Show filters
12,521 Total Results
Displaying 71-80 of 10,000
Refine your search criteria for more targeted results.
Sort by:
Attacker Value
Very High
CVE-2021-26855
Disclosure Date: March 03, 2021 (last updated February 22, 2025)
Microsoft Exchange Server Remote Code Execution Vulnerability
3
Attacker Value
Very High
CVE-2020-16875
Disclosure Date: September 11, 2020 (last updated January 01, 2024)
<p>A remote code execution vulnerability exists in Microsoft Exchange server due to improper validation of cmdlet arguments.</p>
<p>An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the System user. Exploitation of the vulnerability requires an authenticated user in a certain Exchange role to be compromised.</p>
<p>The security update addresses the vulnerability by correcting how Microsoft Exchange handles cmdlet arguments.</p>
4
Attacker Value
Moderate
CVE-2020-0668
Disclosure Date: February 11, 2020 (last updated February 21, 2025)
An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0669, CVE-2020-0670, CVE-2020-0671, CVE-2020-0672.
1
Attacker Value
Very High
CVE-2017-0144 (MS17-010)
Disclosure Date: March 17, 2017 (last updated July 25, 2024)
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0145, CVE-2017-0146, and CVE-2017-0148.
4
Attacker Value
Unknown
CVE-2024-38134
Disclosure Date: August 13, 2024 (last updated August 16, 2024)
Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability
2
Attacker Value
Moderate
CVE-2024-38112
Disclosure Date: July 09, 2024 (last updated January 28, 2025)
Windows MSHTML Platform Spoofing Vulnerability
3
Attacker Value
Unknown
CVE-2023-38545
Disclosure Date: October 18, 2023 (last updated February 14, 2025)
This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy
handshake.
When curl is asked to pass along the host name to the SOCKS5 proxy to allow
that to resolve the address instead of it getting done by curl itself, the
maximum length that host name can be is 255 bytes.
If the host name is detected to be longer, curl switches to local name
resolving and instead passes on the resolved address only. Due to this bug,
the local variable that means "let the host resolve the name" could get the
wrong value during a slow SOCKS5 handshake, and contrary to the intention,
copy the too long host name to the target buffer instead of copying just the
resolved address there.
The target buffer being a heap based buffer, and the host name coming from the
URL that curl has been told to operate with.
4
Attacker Value
Moderate
CVE-2023-38146
Disclosure Date: September 12, 2023 (last updated January 11, 2025)
Windows Themes Remote Code Execution Vulnerability
3
Attacker Value
High
CVE-2023-21707
Disclosure Date: February 14, 2023 (last updated January 11, 2025)
Microsoft Exchange Server Remote Code Execution Vulnerability
3
Attacker Value
Moderate
CVE-2022-41080
Disclosure Date: November 09, 2022 (last updated January 11, 2025)
Microsoft Exchange Server Elevation of Privilege Vulnerability
3
