The vulnerability of the enterprise management server through the Internet-based Open Management Infrastructure (OMI) for virtual machine management in Azure allows a attacker to execute arbitrary code, resulting in management code generation errors.

The vulnerability of the enterprise management server through the Internet-based Open Management Infrastructure OMI for managing virtual machines in Azure is related to errors in code generation. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the Windows Installer component on Microsoft Windows operating systems, which allows attackers to perform spoofing attacks

The vulnerability of the Windows Installer component in Microsoft Windows operating systems is related to information representation errors in the user interface. Exploiting this vulnerability can allow attackers to perform spoofing attacks...

November 14, 2021—KB5008601 (OS Build 14393.4771) Out-of-band

November 14, 2021—KB5008601 OS Build 14393.4771 Out-of-band 11/9/2021 IMPORTANT Because of minimal operations during the holidays and the upcoming Western new year, there won’t be a preview release known as a “C” release for the month of December 2021. There will be a monthly security release kno...

Open Design Alliance Drawings SDK 缓冲区错误漏洞

Open Design Alliance Drawings SDK is a software development kit for drawing design applications from Open Design Alliance, Inc. The package provides access to data in .dwg and .dgn through a convenient, object-oriented API that provides a C API, support for repair files, support for the . An "out...

PT-2021-8167 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a memory leak in the perf env insert btf function when a duplicate BTF id is encountered. This function does not insert the duplicate id and causes a memory lea...

The vulnerability of NVIDIA GeForce, Studio, RTX/Quadro, NVS, and Tesla graphics processors lies in errors in handling hard links, which allows attackers to exploit their privileges or cause service failures.

The vulnerability of NVIDIA GeForce, Studio, RTX/Quadro, NVS, and Tesla graphics processors relates to errors in handling hard links. Exploiting this vulnerability can allow attackers to enhance their privileges or cause service interruptions...

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2021-2682)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

The vulnerability of the systeminformation library in the Node.js software platform allows a hacker to execute arbitrary code.

The vulnerability of the systeminformation library in the Node.js software platform is related to errors in transmitting data to the parameters of the si.inetLatency, si.inetChecksite, si.services, and si.processLoad services. Exploiting this vulnerability allows a remote attacker to execute...

Mozilla Firefox Security Advisory (MFSA2012-39) - Linux

This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

The vulnerability of the `check_attachment_for_errors` function in the `data/general-hooks/ubuntu.py` file of the Apport operating system’s error registration service allows a hacker to disclose protected information.

The vulnerability of the checkattachmentforerrors function in the data/general-hooks/ubuntu.py file of the Apport Ubuntu system registry service is related to a data leak regarding files and directories. Exploiting this vulnerability could allow an attacker to disclose sensitive information that ...

Mozilla Firefox Security Advisory (MFSA2015-67) - Linux

This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

Mozilla Firefox Security Advisory (MFSA2012-32) - Linux

This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

The vulnerability of the Console Window Host component in Microsoft Windows operating systems allows a hacker to bypass security restrictions.

The vulnerability of the Console Window Host component in Microsoft Windows operating systems is related to security configuration errors. Exploiting this vulnerability can allow an attacker to circumvent security restrictions...

openssl: NULL pointer dereference in X509_issuer_and_serial_hash()

The OpenSSL public API function X509issuerandserialhash attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field which might occur if the...

The vulnerability of the Cisco AsyncOS operating system proxy server of Cisco Web Security Appliance allows a perpetrator to cause a service failure or execute arbitrary code.

The vulnerability of the Cisco AsyncOS operating system’s proxy server, which is part of the Cisco Web Security Appliance internet gateway, relates to memory release errors. Exploiting this vulnerability could allow a malicious actor to cause service failures or execute arbitrary code...

Microsoft Azure Information Disclosure Vulnerability (CNVD-2021-93636)

Microsoft Azure is an open, enterprise-class cloud computing platform from Microsoft Corporation USA. The vulnerability stems from a configuration and other errors in the network system or product during operation. An unauthorized attacker could exploit the vulnerability to obtain sensitive...

Microsoft Azure Information Disclosure Vulnerability (CNVD-2021-93637)

Microsoft Azure is a set of open, enterprise-grade cloud computing platforms from the U.S.-based Microsoft. An information disclosure vulnerability exists in Microsoft Azure RTOS. The vulnerability stems from errors such as configuration during operation of a networked system or product. An...

The vulnerability of the txtID parameter in the xp_cmdshell procedure of the BillQuick Web Suite’s time and attendance system allows a perpetrator to execute arbitrary code.

The vulnerability of the txtID parameter in the xpcmdshell procedure of the BillQuick Web Suite payroll and accounting system is related to errors during the elimination of special elements in SQL queries. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

November 9, 2021—KB5007192 (OS Build 14393.4770) - EXPIRED

November 9, 2021—KB5007192 OS Build 14393.4770 - EXPIRED EXPIRATION NOTICE As of 9/12/2023, KB5007192 is no longer available from Windows Update, the Microsoft Update Catalog, or other release channels. We recommend that you update your devices to the latest security quality update. --- NEW...

PT-2021-5002 · Microsoft · Edge

Name of the Vulnerable Software and Affected Versions: Microsoft Edge Chrome based affected versions not specified Description: The issue is related to errors in the representation of information by the user interface in Microsoft Edge's IE Mode. It may allow a remote attacker to conduct spoofing...