CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2020-7483
https://notcve.org/view.php?id=CVE-2020-7483
15 Apr 2020 — **VERSION NOT SUPPORTED WHEN ASSIGNED** A vulnerability could cause certain data to be visible on the network when the 'password' feature is enabled. This vulnerability was discovered in and remediated in versions v4.9.1 and v4.10.1 on May 30, 2013. The 'password' feature is an additional optional check performed by TS1131 that it is connected to a specific controller. This data is sent as clear text and is visible on the network. This feature is not present in TriStation 1131 versions v4.9.1 and v4.10.1 th... • https://us-cert.cisa.gov/ics/advisories/icsa-20-205-01 • CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 7.8EPSS: 17%CPEs: 4EXPL: 0CVE-2012-5362
https://notcve.org/view.php?id=CVE-2012-5362
20 Feb 2020 — The IPv6 implementation in Microsoft Windows 7 and earlier allows remote attackers to cause a denial of service via a flood of ICMPv6 Neighbor Solicitation messages, a different vulnerability than CVE-2010-4669. La implementación de IPv6 en Microsoft Windows 7 y anteriores, permite a atacantes remotos causar una denegación de servicio por medio de una avalancha de mensajes ICMPv6 Neighbor Solicitation, una vulnerabilidad diferente a CVE-2010-4669. • http://www.openwall.com/lists/oss-security/2012/10/10/12 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 17%CPEs: 4EXPL: 0CVE-2012-5364
https://notcve.org/view.php?id=CVE-2012-5364
20 Feb 2020 — The IPv6 implementation in Microsoft Windows 7 and earlier allows remote attackers to cause a denial of service via a flood of ICMPv6 Router Advertisement packets containing multiple Routing entries. La implementación de IPv6 en Microsoft Windows 7 y anteriores, permite a atacantes remotos causar una denegación de servicio por medio de una avalancha de paquetes ICMPv6 Router Advertisement, que contienen múltiples entradas de Enrutamiento. • http://www.openwall.com/lists/oss-security/2012/10/10/12 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 8.1EPSS: 0%CPEs: 5EXPL: 0CVE-2014-9748
https://notcve.org/view.php?id=CVE-2014-9748
11 Feb 2020 — The uv_rwlock_t fallback implementation for Windows XP and Server 2003 in libuv before 1.7.4 does not properly prevent threads from releasing the locks of other threads, which allows attackers to cause a denial of service (deadlock) or possibly have unspecified other impact by leveraging a race condition. La implementación fallback de uv_rwlock_t para Windows XP y Server 2003 en libuv versiones anteriores a 1.7.4, no impide apropiadamente que los subprocesos (hilos) liberen los bloqueos de otros subprocesos... • https://github.com/libuv/libuv/issues/515 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.5EPSS: 5%CPEs: 1EXPL: 0CVE-2019-1489
https://notcve.org/view.php?id=CVE-2019-1489
10 Dec 2019 — An information disclosure vulnerability exists when the Windows Remote Desktop Protocol (RDP) fails to properly handle objects in memory, aka 'Remote Desktop Protocol Information Disclosure Vulnerability'. Hay una vulnerabilidad de divulgación de información cuando el Windows Remote Desktop Protocol (RDP) no puede manejar apropiadamente los objetos en memoria, también se conoce como "Remote Desktop Protocol Information Disclosure Vulnerability". • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1489 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 94%CPEs: 139EXPL: 126CVE-2019-0708 – Microsoft Remote Desktop Services Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-0708
16 May 2019 — A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'. Existe una vulnerabilidad de ejecución remota de código en Remote Desktop Services, anteriormente conocido como Terminal Services, cuando un atacante no autenticado se conecta al sistema de destino mediante RDP y envía peticio... • https://packetstorm.news/files/id/180946 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2017-14010
https://notcve.org/view.php?id=CVE-2017-14010
26 Apr 2018 — In SpiderControl MicroBrowser Windows XP, Vista 7, 8 and 10, Versions 1.6.30.144 and prior, an uncontrolled search path element vulnerability has been identified which could be exploited by placing a specially crafted DLL file in the search path. If the malicious DLL is loaded prior to the valid DLL, an attacker could execute arbitrary code on the system. En SpiderControl MicroBrowser en Windows XP, Vista 7, 8 y 10, en sus versiones 1.6.30.144 y anteriores, se ha identificado una vulnerabilidad no controlad... • http://spidercontrol.net/download/downloadarea/?lang=en • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.0EPSS: 0%CPEs: 2EXPL: 0CVE-2018-5457
https://notcve.org/view.php?id=CVE-2018-5457
06 Feb 2018 — A uncontrolled search path element issue was discovered in Vyaire Medical CareFusion Upgrade Utility used with Windows XP systems, Versions 2.0.2.2 and prior versions. A successful exploit of this vulnerability requires the local user to install a crafted DLL on the target machine. The application loads the DLL and gives the attacker access at the same privilege level as the application. Se ha descubierto un problema de elemento de ruta de búsqueda no controlado en Vyaire Medical CareFusion Upgrade Utility,... • http://www.securityfocus.com/bid/102983 • CWE-427: Uncontrolled Search Path Element •
CVSS: 9.3EPSS: 61%CPEs: 6EXPL: 1CVE-2017-0176
https://notcve.org/view.php?id=CVE-2017-0176
22 Jun 2017 — A buffer overflow in Smart Card authentication code in gpkcsp.dll in Microsoft Windows XP through SP3 and Server 2003 through SP2 allows a remote attacker to execute arbitrary code on the target computer, provided that the computer is joined in a Windows domain and has Remote Desktop Protocol connectivity (or Terminal Services) enabled. Un desbordamiento de búfer en el código de autenticación Smart Card en gpkcsp.dll en Microsoft Windows XP hasta SP3 y Server 2003 hasta SP2 permite que un atacante remoto ej... • http://www.securityfocus.com/bid/98550 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 11%CPEs: 2EXPL: 2CVE-2017-8461 – Microsoft Windows RRAS Service MIBEntryGet Overflow
https://notcve.org/view.php?id=CVE-2017-8461
15 Jun 2017 — Windows RPC with Routing and Remote Access enabled in Windows XP and Windows Server 2003 allows an attacker to execute code on a targeted RPC server which has Routing and Remote Access enabled via a specially crafted application, aka "Windows RPC Remote Code Execution Vulnerability." Fue encontrada una Vulnerabilidad en Windows RPC con enrutamiento y acceso remoto habilitado en Windows XP y Windows Server 2003 permite a un atacante ejecutar código en un servidor RPC de destino que tiene habilitado el enruta... • https://packetstorm.news/files/id/161672 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •