Search
Search Results (49 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-27083 | 1 Microsoft | 1 Remote Development | 2024-11-21 | 7.8 High |
| Remote Development Extension for Visual Studio Code Remote Code Execution Vulnerability | ||||
| CVE-2020-5674 | 2 Epson, Microsoft | 37 Album Print, Color Calibration Utility, Colorbase and 34 more | 2024-11-21 | 7.8 High |
| Untrusted search path vulnerability in the installers of multiple SEIKO EPSON products allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | ||||
| CVE-2020-0919 | 1 Microsoft | 1 Remote Desktop | 2024-11-21 | 7.8 High |
| An elevation of privilege vulnerability exists in Remote Desktop App for Mac in the way it allows an attacker to load unsigned binaries, aka 'Microsoft Remote Desktop App for Mac Elevation of Privilege Vulnerability'. | ||||
| CVE-2020-0765 | 1 Microsoft | 1 Remote Desktop Connection Manager | 2024-11-21 | 5.5 Medium |
| An information disclosure vulnerability exists in the Remote Desktop Connection Manager (RDCMan) application when it improperly parses XML input containing a reference to an external entity, aka 'Remote Desktop Connection Manager Information Disclosure Vulnerability'. | ||||
| CVE-2019-5543 | 2 Microsoft, Vmware | 4 Windows, Horizon Client, Remote Console and 1 more | 2024-11-21 | 7.8 High |
| For VMware Horizon Client for Windows (5.x and prior before 5.3.0), VMware Remote Console for Windows (10.x before 11.0.0), VMware Workstation for Windows (15.x before 15.5.2) the folder containing configuration files for the VMware USB arbitration service was found to be writable by all users. A local user on the system where the software is installed may exploit this issue to run commands as any user. | ||||
| CVE-2019-1182 | 1 Microsoft | 16 Remote Desktop, Windows 10, Windows 10 1507 and 13 more | 2024-11-21 | 9.8 Critical |
| A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would need to send a specially crafted request to the target systems Remote Desktop Service via RDP. The update addresses the vulnerability by correcting how Remote Desktop Services handles connection requests. | ||||
| CVE-2019-1181 | 1 Microsoft | 16 Remote Desktop, Windows 10, Windows 10 1507 and 13 more | 2024-11-21 | 9.8 Critical |
| A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would need to send a specially crafted request to the target systems Remote Desktop Service via RDP. The update addresses the vulnerability by correcting how Remote Desktop Services handles connection requests. | ||||
| CVE-2018-16171 | 2 Cybozu, Microsoft | 2 Remote Service Manager, Windows | 2024-11-21 | N/A |
| Directory traversal vulnerability in Cybozu Remote Service 3.0.0 to 3.1.8 allows remote attackers to execute Java code file on the server via unspecified vectors. | ||||
| CVE-2018-16170 | 2 Cybozu, Microsoft | 2 Remote Service Manager, Windows | 2024-11-21 | N/A |
| Directory traversal vulnerability in Cybozu Remote Service 3.0.0 to 3.1.8 for Windows allows remote authenticated attackers to read arbitrary files via unspecified vectors. | ||||