KB5035858: Windows 10 LTS 1507 Security Update (March 2024)

The remote Windows host is missing security update 5035858. It is, therefore, affected by multiple vulnerabilities - Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability CVE-2024-21441, CVE-2024-21444, CVE-2024-21450, CVE-2024-26161, CVE-2024-26166 - Windows USB Hub...

Siemens Simcenter Femap Out-of-Bounds Write Vulnerability (CNVD-2024-09330)

Simcenter Femap is an advanced simulation application for creating, editing and checking finite element models of complex products or systems. An out-of-bounds write vulnerability exists in Siemens Simcenter Femap, which can be exploited by an attacker to execute code in the context of the curren...

Siemens Simcenter Femap Out-of-Bounds Read Vulnerability (CNVD-2024-09331)

Simcenter Femap is an advanced simulation application for creating, editing and checking finite element models of complex products or systems. An out-of-bounds read vulnerability exists in Siemens Simcenter Femap, which can be exploited by an attacker to execute code in the context of the current...

Siemens Simcenter Femap Out-of-Bounds Write Vulnerability (CNVD-2024-09334)

Simcenter Femap is an advanced simulation application for creating, editing and checking finite element models of complex products or systems. An out-of-bounds write vulnerability exists in Siemens Simcenter Femap, which can be exploited by an attacker to execute code in the context of the curren...

Mozilla Firefox 安全漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A code execution vulnerability exists in Mozilla Firefox, which can be exploited by attackers to execute arbitrary code or cause a denial of service on a vulnerable system using unknown attack vectors...

CVE-2023-40057 SolarWinds Access Rights Manager (ARM) Deserialization of Untrusted Data Remote Code Execution

The SolarWinds Access Rights Manager was found to be susceptible to a Remote Code Execution Vulnerability. If exploited, this vulnerability allows an authenticated user to abuse a SolarWinds service resulting in remote code execution...

CVE-2024-21375

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability...

CVE-2024-21360

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability...

CVE-2024-21352

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability...

CVE-2024-21352 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

...

Description of the security update for Office 2016: February 13, 2024 (KB5002519)

Description of the security update for Office 2016: February 13, 2024 KB5002519 Summary This security update resolves a Microsoft Outlook remote code execution vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2024-21413. Note: To apply...

Description of the security update for PowerPoint 2016: February 13, 2024 (KB5002495)

Description of the security update for PowerPoint 2016: February 13, 2024 KB5002495 Summary This security update resolves a Microsoft Office remote code execution vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2024-20673. Note: To appl...

CVE-2023-6229

Buffer overflow in CPCA PDL Resource Download process of Office Multifunction Printers and Laser Printers which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.: Satera LBP670C Series/Satera MF750C Series firmware v03.07...

CVE-2023-45037 QTS, QuTS hero, QuTScloud

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions:...

CVE-2023-45035 QTS, QuTS hero, QuTScloud

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions:...

CVE-2023-41275 QTS, QuTS hero, QuTScloud

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions:...

IBM Operational Decision Manager 代码问题漏洞

IBM Operational Decision Manager is a decision management solution from International Business Machines IBM used to help organizations better manage and enforce business rules and decisions. IBM Operational Decision Manager suffers from a code issue vulnerability that originates from the ability ...

CVE-2024-22569

Stored Cross-Site Scripting XSS vulnerability in POSCMS v4.6.2, allows attackers to execute arbitrary code via a crafted payload to /index.php?c=install&m=index&step=2&isinstalldb=0...

YonBIP Code Execution Vulnerability in UFIDA Network Technology Co.

YonBIP is a new generation of products developed by UFIDA, as the world's leading enterprise digital intelligence platform and application software. A code execution vulnerability exists in UFIDA YonBIP, which can be exploited by attackers to execute arbitrary code...

LeptonCMS Arbitrary File Upload Vulnerability

LeptonCMS is a content management system CMS for the Lepton Project. An arbitrary file upload vulnerability exists in LeptonCMS version v7.0.0, which stems from the application's lack of effective authentication of uploaded files. An authenticated attacker can exploit this vulnerability to execut...