Lucene search
K

3868 matches found

Microsoft KB
Microsoft KB
added 2021/10/12 7:0 a.m.78 views

October 12, 2021—KB5006699 (OS Build 20348.288)

October 12, 2021—KB5006699 OS Build 20348.288 Improvements and fixes This security update includes quality improvements. Key changes include: Addresses an issue that prevents some applications, such as Microsoft Office and Adobe Reader, from opening or causes them to stop responding. This occurs ...

9CVSS8AI score0.73381EPSS
Exploits11
Hewlett-Packard
Hewlett-Packard
added 2021/09/27 12:0 a.m.48 views

HP Security Manager - Potential Remote Code Execution and Denial of Service

HP Security Manager may be vulnerable to potential remote code execution and denial of service. Update your printer software...

9.8CVSS3.2AI score0.03669EPSS
Exploits0
GithubExploit
GithubExploit
added 2021/09/26 1:53 p.m.6 views

Exploit for CVE-2021-1675

PrintNightmare Python implementation for PrintNightmare CVE-...

9.3CVSS8.9AI score0.99759EPSS
Exploits75
Kitploit
Kitploit
added 2021/09/18 11:30 a.m.96 views

Concealed Position - Bring Your Own Print Driver Privilege Escalation Tool

Concealed Position is a local privilege escalation attack against Windows using the concept of "Bring Your Own Vulnerability". Specifically, Concealed Position CP uses the as designed package point and print logic in Windows that allows a low privilege user to stage and install printer drivers. C...

8.8CVSS9.2AI score0.59518EPSS
Exploits15References1
Microsoft KB
Microsoft KB
added 2021/09/14 7:0 a.m.67 views

September 14, 2021—KB5005615 (Security-only update)

September 14, 2021—KB5005615 Security-only update Summary Learn more about this security update, including improvements and fixes, any known issues, and how to get the update. Important: Windows 7 and Windows Server 2008 R2 have reached the end of mainstream support and are now in extended suppor...

9.8CVSS8.1AI score0.45423EPSS
Exploits2
Microsoft KB
Microsoft KB
added 2021/09/14 7:0 a.m.156 views

September 14, 2021—KB5005627 (Security-only update)

September 14, 2021—KB5005627 Security-only update Summary Learn more about this security update, including improvements and fixes, any known issues, and how to get the update. Important: Windows 8.1 and Windows Server 2012 R2 have reached the end of mainstream support and are now in extended...

9.8CVSS8.2AI score0.96843EPSS
Exploits40
Microsoft KB
Microsoft KB
added 2021/09/14 7:0 a.m.724 views

September 14, 2021—KB5005633 (Monthly Rollup)

September 14, 2021—KB5005633 Monthly Rollup Summary Learn more about this security update, including improvements and fixes, any known issues, and how to get the update. Important: Windows 7 and Windows Server 2008 R2 have reached the end of mainstream support and are now in extended support...

9.8CVSS8.3AI score0.96843EPSS
Exploits40
Microsoft KB
Microsoft KB
added 2021/09/14 7:0 a.m.238 views

September 14, 2021—KB5005623 (Monthly Rollup)

September 14, 2021—KB5005623 Monthly Rollup Summary Learn more about this security update, including improvements and fixes, any known issues, and how to get the update. Important: This release includes the Flash Removal Package. Taking this update will remove Adobe Flash from the device. For mor...

9.8CVSS8.4AI score0.96843EPSS
Exploits40
Microsoft KB
Microsoft KB
added 2021/09/14 7:0 a.m.192 views

September 14, 2021—KB5005566 (OS Build 18363.1801)

September 14, 2021—KB5005566 OS Build 18363.1801 EXPIRATION NOTICE As of 9/12/2023, KB5005566 is only available from Windows Update. This update is no longer available from the Microsoft Update Catalog, or other release channels. We recommend that you update your devices to the latest security...

9.8CVSS7.7AI score0.96843EPSS
Exploits39
Microsoft KB
Microsoft KB
added 2021/09/14 7:0 a.m.98 views

September 14, 2021—KB5005575 (OS Build 20348.230)

September 14, 2021—KB5005575 OS Build 20348.230 Improvements and fixes This security update includes quality improvements. Key changes include: Addresses an issue that causes Windows to generate many AppLocker or SmartLocker success events in the AppLocker EXE and DLL event channel. Addresses an...

9.8CVSS8.6AI score0.99759EPSS
Exploits79
Hewlett-Packard
Hewlett-Packard
added 2021/09/08 12:0 a.m.34 views

Certain HP Enterprise LaserJet MFPs, HP Enterprise PageWide MFPs, HP Digital Sender - Stored cross site scripting (XSS)

Certain HP Enterprise LaserJet and PageWide MFPs may be vulnerable to stored cross site scripting XSS. Update your printer software...

5.3CVSS0.4AI score0.00459EPSS
Exploits0
OpenVAS
OpenVAS
added 2021/09/03 12:0 a.m.14 views

Xerox Printer Detection (PJL)

Printer Job Language PJL based detection of Xerox printer devices. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...

7.1AI score
Exploits0
CNNVD
CNNVD
added 2021/08/22 12:0 a.m.3 views

Canon Oce Print Exec Workgroup 跨站脚本漏洞

Canon Oce Print Exec Workgroup is a software application from Canon Japan. It is a program that displays basic printer information. A security vulnerability exists in Canon Oce Print Exec Workgroup version 1.3.2, which allows an attacker to conduct XSS attacks via the lang parameter...

6.1CVSS6.2AI score0.00662EPSS
Exploits1References2
CNNVD
CNNVD
added 2021/08/22 12:0 a.m.4 views

Canon Oce Print Exec Workgroup 安全漏洞

Canon Oce Print Exec Workgroup is a software application from Canon Japan. A program that displays basic printer information. A security vulnerability exists in Canon Oce Print Exec Workgroup, which stems from Canon Oce Print Exec Workgroup 1.3.2 allows host header injection. An attacker could...

5.3CVSS6AI score0.00815EPSS
Exploits1References2
Hewlett-Packard
Hewlett-Packard
added 2021/08/13 12:0 a.m.41 views

HP LaserJet Pro Printer - Potential vulnerabilities to unauthorized configuration and denial of service

Potential security vulnerabilities have been discovered on a certain HP LaserJet Pro printer that may allow an unauthorized user to reconfigure, reset, or create a Denial of Service on the device. Update your printer firmware...

7.3CVSS2.4AI score0.01787EPSS
Exploits0
Metasploit
Metasploit
added 2021/08/12 5:51 p.m.111 views

Lexmark Driver Privilege Escalation

Various Lexmark Universal Printer drivers as listed at advisory TE953 allow low-privileged authenicated users to elevate their privileges to SYSTEM on affected Windows systems by modifying the XML file at C:\ProgramData\Universal Color Laser.gdl to replace the DLL path to unires.dll with a...

7.8CVSS8.5AI score0.01413EPSS
Exploits3
NCSC
NCSC
added 2021/08/12 12:0 a.m.8 views

Vulnerability found in Microsoft Printer Spooler service

A vulnerability has been found in the Print Spooler service of Microsoft Windows. A local malicious person without administrator privileges can exploit this vulnerability by connecting to a rogue print server. From this print server, a printer driver is then installed. Although the driver should...

9.8CVSS6.9AI score0.99759EPSS
Exploits76
OSV
OSV
added 2021/08/11 6:15 p.m.2 views

CVE-2021-38085

The Canon TR150 print driver through 3.71.2.10 is vulnerable to a privilege escalation issue. During the add printer process, a local attacker can overwrite CNMurGE.dll and, if timed properly, the overwritten DLL will be loaded into a SYSTEM process resulting in escalation of privileges. This...

7.8CVSS7.3AI score0.01009EPSS
Exploits3References4
CNNVD
CNNVD
added 2021/08/11 12:0 a.m.2 views

Canon TR150 安全漏洞

The Canon TR150 is a printer from Canon Japan. A security vulnerability exists in Canon TR150. During the add printer process, a local attacker can exploit this vulnerability to overwrite CNMurGE.dll, load it into the SYSTEM process, and cause an escalation of privileges...

7.8CVSS8.1AI score0.01009EPSS
Exploits3References5
Rapid7 Blog
Rapid7 Blog
added 2021/08/05 8:26 p.m.33 views

Black Hat 2021: Rapid7 Experts Share Key Day 1 Takeaways

OK, no big deal, we know how this goes. Once again, many of us are attending Black Hat in a virtual capacity as COVID-19 meanders its way out of our lives. The good news is that there’s an actual live component again this year in Las Vegas, and that’s progress. Here’s hoping that next year the...

0.3AI score
Exploits0
Rows per page
Query Builder