go-bi

3 exploits Active since May 2019
CVE-2025-53770 NOMISEC CRITICAL WORKING POC
Microsoft SharePoint Server - Code Injection
Deserialization of untrusted data in on-premises Microsoft SharePoint Server allows an unauthorized attacker to execute code over a network. Microsoft is aware that an exploit for CVE-2025-53770 exists in the wild. Microsoft is preparing and fully testing a comprehensive update to address this vulnerability. In the meantime, please make sure that the mitigation provided in this CVE documentation is in place so that you are protected from exploitation.
CVSS 9.8
CVE-2025-53772 NOMISEC HIGH SUSPICIOUS
Web Deploy - Code Injection
Deserialization of untrusted data in Web Deploy allows an authorized attacker to execute code over a network.
CVSS 8.8
CVE-2019-0708 NOMISEC CRITICAL STUB
CVE-2019-0708 BlueKeep RDP Remote Windows Kernel Use After Free
A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'.
CVSS 9.8