May 14, 2024—KB5037781 (OS Build 25398.887)

May 14, 2024—KB5037781 OS Build 25398.887 For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows Server, version 23H2, see its update history page. Improvements This security update...

CVE-2022-20937

A vulnerability in a feature that monitors RADIUS requests on Cisco Identity Services Engine ISE Software could allow an unauthenticated, remote attacker to negatively affect the performance of an affected device. This vulnerability is due to insufficient management of system resources. An attack...

New PetitPotam NTLM Relay Attack Lets Hackers Take Over Windows Domains

A newly uncovered security flaw in the Windows operating system can be exploited to coerce remote Windows servers, including Domain Controllers, to authenticate with a malicious destination, thereby allowing an adversary to stage an NTLM relay attack and completely take over a Windows domain. The...

CVE-2019-16067

NETSAS Enigma NMS 65.0.0 and prior utilises basic authentication over HTTP for enforcing access control to the web application. The use of weak authentication transmitted over cleartext protocols can allow an attacker to steal username and password combinations by intercepting authentication...

The vulnerability of the development environment for CX-Programmers and microprogramming software of PLC Omron CJ2M and Omron CJ2H, related to the transmission of passwords in an open manner, allows attackers to intercept the passwords.

The vulnerability of the development environment CX-Programmer, which is part of the CX-One software suite designed for programming and configuring Omron PLCs, as well as Omron microcontrollers like CJ2M and CJ2H, stems from the transmission of passwords in an open manner. Exploiting this...