Lucene search
K

18 matches found

OSV
OSV
added 2019/07/15 7:15 p.m.23 views

CVE-2019-1006

An authentication bypass vulnerability exists in Windows Communication Foundation WCF and Windows Identity Foundation WIF, allowing signing of SAML tokens with arbitrary symmetric keys, aka 'WCF/WIF SAML Token Authentication Bypass Vulnerability'...

7.5CVSS7.1AI score0.06024EPSS
Exploits0References1
CVE
CVE
added 2019/07/15 6:56 p.m.312 views

CVE-2019-1006

CVE-2019-1006 corresponds to an authentication bypass vulnerability in Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF) that allows signing SAML tokens with arbitrary symmetric keys. The connected Nessus entries reiterate this issue as part of Microsoft SharePoint serv...

7.5CVSS7.8AI score0.06024EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2019/07/10 12:0 a.m.69 views

Security Updates for Microsoft .NET Framework (July 2019)

The Microsoft .NET Framework installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities : - An authentication bypass vulnerability exists in Windows Communication Foundation WCF and Windows Identity Foundation WIF, allowing signing of SAML...

8.8CVSS8.6AI score0.09996EPSS
Exploits0References22
OpenVAS
OpenVAS
added 2019/07/10 12:0 a.m.49 views

Microsoft .NET Framework Multiple Vulnerabilities (KB4506991)

This host is missing a critical security update according to Microsoft KB4506991 Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This progra...

8.8CVSS8.2AI score0.09996EPSS
Exploits0References4
Microsoft KB
Microsoft KB
added 2019/07/09 7:0 a.m.98 views

Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 8.1, RT 8.1, and Server 2012 R2 (KB4507422)

Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 8.1, RT 8.1, and Server 2012 R2 KB4507422 Applies to: Microsoft .NET Framework 3.5 Microsoft .NET Framework 4.5.2 Microsoft .NET Framework 4.6 Microsoft .NET Framework 4.6.1 Microsoft...

8.8CVSS8.2AI score0.09996EPSS
Exploits0
Microsoft KB
Microsoft KB
added 2019/07/09 7:0 a.m.54 views

Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012 (KB4507421)

Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012 KB4507421 Applies to: Microsoft .NET Framework 3.5 Microsoft .NET Framework 4.5.2 Microsoft .NET Framework 4.6 Microsoft .NET Framework 4.6.1 Microsoft .NET Framework 4.6.2...

8.8CVSS8.2AI score0.09996EPSS
Exploits0
Microsoft KB
Microsoft KB
added 2019/07/09 7:0 a.m.120 views

Security and Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 7 SP1 and Server 2008 R2 SP1 (KB4507420)

Security and Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 7 SP1 and Server 2008 R2 SP1 KB4507420 Applies to: Microsoft .NET Framework 3.5.1 Microsoft .NET Framework 4.5.2 Microsoft .NET Framework 4.6 Microsoft .NET Framework 4.6.1 Microsoft...

8.8CVSS8.2AI score0.09996EPSS
Exploits0
Microsoft KB
Microsoft KB
added 2019/07/09 7:0 a.m.706 views

July 9, 2019 — KB4507419 Cumulative Update for .NET Framework 3.5, 4.7.2, 4.8 for Windows 10, version 1809 and Windows Server 2019

July 9, 2019 — KB4507419 Cumulative Update for .NET Framework 3.5, 4.7.2, 4.8 for Windows 10, version 1809 and Windows Server 2019 Applies to: Microsoft .NET Framework 3.5 Microsoft .NET Framework 4.7.2 and 4.8 Summary A remote code execution vulnerability exists in .NET software if the software...

8.8CVSS8.2AI score0.09996EPSS
Exploits0
Microsoft KB
Microsoft KB
added 2019/07/09 7:0 a.m.92 views

Security Only Update for .NET Framework 3.0 SP2, 4.5.2, 4.6 for Windows Server 2008 SP2 (KB4507414)

Security Only Update for .NET Framework 3.0 SP2, 4.5.2, 4.6 for Windows Server 2008 SP2 KB4507414 Applies to: Microsoft .NET Framework 3.0 SP2 Microsoft .NET Framework 4.5.2 Microsoft .NET Framework 4.6 Summary A remote code execution vulnerability exists in .NET software when the software fails ...

8.8CVSS8.2AI score0.09996EPSS
Exploits0
Microsoft KB
Microsoft KB
added 2019/07/09 7:0 a.m.235 views

Security Only Update for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 8.1 and Server 2012 R2 (KB4507413)

Security Only Update for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 8.1 and Server 2012 R2 KB4507413 Applies to: Microsoft .NET Framework 3.5 Microsoft .NET Framework 4.5.2 Microsoft .NET Framework 4.6 Microsoft .NET Framework 4.6.1 Microsoft .NET Framework...

8.8CVSS8.2AI score0.09996EPSS
Exploits0
Microsoft KB
Microsoft KB
added 2019/07/09 7:0 a.m.1204 views

Security Only Update for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 7 SP1 and Server 2008 R2 SP1 (KB4507411)

Security Only Update for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 7 SP1 and Server 2008 R2 SP1 KB4507411 Applies to: Microsoft .NET Framework 3.5.1 Microsoft .NET Framework 4.5.2 Microsoft .NET Framework 4.6 Microsoft .NET Framework 4.6.1 Microsoft .NET...

8.8CVSS8.2AI score0.09996EPSS
Exploits0
Microsoft KB
Microsoft KB
added 2019/07/09 7:0 a.m.2263 views

July 9, 2019 — KB4506991 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10, version 1903

July 9, 2019 — KB4506991 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10, version 1903 Applies to: Microsoft .NET Framework 3.5 and 4.8 Summary A remote code execution vulnerability exists in .NET software if the software fails to check the source markup of a file. An Authenticati...

8.8CVSS8.7AI score0.09996EPSS
Exploits0
Microsoft KB
Microsoft KB
added 2019/07/09 7:0 a.m.77 views

July 9, 2019 — KB4506988 Cumulative Update for .NET Framework 4.8 for Windows 10, version 1709

July 9, 2019 — KB4506988 Cumulative Update for .NET Framework 4.8 for Windows 10, version 1709 Applies to: Microsoft .NET Framework 4.8 Summary A remote code execution vulnerability exists in .NET software if the software fails to check the source markup of a file. An Authentication Bypass...

8.8CVSS8.2AI score0.09996EPSS
Exploits0
Microsoft KB
Microsoft KB
added 2019/07/09 7:0 a.m.185 views

July 9, 2019 — KB4506986 Cumulative Update for .NET Framework 4.8 for Windows 10, version 1607

July 9, 2019 — KB4506986 Cumulative Update for .NET Framework 4.8 for Windows 10, version 1607 Applies to: Microsoft .NET Framework 4.8 Summary A remote code execution vulnerability exists in .NET software if the software fails to check the source markup of a file. An Authentication Bypass...

8.8CVSS8.3AI score0.09996EPSS
Exploits0
Kaspersky
Kaspersky
added 2019/07/09 12:0 a.m.75 views

KLA11819 Multiple vulnerabilities in Microsoft Products (ESU)

Multiple vulnerabilities were found in Microsoft Products Extended Support Update. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, gain privileges. Below is a complete list of vulnerabilities: 1. An information disclosure vulnerability in...

9.3CVSS9.3AI score0.70966EPSS
Exploits5References43
Symantec
Symantec
added 2019/07/09 12:0 a.m.261 views

Microsoft Windows WCF/WIF SAML Token CVE-2019-1006 Authentication Bypass Vulnerability

Description Microsoft Windows is prone to an authentication-bypass vulnerability. An attacker can exploit this issue to bypass the authentication mechanism and gain unauthorized access. This may lead to further attacks. Technologies Affected Microsoft .NET Framework 2.0 SP2 Microsoft .NET Framewo...

1.1AI score0.06024EPSS
Exploits0Affected Software6
Tenable Nessus
Tenable Nessus
added 2019/07/09 12:0 a.m.51 views

Security Updates for Microsoft SharePoint Server (July 2019)

The Microsoft SharePoint Server installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities : - An authentication bypass vulnerability exists in Windows Communication Foundation WCF and Windows Identity Foundation WIF, allowing signing of SA...

7.5CVSS6.8AI score0.06024EPSS
Exploits0References5
Kaspersky
Kaspersky
added 2019/07/09 12:0 a.m.73 views

KLA11512 Multiple vulnerabilities in Microsoft Office

Multiple vulnerabilities were found in Microsoft Office Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, spoof user interface. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in Microsoft Excel can be...

9.3CVSS9.3AI score0.1316EPSS
Exploits0References33
Rows per page
Query Builder