754 matches found
Nagios XI 安全漏洞
Nagios XI is a suite of IT infrastructure monitoring solutions from US-based Nagios. The solution supports monitoring and alerting of applications, services, operating systems and more. A security vulnerability exists in Nagios XI versions prior to 5.8.2 and CCM versions prior to 3.1.1, which ste...
PT-2025-44532
Name of the Vulnerable Software and Affected Versions Nagios XI versions prior to 2012R1.3 Description Nagios XI is affected by a SQL injection issue in the legacy Core Configuration Manager CCM interface. Authenticated users can manipulate SQL queries by providing crafted input to specific CCM...
Nagios XI 安全漏洞
Nagios XI is a suite of IT infrastructure monitoring solutions from the US-based Nagios. The solution supports monitoring and alerting of applications, services, operating systems and more. A security vulnerability exists in Nagios XI versions prior to 5.7.4 and CCM versions prior to 3.0.7, which...
Microsoft Endpoint Configuration Manager (CVE-2025-59501)
The Microsoft Endpoint Configuration Manager application installed on the remote host is missing a security hotfix documented in the vendor advisory. It is, therefore, affected by an elevation of privilege vulnerability. An attacker could exploit this vulnerability by modifying the user principal...
Microsoft Configuration Manager Spoofing Vulnerability
Authentication bypass by spoofing in Microsoft Configuration Manager allows an authorized attacker to perform spoofing over an adjacent network...
KLA89722 Multiple vulnerability in Microsoft System Center
Multiple vulnerability was found in Microsoft System Center. Malicious users can exploit this vulnerability to spoof user interface. Original advisories CVE-2025-59501 Related products Microsoft-Configuration-Manager CVE list CVE-2025-59501 warning Solution Install necessary updates from the KB...
PT-2025-44654
Name of the Vulnerable Software and Affected Versions Microsoft Configuration Manager affected versions not specified Description An authentication bypass through spoofing exists in Microsoft Configuration Manager. This allows an authorized attacker to perform spoofing attacks over an adjacent...
Microsoft Configuration Manager 安全漏洞
Microsoft Configuration Manager is a Microsoft solution for managing computers and servers within an organization that helps IT departments keep software up-to-date, set configuration and security policies, and monitor system status. A security vulnerability exists in Microsoft Configuration...
Microsoft Endpoint Configuration Manager (October 2025)
The Microsoft Endpoint Configuration Manager application installed on the remote host is missing a security hotfix documented in KB34503790. It is, therefore, affected by multiple vulnerabilities: - An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges...
CVE-2025-55320
Improper neutralization of special elements used in an sql command 'sql injection' in Microsoft Configuration Manager allows an authorized attacker to elevate privileges over an adjacent network...
CVE-2025-59213
Improper neutralization of special elements used in an sql command 'sql injection' in Microsoft Configuration Manager allows an unauthorized attacker to elevate privileges locally...
EUVD-2025-34289
Improper neutralization of special elements used in an sql command 'sql injection' in Microsoft Configuration Manager allows an unauthorized attacker to elevate privileges locally...
Vulnerabilities fixed in Microsoft System Center
Microsoft has fixed vulnerabilities in System Center Configuration Manager. A malicious party could exploit the vulnerabilities to grant themselves elevated privileges, potentially gaining access to sensitive data or executing arbitrary code with elevated privileges. For successful misuse, the...
CVE-2025-59213
Improper neutralization of special elements used in an sql command 'sql injection' in Microsoft Configuration Manager allows an unauthorized attacker to elevate privileges over an adjacent network...
CVE-2025-59213
Improper neutralization of special elements used in an sql command 'sql injection' in Microsoft Configuration Manager allows an unauthorized attacker to elevate privileges over an adjacent network...
CVE-2025-55320
Improper neutralization of special elements used in an sql command 'sql injection' in Microsoft Configuration Manager allows an authorized attacker to elevate privileges over an adjacent network...
CVE-2025-55320
Improper neutralization of special elements used in an sql command 'sql injection' in Microsoft Configuration Manager allows an authorized attacker to elevate privileges over an adjacent network...
CVE-2025-59213 Configuration Manager Elevation of Privilege Vulnerability
...
CVE-2025-59213
Improper neutralization of special elements used in an sql command 'sql injection' in Microsoft Configuration Manager allows an unauthorized attacker to elevate privileges over an adjacent network...
CVE-2025-59213 Configuration Manager Elevation of Privilege Vulnerability
...