Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
windows nt vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2020-12772
An issue exists in Ignite Realtime Spark 2.8.3 (and the ROAR plugin for it) on Windows. A chat message can include an IMG element with a SRC attribute referencing an external host's IP address. Upon access to this external host, the (NT)LM hashes of the user are sent with th...
Igniterealtime Spark 2.8.3
1 Github repository
7.2
CVSSv2
CVE-2020-10551
QQBrowser prior to 10.5.3870.400 installs a Windows service TsService.exe. This file is writable by anyone belonging to the NT AUTHORITY\Authenticated Users group, which includes all local and remote users. This can be abused by local malicious users to escalate privileges to NT ...
Tencent Qqbrowser
2 Github repositories
6.5
CVSSv2
CVE-2019-19034
Zoho ManageEngine Asset Explorer 6.5 does not validate the System Center Configuration Manager (SCCM) database username when dynamically generating a command to schedule scans for SCCM. This allows an malicious user to execute arbitrary commands on the AssetExplorer Server with N...
Zohocorp Manageengine Assetexplorer 6.5
4.9
CVSSv2
CVE-2020-8838
An issue exists in Zoho ManageEngine AssetExplorer 6.5. During an upgrade of the Windows agent, it does not validate the source and binary downloaded. This allows an attacker on an adjacent network to execute code with NT AUTHORITY/SYSTEM privileges on the agent machines by provi...
Zohocorp Manageengine Assetexplorer 6.5
7.2
CVSSv2
CVE-2020-10665
Docker Desktop allows local privilege escalation to NT AUTHORITY\SYSTEM because it mishandles the collection of diagnostics with Administrator privileges, leading to arbitrary DACL permissions overwrites and arbitrary file writes. This affects Docker Desktop Enterprise prior to 2...
Docker Desktop
1 Github repository
2.1
CVSSv2
CVE-2019-19620
In SecureWorks Red Cloak Windows Agent prior to 2.0.7.9, a local user can bypass the generation of telemetry alerts by removing NT AUTHORITY\SYSTEM permissions from a file. This is limited in scope to the collection of process-execution telemetry, for executions against specific ...
Dell Red Cloak Windows Agent
7.2
CVSSv2
CVE-2019-1405
An elevation of privilege vulnerability exists when the Windows Universal Plug and Play (UPnP) service improperly allows COM object creation, aka 'Windows UPnP Service Elevation of Privilege Vulnerability'.
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 R2
Microsoft Windows 10 1607
Microsoft Windows 8.1 -
Microsoft Windows Server 2016 -
Microsoft Windows Server 2008 -
Microsoft Windows 7 -
Microsoft Windows Rt 8.1 -
Microsoft Windows Server 2012 -
Microsoft Windows 10 -
Microsoft Windows 10 1709
Microsoft Windows 10 1803
Microsoft Windows Server 2016 1803
Microsoft Windows Server 2019 -
Microsoft Windows 10 1809
Microsoft Windows Server 2016 1903
Microsoft Windows 10 1903
1 EDB exploit
4 Github repositories
1 Article
7.1
CVSSv2
CVE-2019-1343
A denial of service vulnerability exists when Windows improperly handles objects in memory, aka 'Windows Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-1346, CVE-2019-1347.
Microsoft Windows 10 1703
Microsoft Windows 10 1803
Microsoft Windows Server 2016 -
Microsoft Windows Server 2016 1903
Microsoft Windows 10 -
Microsoft Windows 10 1607
Microsoft Windows 10 1903
Microsoft Windows 8.1 -
Microsoft Windows Rt 8.1 -
Microsoft Windows Server 2012 -
Microsoft Windows 10 1709
Microsoft Windows 10 1809
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2016 1803
Microsoft Windows Server 2019 -
1 EDB exploit
1 Article
2.1
CVSSv2
CVE-2019-1345
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1334.
Microsoft Windows Server 2019 -
Microsoft Windows Server 2016 1903
Microsoft Windows 10 1803
Microsoft Windows 10 1607
Microsoft Windows 10 1809
Microsoft Windows Server 2016 1803
Microsoft Windows Server 2016 -
Microsoft Windows 10 -
Microsoft Windows 10 1709
Microsoft Windows 10 1903
1 EDB exploit
1 Article
7.1
CVSSv2
CVE-2019-1347
A denial of service vulnerability exists when Windows improperly handles objects in memory, aka 'Windows Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-1343, CVE-2019-1346.
Microsoft Windows 10 1607
Microsoft Windows 10 1903
Microsoft Windows Rt 8.1 -
Microsoft Windows 10 1703
Microsoft Windows 10 1709
Microsoft Windows 10 1803
Microsoft Windows 10 1809
Microsoft Windows Server 2016 -
Microsoft Windows Server 2016 1803
Microsoft Windows Server 2016 1903
Microsoft Windows Server 2019 -
Microsoft Windows 10 -
Microsoft Windows 8.1 -
Microsoft Windows Server 2012 R2
1 EDB exploit
1 Article
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710
arbitrary
CVE-2024-5272
CVE-2024-2961
brute force
remote
CVE-2024-32944
CVE-2024-36241
CVE-2024-5274
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »