Security update for the Linux Kernel

The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-50211: md-raid10: fix KASAN warning bsc1245140. CVE-2023-53117: fs: prevent out-of-bounds array speculation when closing a file descriptor bsc1242780...

CVE-1999-0366

In some cases, Service Pack 4 for Windows NT 4.0 can allow access to network shares using a blank password, through a problem with a null NT hash value...

RHSA-2008:0173 Red Hat Security Advisory: Red Hat Directory Server 7.1 Service Pack 4 security update

Bulletin has no description...

Moderate: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.57 SP4 security update

Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 4 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Security Bulletin: IBM InfoSphere Information Server is vulnerable to OS command injection (CVE-2022-22454)

Summary An OS command injection vulnerability in InfoSphere Information Server was addressed. Vulnerability Details CVEID: CVE-2022-22454 DESCRIPTION: IBM InfoSphere Information Server could allow a locally authenticated attacker to execute arbitrary commands on the system by sending a specially...

Security Bulletin: IBM InfoSphere Information Server is vulnerable to privilege escalation (CVE-2022-22441)

Summary A privilege escalation vulnerability in InfoSphere Information Server was addressed. Vulnerability Details CVEID: CVE-2022-22441 DESCRIPTION: IBM InfoSphere Information Server could allow an authenticated user to view information of higher privileged users and groups due to a privilege...

Security Bulletin: IBM InfoSphere Information Server is vulnerable to cross-site scripting (CVE-2022-22322)

Summary A cross-site scripting vulnerability in IBM InfoSphere Information Server was addressed. Vulnerability Details CVEID: CVE-2022-22322 DESCRIPTION: IBM InfoSphere Information Server is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in...

Security Bulletin: A vulnerability in Dojo affects IBM InfoSphere Information Server (CVE-2021-23450)

Summary A vulnerability in Dojo that is used by IBM InfoSphere Information Server is addressed. Vulnerability Details CVEID:CVE-2021-23450 DESCRIPTION: Dojo could allow a remote attacker to execute arbitrary code on the system, caused by a prototype pollution in the setObject function. By sending...

KB2979596 - SQL Server 2008 Service Pack 4 release information

KB2979596 - SQL Server 2008 Service Pack 4 release information Summary This article contains important information to read before you install Microsoft SQL Server 2008 Service Pack 4 SP4. It describes how to obtain the service pack, the list of fixes included in the service pack, how to select th...

KB2494123 - MS11-049: Description of the security update for SQL Server 2005 Service Pack 4 QFE: June 14, 2011

KB2494123 - MS11-049: Description of the security update for SQL Server 2005 Service Pack 4 QFE: June 14, 2011 INTRODUCTION Microsoft has released security bulletin MS11-049. To view the complete security bulletin, visit one of the following Microsoft websites: Home users:...

KB4018073 - SQL Server 2012 Service Pack 4 release information

KB4018073 - SQL Server 2012 Service Pack 4 release information This article contains important information that you should review before you install Microsoft SQL Server 2012 Service Pack 4 SP4. It describes how to obtain the service pack, the list of fixes that are included in the service pack,...

KB2463332 - List of the issues that are fixed in SQL Server 2005 Service Pack 4

KB2463332 - List of the issues that are fixed in SQL Server 2005 Service Pack 4 Summary This article contains information about the issues that are fixed in Microsoft SQL Server 2005 Service Pack 4 SP4. Notes Other fixes that are not documented may be included in the service pack. This list will ...

Emerson OpenEnterprise

1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely Vendor: Emerson Equipment: OpenEnterprise SCADA Server Vulnerability: Heap-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute code on an OpenEnterprise SCADA...

HPSBHF03642 rev. 2 - HP ThinPro Linux Information Disclosure and Privilege Escalation

Potential Security Impact Information Disclosure, Privilege Escalation, and Arbitrary Code Execution Source: HP, HP Product Security Response Team PSRT Reported by: Eldar Marcussen - xen1thLabs - Software Labs PSR-2019-0173, CVE-2019-16285, CVE-2019-16286, CVE-2019-16287, CVE-2019-18909,...

SQL VSS writer fails for SQL localdb on Azure AD Connect Sync server.

Challenge Backup or replication jobs with Application Aware Image-Processing enabled may fail on the server hosting Azure AD Connect Sync with an error indicating the SQL writer has failed. After the job has failed, running "Vssadmin list writers" from an administrative command prompt on the Azur...

Important: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.23 security update

An update is now available for Red Hat JBoss Core Services. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link...

Microsoft NT 4.0 RAS/PPTP Malformed Control Packet Denial of Service Attack

No description provided by source. source: http://www.securityfocus.com/bid/2111/info Quoted from a Microsoft FAQ, Point-to-Point-Tunneling Protocol PPTP is a new networking technology that supports multiprotocol virtual private networks VPN, enabling remote users to access corporate networks...

Microsoft SQL Server Report Manager Cross Site Scripting Vulnerability (2754849)

This host has important security update missing according to Microsoft Bulletin MS12-070. OpenVAS Vulnerability Test $Id: secpodms12-070.nasl 5346 2017-02-19 08:43:11Z cfi $ Microsoft SQL Server Report Manager Cross Site Scripting Vulnerability 2754849 Authors: Rachana Shetty Copyright: Copyright...

Microsoft Outlook Express And Windows Mail NNTP Protocol Heap Buffer Overflow Vulnerability (941202)

This host is missing a critical security update according to Microsoft Bulletin MS07-056. OpenVAS Vulnerability Test $Id: gbms07-056.nasl 5362 2017-02-20 12:46:39Z cfi $ Microsoft Outlook Express And Windows Mail NNTP Protocol Heap Buffer Overflow Vulnerability 941202 Authors: Madhuri D Copyright...

Microsoft Windows GP Trap Handler Privilege Escalation Vulnerability

The host is installed with Microsoft Windows operating system and is prone to Privilege Escalation Vulnerability. This NVT has been replaced by NVT secpodms10-015.nasl OID:1.3.6.1.4.1.25623.1.0.900740. OpenVAS Vulnerability Test $Id: gbmskernelprvescvuln.nasl 5368 2017-02-20 14:34:16Z cfi $...