CVSS: 10.0EPSS: 94%CPEs: 139EXPL: 126CVE-2019-0708 – Microsoft Remote Desktop Services Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-0708
16 May 2019 — A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'. Existe una vulnerabilidad de ejecución remota de código en Remote Desktop Services, anteriormente conocido como Terminal Services, cuando un atacante no autenticado se conecta al sistema de destino mediante RDP y envía peticio... • https://packetstorm.news/files/id/180946 • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2017-15329
https://notcve.org/view.php?id=CVE-2017-15329
15 Feb 2018 — Huawei UMA V200R001C00 has a SQL injection vulnerability in the operation and maintenance module. An attacker logs in to the system as a common user and sends crafted HTTP requests that contain malicious SQL statements to the affected system. Due to a lack of input validation on HTTP requests that contain user-supplied input, successful exploitation may allow the attacker to execute arbitrary SQL queries. Huawei UMA V200R001C00 tiene una vulnerabilidad de inyección SQL en el módulo de operación y mantenimie... • http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20171116-01-uma-en • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •