6326 matches found
CVE-2019-1418
An information vulnerability exists when Windows Modules Installer Service improperly discloses file information, aka 'Windows Modules Installer Service Information Disclosure Vulnerability'...
CVE-2019-1418
An information vulnerability exists when Windows Modules Installer Service improperly discloses file information, aka 'Windows Modules Installer Service Information Disclosure Vulnerability'...
Information disclosure
An information vulnerability exists when Windows Modules Installer Service improperly discloses file information, aka 'Windows Modules Installer Service Information Disclosure Vulnerability'...
CVE-2019-1418
The CVE-2019-1418 entry describes an information-disclosure vulnerability in Windows where the Windows Modules Installer Service improperly discloses file information. The affected component is the Windows Modules Installer Service; the underlying issue is an information disclosure vulnerability ...
CVE-2019-1418
An information vulnerability exists when Windows Modules Installer Service improperly discloses file information, aka 'Windows Modules Installer Service Information Disclosure Vulnerability'...
Microsoft Guidance for Vulnerability in Trusted Platform Module (TPM)
Executive Summary This advisory addresses CVE-2019-16863. A security vulnerability exists in certain Trusted Platform Module TPM chipsets. The vulnerability weakens key confidentiality protection for a specific algorithm ECDSA. It is important to note that this is a TPM firmware vulnerability, an...
Windows Modules Installer Service Information Disclosure Vulnerability
An information vulnerability exists when Windows Modules Installer Service improperly discloses file information. Successful exploitation of the vulnerability could allow the attacker to read the contents of a log file on disk. To exploit the vulnerability, an attacker would have to log onto an...
KB4525233: Windows 7 and Windows Server 2008 R2 November 2019 Security Update
The remote Windows host is missing security update 4525233 or cumulative update 4525235. It is, therefore, affected by multiple vulnerabilities : - A remote code execution vulnerability exists when Windows Hyper-V Network Switch on a host server fails to properly validate input from an...
KB4523205: Windows 10 Version 1809 and Windows Server 2019 November 2019 Security Update
The remote Windows host is missing security update 4523205. It is, therefore, affected by multiple vulnerabilities : - A security feature bypass vulnerability exists when Windows Netlogon improperly handles a secure communications channel. An attacker who successfully exploited the vulnerability...
KB4525237: Windows 10 Version 1803 November 2019 Security Update
The remote Windows host is missing security update 4525237. It is, therefore, affected by multiple vulnerabilities : - A security feature bypass vulnerability exists when Windows Netlogon improperly handles a secure communications channel. An attacker who successfully exploited the vulnerability...
KB4524570: Windows 10 Version 1903 and Windows 10 Version 1909 November 2019 Security Update
The remote Windows host is missing security update 4524570. It is, therefore, affected by multiple vulnerabilities : - A security feature bypass vulnerability exists when Windows Netlogon improperly handles a secure communications channel. An attacker who successfully exploited the vulnerability...
KLA11608 Multiple vulnerabilities in Microsoft Windows
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, obtain sensitive information, cause denial of service, bypass security restrictions, execute arbitrary code. Below is a complete list of vulnerabilities: 1. An elevation...
KB4525236: Windows 10 Version 1607 and Windows Server 2016 November 2019 Security Update
The remote Windows host is missing security update 4525236. It is, therefore, affected by multiple vulnerabilities : - A remote code execution vulnerability exists when Windows Hyper-V Network Switch on a host server fails to properly validate input from an authenticated user on a guest operating...
KLA11871 Multiple vulnerabilities in Microsoft Products (ESU)
Multiple vulnerabilities were found in Microsoft Products Extended Support Update. Malicious users can exploit these vulnerabilities to cause denial of service, gain privileges, execute arbitrary code, obtain sensitive information, bypass security restrictions. Below is a complete list of...
Chneider-electric Modicon Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Directory traversal vulnerability in SchneiderWEB on Schneider Electric Modicon PLC Ethernet modules 140CPU65x Exec before 5.5, 140NOC78x Exec before 1.62, 140NOE77x Exec before 6.2, BMXNOC0401 before 2.05, BMXNOE0100 before 2.9, BMXNOE0110x Exec before 6.0, TSXETC101 Exec before 2.04, TSXETY4103...
Rockwellautomation Ethernet\/ip Improper Restriction of Operations within the Bounds of a Memory Buffer
Rockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, 1768-ENBT, and 1768-EWEB communication modules; CompactLogix L32E and L35E controllers; 1788-ENBT FLEXLogix adapter; 1794-AENTR FLEX I/O EtherNet/IP adapter; ControlLogix 18 and earlier; CompactLogix 18 and earlier; GuardLogix 18 and...
Rockwellautomation Controllogix Unspecified Vulnerability
Rockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, 1768-ENBT, and 1768-EWEB communication modules; CompactLogix L32E and L35E controllers; 1788-ENBT FLEXLogix adapter; 1794-AENTR FLEX I/O EtherNet/IP adapter; ControlLogix 18 and earlier; CompactLogix 18 and earlier; GuardLogix 18 and...
[slackware-security] Slackware 14.2 kernel
New kernel packages are available for Slackware 14.2 to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/linux-4.4.199/: Upgraded. These updates fix various bugs and security issues. Be sure to upgrade your initrd after upgrading the kernel packages. I...
CVE-2019-10502
Possible stack overflow when an index equal to io buffer size is accessed in camera module in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, ...
DarkUniverse APT Emerges to Deliver Sophisticated, Targeted Spy Attacks
A sophisticated espionage APT that was active for at least eight years before receding into the shadows has been uncovered — and researchers said that it may still be active. In April 2017, ShadowBrokers published one of their many leaks of cyberweapons used by the National Security Agency NSA an...