Vulnerabilities > Microsoft > Windows XP
|2020-04-29||CVE-2019-5620|| Missing Authentication for Critical Function vulnerability in ABB Microscada PRO Sys600 9.3 |
ABB MicroSCADA Pro SYS600 version 9.3 suffers from an instance of CWE-306: Missing Authentication for Critical Function.
| 7.5 |
|2020-02-20||CVE-2012-5364|| Resource Exhaustion vulnerability in Microsoft products |
The IPv6 implementation in Microsoft Windows 7 and earlier allows remote attackers to cause a denial of service via a flood of ICMPv6 Router Advertisement packets containing multiple Routing entries.
| 7.8 |
|2020-02-20||CVE-2012-5362|| Resource Exhaustion vulnerability in Microsoft products |
The IPv6 implementation in Microsoft Windows 7 and earlier allows remote attackers to cause a denial of service via a flood of ICMPv6 Neighbor Solicitation messages, a different vulnerability than CVE-2010-4669.
| 7.8 |
|2020-02-11||CVE-2014-9748|| Race Condition vulnerability in Libuv |
The uv_rwlock_t fallback implementation for Windows XP and Server 2003 in libuv before 1.7.4 does not properly prevent threads from releasing the locks of other threads, which allows attackers to cause a denial of service (deadlock) or possibly have unspecified other impact by leveraging a race condition.
| 6.8 |
|2019-12-10||CVE-2019-1489|| Information Exposure vulnerability in Microsoft Windows XP |
An information disclosure vulnerability exists when the Windows Remote Desktop Protocol (RDP) fails to properly handle objects in memory, aka 'Remote Desktop Protocol Information Disclosure Vulnerability'.
| 5.0 |
|2019-05-16||CVE-2019-0708|| USE After Free vulnerability in Microsoft products |
A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'.
| 10.0 |
|2018-04-26||CVE-2017-14010|| Uncontrolled Search Path Element vulnerability in Spidercontrol Scada Microbrowser 22.214.171.124 |
In SpiderControl MicroBrowser Windows XP, Vista 7, 8 and 10, Versions 126.96.36.199 and prior, an uncontrolled search path element vulnerability has been identified which could be exploited by placing a specially crafted DLL file in the search path.
| 6.8 |
|2018-02-06||CVE-2018-5457|| Uncontrolled Search Path Element vulnerability in Vyaire Carefusion Upgrade Utility 188.8.131.52 |
A uncontrolled search path element issue was discovered in Vyaire Medical CareFusion Upgrade Utility used with Windows XP systems, Versions 184.108.40.206 and prior versions.
| 6.9 |
|2017-06-22||CVE-2017-0176|| Classic Buffer Overflow vulnerability in Microsoft Windows Server 2003 and Windows XP |
A buffer overflow in Smart Card authentication code in gpkcsp.dll in Microsoft Windows XP through SP3 and Server 2003 through SP2 allows a remote attacker to execute arbitrary code on the target computer, provided that the computer is joined in a Windows domain and has Remote Desktop Protocol connectivity (or Terminal Services) enabled.
| 9.3 |
|2017-06-15||CVE-2017-8487|| Remote Code Execution vulnerability in Microsoft Windows Server 2003 and Windows XP |
Windows OLE in Windows XP and Windows Server 2003 allows an attacker to execute code when a victim opens a specially crafted file or program aka "Windows olecnv32.dll Remote Code Execution Vulnerability."
| 9.3 |