May 14, 2024—KB5037765 (OS Build 17763.5820) - EXPIRED

May 14, 2024—KB5037765 OS Build 17763.5820 - EXPIRED EXPIRATION NOTICEIMPORTANT As of March 31, 2026, this update is no longer available from the Microsoft Update Catalog or other release channels. We recommend that you update your devices to the latest version of Windows. ​​​​​​​ 11/17/20 For...

May 14, 2024—KB5037782 (OS Build 20348.2461)

May 14, 2024—KB5037782 OS Build 20348.2461 For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows Server 2022, see its update history page. Note Follow @WindowsUpdate to find out when ne...

CVE-2024-27002

In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: Do a runtime PM get on controllers during probe mt8183-mfgcfg has a mutual dependency with genpd during the probing stage, which leads to a deadlock in the following call stack: CPU0: genpdlock -- clkpreparelock...

CVE-2024-27002 clk: mediatek: Do a runtime PM get on controllers during probe

In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: Do a runtime PM get on controllers during probe mt8183-mfgcfg has a mutual dependency with genpd during the probing stage, which leads to a deadlock in the following call stack: CPU0: genpdlock -- clkpreparelock...

CVE-2024-27002 clk: mediatek: Do a runtime PM get on controllers during probe

In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: Do a runtime PM get on controllers during probe mt8183-mfgcfg has a mutual dependency with genpd during the probing stage, which leads to a deadlock in the following call stack: CPU0: genpdlock -- clkpreparelock...

Aruba Networks ArubaOS 安全漏洞

Aruba Networks ArubaOS is an operating system for Aruba Mobility-Defined Networks, including Mobility Controllers and Mobility Access Switches, from Aruba Networks, USA. A security vulnerability exists in Aruba Networks ArubaOS that stems from the presence of an unauthenticated Denial of Service...

Aruba Networks ArubaOS 安全漏洞

Aruba Networks ArubaOS is an operating system for Aruba Mobility-Defined Networks, including Mobility Controllers and Mobility Access Switches, from Aruba Networks, Inc. A security vulnerability exists in Aruba Networks ArubaOS that originates from an unauthenticated denial of service vulnerabili...

SP Project & Document Manager <= 4.71 - Subscriber+ File Download via IDOR

Description The plugin lacks proper access controllers and allows a logged in user to view and download files belonging to another user PoC As a logged in user, send a GET request: GET /wp-admin/admin-ajax.php?action=cdmfilelist=3CHANGE HERE=0CHANGE HERE=&=1708406394720 You can view files and...

CVE-2024-1480

Unitronics Vision Standard line of controllers allow the Information Mode password to be retrieved without authentication...

CVE-2024-3493

A specific malformed fragmented packet type fragmented packets may be generated automatically by devices that send large amounts of data can cause a major nonrecoverable fault MNRF Rockwell Automation's ControlLogix 5580, Guard Logix 5580, CompactLogix 5380, and 1756-EN4TR. If exploited, the...

Cisco IOS XE Software for Wireless LAN Controllers Multicast DNS DoS (cisco-sa-wlc-mdns-dos-4hv6pBGf)

According to its self-reported version, Cisco IOS-XE Software is affected by a vulnerability. - A vulnerability in the multicast DNS mDNS gateway feature of Cisco IOS XE Software for Wireless LAN Controllers WLCs could allow an unauthenticated, adjacent attacker to cause a denial of service DoS...

CVE-2021-47195

In the Linux kernel, the following vulnerability has been resolved: spi: fix use-after-free of the addlock mutex Commit 6098475d4cb4 "spi: Fix deadlock when adding SPI controllers on SPI buses" introduced a per-controller mutex. But mutexunlock of said lock is called after the controller is alrea...

CVE-2021-47195 spi: fix use-after-free of the add_lock mutex

In the Linux kernel, the following vulnerability has been resolved: spi: fix use-after-free of the addlock mutex Commit 6098475d4cb4 "spi: Fix deadlock when adding SPI controllers on SPI buses" introduced a per-controller mutex. But mutexunlock of said lock is called after the controller is alrea...

April 9, 2024—KB5036910 (OS Build 25398.830)

April 9, 2024—KB5036910 OS Build 25398.830 For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows Server, version 23H2, see its update history page. Improvements This security update...

Siemens SCALANCE W700产品系列安全漏洞

Siemens SCALANCE is a series of Ethernet switches from Siemens, Germany. It connects to industrial control system ICS devices, including programmable logic controllers PLCs and human machine interface HMI systems. A security vulnerability exists in the Siemens SCALANCE W700 product family that...

Siemens SCALANCE W700产品系列安全漏洞

Siemens SCALANCE is a series of Ethernet switches from Siemens, Germany. It connects to Industrial Control System ICS devices, including Programmable Logic Controllers PLCs and Human Machine Interface HMI systems. A security vulnerability exists in the Siemens SCALANCE W700 product family, which...

CVE-2024-20303

A vulnerability in the multicast DNS mDNS gateway feature of Cisco IOS XE Software for Wireless LAN Controllers WLCs could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition. This vulnerability is due to improper management of mDNS client entries. An attacker...

CVE-2024-20303

A vulnerability in the multicast DNS mDNS gateway feature of Cisco IOS XE Software for Wireless LAN Controllers WLCs could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition. This vulnerability is due to improper management of mDNS client entries. An attacker...

CVE-2024-20303

Cisco IOS XE Software for Wireless LAN Controllers (WLCs) contains a DoS vulnerability in the multicast DNS (mDNS) gateway due to improper management of mDNS client entries. An unauthenticated, adjacent attacker can exploit by sending a continuous stream of specific mDNS packets after connecting ...

CVE-2024-20303

A vulnerability in the multicast DNS mDNS gateway feature of Cisco IOS XE Software for Wireless LAN Controllers WLCs could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition. This vulnerability is due to improper management of mDNS client entries. An attacker...