Security Bulletin: Multiple security vulnerabilities are addressed with IBM Process Mining 1.15.0 IF001

Summary The following security vulnerabilities are addressed with IBM Process Mining 1.15.0 IF001 Vulnerability Details CVEID:CVE-2024-37891 DESCRIPTION: urllib3 could allow a remote authenticated attacker to obtain sensitive information, caused by the failure to strip the Proxy-Authorization...

Unattended Installation of XenServer Tools

This article describes about the unattended installation of XenServer Tools using Microsoft’s Windows Installer program, msiexec. Background XenTools delivered with XenServer 6.1 version are able to make use of Microsoft’s Windows Installer program, msiexec. One of those is a way to install...

Microsoft .NET Core and Visual Studio Denial of Service Vulnerability

Microsoft .NET Core and Microsoft Visual Studio are both products of Microsoft Corporation USA. NET Core is a free and open source development platform. NET Core is a free, open source development platform that features multi-language support and cross-platform capabilities.Microsoft Visual Studi...

Microsoft .NET Framework Elevation of Privilege Vulnerability (KB5039885)

This host is missing an important security update according to Microsoft KB5039885 SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

Microsoft .NET Framework Elevation of Privilege Vulnerability (KB5041020)

This host is missing an important security update according to Microsoft KB5041020 SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

KLA70414 Multiple vulnerabilities in Microsoft Developer Tools

Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to cause denial of service, gain privileges, execute arbitrary code. Below is a complete list of vulnerabilities: 1. A denial of service vulnerability in .NET and Visual Studio can ...

Security Update for Microsoft .NET Core (July 2024)

The version of tested product installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the vendor advisory. - .NET Core and Visual Studio Denial of Service Vulnerability CVE-2024-30105 - .NET and Visual Studio Remote Code...

Security Bulletin: A vulnerability in Microsoft .NET Core affects IBM Robotic Process Automation and may result in a bypass of security restrictions (CVE-2024-0056)

Summary A vulnerability in Microsoft .NET Core affects IBM Robotic Process Automation resulting in a bypass of security restrictions. Microsoft .NET Core is used by IBM Robotic Process Automation as part of it's development platform. This bulletin identifies the security fixes to apply to address...

Security Update for Microsoft .NET Core (May 2024)

The version of tested product installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the vendor advisory. - .NET and Visual Studio Remote Code Execution Vulnerability CVE-2024-30045 Note that Nessus has not tested for this issue but...

ROS-20240503-07

A vulnerability in the Microsoft .NET software platform is related to insufficient input validation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

ROS-20240426-02

A vulnerability in the Microsoft .NET software platform is related to insufficient input validation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

Security Updates for Microsoft .NET Framework (April 2024)

The Microsoft .NET Framework installation on the remote host is missing a security update. It is, therefore, affected by remote code execution vulnerability. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from the Microsoft Security Updat...

Security Update for Microsoft .NET Core (April 2024)

The version of tested product installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 2024Apr09 advisory. - .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability CVE-2024-21409 Note that Nessus has not teste...

Microsoft .NET Framework Remote Code Execution Vulnerability (KB5036609)

This host is missing an important security update according to Microsoft KB5036609 SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

Microsoft .NET Framework Remote Code Execution Vulnerability (KB5037035)

This host is missing an important security update according to Microsoft KB5037035 SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

Microsoft .NET Framework Remote Code Execution Vulnerability (KB5037037)

This host is missing an important security update according to Microsoft KB5037037 SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

Microsoft .NET Framework Remote Code Execution Vulnerability (KB5037034)

This host is missing an important security update according to Microsoft KB5037034 SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

April 9, 2024-Security and Quality Rollup for .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012 R2 (KB5037040)

April 9, 2024-Security and Quality Rollup for .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012 R2 KB5037040 Applies to: Microsoft .NET Framework 3.5 Microsoft .NET Framework 4.6.2 Microsoft .NET Framework 4.7 Microsoft .NET Framework 4.7.1 Microsoft .NET Framework 4.7.2...

Security Update for Microsoft .NET Core SDK (March 2024)

The version of .NET Core SDK installed on the remote host is 6.x prior to 6.0.27, 7.x prior to 7.0.16 or 8.x prior to 8.0.2. It is, therefore, affected by multiple vulnerabilities as referenced in the February 2024 advisory: - A vulnerability exists in .NET where specially crafted requests may...

Security Bulletin: IBM Cognos Command Center has addressed vulnerabilities IBM® Semeru Java™ Version 11, Apache ActiveMQ and Microsoft .Net MVC Framework for ASP.Net

Summary There are vulnerabilities in IBM® Semeru Java™ Version 11, Apache ActiveMQ and Microsoft .Net MVC Framework for ASP.Net used by IBM Cognos Command Center. IBM Cognos Command Center 10.2.5 IF1 has addressed the applicable CVEs by upgrading to non-vulnerable versions of these libraries...