Authentication LAN Windows 
Tenable
FEBRUARY 11, 2025
Important CVE-2025-21418 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability CVE-2025-21418 is an EoP vulnerability in the Ancillary Function Driver for WinSock for Microsoft Windows. A local, authenticated attacker could exploit this vulnerability to elevate to SYSTEM level privileges.
Tenable
SEPTEMBER 14, 2020
Security researchers reveal how the cryptographic authentication scheme in Netlogon can be exploited to take control of a Windows domain controller (DC). An attacker can exploit this flaw to impersonate the identity of any machine on a network when attempting to authenticate to the Domain Controller (DC). Background.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Tenable
SEPTEMBER 12, 2023
Successful exploitation of this flaw would allow for the disclosure of New Technology LAN Manager (NTLM) hashes. Successful exploitation of these vulnerabilities requires an attacker to authenticate with LAN-access and have valid credentials for an Exchange user. Each of these vulnerabilities were given CVSSv3 scores of 8.0
Tenable
FEBRUARY 13, 2024
Moderate CVE-2024-21351 | Windows SmartScreen Security Feature Bypass Vulnerability CVE-2024-21351 is a security feature bypass vulnerability in Windows SmartScreen. Since 2022, there have been five Windows SmartScreen vulnerabilities disclosed across Patch Tuesday. It was assigned a CVSSv3 score of 7.6 and is rated moderate.
Tenable
AUGUST 13, 2024
and could be abused by an authenticated attacker to bypass server-side request forgery (SSRF) protections in order to leak potentially sensitive information. This vulnerability received a CVSSv3 score of 8.5 CVE-2024-38133 and CVE-2024-38153 received CVSSv3 scores of 7.8, while CVE-2024-38106 was scored as a 7.
Tenable
OCTOBER 10, 2023
Successful exploitation could lead to the disclosure of New Technology LAN Manager (NTLM) hashes. Critical CVE-2023-35349 | Microsoft Message Queuing Remote Code Execution Vulnerability CVE-2023-35349 is a RCE vulnerability in the Microsoft Message Queuing (MSMQ) component of Windows operating systems that was assigned a CVSSv3 score of 9.8
Tenable
MAY 10, 2022
Microsoft Windows ALPC. Role: Windows Fax Service. Role: Windows Hyper-V. Tablet Windows User Interface. Windows Active Directory. Windows Address Book. Windows Authentication Methods. Windows BitLocker. Windows Cluster Shared Volume (CSV). Windows Kerberos. Windows Kernel.
Expert insights. Personalized for you.
70 
Let's personalize your content