July 11, 2023—KB5028186 (OS Build 10240.20048) - EXPIRED

July 11, 2023—KB5028186 OS Build 10240.20048 - EXPIRED EXPIRATION NOTICEIMPORTANT As of January 27, 2026, this update is no longer available from the Microsoft Update Catalog or other release channels. We recommend that you update your devices to the latest version of Windows. --- 12/8/20 For...

July 11, 2023-KB5028854 Cumulative Update for .NET Framework 4.8 for Windows 10, version 1607 and Windows Server 2016

July 11, 2023-KB5028854 Cumulative Update for .NET Framework 4.8 for Windows 10, version 1607 and Windows Server 2016 Release Date: July 11, 2023 Version: .NET Framework 4.8 The July 11, 2023 update for Windows 10, version 1607 and Windows Server 2016 includes cumulative reliability improvements ...

June 13, 2023-KB5027544 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows Server 2022

June 13, 2023-KB5027544 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows Server 2022 Release Date: June 13, 2023 Version: .NET Framework 3.5, 4.8 and 4.8.1 Note: Revised Jun 15, 2023 to correct the wording of the known issue to X.509 certificateRevised on Jun 20, 2023 to fix th...

June 13, 2023-KB5027536 Cumulative Update for .NET Framework 3.5, 4.7.2 and 4.8 for Windows 10, version 1809 and Windows Server 2019

June 13, 2023-KB5027536 Cumulative Update for .NET Framework 3.5, 4.7.2 and 4.8 for Windows 10, version 1809 and Windows Server 2019 Release Date: June 13, 2023 Version: .NET Framework 3.5, 4.7.2 and 4.8 Note: Revised Jun 15, 2023 to correct the wording of the known issue to X.509...

June 13, 2023-KB5027123 Cumulative Update for .NET Framework 4.8 for Windows 10, version 1607 and Windows Server 2016

June 13, 2023-KB5027123 Cumulative Update for .NET Framework 4.8 for Windows 10, version 1607 and Windows Server 2016 Release Date: June 13, 2023 Version: .NET Framework 4.8 Note: Revised Jun 15, 2023 to correct the wording of the known issue to X.509 certificateRevised on Jun 20, 2023 to fix the...

TerraMaster TOS 4.2.06 Remote Code Execution Exploit

This Metasploit module exploits an unauthenticated remote code execution vulnerability in TerraMaster TOS versions 4.2.06 and below via shell metacharacters in the Event parameter at vulnerable endpoint include/makecvs.php during CSV creation. Any unauthenticated user can therefore execute comman...

Deliver Fast, Reliable, and Secure Web Experiences with HTTP/3

...

Siemens SICAM P850 and P855 Devices Session Fixation (CVE-2022-40226)

A vulnerability has been identified in SICAM P850 All versions V3.10, SICAM P855 All versions V3.10. Affected devices accept user defined session cookies and do not renew the session cookie after login/logout. This could allow an attacker to take over another user's session after login. This plug...

Adobe ColdFusion Unauthenticated Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Adobe ColdFusion Unauthenticated Remote Code Execution', 'Description' = %q This module exploits a remote unauthenticated deserialization of...

SPIP form PHP Injection

This module exploits a PHP code injection in SPIP. The vulnerability exists in the oubli parameter and allows an unauthenticated user to execute arbitrary commands with web user privileges. Branches 3.2, 4.0, 4.1 and 4.2 are concerned. Vulnerable versions are use exploit/unix/webapp/spiprceform m...

SPIP Remote Command Execution Exploit

This Metasploit module exploits a PHP code injection in SPIP. The vulnerability exists in the oubli parameter and allows an unauthenticated user to execute arbitrary commands with web user privileges. Branches 3.2, 4.0, 4.1 and 4.2 are concerned. Vulnerable versions are below 3.2.18, below 4.0.10...

Exploit for Use After Free in Arm Bifrost_Gpu_Kernel_Driver

Exploit for CVE-2022-38181 for FireTV 2nd gen Cube This is a...

Constant product formula is not maintained in deposit() and withdraw() functions.

Lines of code Vulnerability details Impact As constant product formula is not followed, during deposit/withdraw, actualReserves - both actual NFT and BaseToken are updated but virtualReserves are not updated. This could lead to incorrect price deviation for the trader, most reverting their...

January 10, 2023—KB5022297 (OS Build 10240.19685) - EXPIRED

January 10, 2023—KB5022297 OS Build 10240.19685 - EXPIRED EXPIRATION NOTICEIMPORTANT As of January 27, 2026, this update is no longer available from the Microsoft Update Catalog or other release channels. We recommend that you update your devices to the latest version of Windows. --- Important: F...

Sorting Through Haystacks to Find CTI Needles

Clouded vision CTI systems are confronted with some major issues ranging from the size of the collection networks to their diversity, which ultimately influence the degree of confidence they can put on their signals. Are they fresh enough and sufficiently reliable to avoid any false positives or...

Sorting Through Haystacks to Find CTI Needles

Clouded vision CTI systems are confronted with some major issues ranging from the size of the collection networks to their diversity, which ultimately influence the degree of confidence they can put on their signals. Are they fresh enough and sufficiently reliable to avoid any false positives or...

WorkspaceApp takes more time to reconnect during ADC GSLB failover when using Session Reliability

The HDX engine uses the cached DNS addresses during the Session Reliability reconnect after there is a network disconnect. Hence, it will try to connect to old gateway and fail after a GSLB failover.However with AutoClientReconnect, HDX engine gets destroyed and a new engine will not have anythin...

Zyxel Unauthenticated LAN Remote Code Execution Exploit

This Metasploit module exploits a buffer overflow in the zhttpd binary /bin/zhttpd. It is present on more than 40 Zyxel routers and CPE devices. The code execution vulnerability can only be exploited by an attacker if the zhttp webserver is reachable. No authentication is required. After...

February 14, 2023-KB5022497 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows 11, version 22H2

February 14, 2023-KB5022497 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows 11, version 22H2 Revised July 7, 2025: Updated 'How to get this update' section. Release Date: February 14, 2023 Version: .NET Framework 3.5 and 4.8.1 Note: Revised on Jun 20, 2023 to add resolution to know...

February 14, 2023-KB5022735 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows Server 2022

February 14, 2023-KB5022735 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows Server 2022 Release Date: February 14, 2023 Version: .NET Framework 3.5, 4.8 and 4.8.1 Note: Revised on Jun 20, 2023 to add resolution to known issue. Summary This article describes the Cumulative Upda...