CVE-2018-0986

A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to memory corruption, aka "Microsoft Malware Protection Engine Remote Code Execution Vulnerability." This affects Windows Defender, Windows Intune...

Microsoft Malware Protection Engine < 1.1.14700.5 RCE

The version of Microsoft Malware Protection Engine MMPE installed on the remote Windows host is prior to 1.1.14700.5. It is, therefore, affected by a remote code execution vulnerability which could allow an attacker who successfully exploited this vulnerability to execute arbitrary code in the...

Microsoft Security Essentials RCE Vulnerability (Apr 2018)

This host is missing a critical security update according to Microsoft Security Updates released for Microsoft Malware Protection Engine MPE dated 03-04-2018 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

CVE-2015-5016

IBM Maximo Asset Management 7.1, 7.5, and 7.6; Maximo Asset Management Essentials 7.1 and 7.5; Control Desk 7.5 and 7.6; Tivoli Asset Management for IT 7.1 and 7.2; and certain other IBM products allow remote authenticated users to bypass intended access restrictions and read arbitrary ticket...

uk-cyber-essentials.co.uk XSS vulnerability

Open Bug Bounty ID: OBB-590749 Description| Value ---|--- Affected Website:| uk-cyber-essentials.co.uk Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

HPE NonStop Software Essentials Information Disclosure Vulnerability

HPE NonStop Software Essentials is an operating system for fault-tolerant servers from Hewlett Packard Enterprise HPE. The system provides comprehensive fault detection and isolation, and protects data integrity, among other features. An information disclosure vulnerability exists in HPE NonStop...

IBM Maximo Asset Management Essentials and Maximo Asset Management File Containment Vulnerability

IBM Maximo Asset Management is a comprehensive asset lifecycle and maintenance management solution from IBM USA. The solution is capable of managing all types of assets, such as facilities, transportation, etc., on a single platform with a single point of control over these assets.IBM Maximo Asse...

IBM Maximo Asset Management and Maximo Asset Management Essentails SQL Injection Vulnerabilities

IBM Maximo Asset Management is a comprehensive asset lifecycle and maintenance management solution from IBM USA. The solution is capable of managing all types of assets, such as facilities, transportation, etc., on a single platform with a single point of control over these assets.IBM Maximo Asse...

kitchen-essentials.co.uk XSS vulnerability

Open Bug Bounty ID: OBB-561397 Description| Value ---|--- Affected Website:| kitchen-essentials.co.uk Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

CVE-2017-5788

A Local Disclosure of Sensitive Information vulnerability in HPE NonStop Software Essentials version T0894 T0894H02 through T0894H02^AAI was found...

CVE-2017-5788

A Local Disclosure of Sensitive Information vulnerability in HPE NonStop Software Essentials version T0894 T0894H02 through T0894H02^AAI was found...

Information disclosure

A Local Disclosure of Sensitive Information vulnerability in HPE NonStop Software Essentials version T0894 T0894H02 through T0894H02^AAI was found...

CVE-2017-5788

A Local Disclosure of Sensitive Information vulnerability in HPE NonStop Software Essentials version T0894 T0894H02 through T0894H02^AAI was found...

CVE-2017-5788

CVE-2017-5788 is a local information-disclosure vulnerability affecting HPE NonStop Software Essentials versions T0894 to T0894H02^AAI. The issue, documented in multiple sources, allows a local attacker to obtain sensitive information from the affected system. Per the NVD entry, the CVSS-2 base s...

Default credentials

Dell EMC SupportAssist Enterprise version 1.1 creates a local Windows user account named "OMEAdapterUser" with a default password as part of the installation process. This unnecessary user account also remains even after an upgrade from v1.1 to v1.2. Access to the management console can be achiev...

CVE-2018-1214

Dell EMC SupportAssist Enterprise version 1.1 creates a local Windows user account named "OMEAdapterUser" with a default password as part of the installation process. This unnecessary user account also remains even after an upgrade from v1.1 to v1.2. Access to the management console can be achiev...

Patch Tuesday, December 2017 Edition

The final Patch Tuesday of the year is upon us, with Adobe and Microsoft each issuing security updates for their software once again. Redmond fixed problems with various flavors of Windows, Microsoft Edge, Office, Exchange and its Malware Protection Engine. And of course Adobe's got another...

Microsoft Malware Protection Engine < 1.1.14405.2 RCE

The version of Microsoft Malware Protection Engine MMPE installed on the remote Windows host is prior to 1.1.14405.2. It is, therefore, affected by a remote code execution vulnerability. Note that Nessus has checked if a vulnerable version of MMPE is being used by any of the following application...

Microsoft Security Essentials Multiple RCE Vulnerabilities

This host is missing an important security update according to Microsoft Security Updates released for Microsoft Malware Protection Engine MPE dated 12/06/2017 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

Microsoft Issues Emergency Windows Security Update For A Critical Vulnerability

Microsoft has just released an emergency security patch to address a critical remote code execution RCE vulnerability in its Malware Protection Engine MPE that could allow an attacker to take full control of a victim's PC. Enabled by default, Microsoft Malware Protection Engine offers the core...