2026-05 Security and Quality Rollup for .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012 for x64 (KB5088860)

2026-05 Security and Quality Rollup for .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012 for x64 KB5088860...

May 12, 2026-Security and Quality Rollup for .NET Framework 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Server 2012 (KB5087062)

May 12, 2026-Security and Quality Rollup for .NET Framework 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Server 2012 KB5087062 Applies to: Microsoft .NET Framework 4.6.2 Microsoft .NET Framework 4.7 Microsoft .NET Framework 4.7.1 Microsoft .NET Framework 4.7.2 Important The installation of this Extended...

May 12, 2026-Security and Quality Rollup for .NET Framework 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Server 2012 R2 (KB5087063)

May 12, 2026-Security and Quality Rollup for .NET Framework 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Server 2012 R2 KB5087063 Applies to: Microsoft .NET Framework 4.6.2 Microsoft .NET Framework 4.7 Microsoft .NET Framework 4.7.1 Microsoft .NET Framework 4.7.2 Important The installation of this Extend...

April 14, 2026-Security and Quality Rollup for .NET Framework 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Server 2012 (KB5082400)

April 14, 2026-Security and Quality Rollup for .NET Framework 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Server 2012 KB5082400 Applies to: Microsoft .NET Framework 4.6.2 Microsoft .NET Framework 4.7 Microsoft .NET Framework 4.7.1 Microsoft .NET Framework 4.7.2 Important The installation of this Extende...

CVE-2019-25580

ownDMS 4.7 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the IMG parameter. Attackers can send GET requests to pdfstream.php, imagestream.php, or anyfilestream.php with crafted SQL payloads in the...

PT-2026-26928

ownDMS 4.7 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the IMG parameter. Attackers can send GET requests to pdfstream.php, imagestream.php, or anyfilestream.php with crafted SQL payloads in the...

OPENSUSE-SU-2026:10252-1 cockpit-repos-4.7-4.1 on GA media

These are all security issues fixed in the cockpit-repos-4.7-4.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2026:20251-1 Security update for cockpit-repos

This update for cockpit-repos fixes the following issues: Update to version 4.7. Security issues fixed: - CVE-2025-13465: prototype pollution in the .unset and .omit functions can lead to deletion of methods from global bsc1257325. - CVE-2025-64718: js-yaml prototype pollution in merge bsc1255425...

CVE-2020-37135

AMSS++ 4.7 contains an authentication bypass vulnerability that allows attackers to access administrative accounts using hardcoded credentials. Attackers can log in with the default admin username and password '1234' to gain unauthorized administrative access to the system...

OPENSUSE-SU-2026:10149-1 cockpit-repos-4.7-2.1 on GA media

These are all security issues fixed in the cockpit-repos-4.7-2.1 package on the GA media of openSUSE Tumbleweed...

CVE-2021-47780

Macro Expert 4.7 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the improperly configured service path to inject malicious executables that will be run with LocalSystem permission...

CVE-2021-47780

Macro Expert 4.7 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the improperly configured service path to inject malicious executables that will be run with LocalSystem permission...

CVE-2021-47780

Macro Expert 4.7 is affected by an unquoted service path vulnerability, enabling local users to potentially execute arbitrary code with LocalSystem privileges during service startup. Root cause: improperly configured service path. Impact is high (local exploit). Remediation: ensure the service pa...

CVE-2021-47780 Macro Expert 4.7 - Unquoted Service Path

Macro Expert 4.7 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the improperly configured service path to inject malicious executables that will be run with LocalSystem permission...

CVE-2019-2669

Vulnerability in the Oracle CRM Technical Foundation component of Oracle E-Business Suite subcomponent: Preferences. Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6, 12.2.7 and 12.2.8. Easily exploitable vulnerability allows unauthenticated attacker with network...

Exploit for CVE-2025-67494

ZITADEL SSRF Exploit - CVE-2025-67494 Automated exploit for C...

CVE-2025-54983

The CVE-2025-54983 entry concerns Zscaler Client Connector for Windows. A health check port in versions 4.6 before 4.6.0.216 and 4.7 before 4.7.0.47 could fail to be released after use, potentially allowing traffic to bypass ZCC forwarding controls. Affected software: Zscaler Client Connector on ...

EUVD-2006-4808

Malware in sbrugna...

EUVD-2019-12261

Malware in sbrugna...

EUVD-2020-22603

Malware in sbrugna...