EUVD-2025-208695

Browser caching of LAPS passwords in Truesec’s LAPSWebUI before version 2.4 allows an attacker with access to a workstation to escalate their privileges via disclosure of local admin passwords...

CVE-2025-15554

Browser caching of LAPS passwords in Truesec’s LAPSWebUI before version 2.4 allows an attacker with access to a workstation to escalate their privileges via disclosure of local admin passwords...

CVE-2025-15554

The CVE concerns Truesec LAPSWebUI (before v2.4) where browser caching of LAPS passwords may allow a workstation user to escalate privileges through disclosure of local admin passwords. Affected component: LAPSWebUI; root cause: passwords cached by the browser. Impact: potential local privilege e...

CVE-2025-15552

Insufficient Session Expiration in Truesec’s LAPSWebUI before version 2.4 allows an attacker with access to a workstation to escalate their privileges via disclosure of local admin password...

Truesec LAPSWebUI 安全漏洞

Truesec LAPSWebUI is a web-based management interface provided by the Swedish company Truesec. Versions of Truesec LAPSWebUI prior to version 2.4 contained security vulnerabilities. These vulnerabilities stemmed from a malfunctioning logout function, which could allow attackers to gain elevated...

VulnCheck KEV: CVE-2024-37393

Multiple LDAP injections vulnerabilities exist in SecurEnvoy MFA before 9.4.514 due to improper validation of user-supplied input. An unauthenticated remote attacker could exfiltrate data from Active Directory through blind LDAP injection attacks against the DESKTOP service exposed on the...

EUVD-1999-0683

Malware in sbrugna...

Windows LAPS

Binary data wmiwindowslaps.nbin...

July 9, 2024—KB5040438 (OS Build 25398.1009)

July 9, 2024—KB5040438 OS Build 25398.1009 For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows Server, version 23H2, see its update history page. Improvements This security update...

CVE-2024-37393

Multiple LDAP injections vulnerabilities exist in SecurEnvoy MFA before 9.4.514 due to improper validation of user-supplied input. An unauthenticated remote attacker could exfiltrate data from Active Directory through blind LDAP injection attacks against the DESKTOP service exposed on the...

April 9, 2024—KB5036909 (OS Build 20348.2402)

April 9, 2024—KB5036909 OS Build 20348.2402 For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows Server 2022, see its update history page. Note Follow @WindowsUpdate to find out when n...

January 9, 2024—KB5034129 (OS Build 20348.2227)

January 9, 2024—KB5034129 OS Build 20348.2227 For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows Server 2022, see its update history page. Note Follow @WindowsUpdate to find out when...

PT-2023-8254 · Poly · Edge E220 +36

Name of the Vulnerable Software and Affected Versions: Poly Trio 8300, Trio 8500, Trio 8800, Trio C60, CCX 350, CCX 400, CCX 500, CCX 505, CCX 600, CCX 700, EDGE E100, EDGE E220, EDGE E300, EDGE E320, EDGE E350, EDGE E400, EDGE E450, EDGE E500, EDGE E550, VVX 101, VVX 150, VVX 201, VVX 250, VVX...

May 9, 2023—KB5026370 (OS Build 20348.1726)

May 9, 2023—KB5026370 OS Build 20348.1726 For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows Server 2022, see its update history page. Note Follow @WindowsUpdate to find out when new...

April 11, 2023—KB5025239 (OS Build 22621.1555)

April 11, 2023—KB5025239 OS Build 22621.1555 For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows 11, version 22H2, see its update history page. Note Follow @WindowsUpdate to find out...

Microsoft Windows: Presence of LAPS AdmPwd GPO Extension / CSE

This test checks the presence of LAPS AdmPwd GPO Extension / CSE on Windows hosts at least Windows 8.1. The Local Administrator Password Solution LAPS tool, which is free and supported software that allows an organization to automatically set randomized and unique local Administrator account...

CVE-1999-0701

After an unattended installation of Windows NT 4.0, an installation file could include sensitive information such as the local Administrator password...