August 12, 2025—KB5063947 (Monthly Rollup)

August 12, 2025—KB5063947 Monthly Rollup Windows Secure Boot certificate expirationImportant: Secure Boot certificates used by most Windows devices are set to expire starting in June 2026. Microsoft has been updating these certificates on consumer and non-managed business devices for the past...

KB5063927: Windows Server 2008 R2 Security Update (August 2025)

The remote Windows host is missing security update 5063927. It is, therefore, affected by multiple vulnerabilities - Heap-based buffer overflow in Windows GDI+ allows an unauthorized attacker to execute code over a network. CVE-2025-53766 - Concurrent execution using shared resource with improper...

Microsoft Windows Remote Desktop Protocol 安全漏洞

Microsoft Windows Remote Desktop Protocol RDP is an application for connecting to remote Windows desktops from Microsoft USA. A security vulnerability exists in Microsoft Windows Remote Desktop. An attacker exploiting this vulnerability could bypass certain features. The following products and...

Microsoft Windows Secure Channel 安全漏洞

Microsoft Windows is a suite of operating systems for use on personal devices from the U.S.-based Microsoft Corporation Microsoft. A security vulnerability exists in Microsoft Windows Secure Channel. The following products and versions are affected:Windows Server 2022 Server Core...

Exploit for Path Traversal in Microsoft

〖EXP〗Ladon CVE-2021-40444 Office Vulnerability Reimplementatio...

Security and Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 7 SP1 and Windows Server 2008 R2 SP1 (KB5001878)

Security and Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 7 SP1 and Windows Server 2008 R2 SP1 KB5001878 Applies to: Microsoft .NET Framework 3.5.1 Microsoft .NET Framework 4.5.2 Microsoft .NET Framework 4.6 Microsoft .NET Framework 4.6.1...

Perfusion - Exploit For The RpcEptMapper Registry Key Permissions Vulnerability (Windows 7 / 2088R2 / 8 / 2012)

On Windows 7 , Windows Server 2008R2 , Windows 8 , and Windows Server 2012 , the registry key of the RpcEptMapper and DnsCache 7/2008R2 only services is configured with weak permissions. Any local user can create a Performance subkey and then leverage the WindowsPerformance Counters to load an...

Microsoft Windows CSC Security Vulnerability

Microsoft Windows CSC Service is an application from Microsoft USA. It allows the use of network files while the local computer is offline. A vulnerability exists in Microsoft Windows CSC Service, and no information is available at this time, please stay tuned to CNNVD or the vendor's announcemen...

Microsoft Windows Print Spooler Components Access Control Error Vulnerability

Microsoft Windows Print Spooler Components is a printing backend handler component from Microsoft Corporation USA. An access control error vulnerability exists in Microsoft Windows Print Spooler Components. The following products and editions are affected:Windows Server 2012 R2 Server Core...

Microsoft Hyper-V Security Vulnerability

Microsoft Hyper-V is an application from Microsoft Corporation USA. A system hypervisor virtualization technology that enables desktop virtualization. A security vulnerability exists in Windows Hyper-V. No information about this vulnerability is available at this time, please stay tuned to CNNVD ...

Restore Policy Console Utility

Created Date: 5/13/2016 Updated Date: 10/10/2017 Where to download ? Certain legacy Citrix tools are now available on request only. Please submit the request here - https://forms.gle/obA39PEz5qpDiSPq8 Once we verify your request, we will provide access to the download location. Description The...

Error 0x800401f0 when you update RemoteApp and Desktop Connections feeds in Windows 7 or Windows Server 2008 R2

Error 0x800401f0 when you update RemoteApp and Desktop Connections feeds in Windows 7 or Windows Server 2008 R2 Symptoms Consider the following scenario: You have update 2857650 installed on a computer that is running Windows 7 Service Pack 1 SP1 or Windows Server 2008 R2 SP1. You subscribe to a...

[サイバーセキュリティ月間2020] 製品のサポートが終了したらどうなるの？

2020 年 1 月に、広く利用されてきた Windows 7, Windows Server 2008/2008R2 のサポートが終了して既に数か月が過ぎました。サポートが終了す...

CVE-2018-8621

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows Server 2012, Windows 7, Windows Server 2008 R2. This CVE ID is unique from CVE-2018-8477, CVE-2018-8622...

Code Injection through DLL Sideloading in 64bit Oracle Java(CVE-2017-3511)

This blog post is about a DLL sideloading vulnerability in the 64bit Windows version of Oracle Java. It allows any local user to inject code in Java processes of other users. At the time of writing it has been verified with the latest stable 64bit Java version 1.8.0101 on both a fully patched...

Microsoft Video Control Remote Code Execution Vulnerability (3199151)

This host is missing a critical security update according to Microsoft Bulletin MS16-131. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Dealing with IIS FastCGI vulnerability-vulnerability warning-the black bar safety net

Problem description: FastCGI parsing vulnerability WebServer Fastcgi configured improperly, can cause other files, such as css, js, jpg and other static files are treated as php script parsing to perform. When the user inserts a malicious script webshell to static files uploaded to the webserver...

Microsoft Graphics Component Multiple Vulnerabilities (3164036)

This host is missing an important security update according to Microsoft Bulletin MS16-074. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Microsoft Windows Kerberos Checksum Remote Privilege Escalation Vulnerability (3011780)

This host is missing an important security update according to Microsoft Bulletin MS14-068. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

LAN Messenger <= 1.2.28 - Denial of Service Vulnerability

No description provided by source. !/usr/bin/python Exploit Title: LAN Messenger = v1.2.28 Remote Denial of Service Vulnerability Version: = v1.2.28 Date: 2012-04-28 Author: Julien Ahrens Homepage: www.inshell.net Software Link: http://lanmsngr.sourceforge.net/ Tested on: Windows XP SP3...