Upgraded G -> 3 from #31 [1673740145531]

Judge has assessed an item in Issue 31 as 3 risk. The relevant finding follows: tetaegerageage --- The text was updated successfully, but these errors were encountered: All reactions...

Nextcloud 输入验证错误漏洞

Nextcloud is an open source, self-hosted file synchronization and sharing communication application platform from Nextcloud Germany. nextcloud Deck is vulnerable to a resource management error, which stems from a database error that can be generated when executed multiple times, leading to a DoS...

The vulnerability of the Fortinet FortiClient Enterprise Management Server (EMS) server, related to certificate validation errors, allows attackers to carry out “man-in-the-middle” attacks and expose the protected information.

The vulnerability of the Fortinet FortiClient Enterprise Management Server EMS server is related to authentication errors. Exploiting this vulnerability allows a malicious actor to carry out “man-in-the-middle” attacks and expose the protected information...

The vulnerability in the implementation of the Secure Socket Tunneling Protocol (SSTP) on Microsoft Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the Secure Socket Tunneling Protocol SSTP implementation in Microsoft Windows operating systems is related to synchronization errors when using a common resource. Exploiting this vulnerability allows an attacker to execute arbitrary code by sending a specially crafted...

USN-5800-1 heimdal vulnerabilities

It was discovered that Heimdal incorrectly handled certain SPNEGO tokens. A remote attacker could possibly use this issue to cause a denial of service. CVE-2021-44758 Evgeny Legerov discovered that Heimdal incorrectly handled memory when performing certain DES decryption operations. A remote...

Huawei EulerOS: Security Advisory for gcc (EulerOS-SA-2023-1167)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

The vulnerability of the Windows Backup Service allows attackers to elevate their privileges to the SYSTEM level.

The vulnerability of the Windows Backup Service in operating systems relates to errors in privilege management. Exploiting this vulnerability can allow an attacker to elevate their privileges to the SYSTEM level...

PT-2023-1068 · Microsoft · Sharepoint Server

Name of the Vulnerable Software and Affected Versions: Microsoft SharePoint Server affected versions not specified Description: The issue is related to errors in security settings, allowing a remote attacker to bypass existing security restrictions. This can potentially enable the attacker to...

PT-2023-1131 · Microsoft · Windows Installer +1

Name of the Vulnerable Software and Affected Versions: Windows Installer affected versions not specified Description: The issue is related to errors in synchronization when using a shared resource in the Windows Installer component of Windows operating systems. This can allow an attacker to eleva...

PT-2023-1129 · Microsoft · Event Tracing For Windows +1

Name of the Vulnerable Software and Affected Versions: Event Tracing for Windows affected versions not specified Description: The issue is related to synchronization errors when using a shared resource in the Event Tracing service for Microsoft Windows operating systems. This can allow an attacke...

PT-2023-1026 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows Secure Socket Tunneling Protocol SSTP affected versions not specified Description: The issue is related to errors in synchronization when using a shared resource in the implementation of the Secure Socket Tunneling Protocol SSTP in...

PT-2023-1488 · Amd · Amd System Management Unit +2

Name of the Vulnerable Software and Affected Versions: AMD Secure Processor ASP affected versions not specified AMD System Management Unit SMU affected versions not specified AMD Secure Encrypted Virtualization SEV affected versions not specified Description: The issue is related to errors in...

PT-2023-1065 · Microsoft · Windows Malicious Software Removal Tool

Name of the Vulnerable Software and Affected Versions: Windows Malicious Software Removal Tool affected versions not specified Description: The issue is related to synchronization errors when using a shared resource in the Malicious Software Removal Tool MSRT, which can allow an attacker to eleva...

PT-2023-1139 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to errors in synchronization when using a shared resource in the Windows GDI component. This can allow an attacker to elevate their privileges. The vulnerability affect...

PT-2023-1159 · Microsoft · Windows Bluetooth Driver +1

Name of the Vulnerable Software and Affected Versions: Windows Bluetooth Driver affected versions not specified Description: The issue is related to errors in synchronization when using a shared resource in the Bluetooth driver of Microsoft Windows operating systems. This can allow an attacker to...

Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2023-1041)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Upgraded Q -> M from #172 [1673039408650]

Judge has assessed an item in Issue 172 as M risk. The relevant finding follows: L-02 --- The text was updated successfully, but these errors were encountered: All reactions...

EulerOS 2.0 SP9 : libxml2 (EulerOS-SA-2023-1106)

According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XMLPARSEHUGE parser option enabled, sever...

EulerOS 2.0 SP9 : libxml2 (EulerOS-SA-2023-1130)

According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XMLPARSEHUGE parser option enabled, sever...

EulerOS 2.0 SP11 : libxml2 (EulerOS-SA-2023-1016)

According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XMLPARSEHUGE parser option enabled, sever...