Lucene search
K

543 matches found

CNNVD
CNNVD
added 2026/02/05 12:0 a.m.6 views

Tanium Patch 安全漏洞

Tanium Patch is a patch management module developed by the American company Tanium. Tanium Patch has a security vulnerability, which stems from improper default permission settings...

6.5CVSS5.8AI score0.00312EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/13 12:0 a.m.4 views

PT-2026-2658

Name of the Vulnerable Software and Affected Versions Microsoft Windows versions prior to February 2026 Patch Tuesday updates Description A vulnerability exists in the Desktop Window Manager component of Microsoft Windows that can lead to the disclosure of sensitive information to an unauthorized...

5.5CVSS5.8AI score0.05028EPSS
Exploits5References138
RedhatCVE
RedhatCVE
added 2026/01/09 9:57 a.m.10 views

CVE-2020-12608

An issue was discovered in SolarWinds MSP PME Patch Management Engine Cache Service before 1.1.15 in the Advanced Monitoring Agent. There are insecure file permissions for %PROGRAMDATA%\SolarWinds MSP\SolarWinds.MSP.CacheService\config\. This can lead to code execution by changing the...

9.3CVSS7.4AI score0.22404EPSS
Exploits4References1
Tenable Nessus
Tenable Nessus
added 2025/12/19 12:0 a.m.2 views

Oracle Linux 8 : binutils (ELSA-2025-23382)

"The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-23382 advisory. - CVE-2025-11083 Reviewed-by: TBD Oracle history: October-8-2025 Bruce McCulloch - 2.30-127.0.1 - Forward port Oracle patches to 2.30-127. - Muting some faili...

7.8CVSS6.5AI score0.00235EPSS
Exploits1References2
Rapid7 Blog
Rapid7 Blog
added 2025/12/11 10:57 a.m.7 views

New Research: Multifunction Printer (MFP) Security Concerns within the Enterprise Business Environment

Multifunction printers MFPs do far more than print. They scan, email, fax, store, and authenticate. That convenience comes with risk. Our latest report, Understanding Multifunction Printer MFP Security within the Enterprise Business Environment, from Rapid7’s Deral Heiland, Principal Security...

7AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/12/10 4:9 p.m.3 views

CVE-2025-13662

Improper verification of cryptographic signatures in the patch management component of Ivanti Endpoint Manager prior to version 2024 SU4 SR1 allows a remote unauthenticated attacker to execute arbitrary code. User Interaction is required...

7.8CVSS7.6AI score0.00475EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/09 6:30 p.m.3 views

EUVD-2025-202297

Improper verification of cryptographic signatures in the patch management component of Ivanti Endpoint Manager prior to version 2024 SU4 SR1 allows a remote unauthenticated attacker to execute arbitrary code. User Interaction is required...

7.8CVSS7.1AI score0.00475EPSS
Exploits0References2
NVD
NVD
added 2025/12/09 4:17 p.m.3 views

CVE-2025-13662

Improper verification of cryptographic signatures in the patch management component of Ivanti Endpoint Manager prior to version 2024 SU4 SR1 allows a remote unauthenticated attacker to execute arbitrary code. User Interaction is required...

7.8CVSS0.00475EPSS
Exploits0References1
OSV
OSV
added 2025/12/09 4:17 p.m.2 views

CVE-2025-13662

Improper verification of cryptographic signatures in the patch management component of Ivanti Endpoint Manager prior to version 2024 SU4 SR1 allows a remote unauthenticated attacker to execute arbitrary code. User Interaction is required...

7.8CVSS6AI score0.00475EPSS
Exploits0References1
CVE
CVE
added 2025/12/09 4:5 p.m.15 views

CVE-2025-13662

CVE-2025-13662 concerns Ivanti Endpoint Manager’s patch management component. The flaw is improper verification of cryptographic signatures, allowing a remote unauthenticated attacker to execute arbitrary code in the context of the target. The impact is high: remote code execution with user inter...

7.8CVSS7.2AI score0.00475EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/12/09 4:5 p.m.3 views

CVE-2025-13662

Improper verification of cryptographic signatures in the patch management component of Ivanti Endpoint Manager prior to version 2024 SU4 SR1 allows a remote unauthenticated attacker to execute arbitrary code. User Interaction is required...

7.8CVSS7.2AI score0.00475EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/09 4:5 p.m.19 views

CVE-2025-13662

Improper verification of cryptographic signatures in the patch management component of Ivanti Endpoint Manager prior to version 2024 SU4 SR1 allows a remote unauthenticated attacker to execute arbitrary code. User Interaction is required...

7.8CVSS0.00475EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/09 12:0 a.m.3 views

PT-2025-50088

Name of the Vulnerable Software and Affected Versions Ivanti Endpoint Manager versions prior to 2024 SU4 SR1 Description A flaw exists in the patch management component of Ivanti Endpoint Manager that involves improper verification of cryptographic signatures. This allows a remote, unauthenticate...

7.8CVSS7.3AI score0.00475EPSS
Exploits0References6
Ivanti
Ivanti
added 2025/12/08 8:19 p.m.8 views

Security Advisory EPM December 2025 for EPM 2024

Summary: Ivanti has released an update for Ivanti Endpoint Manager EPM which addresses three high severity vulnerabilities and one critical severity vulnerability in the EPM core and remote consoles. We are not aware of any customers being exploited by these vulnerabilities at the time of...

9.6CVSS7.6AI score0.29494EPSS
Exploits0
Qualys Blog
Qualys Blog
added 2025/11/19 7:20 a.m.6 views

What is Patch Management Automation and Why It Matters

Executive Summary Environments rarely stay as orderly as they begin. New workloads, faster releases, and growing attack surfaces stretch manual patching beyond its limits. The real risk emerges in the widening gap between spotting a vulnerability and fixing it. Automated patch management closes...

7AI score
Exploits0
Positive Technologies
Positive Technologies
added 2025/11/17 12:0 a.m.5 views

PT-2025-47132

Microsoft's latest security updates patch over 60 vulnerabilities, including a zero-day vulnerability CVE-2025-62215 and a critical flaw CVE-2025-60274 in a core Windows graphic component, exposing systems to potential exploitation and remote code execution. Defenders should prioritize patching...

7.8CVSS8AI score0.061EPSS
Exploits6References1
Packet Storm News
Packet Storm News
added 2025/10/23 12:0 a.m.5 views

Lynis Auditing Tool 3.1.6

Lynis is an auditing tool for Unix specialists. It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated...

6.7AI score
Exploits0
Oracle
Oracle
added 2025/10/21 12:0 a.m.48 views

Oracle Critical Patch Update Advisory - October 2025

A Critical Patch Update is a collection of patches for multiple security vulnerabilities. These patches address vulnerabilities in Oracle code and in third party components included in Oracle products. These patches are usually cumulative, but each advisory describes only the security patches add...

10CVSS8.3AI score0.99722EPSS
Exploits120Affected Software129
Qualys Blog
Qualys Blog
added 2025/10/09 6:51 p.m.8 views

Qualys Recognized as a Leader in the 2025 GigaOM Radar for Patch Management Solutions

With vulnerabilities growing faster than most organizations can keep up with, the need for a smarter, easier way to reduce risk has never been more urgent. That’s why in 2019 Qualys launched Patch Management—the first solution built to reduce risk, not just push software updates. Since then, the...

7.3AI score
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2005-3314

Malware in sbrugna...

7.5CVSS6.4AI score0.05402EPSS
Exploits1References12
Rows per page
Query Builder