Microsoft SQL Server 安全漏洞

Microsoft SQL Server is a large-scale commercial database system developed by Microsoft Corporation, used under the Microsoft Windows operating system. There are security vulnerabilities in Microsoft SQL Server. Attackers can exploit these vulnerabilities to execute code remotely. The following...

Microsoft System Center Operations Manager 输入验证错误漏洞

Microsoft System Center Operations Manager is a large-scale monitoring and management software developed by Microsoft for use in corporate environments. This software was originally known as MOM Microsoft Operations Manager and is primarily used for monitoring IT systems, providing monitoring...

PT-2025-15433 · Ivanti · Ivanti Endpoint Manager

Name of the Vulnerable Software and Affected Versions: Ivanti Endpoint Manager versions prior to 2024 SU1 Ivanti Endpoint Manager versions prior to 2022 SU7 Description: The issue concerns improper certificate validation, allowing a remote unauthenticated attacker to intercept limited traffic...

📄 Microsoft SQL Server 2022 Missing Log Entry

Microsoft SQL Server 2022 fails to properly log when a security audit is configured for SERVERPERMISSIONCHANGEGROUP. Title: SQL Server 2022 Security Audit Failure Vulnerability Product: Microsoft SQL Server Affected Versions: 2022 RTM-CU18 KB5050771 Tested Versions: 2022 RTM-CU18 KB5050771 Fix:...

Microsoft Visual Studio 安全漏洞

Microsoft Visual Studio is a family of development tool suites and a fundamentally complete set of development tools from Microsoft Corporation USA that includes most of the tools needed throughout the software lifecycle. A security vulnerability exists in Microsoft Visual Studio. An attacker cou...

Ivanti EPM SQL注入漏洞

Ivanti EPM is a one-stop shop for managing user profiles and all client devices from Ivanti USA. An SQL injection vulnerability exists in Ivanti EPM 2022 SU5 and prior versions, which can be exploited by an attacker to execute arbitrary code...

JetBrains IntelliJ IDEA 代码问题漏洞

JetBrains IntelliJ IDEA is a set of integrated development environments for the Java language from the Czech company JetBrains. A security vulnerability exists in JetBrains IntelliJ IDEA versions prior to 2022.3, which stems from an XXE attack that can be performed via a request to a custom plugi...

GE CIMPLICITY HMI/SCADA Software 缓冲区错误漏洞

GE CIMPLICITY HMI/SCADA Software is an automated industrial platform from General Electric GE. It provides true client-server visualization and control from a single machine to plant locations around the world to help manage operations and improve decision making. A security vulnerability exists ...

Microsoft Visual Studio 安全漏洞

Microsoft Visual Studio is a family of development tool suites and a fundamentally complete set of development tools from Microsoft Corporation USA that includes most of the tools needed throughout the software lifecycle. A security vulnerability exists in Microsoft Visual Studio. An attacker cou...

Trend Micro Security 缓冲区错误漏洞

Trend Micro Security Consumer is an antivirus software from Trend Micro, Inc. A buffer error vulnerability exists in Trend Micro Security 2021 and 2022 Consumer that originates from a boundary condition. A local user can trigger an out-of-bounds read error and read the contents of memory on the...

Flower 授权问题漏洞

Flower is a Web-based, real-time monitoring and management of Celery distributed task queues. A denial of service vulnerability exists in the May 2, 2022 version of Flower and prior versions, which stems from being vulnerable to OAuth authentication bypass. An attacker can use this vulnerability ...

Visual Studio 2022 version 17.6.18 update

This security update applies to all editions of Visual Studio 2022, and will update client machines on the LTSC channel to version 17.6.18. The client machines must be enabled to receive this administrator update, and by default Visual Studio must be closed on the client in order for the update t...

Server 2022 Hotpatch Category

Category for Server operating system- 21H2 Hotpatch...