Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
Missing authentication for critical function in Windows Remote Desktop Licensing Service allows an unauthorized attacker to bypass a security feature over a network.
Missing authentication for critical function in Windows Remote Desktop Licensing Service allows an authorized attacker to elevate privileges locally.
Missing authentication for critical function in Windows Remote Desktop Licensing Service allows an authorized attacker to elevate privileges locally.
CVE-2025-50171
CRITICAL CVSS 9.1
Find Similar
Missing authorization in Remote Desktop Server allows an unauthorized attacker to perform spoofing over a network.
Improper authentication in Windows Remote Desktop Protocol allows an authorized attacker to bypass a security feature locally.
Missing authentication for critical function in Windows StateRepository API allows an authorized attacker to elevate privileges locally.
CVE-2024-35293
CRITICAL CVSS 9.1
Find Similar
An unauthenticated remote attacker may use a missing authentication for critical function vulnerability to reboot or erase the affected devices resulting in data loss and/or a DoS.
Uncontrolled resource consumption in Windows Remote Desktop Services allows an unauthorized attacker to deny service over a network.
Insufficient UI warning of dangerous operations in Remote Desktop Client allows an unauthorized attacker to perform spoofing over a network.
Protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a security feature over a network.
An unauthenticated remote attacker can obtain limited sensitive information and/or DoS the device due to missing authentication for critical function.
CVE-2025-21355
CRITICAL CVSS 9.8
Find Similar
Missing Authentication for Critical Function in Microsoft Bing allows an unauthorized attacker to execute code over a network
CVE-2025-41651
CRITICAL CVSS 9.8
Find Similar
Due to missing authentication on a critical function of the devices an unauthenticated remote attacker can execute arbitrary commands, potentially enabling unauthorized upload or download of configura
Page 1+ Next →