Microsoft Windows Defender Antimalware Platform DoS Vulnerability (Dec 2023)

This host is missing a critical security update according to Microsoft Security Updates released for Microsoft Windows Defender Protection Engine dated 13-12-2023 SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by...

Security Bulletin: IBM Storage Insights is vulnerable to weaknesses related to Apache Commons Compress

Summary Vulnerability in Apache Commons Compress may affect IBM Storage Insights. Vulnerability Details CVEID:CVE-2023-42503 DESCRIPTION: Apache Commons Compress is vulnerable to a denial of service, caused by improper input validation. By persuading a victim to open a specially crafted TAR file,...

CVE-2023-48429

A vulnerability has been identified in SINEC INS All versions V1.0 SP2 Update 2. The Web UI of affected devices does not check the length of parameters in certain conditions. This allows a malicious admin to crash the server by sending a crafted request to the server. The server will automaticall...

Design/Logic Flaw

A vulnerability has been identified in SINEC INS All versions V1.0 SP2 Update 2. The REST API of affected devices does not check the length of parameters in certain conditions. This allows a malicious admin to crash the server by sending a crafted request to the API. The server will automatically...

CVE-2023-48429

A vulnerability has been identified in SINEC INS All versions V1.0 SP2 Update 2. The Web UI of affected devices does not check the length of parameters in certain conditions. This allows a malicious admin to crash the server by sending a crafted request to the server. The server will automaticall...

CVE-2023-48429

A vulnerability has been identified in SINEC INS All versions V1.0 SP2 Update 2. The Web UI of affected devices does not check the length of parameters in certain conditions. This allows a malicious admin to crash the server by sending a crafted request to the server. The server will automaticall...

December 12, 2023—KB5033379 (OS Build 10240.20345) - EXPIRED

December 12, 2023—KB5033379 OS Build 10240.20345 - EXPIRED EXPIRATION NOTICEIMPORTANT As of January 27, 2026, this update is no longer available from the Microsoft Update Catalog or other release channels. We recommend that you update your devices to the latest version of Windows. --- 12/8/20 For...

Siemens SINEC INS 安全漏洞

SINEC INS Infrastructure Network Services is a web-based application that combines various network services in one tool. This simplifies the installation and management of all network services associated with industrial networks. A denial of service vulnerability exists in Siemens SINEC INS, whic...

Siemens Opcenter Quality 缓冲区错误漏洞

Opcenter Quality is a quality management system QMS that enables organizations to safeguard compliance, optimize quality, reduce the cost of defects and rework, and achieve operational excellence by improving process stability. simatic pcs neo is a distributed control system DCS. the SINUMERIK...

The upload_compliance_result.xml file is not created immediately after enabling automatic upload

Uploadcomplianceresult.xml is not created immediately after enabling automatic upload...

Keyboard language switching automatically on different applications inside the desktop ICA session

When switching between applications within the ICA desktop, the keyboard language is switched automatically...

WordPress Automatic Youtube Video Posts Plugin Plugin <= 5.2.2 is vulnerable to Cross Site Scripting (XSS)

Software Automatic Youtube Video Posts Plugin Type Plugin Vulnerable versions = 5.2.2 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-49180 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 2f23eed8b8ab Credits...

Mars: Critical Unauthenticated Access to Sensitive Employee and Customer Data Including Invoice Details at ████

During a reconnaissance phase, a directory named 'SSO' was discovered on the website ████████. Upon accessing this directory, it redirected to ██████████, where sensitive employee and customer data, including usernames, emails, purchase history, payment history, bills, phone numbers, customer...

November 14, 2023—Hotpatch KB5032304 (OS Build 20348.2091)

None None...

CVE-2023-5545

H5P metadata automatically populated the author with the user's username, which could be sensitive information...

CVE-2023-5545

H5P metadata automatically populated the author with the user's username, which could be sensitive information...

Fedora: Security Advisory for suricata (FEDORA-2023-0861a23801)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 39 Update: icecat-115.3.1-7.rh2.fc39

GNU IceCat is the GNU version of the Firefox ESR browser. Extensions included to this version of IceCat: LibreJS GNU LibreJS aims to address the JavaScript problem described in the article "The JavaScript Trap" of Richard Stallman. HTTPS Everywhere HTTPS Everywhere is an extension that encrypts...

Cve-Collector - Simple Latest CVE Collector

Simple Latest CVE Collector Written in Python There are various methods for collecting the latest CVE Common Vulnerabilities and Exposures information. This code was created to provide guidance on how to collect, what information to include, and how to code when creating a CVE collector. The code...

SUSE CVE-2015-1869

The default event handling scripts in Automatic Bug Reporting Tool ABRT allow local users to gain privileges as demonstrated by a symlink attack on a varlogmessages file...