Description of the security update for Microsoft Exchange Server 2019 CU15: October 14, 2025 (KB5066367)

Description of the security update for Microsoft Exchange Server 2019 CU15: October 14, 2025 KB5066367 Original article content This security update rollup resolves vulnerabilities in Microsoft Exchange Server. To learn more about these vulnerabilities, see the following Common Vulnerabilities an...

EUVD-2019-9588

Malware in sbrugna...

SharePoint Sites May Not Be Displayed When Browsing Backups

Challenge When browsing backups or backup copies, SharePoint root sites and their subsites may not be visible. Cause If a backed-up SharePoint subsite is moved between repositories using the Move-VBOEntityData cmdlet, or removed from a repository using the Remove-VBOEntityData cmdlet, the metadat...

CVE-2019-1000

An elevation of privilege vulnerability exists in Microsoft Azure Active Directory Connect build 1.3.20.0, which allows an attacker to execute two PowerShell cmdlets in context of a privileged account, and perform privileged actions.To exploit this, an attacker would need to authenticate to the...

Citrix Licensing - powershell cmdlets failing with CommunicationError

Citrix.Licensing.Admin.V1 cmdlets Get-LicCertificate, Get-LicInventory stopped working after License Server upgrade to 11.17.2.0. Build 51000. Citrix Licensing PowerShell Snap-In is installed and used directly on the License Server. Error: CommunicationError CategoryInfo: InvalidOperation Example...

Description of the security update for SharePoint Server 2019: September 10, 2024 (KB5002639)

Description of the security update for SharePoint Server 2019: September 10, 2024 KB5002639 Summary This security update resolves a Microsoft SharePoint Server remote code execution vulnerability, and Microsoft SharePoint Server denial of service vulnerability. To learn more about the...

With the PVS console installed, PowerShell cmdlets targeting On-Prem DDCs prompt for cloud login

On a server with the PVS console installed, executing CVAD cmdlets targeting on-prem DDCs e.g. Get-BrokerSite -AdminAddress will encounter popups prompting for Citrix Cloud sign-on...

Failed to install Remote PowerShell SDK on Cloud Connector machine

Failed to install Remote PowerShell SDK on Cloud Connector machine. Error message "Connector Machine detected. SDK's cmdlets are not supported on Cloud Connectors." was shown...

Microsoft PowerShell Information Disclosure Vulnerability (Dec 2023) - Linux

This host is missing an important security update for PowerShell Core according to Microsoft security advisory CVE-2023-36013. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Information Disclosure

PowerShell is vulnerable to Information Disclosure. The vulnerability is due to the PowerShell Web cmdlets, which allows an attacker to exfiltrate sensitive information from a targeted site...

How to check whether Citrix Licensing is in Grace Period using PowerShell?

This article describes how to use PowerShell cmdlets to check whether Citrix Licensing is in grace period and the number of hours remaining in the grace period...

Invoke-PSObfuscation - An In-Depth Approach To Obfuscating The Individual Components Of A PowerShell Payload Whether You'Re On Windows Or Kali Linux

Traditional obfuscation techniques tend to add layers to encapsulate standing code, such as base64 or compression. These payloads do continue to have a varied degree of success, but they have become trivial to extract the intended payload and some launchers get detected often, which essentially...

FarsightAD - PowerShell Script That Aim To Help Uncovering (Eventual) Persistence Mechanisms Deployed By A Threat Actor Following An Active Directory Domain Compromise

FarsightAD is a PowerShell script that aim to help uncovering eventual persistence mechanisms deployed by a threat actor following an Active Directory domain compromise. The script produces CSV / JSON file exports of various objects and their attributes, enriched with timestamps from replication...

PowerShx - Run Powershell Without Software Restrictions

Unmanaged PowerShell execution using DLLs or a standalone executable. Introduction PowerShx is a rewrite and expansion on the PowerShdll project. PowerShx provide functionalities for bypassing AMSI and running PS Cmdlets. Features Run Powershell with DLLs using rundll32.exe, installutil.exe,...

How to Remove Missing Restore Points From Veeam Cloud Connect Backups

Purpose This article documents how to handle a situation in which the tenant of a Cloud Provider needs to forget missing restore points from a backup chain stored in a Cloud Repository. By design, the Forget and Remove operations are not available for restore points in a Cloud Repository. A resto...

Step 9. Protect your OS: top 10 actions to secure your environment

In “Step 9. Protect your OS” of the Top 10 actions to secure your environment blog series, we provide resources to help you configure Microsoft Defender Advanced Threat Protection Microsoft Defender ATP to defend your Windows, macOS, Linux, iOS, and Android devices from advanced threats. In an...

Microsoft Azure AD Connect Elevation of Privilege Vulnerability - Windows

Microsoft Azure AD Connect is prone to an elevation of privilege vulnerability. Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program...

Microsoft Azure Active Directory Connect Remote Elevation of Privilege Vulnerability (CNVD-2019-14680)

Microsoft Azure Active Directory Connect ADC is a service from Microsoft that provides identity and access management in the cloud. A remote elevation of privilege vulnerability exists in Microsoft Azure Active Directory Connect. It allows an attacker to execute two PowerShell Cmdlets in the...

Microsoft Azure AD Connect Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists in Microsoft Azure Active Directory Connect build 1.3.20.0, which allows an attacker to execute two PowerShell cmdlets in context of a privileged account, and perform privileged actions. To exploit this, an attacker would need to authenticate to the...

ADModule - Microsoft Signed ActiveDirectory PowerShell Module

Microsoft signed DLL for the ActiveDirectory PowerShell module Just a backup for the Microsoft's ActiveDirectory PowerShell module from Server 2016 with RSAT and module installed. The DLL is usually found at this path: C:\Windows\Microsoft.NET\assembly\GAC64\Microsoft.ActiveDirectory.Management a...