99 matches found
Vulnerabilities fixed in Microsoft Azure
Microsoft has fixed vulnerabilities in components of Azure. A malicious party could exploit the vulnerabilities to circumvent a security measure, execute arbitrary code with the victim's privileges or gain access to sensitive data. Azure:...
KLA61135 DoS vulnerability in Microsoft Browser
Type confusion vulnerability was found in Microsoft Browser. Malicious users can exploit this vulnerability to cause denial of service. Original advisories CVE-2023-5346 Related products Microsoft-Edge CVE list CVE-2023-5346 critical KB list Solution Install necessary updates from the Settings an...
KLA61592 DoS vulnerability in Microsoft Office
Heap buffer overflow vulnerability was found in Microsoft Office. Malicious users can exploit this vulnerability to cause denial of service. Original advisories CVE-2023-5217 Exploitation Public exploits exist for this vulnerability. Related products Microsoft-Teams-for-Desktop CVE list...
KLA52323 Multiple vulnerabilities in Microsoft Office
A spoofing vulnerability was found in Microsoft Office. Malicious users can exploit this vulnerability to spoof user interface. Original advisories CVE-2023-36769 Related products Microsoft-Office CVE list CVE-2023-36769 high KB list 4484434 4022167 Solution Install necessary updates from the KB...
Vulnerability fixed in Microsoft SQL Server
Microsoft has fixed a vulnerability in OLEDB, a component used by clients to communicate with SQL Server. A malicious party could exploit the vulnerability to execute arbitrary execute arbitrary code on the client using OLEDB. The malicious party must trick the victim into contacting a rogue SQL...
KLA50362 Multiple vulnerabilities in Microsoft Browser
Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service. Below is a complete list of vulnerabilities: 1. Use after free vulnerability in WebRTC can be exploited to cause denial of service or...
KLA49380 DoS vulnerability in Microsoft Browser
Type confusion vulnerability was found in Microsoft Browser. Malicious users can exploit this vulnerability to cause denial of service. Original advisories CVE-2023-3079 Exploitation Public exploits exist for this vulnerability. Related products Microsoft-Edge CVE list CVE-2023-3079 critical KB...
KLA49015 Multiple vulnerabilities in Microsoft Browser
Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Out of bounds memory access vulnerability in Service Worker API can be exploited to cause...
KLA48976 ACE vulnerability in Microsoft Browser
Integer overflow vulnerability was found in Microsoft Browser. Malicious users can exploit this vulnerability to execute arbitrary code, cause denial of service. Original advisories CVE-2023-2136 Related products Microsoft-Edge CVE list CVE-2023-2136 critical KB list Solution Install necessary...
KLA48961 DoS vulnerability in Microsoft Browser
Type confusion vulnerability was found in Microsoft Browser. Malicious users can exploit this vulnerability to cause denial of service. Original advisories CVE-2023-2033 Exploitation Public exploits exist for this vulnerability. Malware exists for this vulnerability. Usually such malware is...
KLA48838 Multiple vulnerabilities in Microsoft Dynamics
Multiple vulnerabilities were found in Microsoft Dynamics. Malicious users can exploit these vulnerabilities to spoof user interface. Below is a complete list of vulnerabilities: 1. A cross-site-scripting XSS vulnerability Microsoft Dynamics 365 Customer Voice can be exploited remotely to spoof...
Vulnerabilities fixed in Microsoft SQL Server
Microsoft has fixed vulnerabilities in SQL Server and Power BI. An authenticated malicious person could exploit the vulnerabilities to execute arbitrary code, possibly with permissions from the server process itself. SQL Server: |----------------|------|-------------------------------------| | CV...
Vulnerabilities fixed in Microsoft Exchange
Microsoft has fixed vulnerabilities in Exchange Server. A authenticated malicious person could exploit the vulnerabilities to execute arbitrary code under permissions from the process of Exchange Server itself. As a rule, Exchange Server runs with restricted privileges. Microsoft Exchange Server:...
KLA20228 OSI vulnerability in Microsoft Device
An information disclosure vulnerability was found in Microsoft Device. Malicious users can exploit this vulnerability to obtain sensitive information. Original advisories CVE-2019-15126 CVE list CVE-2019-15126 warning Solution Install necessary updates from the KB section, that are listed in your...
Vulnerabilities fixed in Microsoft Office
Vulnerabilities have been fixed in Microsoft Office. The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Circumvention of security measure. Remote code execution User rights Access to sensitive data Microsoft Office:...
Vulnerabilities fixed in Microsoft Azure
A vulnerability has been fixed in Microsoft Azure. A authenticated malicious party could potentially abuse it to obtain elevated privileges and execute arbitrary code under root privileges. Microsoft indicates that proof-of-concept code is known for this vulnerability. Microsoft has made updates...
Vulnerability fixed in Microsoft Defender
Microsoft has fixed a vulnerability in Defender Endpoint for macOS. A local, authenticated malicious party can exploit the exploit the vulnerability to grant itself elevated privileges and thus execute code with SYSTEM/root privileges. Microsoft has made updates available that fix the described...
Vulnerability fixed in Microsoft Edge
A vulnerability has been fixed in Microsoft Edge. A remote malicious person could potentially exploit the vulnerability to execute arbitrary code. Because it is possible to get out of Edge's sandbox environment, execution of code at the SYSTEM level cannot be ruled out. Abuse requires that the...
Vulnerabilities fixed in Microsoft Developer Tools
Vulnerabilities have been fixed in the Kestrel Web Server and Visual Studio Code. The vulnerabilities allow a malicious party to execute arbitrary code or cause a denial-of-service cause. The Denial-of-Service vulnerability with reference CVE-2022-21986 is located in the Kestrel web server. This...
ROS-2-2160
2.2160 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...