.S.-based Microsoft Corporation Microsoft. A security vulnerability exists in the Microsoft Windows RPC API. The following products and editions are affected:Windows 10 Version 1809 for 32-bit Systems,Windows ...

Microsoft Windows RPC API 安全漏洞

Microsoft Windows is a suite of operating systems for use on personal devices from the U.S.-based Microsoft Corporation Microsoft. A security vulnerability exists in the Microsoft Windows RPC API. The following products and editions are affected:Windows 10 Version 1809 for 32-bit Systems,Windows ...

Critical Remote Code Execution Vulnerabilities in Windows RPC Runtime

Microsoft’s April 2022 Patch Tuesday introduced patches to more than a hundred new vulnerabilities in various components. Three critical vulnerabilities were found and patched in Windows RPC Remote Procedure Call runtime: CVE-2022-24492 and CVE-2022-24528 discovered by Yuki Chen with Cyber KunLun...

CVE-2021-40460

Windows Remote Procedure Call Runtime Security Feature Bypass Vulnerability...

Patch Tuesday - April 2021

Patch Tuesday is here again and there are more Exchange updates to apply! A total of 114 vulnerabilities were fixed this month with more than half of them affecting all versions of Windows, with about half of them being remote code execution bugs, and about a fifth of them being rated as critical...

CVE-2021-1702

Windows Remote Procedure Call Runtime Elevation of Privilege Vulnerability...

Microsoft Windows Remote Procedure Call Runtime 安全漏洞

Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation.Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system. A remote code execution vulnerability exists in Microsoft Windows/Windows Server "Remote...

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Advantech Webaccess

This is a PoC Proof of Concept exploit for CVE-2016-0856, a vulnerability in the Windows RPC Remote Procedure Call service. The exploit targets the RpcClient and RpcDcClient classes, which are part of the bwconn.dll library. The exploit is written in Python and uses the ctypes library to interact...

CVE-2019-1409

An information disclosure vulnerability exists when the Windows Remote Procedure Call RPC runtime improperly initializes objects in memory, aka 'Windows Remote Procedure Call Information Disclosure Vulnerability'...

CVE-2019-1089

An elevation of privilege vulnerability exists in rpcss.dll when the RPC service Activation Kernel improperly handles an RPC request. To exploit this vulnerability, a low level authenticated attacker could run a specially crafted application. The security update addresses this vulnerability by...

CVE-2017-8461

Windows RPC with Routing and Remote Access enabled in Windows XP and Windows Server 2003 allows an attacker to execute code on a targeted RPC server which has Routing and Remote Access enabled via a specially crafted application, aka "Windows RPC Remote Code Execution Vulnerability."...

drchrono: node.drchrono.com - Information Disclosure and Windows Host Exposed

This host has the following TCP ports open; 21 - FTP 22 - SSH 135 - Windows RPC Dynamic 445 - Microsoft DS 3389 - Remote Desktop 5986 - PowerShell Remoting 47001 - WinRM The server appears to be secured well on the whole. However the services SSH and FTP do all give out some information. Please s...

CVE-2008-0768

Multiple stack-based and heap-based buffer overflows in the Windows RPC components for IBM Informix Storage Manager ISM, as used in Informix Dynamic Server IDS 10.00.xC8 and earlier and 11.10.xC2 and earlier, allow attackers to execute arbitrary code via crafted XDR requests...