2877 matches found
CVE-2021-26264
A specially crafted script could cause the DeltaV Distributed Control System Controllers All Versions to restart and cause a denial-of-service condition...
CVE-2021-44463 Emerson DeltaV Uncontrolled Search Path Element
Missing DLLs, if replaced by an insider, could allow an attacker to achieve local privilege escalation on the DeltaV Distributed Control System Controllers and Workstations All versions when some DeltaV services are started...
CVE-2021-26264
CVE-2021-26264 affects Emerson DeltaV Distributed Control System Controllers and Workstations (All Versions) due to Missing Authentication for Critical Function, allowing a specially crafted script to restart a controller and cause a denial-of-service. Root cause per public records is an access/a...
kernel: race condition for removal of the HCI controller
A flaw was found in the Linux kernel’s handling of the removal of Bluetooth HCI controllers. This flaw allows an attacker with a local account to exploit a race condition, leading to corrupted memory and possible privilege escalation. The highest threat from this vulnerability is to...
January 18, 2022—KB5010791 (OS Build 17763.2458) Out-of-band
January 18, 2022—KB5010791 OS Build 17763.2458 Out-of-band 11/17/20 For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows 10, version 1809, see its update history page. Highlights Updat...
January 17, 2022—KB5010793 (OS Builds 19042.1469, 19043.1469, and 19044.1469) Out-of-band
January 17, 2022—KB5010793 OS Builds 19042.1469, 19043.1469, and 19044.1469 Out-of-band UPDATED 01/11/22 REMINDER Windows 10, version 2004 reached end of servicing on December 14, 2021. To continue receiving security and quality updates, Microsoft recommends that you update to the latest version ...
KB5010799: Out-of-band update for Windows Server 2008 SP2: January 17, 2022
KB5010799: Out-of-band update for Windows Server 2008 SP2: January 17, 2022 Summary This update resolves the following issues: Active Directory attributes are not written correctly during a Lightweight Directory Access Protocol LDAP modify operation with multiple specific attribute changes. Windo...
Citrix PVS soap server service does not start and crashes after installing Microsoft January 2022 Updates (E.g. KB5008877 or KB5009546)
Since installing Microsoft January 2022 Updates like KB5009546 or KB5008877 the Citrix PVS soap server service doesn't start anymore. When trying to start this service it crashes right away. While this happens the Citrix PVS API service also stops working. Soapserver.exe crashes Event 1000 .net...
Storefront unable to communicate with Delivery controllers over HTTPS.
SSL Error on Storefront Event Logs:...
Microsoft Yanks Buggy Windows Server Updates
Microsoft has yanked the Windows Server updates it issued on Patch Tuesday after admins found that the updates had critical bugs that break three things: They trigger spontaneous boot loops on Windows servers that act as domain controllers, break Hyper-V and render ReFS volume systems unavailable...
CVE-2021-32996
The FANUC R-30iA and R-30iB series controllers are vulnerable to integer coercion errors, which cause the device to crash. A restart is required...
CVE-2021-32996
The FANUC R-30iA and R-30iB series controllers are vulnerable to integer coercion errors, which cause the device to crash. A restart is required...
CVE-2021-32998
The FANUC R-30iA and R-30iB series controllers are vulnerable to an out-of-bounds write, which may allow an attacker to remotely execute arbitrary code. INIT START/restore from backup required...
CVE-2021-32998
The FANUC R-30iA and R-30iB series controllers are vulnerable to an out-of-bounds write, which may allow an attacker to remotely execute arbitrary code. INIT START/restore from backup required...
CVE-2021-32996
The FANUC R-30iA and R-30iB series controllers are vulnerable to integer coercion errors, which cause the device to crash. A restart is required...
CVE-2021-32996
CVE-2021-32996 affects FANUC R-30iA/R-30iB family controllers (and related mate/Plus variants) as documented by ICS-TIP and CISA: vulnerable component is integer coercion (CWE-192) that can crash the device, with a related out-of-bounds write (CWE-787) potentially enabling remote code execution. ...
Active Directory Bugs Could Let hackers Take Over Windows Domain Controllers
Microsoft is urging customers to patch two security vulnerabilities in Active Directory domain controllers that it addressed in November following the availability of a proof-of-concept PoC tool on December 12. The two vulnerabilities — tracked as CVE-2021-42278 and CVE-2021-42287 — have a severi...
Emerson Electric Emerson DeltaV Distributed Control System 代码问题漏洞
Emerson Electric Emerson DeltaV Distributed Control System is an automated distributed control system from Emerson Electric. The system includes features such as network security management, alarm management, batch control, and change management. A code issue vulnerability exists in Emerson Delta...
The vulnerability of programmable logic controllers MELSEC iQ-R, MELSEC Q, and MELSEC L, related to uncontrolled resource consumption, allows a intruder to cause malfunctions during maintenance operations.
The vulnerability of the programmable logic controllers MELSEC iQ-R, MELSEC Q, and MELSEC L is related to an uncontrolled consumption of resources. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause malfunctions in the service provided by the controller, using...
The vulnerability of the module of central processors in programmable logic controllers such as MELIPC, MELSEC iQ-R, MELSEC Q, and MELSEC L allows a intruder to trigger a service failure.
The vulnerability of the microcontroller modules in programmable logic controllers such as MELIPC, MELSEC iQ-R, MELSEC Q, and MELSEC L is related to errors in processing input data length parameters. Exploiting this vulnerability can allow an attacker, operating remotely, to cause malfunctions...