Microsoft Windows ALPC 竞争条件问题漏洞

Microsoft Windows ALPC is an inter-process communication tool for high-speed messaging from Microsoft Corporation USA. A vulnerability exists in Microsoft Windows ALPC due to a competitive condition issue. The following products and editions are affected:Windows 10 Version 21H1 for ARM64-based...

Microsoft Windows 竞争条件问题漏洞

Microsoft Windows is a suite of operating systems for use on personal devices from Microsoft Corporation USA. A competitive conditions issue exists in the Microsoft Windows Group Policy Preference Client vulnerability. The following products and editions are affected: Windows 10 Version 22H2 for...

Microsoft Windows 安全漏洞

Microsoft Windows is a suite of operating systems for use on personal devices from the U.S.-based Microsoft Corporation Microsoft. A security vulnerability exists in Microsoft Windows Extensible File Allocation. The following products and versions are affected:Windows 10 Version 1809 for 32-bit...

Microsoft Network Device Enrollment Service (NDES) 安全漏洞

Microsoft Network Device Enrollment Service NDES is a Microsoft company that allows software on routers and other network devices running without domain credentials to obtain Simple Certificate Enrollment Protocol SCEP-based certificates. A security vulnerability exists in the Microsoft Network...

Microsoft HTTP.sys 资源管理错误漏洞

Microsoft HTTP.sys is an application protocol from Microsoft Corporation USA.HTTP Application Protocol. Microsoft HTTP.sys is vulnerable to a resource management error. The following products and editions are affected: Windows Server 2022,Windows Server 2022 Server Core installation,Windows Serve...

Microsoft Graphics Component 安全漏洞

Microsoft Graphics Component is a graphics driver component from Microsoft Corporation USA. A security vulnerability exists in Microsoft Graphics Component. The following products and editions are affected:Windows Server 2019 Server Core installation,Windows 10 Version 21H1 for x64-based...

Microsoft Windows Kerberos 安全漏洞

Microsoft Windows Kerberos is a software for authentication in network clusters from Microsoft Corporation.Kerberos also serves as a network authentication protocol designed to provide strong authentication services to client/server applications via a key system. A security vulnerability exists i...

CVE-2022-33915

Versions of the Amazon AWS Apache Log4j hotpatch package before log4j-cve-2021-44228-hotpatch-1.3.5 are affected by a race condition that could lead to a local privilege escalation. This Hotpatch package is not a replacement for updating to a log4j version that mitigates CVE-2021-44228 or...

CVE-2022-33915

Versions of the Amazon AWS Apache Log4j hotpatch package before log4j-cve-2021-44228-hotpatch-1.3.5 are affected by a race condition that could lead to a local privilege escalation. This Hotpatch package is not a replacement for updating to a log4j version that mitigates CVE-2021-44228 or...

CVE-2022-33915

Versions of the Amazon AWS Apache Log4j hotpatch package before log4j-cve-2021-44228-hotpatch-1.3.5 are affected by a race condition that could lead to a local privilege escalation. This Hotpatch package is not a replacement for updating to a log4j version that mitigates CVE-2021-44228 or...

Race condition

Versions of the Amazon AWS Apache Log4j hotpatch package before log4j-cve-2021-44228-hotpatch-1.3.5 are affected by a race condition that could lead to a local privilege escalation. This Hotpatch package is not a replacement for updating to a log4j version that mitigates CVE-2021-44228 or...

CVE-2022-33915

Versions of the Amazon AWS Apache Log4j hotpatch package before log4j-cve-2021-44228-hotpatch-1.3.5 are affected by a race condition that could lead to a local privilege escalation. This Hotpatch package is not a replacement for updating to a log4j version that mitigates CVE-2021-44228 or...

CVE-2022-33915

CVE-2022-33915 describes a race-condition in the Amazon AWS log4j-cve-2021-44228-hotpatch package (pre-1.3.5). The hotpatch iterates running Java processes and loads a patch with the same permissions, which can be exploited by a local user to cause a privileged execution when a custom Java proces...

Amazon AWS 竞争条件问题漏洞

Amazon AWS is a cloud computing platform from the U.S.-based Amazon.com that provides a range of services including information technology infrastructure and applications, such as storage, databases, computing, machine learning, and more, to individuals, businesses, and governments. A security...

Amazon Linux AMI : log4j-cve-2021-44228-hotpatch (ALAS-2022-1601)

The version of log4j-cve-2021-44228-hotpatch installed on the remote host is prior to 1.3-5. It is, therefore, affected by a vulnerability as referenced in the ALAS-2022-1601 advisory. Versions of the Apache Log4j hotpatch package before log4j-cve-2021-44228-hotpatch-1.3-5 are affected by a race...

Amazon Linux 2 : log4j-cve-2021-44228-hotpatch (ALAS-2022-1806)

The version of log4j-cve-2021-44228-hotpatch installed on the remote host is prior to 1.3-5. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2022-1806 advisory. Versions of the Apache Log4j hotpatch package before log4j-cve-2021-44228-hotpatch-1.3-5 are affected by a race...

Important: log4j-cve-2021-44228-hotpatch

Issue Overview: Versions of the Apache Log4j hotpatch package before log4j-cve-2021-44228-hotpatch-1.3-5 are affected by a race condition that could lead to a local privilege escalation. The Apache Log4j Hotpatch is not a replacement for updating to a log4j version that mitigates CVE-2021-44228 o...

Important: log4j-cve-2021-44228-hotpatch

Issue Overview: Versions of the Apache Log4j hotpatch package before log4j-cve-2021-44228-hotpatch-1.3-5 are affected by a race condition that could lead to a local privilege escalation. The Apache Log4j Hotpatch is not a replacement for updating to a log4j version that mitigates CVE-2021-44228 o...

Microsoft Windows Kernel 安全漏洞

Microsoft Windows Kernel is the kernel of the Windows operating system by Microsoft Corporation USA. A security vulnerability exists in Microsoft Windows Kernel. The following products and versions are affected:Windows 10 Version 1809 for 32-bit Systems,Windows 10 Version 1809 for x64-based...

Microsoft Lightweight Directory Access Protocol 安全漏洞

Microsoft Lightweight Directory Access Protocol LDAP is a directory services protocol from Microsoft Corporation that runs on a layer above the TCP/IP stack. A security vulnerability exists in Microsoft Lightweight Directory Access Protocol. The following products and versions are affected:Window...