Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
Out-of-bounds read in Windows Internet Information Services allows an unauthorized attacker to deny service over a network.
Improper validation of specified type of input in Windows Authentication Methods allows an authorized attacker to elevate privileges locally.
Improper validation of specified type of input in Windows Authentication Methods allows an authorized attacker to elevate privileges locally.
Improper validation of specified type of input in Windows Authentication Methods allows an authorized attacker to elevate privileges locally.
Heap-based buffer overflow in Windows Local Security Authority (LSA) allows an authorized attacker to elevate privileges locally.
Improper access control in Windows MultiPoint Services allows an authorized attacker to elevate privileges locally.
Improper input validation in Windows Hello allows an unauthorized attacker to bypass a security feature over a network.
Improper input handling in a system endpoint may allow attackers to overload resources, causing a denial of service.
An unauthenticated remote attacker can exploit input validation in cmd services of the devices, allowing them to disrupt system operations and potentially cause a denial-of-service.
Improper input validation in some Intel(R) System Security Report and System Resources Defense firmware may allow a privileged user to potentially enable escalation of privilege via local access.
Improper input validation in System Center Operations Manager allows an authorized attacker to elevate privileges over a network.
In multiple locations, there is a possible permanent denial of service due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed
Use after free in Microsoft Local Security Authority Server (lsasrv) allows an authorized attacker to elevate privileges locally.
Improper input validation in Windows LDAP - Lightweight Directory Access Protocol allows an authorized attacker to perform tampering over a network.
Improper certificate validation in Windows SMB allows an authorized attacker to perform spoofing over a network.
Improper input validation in Microsoft Exchange Server allows an authorized attacker to elevate privileges over a network.