543 matches found
Tanium Patch 安全漏洞
Tanium Patch is a patch management module developed by the American company Tanium. Tanium Patch has a security vulnerability, which stems from improper default permission settings...
PT-2026-2658
Name of the Vulnerable Software and Affected Versions Microsoft Windows versions prior to February 2026 Patch Tuesday updates Description A vulnerability exists in the Desktop Window Manager component of Microsoft Windows that can lead to the disclosure of sensitive information to an unauthorized...
CVE-2020-12608
An issue was discovered in SolarWinds MSP PME Patch Management Engine Cache Service before 1.1.15 in the Advanced Monitoring Agent. There are insecure file permissions for %PROGRAMDATA%\SolarWinds MSP\SolarWinds.MSP.CacheService\config\. This can lead to code execution by changing the...
Oracle Linux 8 : binutils (ELSA-2025-23382)
"The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-23382 advisory. - CVE-2025-11083 Reviewed-by: TBD Oracle history: October-8-2025 Bruce McCulloch - 2.30-127.0.1 - Forward port Oracle patches to 2.30-127. - Muting some faili...
New Research: Multifunction Printer (MFP) Security Concerns within the Enterprise Business Environment
Multifunction printers MFPs do far more than print. They scan, email, fax, store, and authenticate. That convenience comes with risk. Our latest report, Understanding Multifunction Printer MFP Security within the Enterprise Business Environment, from Rapid7’s Deral Heiland, Principal Security...
CVE-2025-13662
Improper verification of cryptographic signatures in the patch management component of Ivanti Endpoint Manager prior to version 2024 SU4 SR1 allows a remote unauthenticated attacker to execute arbitrary code. User Interaction is required...
EUVD-2025-202297
Improper verification of cryptographic signatures in the patch management component of Ivanti Endpoint Manager prior to version 2024 SU4 SR1 allows a remote unauthenticated attacker to execute arbitrary code. User Interaction is required...
CVE-2025-13662
Improper verification of cryptographic signatures in the patch management component of Ivanti Endpoint Manager prior to version 2024 SU4 SR1 allows a remote unauthenticated attacker to execute arbitrary code. User Interaction is required...
CVE-2025-13662
Improper verification of cryptographic signatures in the patch management component of Ivanti Endpoint Manager prior to version 2024 SU4 SR1 allows a remote unauthenticated attacker to execute arbitrary code. User Interaction is required...
CVE-2025-13662
CVE-2025-13662 concerns Ivanti Endpoint Manager’s patch management component. The flaw is improper verification of cryptographic signatures, allowing a remote unauthenticated attacker to execute arbitrary code in the context of the target. The impact is high: remote code execution with user inter...
CVE-2025-13662
Improper verification of cryptographic signatures in the patch management component of Ivanti Endpoint Manager prior to version 2024 SU4 SR1 allows a remote unauthenticated attacker to execute arbitrary code. User Interaction is required...
CVE-2025-13662
Improper verification of cryptographic signatures in the patch management component of Ivanti Endpoint Manager prior to version 2024 SU4 SR1 allows a remote unauthenticated attacker to execute arbitrary code. User Interaction is required...
PT-2025-50088
Name of the Vulnerable Software and Affected Versions Ivanti Endpoint Manager versions prior to 2024 SU4 SR1 Description A flaw exists in the patch management component of Ivanti Endpoint Manager that involves improper verification of cryptographic signatures. This allows a remote, unauthenticate...
Security Advisory EPM December 2025 for EPM 2024
Summary: Ivanti has released an update for Ivanti Endpoint Manager EPM which addresses three high severity vulnerabilities and one critical severity vulnerability in the EPM core and remote consoles. We are not aware of any customers being exploited by these vulnerabilities at the time of...
What is Patch Management Automation and Why It Matters
Executive Summary Environments rarely stay as orderly as they begin. New workloads, faster releases, and growing attack surfaces stretch manual patching beyond its limits. The real risk emerges in the widening gap between spotting a vulnerability and fixing it. Automated patch management closes...
PT-2025-47132
Microsoft's latest security updates patch over 60 vulnerabilities, including a zero-day vulnerability CVE-2025-62215 and a critical flaw CVE-2025-60274 in a core Windows graphic component, exposing systems to potential exploitation and remote code execution. Defenders should prioritize patching...
Lynis Auditing Tool 3.1.6
Lynis is an auditing tool for Unix specialists. It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated...
Oracle Critical Patch Update Advisory - October 2025
A Critical Patch Update is a collection of patches for multiple security vulnerabilities. These patches address vulnerabilities in Oracle code and in third party components included in Oracle products. These patches are usually cumulative, but each advisory describes only the security patches add...
Qualys Recognized as a Leader in the 2025 GigaOM Radar for Patch Management Solutions
With vulnerabilities growing faster than most organizations can keep up with, the need for a smarter, easier way to reduce risk has never been more urgent. That’s why in 2019 Qualys launched Patch Management—the first solution built to reduce risk, not just push software updates. Since then, the...
EUVD-2005-3314
Malware in sbrugna...