491
|
- |
|
microsoft
|
remote_desktop_connection_client windows_2003_server windows_server_2003 windows_xp windows_7 windows_server_2008 windows_vista
|
Untrusted search path vulnerability in the client in Microsoft Remote Desktop Connection 5.2, 6.0, 6.1, and 7.0 allows local users to gain privileges via a Trojan horse DLL in the current working dir…
|
NVD-CWE-Other
|
CVE-2011-0029
|
2024-10-18 06:35 |
2011-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
492
|
- |
|
microsoft
|
windows_server_2008 windows_xp windows_7 windows_vista windows_server_2003 windows_2003_server
|
Double free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold and SP2, and Windo…
|
CWE-399
Resource Management Errors
|
CVE-2010-3941
|
2024-10-18 06:35 |
2010-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
493
|
- |
|
microsoft
|
sharepoint_services sharepoint_server internet_explorer
|
Cross-site scripting (XSS) vulnerability in the toStaticHTML function in Microsoft Internet Explorer 8, and the SafeHTML function in Microsoft Windows SharePoint Services 3.0 SP2 and Office SharePoin…
|
CWE-79
Cross-site Scripting
|
CVE-2010-3243
|
2024-10-18 06:35 |
2010-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
494
|
- |
|
microsoft
|
windows_server_2008 windows_xp windows_vista windows_server_2003 windows_2003_server
|
The Windows kernel-mode drivers in win32k.sys in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, and Windows Server 2008 Gold and SP2 do not properly validate us…
|
CWE-20
Improper Input Validation
|
CVE-2010-1896
|
2024-10-18 06:35 |
2010-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
495
|
- |
|
microsoft
|
windows_server_2008 windows_xp windows_7 windows_server_2003 windows_vista
|
Heap-based buffer overflow in the Local Security Authority Subsystem Service (LSASS), as used in Active Directory in Microsoft Windows Server 2003 SP2 and Windows Server 2008 Gold, SP2, and R2; Activ…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-0820
|
2024-10-18 06:35 |
2010-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
496
|
6.5 |
MEDIUM
Network
|
microsoft
|
office 365_apps office_long_term_servicing_channel
|
Microsoft Office Spoofing Vulnerability
|
NVD-CWE-noinfo
|
CVE-2024-43609
|
2024-10-18 06:18 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
497
|
7.8 |
HIGH
Local
|
microsoft
|
deepspeed
|
DeepSpeed Remote Code Execution Vulnerability
|
NVD-CWE-noinfo
|
CVE-2024-43497
|
2024-10-18 06:15 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
498
|
6.6 |
MEDIUM
Network
|
microsoft
|
azure_service_fabric
|
Azure Service Fabric for Linux Remote Code Execution Vulnerability
|
NVD-CWE-noinfo
|
CVE-2024-43480
|
2024-10-18 06:14 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
499
|
7.8 |
HIGH
Local
|
thinkst
|
opencanary
|
OpenCanary, a multi-protocol network honeypot, directly executed commands taken from its config file. Prior to version 0.9.4, where the config file is stored in an unprivileged user directory but the…
|
CWE-863
Incorrect Authorization
|
CVE-2024-48911
|
2024-10-18 06:13 |
2024-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
500
|
8.8 |
HIGH
Network
|
dueclic
|
wp_2fa_with_telegram
|
The WP 2FA with Telegram plugin for WordPress is vulnerable to Authentication Bypass in versions up to, and including, 3.0. This is due to insufficient validation of the user-controlled key on the 'v…
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2024-9687
|
2024-10-18 06:11 |
2024-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|