Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
Missing authentication for critical function in Windows Remote Desktop Licensing Service allows an authorized attacker to elevate privileges locally.
Missing authentication for critical function in Windows Remote Desktop Licensing Service allows an authorized attacker to elevate privileges locally.
Missing authentication for critical function in Windows Remote Desktop Licensing Service allows an unauthorized attacker to bypass a security feature over a network.
CVE-2026-21533
HIGH CVSS 7.8 KEV
Find Similar
Improper privilege management in Windows Remote Desktop allows an authorized attacker to elevate privileges locally.
Missing authentication for critical function in Windows Storage VSP Driver allows an authorized attacker to elevate privileges locally.
Improper authentication in Windows Remote Desktop Protocol allows an authorized attacker to bypass a security feature locally.
Missing authentication for critical function in SQL Server allows an authorized attacker to elevate privileges over a network.
CVE-2025-50171
CRITICAL CVSS 9.1
Find Similar
Missing authorization in Remote Desktop Server allows an unauthorized attacker to perform spoofing over a network.
Untrusted pointer dereference in Windows Remote Desktop allows an authorized attacker to elevate privileges locally.
Missing authorization in Azure Virtual Desktop allows an authorized attacker to elevate privileges over a network.
Missing authentication for critical function in Windows StateRepository API allows an authorized attacker to elevate privileges locally.
Improper access control in Windows Remote Access Connection Manager allows an authorized attacker to elevate privileges locally.
CVE-2025-59230
HIGH CVSS 7.8 KEV
Find Similar
Improper access control in Windows Remote Access Connection Manager allows an authorized attacker to elevate privileges locally.
Improper authentication in Windows Cryptographic Services allows an unauthorized attacker to elevate privileges locally.
Protection mechanism failure in Windows Remote Assistance allows an unauthorized attacker to bypass a security feature locally.
CVE-2024-35293
CRITICAL CVSS 9.1
Find Similar
An unauthenticated remote attacker may use a missing authentication for critical function vulnerability to reboot or erase the affected devices resulting in data loss and/or a DoS.
Page 1+ Next →