Show filters
721 Total Results
Displaying 31-40 of 721
Sort by:
Attacker Value
Moderate

CVE-2020-17144

Disclosure Date: December 10, 2020 (last updated February 22, 2025)
Microsoft Exchange Remote Code Execution Vulnerability
1
1
Attacker Value
Moderate

CVE-2020-5929

Disclosure Date: September 25, 2020 (last updated February 22, 2025)
In versions 13.0.0-13.0.0 HF2, 12.1.0-12.1.2 HF1, and 11.6.1-11.6.2, BIG-IP platforms with Cavium Nitrox SSL hardware acceleration cards, a Virtual Server configured with a Client SSL profile, and using Anonymous (ADH) or Ephemeral (DHE) Diffie-Hellman key exchange and Single DH use option not enabled in the options list may be vulnerable to crafted SSL/TLS Handshakes that may result with a PMS (Pre-Master Secret) that starts in a 0 byte and may lead to a recovery of plaintext messages as BIG-IP TLS/SSL ADH/DHE sends different error messages acting as an oracle. Similar error messages when PMS starts with 0 byte coupled with very precise timing measurement observation may also expose this vulnerability.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
3
1
Attacker Value
Very High

CVE-2020-16952 — Microsoft SharePoint Remote Code Execution Vulnerabilities

Disclosure Date: October 16, 2020 (last updated January 01, 2024)
<p>A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint server farm account.</p> <p>Exploitation of this vulnerability requires that a user uploads a specially crafted SharePoint application package to an affected version of SharePoint.</p> <p>The security update addresses the vulnerability by correcting how SharePoint checks the source markup of application packages.</p>
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
7
2
Attacker Value
Moderate

CVE-2023-38548

Disclosure Date: November 07, 2023 (last updated March 07, 2025)
A vulnerability in Veeam ONE allows an unprivileged user who has access to the Veeam ONE Web Client the ability to acquire the NTLM hash of the account used by the Veeam ONE Reporting Service.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
8
1
Attacker Value
Moderate

CVE-2022-1040

Disclosure Date: March 25, 2022 (last updated November 29, 2024)
An authentication bypass vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v18.5 MR3 and older.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
10
2
Attacker Value
Unknown

CVE-2022-41040

Disclosure Date: October 03, 2022 (last updated February 24, 2025)
Microsoft Exchange Server Elevation of Privilege Vulnerability
2
0
Attacker Value
Unknown

CVE-2021-41349

Disclosure Date: November 10, 2021 (last updated November 28, 2024)
Microsoft Exchange Server Spoofing Vulnerability
1
1
Attacker Value
Low

CVE-2021-1647 Microsoft Windows Defender Zero-Day Vulnerability

Disclosure Date: January 12, 2021 (last updated December 29, 2023)
Microsoft Defender Remote Code Execution Vulnerability
Attack Vector: LocalPrivileges: LowUser Interaction: None
7
2
Attacker Value
Very High

CVE-2018-8302

Disclosure Date: August 15, 2018 (last updated November 27, 2024)
A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka "Microsoft Exchange Memory Corruption Vulnerability." This affects Microsoft Exchange Server.
0
1
Attacker Value
High

CVE-2024-30080

Disclosure Date: June 11, 2024 (last updated February 26, 2025)
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
5
2
View More Topics  < Previous  Next >