28 matches found
CVE-2024-7021
Inappropriate implementation in Autofill in Google Chrome on Windows prior to 124.0.6367.60 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...
CVE-2025-9179
An attacker was able to perform memory corruption in the GMP process which processes encrypted media. This process is also heavily sandboxed, but represents slightly different privileges from the content process. This vulnerability was fixed in Firefox 142, Firefox ESR 115.27, Firefox ESR 128.14,...
Description of the security update for Visual Studio 2015 Update 3: July 8, 2025 (KB5063035)
Description of the security update for Visual Studio 2015 Update 3: July 8, 2025 KB5063035 Applies to: All Visual Studio 2015 Update 3 editions except Build Tools Summary An elevation of privilege vulnerability exists in the Diagnostics Hub Standard Collector if it handles file operations...
Description of the security update for Office Online Server: July 8, 2025 (KB5002740)
Description of the security update for Office Online Server: July 8, 2025 KB5002740 Summary This security update resolves a Microsoft Excel remote code execution vulnerability, Microsoft Excel information disclosure vulnerability, and Microsoft Office remote code execution vulnerability. To learn...
Description of the security update for Office 2016: April 8, 2025 (KB5002700)
Description of the security update for Office 2016: April 8, 2025 KB5002700 Summary This security update resolves a Microsoft Office remote code execution vulnerability, Microsoft Office elevation of privilege vulnerability, Microsoft Word security feature bypass vulnerability, and Microsoft Exce...
March 11, 2025—Hotpatch KB5053636 (OS Build 26100.3403)
March 11, 2025—Hotpatch KB5053636 OS Build 26100.3403 Windows Server 2025 Datacenter & Standard machines that are connected to Azure Arc, now have the option to subscribe to hotpatch servicing. Hotpatch provides the ability to install OS security updates without restarting your machine...
CVE-2025-1920
Type Confusion in V8 in Google Chrome prior to 134.0.6998.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
Driver Disk for Qlogic qla2xxx 10.02.13.00_k - For Citrix Hypervisor 8.2 Cumulative Update 1 LTSR
Who should install this driver disk? Customers running the Citrix Hypervisor 8.2 Cumulative Update 1 LTSR release who use Qlogic's qla2xxx driver and wish to use the latest version of the following: Driver Module| Driver Type| Version ---|---|--- qla2xxx| Fibre Channel HBA/Storage Controller|...
New Teams Deployment Guidance for App Layering or User Personalization Layer(UPL)
Microsoft Teams 2.x has changed its installation method and now installs under C:\Program Files\WindowsApps. Based on those changes this article provides the specific steps for the deployment of the Teams 2.x in an App LayeringAL or User Personalization LayerUPL environment. For the most current...
PT-2024-11535 · Mautic · Mautic
Name of the Vulnerable Software and Affected Versions: Mautic affected versions not specified Description: The upgrade logic in Mautic's application update via an upgrade script is not properly shielded, potentially leading to a vulnerable situation. However, this issue is mitigated by the fact...
XZ Utils 5.6.0 / 5.6.1 Liblzma Backdoor Check
The version of XZ Utils installed on the remote host is potentially affected by a backdoor vulnerability. Note: This plugin is paranoid because not all instances of the affected versions of XZ Utils are known to be vulnerable to the backdoor. The method of installation of XZ Utils plays a role in...
Adiscon LogAnalyzer v.4.1.13 - Cross Site Scripting Vulnerability
Exploit Title: Adiscon LogAnalyzer v.4.1.13 - Cross Site Scripting Exploit Author: Pedro ISSDU TW Vendor Homepage: https://loganalyzer.adiscon.com/ Software Link: https://loganalyzer.adiscon.com/download/ Version: v4.1.13 and before Tested on: Linux CVE : CVE-2023-36306 There are several...
RUSTSEC-2022-0103 Incorrect signature verification on gzip-compressed install images
The coreos-installer is a program to fetch a disk image and stream it to a target disk. During the installation process the installation image gpg signatures are verified. The signature verification can be bypassed for gzip-compressed images due to a flaw in gzip coreos-installer wrapper. When th...
Security update for wireshark (moderate)
openSUSE Security Update: Security update for wireshark Announcement ID: openSUSE-SU-2021:3017-1 Rating: moderate References: 1188375 Cross-References: CVE-2021-22235 CVSS scores: CVE-2021-22235 SUSE: 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: openSUSE Leap 15.3 An update...
Security update for ovmf (important)
openSUSE Security Update: Security update for ovmf Announcement ID: openSUSE-SU-2021:0918-1 Rating: important References: 1186151 Affected Products: openSUSE Leap 15.2 An update that contains security fixes can now be installed. Description: This update for ovmf fixes the following issues: - Fixe...
Security update for nodejs-underscore (important)
openSUSE Security Update: Security update for nodejs-underscore Announcement ID: openSUSE-SU-2021:0601-1 Rating: important References: 1184800 Cross-References: CVE-2021-23358 CVSS scores: CVE-2021-23358 NVD : 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H Affected Products: openSUSE Leap 15.2 ...
Security update for singularity (moderate)
openSUSE Security Update: Security update for singularity Announcement ID: openSUSE-SU-2020:1529-1 Rating: moderate References: 1176705 1176707 Cross-References: CVE-2020-25039 CVE-2020-25040 Affected Products: openSUSE Backports SLE-15-SP2 An update that fixes two vulnerabilities is now availabl...
Security update for opera (important)
openSUSE Security Update: Security update for opera Announcement ID: openSUSE-SU-2020:1324-1 Rating: important References: Cross-References: CVE-2020-6532 CVE-2020-6537 CVE-2020-6538 CVE-2020-6539 CVE-2020-6540 CVE-2020-6541 CVE-2020-6542 CVE-2020-6543 CVE-2020-6544 CVE-2020-6545 CVE-2020-6546...
Security update for ldb (moderate)
openSUSE Security Update: Security update for ldb Announcement ID: openSUSE-SU-2020:1121-1 Rating: moderate References: 1173159 Cross-References: CVE-2020-10730 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update for ldb fixes th...
Update for Universal C Runtime in Windows
Update for Universal C Runtime in Windows This article describes an update for Universal C Runtime CRT in Windows. Before you install this update, see the prerequisites section. For more information, see Introducing the Universal CRT. About this update The Windows 10 Universal CRT is a Windows...