CVSS: 7.8EPSS: 94%CPEs: 444EXPL: 17CVE-2023-44487 – HTTP/2 Rapid Reset Attack Vulnerability
https://notcve.org/view.php?id=CVE-2023-44487
10 Oct 2023 — The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. El protocolo HTTP/2 permite una denegación de servicio (consumo de recursos del servidor) porque la cancelación de solicitudes puede restablecer muchas transmisiones rápidamente, como se explotó en la naturaleza entre agosto y octubre de 2023. A flaw was found in handling multiplexed streams in the HTTP/2 protocol. ... • https://github.com/imabee101/CVE-2023-44487 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 4%CPEs: 2EXPL: 0CVE-2007-2593
https://notcve.org/view.php?id=CVE-2007-2593
11 May 2007 — The Terminal Server in Microsoft Windows 2003 Server, when using TLS, allows remote attackers to bypass SSL and self-signed certificate requirements, downgrade the server security, and possibly conduct man-in-the-middle attacks via unspecified vectors, as demonstrated using the Remote Desktop Protocol (RDP) 6.0 client. NOTE: a third party claims that the vendor may have fixed this in approximately 2006. El Terminal Server del Microsoft Windows 2003 Server, cuando utiliza TLS, permite a atacantes remotos evi... • http://osvdb.org/36146 •
CVSS: 10.0EPSS: 26%CPEs: 1EXPL: 1CVE-2006-4465
https://notcve.org/view.php?id=CVE-2006-4465
31 Aug 2006 — Microsoft Terminal Server, when running an application session with the "Start program at logon" and "Override settings from user profile and Client Connection Manager wizard" options, allows local users to execute arbitrary code by forcing an Explorer error. NOTE: a third-party researcher has stated that the options are "a convenience to users" and were not intended to restrict execution of arbitrary code ** IMPUGNADA ** Microsoft Terminal Server, al ejecutar una sesión de aplicación con las opciones "Ejec... • http://securityreason.com/securityalert/1486 •
CVSS: 9.8EPSS: 44%CPEs: 49EXPL: 0CVE-2005-1212
https://notcve.org/view.php?id=CVE-2005-1212
14 Jun 2005 — Buffer overflow in Microsoft Step-by-Step Interactive Training (orun32.exe) allows remote attackers to execute arbitrary code via a bookmark link file (.cbo, cbl, or .cbm extension) with a long User field. El desbordamiento de búfer en Microsoft Step-by-Step Interactive Training (orun32.exe) permite a los atacantes remotos ejecutar código arbitrario a través de un archivo de enlace de marcadores (extensión.cbo, cbl o.cbm) con un campo de usuario largo. • http://idefense.com/application/poi/display?id=262&type=vulnerabilities&flashstatus=true •
CVSS: 8.1EPSS: 32%CPEs: 49EXPL: 0CVE-2005-1214
https://notcve.org/view.php?id=CVE-2005-1214
14 Jun 2005 — Microsoft Agent allows remote attackers to spoof trusted Internet content and execute arbitrary code by disguising security prompts on a malicious Web page. Microsoft Agent permite a los atacantes remotos falsificar contenido de Internet de confianza y ejecutar código arbitrario disfrazando las indicaciones de seguridad en una página web maliciosa. • http://secunia.com/advisories/15689 •
CVSS: 7.5EPSS: 20%CPEs: 14EXPL: 1CVE-2002-0864
https://notcve.org/view.php?id=CVE-2002-0864
11 Oct 2002 — The Remote Data Protocol (RDP) version 5.1 in Microsoft Windows XP allows remote attackers to cause a denial of service (crash) when Remote Desktop is enabled via a PDU Confirm Active data packet that does not set the Pattern BLT command, aka "Denial of Service in Remote Desktop." • http://marc.info/?l=bugtraq&m=103235745116592&w=2 •
CVSS: 7.5EPSS: 8%CPEs: 22EXPL: 0CVE-2002-0863
https://notcve.org/view.php?id=CVE-2002-0863
01 Oct 2002 — Remote Data Protocol (RDP) version 5.0 in Microsoft Windows 2000 and RDP 5.1 in Windows XP does not encrypt the checksums of plaintext session data, which could allow a remote attacker to determine the contents of encrypted sessions via sniffing, aka "Weak Encryption in RDP Protocol." • http://marc.info/?l=bugtraq&m=103235960119404&w=2 •
CVSS: 7.5EPSS: 29%CPEs: 1EXPL: 0CVE-2001-0540
https://notcve.org/view.php?id=CVE-2001-0540
30 Oct 2001 — Memory leak in Terminal servers in Windows NT and Windows 2000 allows remote attackers to cause a denial of service (memory exhaustion) via a large number of malformed Remote Desktop Protocol (RDP) requests to port 3389. • http://www.securityfocus.com/bid/3099 •
CVSS: 7.5EPSS: 13%CPEs: 5EXPL: 0CVE-2000-0404
https://notcve.org/view.php?id=CVE-2000-0404
25 May 2000 — The CIFS Computer Browser service allows remote attackers to cause a denial of service by sending a ResetBrowser frame to the Master Browser, aka the "ResetBrowser Frame" vulnerability. • http://www.microsoft.com/technet/support/kb.asp?ID=262694 •
CVSS: 7.8EPSS: 36%CPEs: 6EXPL: 1CVE-2000-0305 – Microsoft Windows - 'Jolt2.c' Denial of Service (MS00-029)
https://notcve.org/view.php?id=CVE-2000-0305
19 May 2000 — Windows 95, Windows 98, Windows 2000, Windows NT 4.0, and Terminal Server systems allow a remote attacker to cause a denial of service by sending a large number of identical fragmented IP packets, aka jolt2 or the "IP Fragment Reassembly" vulnerability. • https://www.exploit-db.com/exploits/214 • CWE-399: Resource Management Errors •