CVSS: 10.0EPSS: 94%CPEs: 139EXPL: 126CVE-2019-0708 – Microsoft Remote Desktop Services Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-0708
16 May 2019 — A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'. Existe una vulnerabilidad de ejecución remota de código en Remote Desktop Services, anteriormente conocido como Terminal Services, cuando un atacante no autenticado se conecta al sistema de destino mediante RDP y envía peticio... • https://packetstorm.news/files/id/180946 • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2017-15329
https://notcve.org/view.php?id=CVE-2017-15329
15 Feb 2018 — Huawei UMA V200R001C00 has a SQL injection vulnerability in the operation and maintenance module. An attacker logs in to the system as a common user and sends crafted HTTP requests that contain malicious SQL statements to the affected system. Due to a lack of input validation on HTTP requests that contain user-supplied input, successful exploitation may allow the attacker to execute arbitrary SQL queries. Huawei UMA V200R001C00 tiene una vulnerabilidad de inyección SQL en el módulo de operación y mantenimie... • http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20171116-01-uma-en • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2017-8117
https://notcve.org/view.php?id=CVE-2017-8117
22 Nov 2017 — The UMA product with software V200R001 and V300R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. An attacker could craft specific packets to exploit these vulnerabilities to gain elevated privileges. El producto UMA con software V200R001 y V300R001 tiene una vulnerabilidad de elevación de privilegios debido a una validación insuficiente o al procesamiento incorrecto de parámetros. Un atacante podría manipular paquetes específicos para explotar ... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170612-01-uma-en • CWE-20: Improper Input Validation •
CVSS: 2.3EPSS: 0%CPEs: 2EXPL: 0CVE-2017-8118
https://notcve.org/view.php?id=CVE-2017-8118
22 Nov 2017 — The UMA product with software V200R001 and V300R001 has an information leak vulnerability. An attacker could exploit them to obtain some sensitive information, causing information leak. El producto UMA con software V200R001 y V300R001 tiene una vulnerabilidad de filtrado de información. Un atacante podría explotarla para obtener información sensible, provocando un filtrado de información. • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170612-01-uma-en • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2017-8119
https://notcve.org/view.php?id=CVE-2017-8119
22 Nov 2017 — The UMA product with software V200R001 and V300R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. An attacker could craft specific packets to exploit these vulnerabilities to gain elevated privileges. El producto UMA con software V200R001 y V300R001 tiene una vulnerabilidad de elevación de privilegios debido a una validación insuficiente o al procesamiento incorrecto de parámetros. Un atacante podría manipular paquetes específicos para explotar ... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170612-01-uma-en • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2017-8120
https://notcve.org/view.php?id=CVE-2017-8120
22 Nov 2017 — The UMA product with software V200R001 and V300R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. An attacker could craft specific packets to exploit these vulnerabilities to gain elevated privileges. El producto UMA con software V200R001 y V300R001 tiene una vulnerabilidad de elevación de privilegios debido a una validación insuficiente o al procesamiento incorrecto de parámetros. Un atacante podría manipular paquetes específicos para explotar ... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170612-01-uma-en • CWE-20: Improper Input Validation •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2017-8121
https://notcve.org/view.php?id=CVE-2017-8121
22 Nov 2017 — The UMA product with software V200R001 and V300R001 has an information leak vulnerability. An attacker could exploit them to obtain some sensitive information, causing information leak. El producto UMA con software V200R001 y V300R001 tiene una vulnerabilidad de filtrado de información. Un atacante podría explotarla para obtener información sensible, provocando un filtrado de información. • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170612-01-uma-en • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-8122
https://notcve.org/view.php?id=CVE-2017-8122
22 Nov 2017 — The UMA product with software V200R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. An attacker could craft specific packets to exploit these vulnerabilities to gain elevated privileges. El producto UMA con software V200R001 tiene una vulnerabilidad de elevación de privilegios debido a una validación insuficiente o al procesamiento incorrecto de parámetros. Un atacante podría manipular paquetes específicos para explotar estas vulnerabilidades y... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170612-01-uma-en • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-8123
https://notcve.org/view.php?id=CVE-2017-8123
22 Nov 2017 — The UMA product with software V200R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. An attacker could craft specific packets to exploit these vulnerabilities to gain elevated privileges. El producto UMA con software V200R001 tiene una vulnerabilidad de elevación de privilegios debido a una validación insuficiente o al procesamiento incorrecto de parámetros. Un atacante podría manipular paquetes específicos para explotar estas vulnerabilidades y... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170612-01-uma-en • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-8124
https://notcve.org/view.php?id=CVE-2017-8124
22 Nov 2017 — The UMA product with software V200R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. An attacker could craft specific packets to exploit these vulnerabilities to gain elevated privileges. El producto UMA con software V200R001 tiene una vulnerabilidad de elevación de privilegios debido a una validación insuficiente o al procesamiento incorrecto de parámetros. Un atacante podría manipular paquetes específicos para explotar estas vulnerabilidades y... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170612-01-uma-en • CWE-20: Improper Input Validation •