MSRPC vulnerabilities

Showing 1 - 6 of 6 CVEs

  1. CVE-2025-29969 Published May 13, 2025

    Time-of-check time-of-use (toctou) race condition in Windows Fundamentals allows an authorized attacker to execute code over a network.

  2. CVE-2025-26651 Published Apr 8, 2025

    Exposed dangerous method or function in Windows Local Session Manager (LSM) allows an authorized attacker to deny service over a network.

  3. CVE-2024-37079 Published Jun 18, 2024

    vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a specially crafted network packet potentially leading to remote code execution.

  4. CVE-2022-26809 Published Apr 15, 2022

    Remote Procedure Call Runtime Remote Code Execution Vulnerability

  5. CVE-2021-36958 Published Aug 12, 2021

    <p>A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.</p>

  6. CVE-2021-1678 Published Jan 12, 2021

    Windows Print Spooler Spoofing Vulnerability