Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
windows nt vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-23772
An issue exists in Quest KACE Agent for Windows 12.0.38 and 13.1.23.0. An Arbitrary file create vulnerability exists in the KSchedulerSvc.exe, KUserAlert.exe, and Runkbot.exe components. This allows local malicious users to create any file of their choice with NT Authority\SYSTEM...
1 Github repository
NA
CVE-2024-23773
An issue exists in Quest KACE Agent for Windows 12.0.38 and 13.1.23.0. An Arbitrary file delete vulnerability exists in the KSchedulerSvc.exe component. Local attackers can delete any file of their choice with NT Authority\SYSTEM privileges.
1 Github repository
NA
CVE-2024-23774
An issue exists in Quest KACE Agent for Windows 12.0.38 and 13.1.23.0. An unquoted Windows search path vulnerability exists in the KSchedulerSvc.exe and AMPTools.exe components. This allows local malicious users to execute code of their choice with NT Authority\SYSTEM privileges.
1 Github repository
NA
CVE-2024-33559
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in 8theme XStore allows SQL Injection.This issue affects XStore: from n/a up to and including 9.3.5.
1 Github repository
NA
CVE-2024-33551
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in 8theme XStore Core allows SQL Injection.This issue affects XStore Core: from n/a up to and including 5.3.5.
1 Github repository
NA
CVE-2024-25029
IBM Personal Communications 14.0.6 up to and including 15.0.1 includes a Windows service that is vulnerable to remote code execution (RCE) and local privilege escalation (LPE). The vulnerability allows any unprivileged user with network access to a target computer to run commands...
5.5
CVSSv3
CVE-2024-22318
IBM i Access Client Solutions (ACS) 1.1.2 up to and including 1.1.4 and 1.1.4.3 up to and including 1.1.9.4 is vulnerable to NT LAN Manager (NTLM) hash disclosure by an attacker modifying UNC capable paths within ACS configuration files to point to a hostile server. If NTLM is en...
Ibm I Access Client Solutions
8.8
CVSSv3
CVE-2023-51772
One Identity Password Manager prior to 5.13.1 allows Kiosk Escape. This product enables users to reset their Active Directory passwords on the login screen of a Windows client. It launches a Chromium based browser in Kiosk mode to provide the reset functionality. The escape seque...
Oneidentity Password Manager
9.8
CVSSv3
CVE-2023-48654
One Identity Password Manager prior to 5.13.1 allows Kiosk Escape. This product enables users to reset their Active Directory passwords on the login screen of a Windows client. It launches a Chromium based browser in Kiosk mode to provide the reset functionality. The escape seque...
Oneidentity Password Manager
7.5
CVSSv3
CVE-2023-30585
A vulnerability has been identified in the Node.js (.msi version) installation process, specifically affecting Windows users who install Node.js using the .msi installer. This vulnerability emerges during the repair operation, where the "msiexec.exe" process, running un...
Nodejs Node.js
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »