[Forgot Password]
Login  Register Subscribe

24002

 
 

127027

 
 

102010

 
 

909

 
 

81374

 
 

133

Paid content will be excluded from the download.


Download | Alert*


oval:org.secpod.oval:def:41213
An Information Disclosure vulnerability exists when the HTTP.sys server application component improperly handles objects in memory.An attacker who successfully exploited this vulnerability could obtain information to further compromise the HTTP.sys server application system.A remote unauthenticated ...

oval:org.secpod.oval:def:40926
A remote code execution vulnerability exists when Windows Search handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full use ...

oval:org.secpod.oval:def:39369
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delet ...

oval:org.secpod.oval:def:39114
The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8.1, Server 2012, Server 2012 R2, Server 2016, or Windows 10 and is prone to an information disclosure vulnerability. A flaw is present in the windows GDI, which fails to handle a craf ...

oval:org.secpod.oval:def:39836
A denial of service vulnerability exists in Active Directory when an authenticated attacker sends malicious search queries. An attacker who successfully exploited this vulnerability could cause the Active Directory service to become nonresponsive.To exploit this vulnerability, an attacker must have ...

oval:org.secpod.oval:def:39839
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. An authenticated attacker could exploit this vulnerability by runnin ...

oval:org.secpod.oval:def:38294
The host is installed with Microsoft Windows Vista SP2, Server 2008 SP2, Windows 7 SP1, Server 2008 R2 SP1, Windows 8.1, Windows 10, Server 2012, Server 2016 or Server 2012 R2 and is prone to a remote code execution vulnerability. A flaw is present in the Windows Uniscribe, which fails to properly h ...

oval:org.secpod.oval:def:41757
The operating system installed on the system is Microsoft Windows Server 2016.

oval:org.secpod.oval:def:39333
The host is missing a critical security update according to Microsoft security bulletin, MS17-008. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary ...

oval:org.secpod.oval:def:39334
A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system that could cause ...

oval:org.secpod.oval:def:39330
A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as ...

oval:org.secpod.oval:def:39331
A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as ...

oval:org.secpod.oval:def:39332
An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker on a guest operating system could run a specially crafted application that ...

oval:org.secpod.oval:def:39322
The host is missing an important security update according to Microsoft security bulletin, MS17-021. The update is required to fix an information disclosure vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to discl ...

oval:org.secpod.oval:def:39328
A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as ...

oval:org.secpod.oval:def:39329
A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system that could cause ...

oval:org.secpod.oval:def:39321
An information disclosure vulnerability exists in the way Windows DirectShow handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a target system.In a web-based attack scenario, an attacker could host a website used to att ...

oval:org.secpod.oval:def:39421
The host is missing a critical security update according to Microsoft security bulletin, MS17-012. The update is required to fix a remote code execution vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute a ...

oval:org.secpod.oval:def:40879
An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address, allowing an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (KASLR) bypass.An attacker who successfully exploited this vulnerability c ...

oval:org.secpod.oval:def:39307
The host is missing an important security update according to Microsoft security bulletin, MS17-016. The update is required to fix an XSS elevation of privilege vulnerability. The flaws are present in the application, which fails to handle crafted data. Successful exploitation could allow attackers ...

oval:org.secpod.oval:def:39411
The host is missing an critical security update according to Microsoft bulletin, MS17-013. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which improperly handles GDI components. An attacker who successfully exploited these vulnerabilities could ex ...

oval:org.secpod.oval:def:39823
The host is missing an important security update KB4015217

oval:org.secpod.oval:def:40495
The host is missing an important security update KB4019472

oval:org.secpod.oval:def:40934
The host is missing an important security update KB4022715

oval:org.secpod.oval:def:41243
The host is missing an important security update KB4025339

oval:org.secpod.oval:def:41680
The host is missing a critical security update KB4034658

oval:org.secpod.oval:def:42751
The host is missing an important security update KB4048953

oval:org.secpod.oval:def:42355
The host is missing a critical security update KB4041691

oval:org.secpod.oval:def:43777
This security setting determines the number of failed logon attempts that causes a user account to be locked out. A locked-out account cannot be used until it is reset by an administrator or until the lockout duration for the account has expired. You can set a value between 0 and 999 failed logon at ...

CVE    217
CVE-2017-0022
CVE-2017-0057
CVE-2017-0118
CVE-2017-0121
...
*CPE
cpe:/o:microsoft:windows_server_2016
XCCDF    5
xccdf_org.secpod_benchmark_general_Windows_Server_2016
xccdf_org.secpod_benchmark_PCI_3_2_Windows_Server_2016
xccdf_org.secpod_benchmark_NIST_800_171_R1_Windows_Server_2016
xccdf_org.secpod_benchmark_HIPAA_45CFR_164_Windows_Server_2016
...

© 2013 SecPod Technologies