2020-05 Cumulative Update for Windows 10 Version 1507 for x64-based Systems (KB4556826)

A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article...

2020-05 Cumulative Update for Windows 10 Version 2004 for ARM64-based Systems (KB4556803)

Install this update to resolve issues in Windows. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article for more information. After you install this item, you may have to restart your computer...

2020-05 Cumulative Update for Windows Server, version 2004 for ARM64-based Systems (KB4556803)

Install this update to resolve issues in Windows. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article for more information. After you install this item, you may have to restart your computer...

2020-05 Security Only Update for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Embedded Standard 7 (KB4556403)

A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article...

2020-05 Security Only Update for .NET Framework 2.0, 3.0, 4.5.2, 4.6 for Windows Server 2008 SP2 for x64 (KB4556406)

A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article...

2020-05 Security Only Update for .NET Framework 3.5.1 for Windows Server 2008 R2 for Itanium-based Systems (KB4556403)

A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article...

Service Update 0.16 for Microsoft Dynamics 365 9.0

Service Update 0.16 for Microsoft Dynamics 365 9.0 INTRODUCTION Service Update 9.0.16 for Microsoft Dynamics CRM on-premises 9.0 is now available. This article describes the hotfixes and updates that are included in Service Update 9.0.16. MORE INFORMATION Update package| Version number ---|---...

The vulnerability of the KB Search component of the Oracle Email Center messaging software in the Oracle E-Business Suite, a business automation system, allows a malicious individual to access, modify, add, or delete data, or to gain unauthorized access to protected information.

The vulnerability of the KB Search component of the Oracle Email Center messaging software within the Oracle E-Business Suite system relates to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to modify, add, or delete data, or to gain...

Teclib GLPI Cross-Site Scripting Vulnerability (CNVD-2020-32422)

Teclib GLPI is an open source IT asset management suite from the French company Teclib. The suite includes features such as device status management, asset inventory storage, management processes and work log management. A cross-site scripting vulnerability exists in Knowledge base in Teclib GLPI...

UBUNTU-CVE-2020-11036

In GLPI before version 9.4.6 there are multiple related stored XSS vulnerabilities. The package is vulnerable to Stored XSS in the comments of items in the Knowledge base. Adding a comment with content "alert1" reproduces the attack. This can be exploited by a user with administrator privileges i...

CVE-2020-11036

In GLPI before version 9.4.6 there are multiple related stored XSS vulnerabilities. The package is vulnerable to Stored XSS in the comments of items in the Knowledge base. Adding a comment with content "alert1" reproduces the attack. This can be exploited by a user with administrator privileges i...

Cross site scripting

In GLPI before version 9.4.6 there are multiple related stored XSS vulnerabilities. The package is vulnerable to Stored XSS in the comments of items in the Knowledge base. Adding a comment with content "alert1" reproduces the attack. This can be exploited by a user with administrator privileges i...

CVE-2020-11036

GLPI before version 9.4.6 is affected by multiple stored XSS vulnerabilities in the Knowledge Base item comments. The issue can be triggered by inserting a payload like in a comment, and can be exploited by an administrator via the User-Agent field, or by an attacker through a crafted user surna...

CVE-2020-11036 XSS in GLPI

In GLPI before version 9.4.6 there are multiple related stored XSS vulnerabilities. The package is vulnerable to Stored XSS in the comments of items in the Knowledge base. Adding a comment with content "alert1" reproduces the attack. This can be exploited by a user with administrator privileges i...

Citrix ShareFile storage zones Controller multiple security updates

Description of Problem Security issues have been identified in customer-managed Citrix ShareFile storage zone controllers. These vulnerabilities, if exploited, would allow an unauthenticated attacker to compromise the storage zones controller potentially giving an attacker the ability to access...

CVE-2020-8481

For ABB products ABB Ability™ System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to 2.2, Composer Harmony 5.1, 6.0 and 6.1, Melody...

CVE-2020-8475

For the Central Licensing Server component used in ABB products ABB Ability™ System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to...

Code injection

For the Central Licensing Server component used in ABB products ABB Ability™ System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to...

CVE-2020-8481 ABB Central Licensing System - Information disclosure

For ABB products ABB Ability™ System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to 2.2, Composer Harmony 5.1, 6.0 and 6.1, Melody...

CVE-2020-8481

CVE-2020-8481 concerns ABB Ability System 800xA and related ABB CLS/OLC ecosystem components. The root cause is confidential data written in an unprotected file, enabling an attacker to read sensitive data and potentially take full control of the affected node. Reported affected products span mul...