Microsoft Windows Defender 安全漏洞

Microsoft Windows Defender is a suite of antivirus software that comes with Windows systems from Microsoft USA. A security vulnerability exists in Microsoft Windows Defender Credential Guard. The following products and editions are affected:Windows 10 Version 21H1 for x64-based Systems,Windows 10...

Microsoft Windows Boot Manager 安全特征问题特征问题漏洞

Microsoft Windows Boot Manager is a Microsoft-provided UEFI application used to set up the boot environment by Microsoft Corporation USA. A security feature issue vulnerability exists in Microsoft Windows Boot Manager. The following products and editions are affected:Windows 10 Version 1809 for...

Microsoft Windows 安全漏洞

Microsoft Windows is a suite of operating systems for use on personal devices from the U.S.-based Microsoft Corporation Microsoft. A security vulnerability exists in Microsoft Windows UEFI. The following products and versions are affected: Windows 7 for x64-based Systems Service Pack 1,Windows 8....

Microsoft Local Security Authority Server 信息泄露漏洞

Microsoft Local Security Authority Server is an LSA authentication service from Microsoft Corporation USA. An information disclosure vulnerability exists in Microsoft Local Security Authority Server lsasrv. The following products and versions are affected:Windows 10 Version 1809 for 32-bit...

GlobalProtect 安全漏洞

Palo Alto Networks GlobalProtect is a suite of network protection software from Palo Alto Networks, USA. The software provides firewall monitoring and threat prevention. A security vulnerability exists in the Palo Alto Networks GlobalProtect portal and gateway, which can be exploited by an attack...

Microsoft Windows Storage Spaces Controller 权限许可和访问控制问题漏洞

Microsoft Windows Storage Spaces Controller is an essential driver for providing storage space functionality from Microsoft Corporation USA. A vulnerability exists in Microsoft Windows Storage Spaces Controller with privilege permission and access control issues. The following products and editio...

CVE-2021-30768

A logic issue was addressed with improved validation. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, watchOS 7.6, tvOS 14.7, Security Update 2021-004 Catalina. A sandboxed process may be able to circumvent sandbox restrictions...

Apple macOS Big Sur 缓冲区错误漏洞

Apple macOS Big Sur is a mobile application app by Apple Inc. A security vulnerability exists in macOS Big Sur prior to 11.3, iOS prior to 14.5, and iPadOS prior to 14.5, watchOS prior to 7.4, and tvOS prior to 14.5, which stems from a buffer overflow that could lead to the execution of arbitrary...

.NET 5.0 Update

.NET 5.0 Update .NET 5.0 has been refreshed with the latest update as of August 10, 2021. This update contains reliability and other non-security fixes. See the release notes for details on updated packages. .NET 5.0 servicing updates are upgrades. The latest servicing update for 5.0 will remove...

Apple macOS 权限许可和访问控制问题漏洞

Apple macOS is a proprietary operating system developed by Apple Inc. for Mac computers. A vulnerability exists in macOS due to a permissions licensing and access control issue, which arises from the Tailspin component not properly applying security restrictions. 10.14.4 18E226, 10.14.4 18E227,...

Startup delay occurs after you disable IPv6 in Windows

Startup delay occurs after you disable IPv6 in Windows Symptoms You may experience an additional five seconds delay during the startup of Windows 8.1, Windows Server 2012 R2, Windows 7 Service Pack 1 SP1 or Windows Server 2008 R2 SP1. Cause This issue occurs because the code to avoid waiting for...

Type 1 Font Parsing Remote Code Execution Vulnerability

Microsoft has become aware of limited targeted Windows 7 based attacks that could leverage un-patched vulnerabilities in the Adobe Type Manager Library, and is providing the following guidance to help reduce customer risk until the security update is released. We appreciate the efforts of our...

Threat Analysis: CVE-2020-0796 – EternalDarkness (ghostSMB)

On March 10, 2020 analysis of a SMB vulnerability was inadvertently shared, under the assumption that Microsoft was releasing a patch for that vulnerability CVE-2020-0796. As of March 12, Microsoft has since released a patch for CVE-2020-0796, which is a vulnerability specifically affecting SMB3...

UBUNTU-CVE-2019-8684

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may...

CVE-2018-4156

An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. The issue involves the "PluginKit" component. A race condition allows attackers to execute arbitrary code in a privileged context via a crafted app...

CVE-2018-0742

The Windows kernel in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the way objects are...

Cisco IOS and IOS XE Network Plug and Play Certificate Validation Security Bypass Vulnerability

Cisco IOS and IOS XE are both operating systems developed by Cisco for its network devices.Network Plug and Play application is one of the network hot-plugging applications. A certificate validation security bypass vulnerability exists in the Network Plug and Play application in Cisco IOS version...

PT-2017-4196 · Cisco · Cisco Integrated Services Routers Generation 2 (Isr G2) Routers +1

Name of the Vulnerable Software and Affected Versions: Cisco IOS versions 15.0 through 15.6 Description: A vulnerability in the implementation of a protocol in Cisco Integrated Services Routers Generation 2 ISR G2 Routers could allow an unauthenticated, adjacent attacker to cause an affected devi...

CVE-2017-8564

Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability when it fails to properly initialize a memory...

CVE-2017-2312

On Juniper Networks devices running Junos OS affected versions and with LDP enabled, a specific LDP packet destined to the RE Routing Engine will consume a small amount of the memory allocated for the rpd routing protocol daemon process. Over time, repeatedly receiving this type of LDP packets wi...