167 matches found
Microsoft Windows Telephony Server 安全漏洞
Microsoft Windows Telephony Server is a component of Microsoft Corporation USA that supports the Telephony Application Programming Interface TAPI, which allows computer programs to communicate with shared telephony services. A security vulnerability exists in Microsoft Windows Telephony Server. A...
Microsoft OpenSSH 安全漏洞
Microsoft OpenSSH is a suite of connection tools for secure access to remote computers from Microsoft USA. A security vulnerability exists in Microsoft OpenSSH. An attacker exploiting this vulnerability could remotely execute code. The following products and versions are affected:Windows 10 Versi...
What’s New in Rapid7 Products & Services: Q2 2024 in Review
This quarter we continued to make investments that provide security professionals with a holistic, actionable view of their entire attack surface. In Q2, we focused on enhancing visualization, prioritization, and integration capabilities across our key products and services. Below we’ve highlight...
New! Insight Agent Support for ARM-based Windows in InsightVM
We are pleased to introduce Insight Agent support of ARM-based Windows 11 devices for both vulnerability and policy assessment within InsightVM. Customers with Windows 11 devices powered by ARM processors can now take advantage of the great performance and lower power requirements of these chips...
Microsoft Windows Hyper-V 安全漏洞
Microsoft Hyper-V is an application from Microsoft USA. A system hypervisor virtualization technology that enables desktop virtualization. A security vulnerability exists in Microsoft Windows Hyper-V. The following products and editions are affected:Windows 11 Version 23H2 for ARM64-based...
Microsoft HTTP.sys 安全漏洞
Microsoft HTTP.sys is an application protocol of Microsoft Corporation USA.HTTP application protocol. A security vulnerability exists in Microsoft HTTP.sys. An attacker could exploit this vulnerability to cause a denial of service on the system. The following products and versions are affected:...
Exploit for Classic Buffer Overflow in Extremenetworks Iq_Engine
CVE-2023-35803 - Unauthenticated RCE in Extreme Networks/Aer...
Microsoft Windows Bus Filter Driver 安全漏洞
Microsoft Windows is a suite of operating systems for use on personal devices from the U.S.-based Microsoft Corporation Microsoft. A security vulnerability exists in the Microsoft Windows Bus Filter Driver. An attacker could exploit this vulnerability to gain elevated privileges. The following...
Microsoft Windows Resilient File System (ReFS) 安全漏洞
Microsoft Windows Resilient File System ReFS is a resilient file system from Microsoft Corporation USA. A security vulnerability exists in Microsoft Windows Resilient File System ReFS. The following products and versions are affected: Windows 11 Version 22H2 for ARM64-based Systems,Windows 11...
Microsoft HTTP.sys 安全漏洞
Microsoft HTTP.sys is an application protocol of Microsoft Corporation USA.HTTP application protocol. A security vulnerability exists in Microsoft Windows HTTP.sys. The following products and versions are affected:Windows 10 Version 1809 for 32-bit Systems,Windows 10 Version 1809 for x64-based...
2023-02 Security and Quality Rollup for .NET Framework 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 8.1 Embedded RT for ARM-based Systems (KB5022733)
A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article...
Microsoft Windows Kernel 安全漏洞
Microsoft Windows Kernel is the kernel of the Windows operating system by Microsoft Corporation USA. A security vulnerability exists in Microsoft Windows Kernel. The following products and versions are affected:Windows 10 Version 1809 for 32-bit Systems,Windows 10 Version 1809 for x64-based...
AWS Graviton Processor Support on Insight Agent
By Marco Botros Marco is a Technical Product Manager for Platform at Rapid7. We are pleased to announce that the Insight Agent now supports the AWS Graviton processor. The Insight Agent supports various operating systems using the AWS Graviton processor, including Amazon Linux, Redhat, and Ubuntu...
CVE-2022-3088
UC-8100A-ME-T System Image: Versions v1.0 to v1.6, UC-2100 System Image: Versions v1.0 to v1.12, UC-2100-W System Image: Versions v1.0 to v 1.12, UC-3100 System Image: Versions v1.0 to v1.6, UC-5100 System Image: Versions v1.0 to v1.4, UC-8100 System Image: Versions v3.0 to v3.5, UC-8100-ME-T...
MOXA ARM-Based Computers Elevation of Privilege Vulnerability
MOXA ARM-Based Computers is a series of industrial computers from MOXA in China. An elevation of privilege vulnerability exists in Moxa ARM-Based Computers, which can be exploited by an attacker to gain root privileges...
CVE-2022-3088
UC-8100A-ME-T System Image: Versions v1.0 to v1.6, UC-2100 System Image: Versions v1.0 to v1.12, UC-2100-W System Image: Versions v1.0 to v 1.12, UC-3100 System Image: Versions v1.0 to v1.6, UC-5100 System Image: Versions v1.0 to v1.4, UC-8100 System Image: Versions v3.0 to v3.5, UC-8100-ME-T...
Moxa Multiple ARM-Based Computers
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Moxa Equipment: ARM-Based Computers Vulnerability: Privilege Escalation 2. RISK EVALUATION Successful exploitation of this vulnerability could provide an attacker with root privileges and total control of the system. 3...
Microsoft Windows Kernel 安全漏洞
Microsoft Windows Kernel is the kernel of the Windows operating system by Microsoft Corporation USA. A security vulnerability exists in Microsoft Windows Kernel. The following products and versions are affected:Windows 10 Version 1809 for 32-bit Systems,Windows 10 Version 1809 for x64-based...
Ubuntu: Security Advisory (USN-5617-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-5617-1: Xen vulnerabilities
It was discovered that memory contents previously stored in microarchitectural special registers after RDRAND, RDSEED, and SGX EGETKEY read operations on Intel client and Xeon E3 processors may be briefly exposed to processes on the same or different processor cores. A local attacker could use th...