Lucene search
K

372 matches found

NCSC
NCSC
added 2021/04/26 12:0 a.m.7 views

Update mechanism Passwordstate compromised

Click Studios, the manufacturer of Passwordstate, has announced announced that its automatic update mechanism has been abused to offer malicious files for download. If you meet these criteria: - you are currently using version 9.1 build 9117, - Passwordstate applies updates automatically, - and t...

6.7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2021/04/13 12:0 a.m.92 views

Security Updates for Microsoft Excel Products (April 2021)

The Microsoft Excel Products are missing security updates. It is, therefore, affected by multiple vulnerabilities : - Microsoft Office Remote Code Execution Vulnerability CVE-2021-28449 - Microsoft Excel Remote Code Execution Vulnerability CVE-2021-28451, CVE-2021-28454, CVE-2021-28456 Note that...

7.8CVSS6.9AI score0.03688EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2021/04/13 12:0 a.m.43 views

Security Updates for Outlook (April 2021)

The Microsoft Outlook application installed on the remote host is missing security updates. It is, therefore, affected by a memory corruption vulnerability. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. C Tenable...

7.8CVSS7.1AI score0.01295EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2021/03/30 12:0 a.m.10 views

PT-2021-4051 · WordPress · Wordpress

Name of the Vulnerable Software and Affected Versions: WordPress versions prior to 5.7.1 Description: The issue is related to the exposure of information in WordPress, a content management system. It involves the exploitation of a block in the WordPress editor, which can expose password-protected...

7.1CVSS5.3AI score0.85719EPSS
Exploits21References36
Microsoft Secure
Microsoft Secure
added 2021/03/18 10:0 p.m.241 views

Automatic on-premises Exchange Server mitigation now in Microsoft Defender Antivirus

As cybercriminals continue to exploit unpatched on-premises versions of Exchange Server 2013, 2016, and 2019, we continue to actively work with customers and partners to help them secure their environments and respond to associated threats. To date, we have released a comprehensive Security Updat...

7.5CVSS0.6AI score0.99999EPSS
Exploits63
CNNVD
CNNVD
added 2021/03/08 12:0 a.m.7 views

Dr.Web Security Space 数据伪造问题漏洞

Doctor Web Dr.Web Security Space is an application of the Russian company Doctor Web. Dr.Web Security Space is an application from the Russian company Doctor Web that provides a unified protection of all nodes of an enterprise network. A security vulnerability exists in Dr.Web Security Space...

7.8CVSS7.3AI score0.00322EPSS
Exploits1References4
The Hacker News
The Hacker News
added 2021/01/13 5:1 a.m.7 views

Microsoft Issues Patches for Defender Zero-Day and 82 Other Windows Flaws

For the first patch Tuesday of 2021, Microsoft released security updates addressing a total of 83 flaws spanning as many as 11 products and services, including an actively exploited zero-day vulnerability. The latest security patches cover Microsoft Windows, Edge browser, ChakraCore, Office and...

7.8CVSS7.8AI score0.39653EPSS
Exploits0
Citrix
Citrix
added 2020/12/17 12:0 a.m.9 views

Auto-Update Fails with Citrix Workspace App 2012 for Windows

This article is intended for Citrix administrators and technical teams only. Non-admin users must contact their company’s Help Desk/IT support team and can refer to CTX297149 for more information. Automatic updates from Citrix Workspace app 2012 for Windows fails with the error "Could not load fi...

7.1AI score
Exploits0
Citrix
Citrix
added 2020/12/08 12:0 a.m.134 views

Citrix Secure Mail for Android Security Update

Description of Problem Vulnerabilities have been discovered in CitrixSecure Mailfor Androidthatcould allowunauthorisedaccessto datawithinCitrix Secure Mail. These vulnerabilities have the following identifiers: CVE ID| Description| Vulnerability Type| Pre-conditions ---|---|---|--- CVE-2020-8274|...

6.5CVSS6AI score0.02037EPSS
Exploits0
Citrix
Citrix
added 2020/11/20 12:0 a.m.6 views

Updates to XenVBD Windows I/O driver - For Citrix Hypervisor and XenServer

Who Should Read This Article? This information is for customers using Citrix Hypervisor or XenServer who are entitled to receive automatic Windows I/O driver updates on their Windows VMs. Latest version The following versions of XenVBD are the latest that are available through Windows Automatic...

6.8AI score
Exploits0
Citrix
Citrix
added 2020/11/20 12:0 a.m.9 views

Updates to XenBus Windows I/O driver - For Citrix Hypervisor and XenServer

Who Should Read This Article? This information is for customers using Citrix Hypervisor or XenServer who are entitled to receive automatic Windows I/O driver updates on their Windows VMs. Latest versions The following versions of XenBus are the latest that are available through Windows Automatic...

6.7AI score
Exploits0
Citrix
Citrix
added 2020/11/20 12:0 a.m.10 views

Updates to XenVIF Windows I/O driver - For Citrix Hypervisor and XenServer

Who Should Read This Article? This information is for customers using Citrix Hypervisor or XenServer who are entitled to receive automatic Windows I/O driver updates on their Windows VMs. Latest version The following versions of XenVIF are the latest that are available through Windows Automatic...

6.8AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2020/11/11 1:3 a.m.224 views

Patch Tuesday - November 2020

Jumping right back to a triple digit volume of vulnerabilities resolved, Microsoft covers 112 CVEs this November affecting products ranging from our standard Windows Operating Systems and Microsoft Office products to some new entries such as Azure Sphere. Microsoft CVE-2020-17087: Windows Kernel...

10CVSS0.3AI score0.09857EPSS
Exploits1
Citrix
Citrix
added 2020/11/09 12:0 a.m.9 views

Receiver Updater stops working with "Problem Checking for updates" error

To resolve this issue, download the Receiver auto-update fix located in the latest downloads page. Windows -https://www.citrix.com/downloads/citrix-receiver/windows/receiver-for-windows-latest.html Mac -https://www.citrix.com/downloads/citrix-receiver/mac/receiver-for-mac-latest.html Applicable...

7.1AI score
Exploits0
Microsoft KB
Microsoft KB
added 2020/11/02 12:0 a.m.6 views

Windows 10 update history

Windows 10 update history Updates for Windows 10 initial version released July 2015 Windows 10 is a service, which means it gets better through periodic software updates.The great news is you usually don’t have to do anything! If you have enabled automatic updates, new updates will automatically...

9CVSS9.3AI score0.06185EPSS
Exploits0
Microsoft KB
Microsoft KB
added 2020/11/02 12:0 a.m.6 views

Windows 10 and Windows Server 2016 update history

Windows 10 and Windows Server 2016 update history Updates for Windows 10 version 1607 and Windows Server 2016 Windows 10 is a service, which means it gets better through periodic software updates.The great news is you usually don’t have to do anything! If you have enabled automatic updates, new...

9CVSS6.8AI score0.06185EPSS
Exploits0
Malwarebytes
Malwarebytes
added 2020/09/03 8:57 p.m.20 views

PCI DSS compliance: why it’s important and how to adhere

PCI DSS is short for Payment Card Industry Data Security Standard. Every party involved in accepting credit card payments is expected to comply with the PCI DSS. The PCI Standard is mandated by the card brands, but administered by the Payment Card Industry Security Standards Council PCI SSC. The...

0.9AI score
Exploits0
Fedora
Fedora
added 2020/07/28 3:3 p.m.47 views

[SECURITY] Fedora 31 Update: clamav-0.102.4-1.fc31

Clam AntiVirus is an anti-virus toolkit for UNIX. The main purpose of this software is the integration with mail servers attachment scanning. The package provides a flexible and scalable multi-threaded daemon, a command line scanner, and a tool for automatic updating via Internet. The programs ar...

7.5CVSS1.9AI score0.05063EPSS
Exploits0
NVD
NVD
added 2020/07/01 8:15 p.m.20 views

CVE-2019-15310

An issue was discovered on various devices via the Linkplay firmware. There is WAN remote code execution without user interaction. An attacker could retrieve the AWS key from the firmware and obtain full control over Linkplay's AWS estate, including S3 buckets containing device firmware. When...

10CVSS0.08257EPSS
Exploits1References3
Prion
Prion
added 2020/07/01 8:15 p.m.20 views

Command injection

An issue was discovered on various devices via the Linkplay firmware. There is WAN remote code execution without user interaction. An attacker could retrieve the AWS key from the firmware and obtain full control over Linkplay's AWS estate, including S3 buckets containing device firmware. When...

10CVSS10AI score0.08257EPSS
Exploits1References3
Rows per page
Query Builder