Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
Improper input validation in Active Directory Certificate Services (AD CS) allows an authorized attacker to deny service over a network.
Weak authentication in Windows Active Directory Certificate Services allows an authorized attacker to elevate privileges over a network.
Improper access control in Active Directory Domain Services allows an authorized attacker to elevate privileges over a network.
Improper input validation in Windows Local Security Authority Subsystem Service (LSASS) allows an authorized attacker to deny service over a network.
Improper input validation in Microsoft Windows Search Component allows an authorized attacker to deny service locally.
Improper input validation in Microsoft Windows Search Component allows an unauthorized attacker to deny service locally.
Improper restriction of names for files and other resources in Active Directory Domain Services allows an authorized attacker to elevate privileges over a network.
Improper input validation in Windows Active Directory allows an authorized attacker to execute code over an adjacent network.
CWE-20: Improper Input Validation vulnerability exists that could cause Denial of Service when an authenticated malicious user sends HTTPS request containing invalid data type to the webserver.
Insertion of sensitive information into log file in Active Directory Federation Services allows an unauthorized attacker to disclose information locally.
Improper validation of specified type of input in Microsoft Windows allows an authorized attacker to elevate privileges locally.
Improper certificate validation in Windows SMB allows an authorized attacker to perform spoofing over a network.
Page 1+ Next →