February 12, 2019—KB4486993 (Security-only update)

February 12, 2019—KB4486993 Security-only update Improvements and fixes This security update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addresses an issue that may prevent applications that use a Microsoft Jet database...

February 12, 2019—KB4486996 (OS Build 16299.967)

February 12, 2019—KB4486996 OS Build 16299.967 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addresses an issue that fails to set the LmCompatibilityLevel value correctly...

Unspecified Vulnerability in Oracle PeopleSoft Products (CNVD-2019-29278)

Oracle PeopleSoft Products is a suite of enterprise human capital management solutions from Oracle that provides human capital management, financial management, supplier relationship management, etc. PeopleSoft Enterprise CS Campus Community is one of the Campus Management PeopleSoft Enterprise C...

Commix v2.7 - Automated All-in-One OS Command Injection And Exploitation Tool

Commix short for command injection exploiter is an automated tool written by Anastasios Stasinopoulos @ancst that can be used from web developers, penetration testers or even security researchers in order to test web-based applications with the view to find bugs, errors or vulnerabilities related...

CVE-2019-2493

Vulnerability in the PeopleSoft Enterprise CS Campus Community component of Oracle PeopleSoft Products subcomponent: Frameworks. Supported versions that are affected are 9.0 and 9.2. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise...

Dawnscanner - Dawn Is A Static Analysis Security Scanner For Ruby Written Web Applications (Sinatra, Padrino And ROR Frameworks)

dawnscanner is a source code scanner designed to review your ruby code for security issues. dawnscanner is able to scan plain ruby scripts e.g. command line applications but all its features are unleashed when dealing with web applications source code. dawnscanner is able to scan major MVC Model...

MDX Wrapped Applications: Supported Frameworks

MDX Applications can crash when they are developed using unsupported Frameworks and Libraries...

November 13, 2018—KB4467701 (Monthly Rollup)

November 13, 2018—KB4467701 Monthly Rollup Improvements and fixes This security update includes improvements and fixes that were a part of update KB4462925 released October 18, 2018 and addresses the following issues: Addresses an issue that causes high CPU usage that results in performance...

Framework Misconfiguration Analysis with RIPS

65 New Issue Types Added In the latest release of our RIPS Code Analysis solution we added a new Preparser. The Preparser is able to detect different types of configurations and to check whether they ensure a secure state of the web application. Each framework has its own configuration files,...

wePWNise - Generates Architecture Independent VBA Code To Be Used In Office Documents Or Templates And Automates Bypassing Application Control And Exploit Mitigation Software

wePWNise is proof-of-concept Python script which generates VBA code that can be used in Office macros or templates. It was designed with automation and integration in mind, targeting locked down environment scenarios. The tool enumerates Software Restriction Policies SRPs and EMET mitigations and...

WAScan v0.2.1 - Web Application Scanner

WAScan Web Application Scanner is a Open Source web application security scanner. It is designed to find various vulnerabilities using "black-box" method, that means it won't study the source code of web applications but will work like a fuzzer, scanning the pages of the deployed web application,...

Unspecified Vulnerability in Oracle Sun Systems Products Suite Sun ZFS Storage Appliance Kit Component (CNVD-2019-36185)

Oracle Sun Systems Products Suite is a suite of Sun systems products from Oracle Corporation.Sun ZFS Storage Appliance Kit AK is one of the ZFS storage appliance kits. A security vulnerability exists in the API frameworks subcomponent of the Sun ZFS Storage AK prior to version 8.7.18 component of...

Unspecified Vulnerability in Oracle Sun Systems Products Suite Sun ZFS Storage Appliance Kit Component (CNVD-2019-36186)

Oracle Sun Systems Products Suite is a suite of Sun systems products from Oracle Corporation.Sun ZFS Storage Appliance Kit AK is one of the ZFS storage appliance kits. A security vulnerability exists in the API frameworks subcomponent of the Sun ZFS Storage AK prior to version 8.7.19 component of...

CVE-2018-2917

Vulnerability in the Sun ZFS Storage Appliance Kit AK component of Oracle Sun Systems Products Suite subcomponent: API frameworks. The supported version that is affected is Prior to 8.7.18. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols...

CVE-2018-2916

Vulnerability in the Sun ZFS Storage Appliance Kit AK component of Oracle Sun Systems Products Suite subcomponent: API frameworks. The supported version that is affected is Prior to 8.7.18. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols...

CVE-2018-2924

Vulnerability in the Sun ZFS Storage Appliance Kit AK component of Oracle Sun Systems Products Suite subcomponent: API frameworks. The supported version that is affected is Prior to 8.7.18. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Sun...

CVE-2018-2917

Vulnerability in the Sun ZFS Storage Appliance Kit AK component of Oracle Sun Systems Products Suite subcomponent: API frameworks. The supported version that is affected is Prior to 8.7.18. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols...

Code injection

Vulnerability in the Sun ZFS Storage Appliance Kit AK component of Oracle Sun Systems Products Suite subcomponent: API frameworks. The supported version that is affected is Prior to 8.7.18. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Sun...

CVE-2018-2916

The CVE-2018-2916 issue affects the Sun ZFS Storage Appliance Kit (AK) subcomponent API frameworks in Oracle Sun Systems Products Suite. The affected line is the AK component prior to version 8.7.18. Exploitation requires network access and a high-privilege attacker, with no user interaction, to ...

CVE-2018-2917

CVE-2018-2917 affects the Sun ZFS Storage Appliance Kit (AK) within the Oracle Sun Systems Products Suite, specifically the API frameworks subcomponent. The vulnerability concerns versions prior to 8.7.18 and allows an unauthenticated attacker with network access through multiple protocols to com...