3868 matches found
October 12, 2021—KB5006699 (OS Build 20348.288)
October 12, 2021—KB5006699 OS Build 20348.288 Improvements and fixes This security update includes quality improvements. Key changes include: Addresses an issue that prevents some applications, such as Microsoft Office and Adobe Reader, from opening or causes them to stop responding. This occurs ...
HP Security Manager - Potential Remote Code Execution and Denial of Service
HP Security Manager may be vulnerable to potential remote code execution and denial of service. Update your printer software...
Exploit for CVE-2021-1675
PrintNightmare Python implementation for PrintNightmare CVE-...
Concealed Position - Bring Your Own Print Driver Privilege Escalation Tool
Concealed Position is a local privilege escalation attack against Windows using the concept of "Bring Your Own Vulnerability". Specifically, Concealed Position CP uses the as designed package point and print logic in Windows that allows a low privilege user to stage and install printer drivers. C...
September 14, 2021—KB5005615 (Security-only update)
September 14, 2021—KB5005615 Security-only update Summary Learn more about this security update, including improvements and fixes, any known issues, and how to get the update. Important: Windows 7 and Windows Server 2008 R2 have reached the end of mainstream support and are now in extended suppor...
September 14, 2021—KB5005627 (Security-only update)
September 14, 2021—KB5005627 Security-only update Summary Learn more about this security update, including improvements and fixes, any known issues, and how to get the update. Important: Windows 8.1 and Windows Server 2012 R2 have reached the end of mainstream support and are now in extended...
September 14, 2021—KB5005633 (Monthly Rollup)
September 14, 2021—KB5005633 Monthly Rollup Summary Learn more about this security update, including improvements and fixes, any known issues, and how to get the update. Important: Windows 7 and Windows Server 2008 R2 have reached the end of mainstream support and are now in extended support...
September 14, 2021—KB5005623 (Monthly Rollup)
September 14, 2021—KB5005623 Monthly Rollup Summary Learn more about this security update, including improvements and fixes, any known issues, and how to get the update. Important: This release includes the Flash Removal Package. Taking this update will remove Adobe Flash from the device. For mor...
September 14, 2021—KB5005566 (OS Build 18363.1801)
September 14, 2021—KB5005566 OS Build 18363.1801 EXPIRATION NOTICE As of 9/12/2023, KB5005566 is only available from Windows Update. This update is no longer available from the Microsoft Update Catalog, or other release channels. We recommend that you update your devices to the latest security...
September 14, 2021—KB5005575 (OS Build 20348.230)
September 14, 2021—KB5005575 OS Build 20348.230 Improvements and fixes This security update includes quality improvements. Key changes include: Addresses an issue that causes Windows to generate many AppLocker or SmartLocker success events in the AppLocker EXE and DLL event channel. Addresses an...
Certain HP Enterprise LaserJet MFPs, HP Enterprise PageWide MFPs, HP Digital Sender - Stored cross site scripting (XSS)
Certain HP Enterprise LaserJet and PageWide MFPs may be vulnerable to stored cross site scripting XSS. Update your printer software...
Xerox Printer Detection (PJL)
Printer Job Language PJL based detection of Xerox printer devices. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...
Canon Oce Print Exec Workgroup 跨站脚本漏洞
Canon Oce Print Exec Workgroup is a software application from Canon Japan. It is a program that displays basic printer information. A security vulnerability exists in Canon Oce Print Exec Workgroup version 1.3.2, which allows an attacker to conduct XSS attacks via the lang parameter...
Canon Oce Print Exec Workgroup 安全漏洞
Canon Oce Print Exec Workgroup is a software application from Canon Japan. A program that displays basic printer information. A security vulnerability exists in Canon Oce Print Exec Workgroup, which stems from Canon Oce Print Exec Workgroup 1.3.2 allows host header injection. An attacker could...
HP LaserJet Pro Printer - Potential vulnerabilities to unauthorized configuration and denial of service
Potential security vulnerabilities have been discovered on a certain HP LaserJet Pro printer that may allow an unauthorized user to reconfigure, reset, or create a Denial of Service on the device. Update your printer firmware...
Lexmark Driver Privilege Escalation
Various Lexmark Universal Printer drivers as listed at advisory TE953 allow low-privileged authenicated users to elevate their privileges to SYSTEM on affected Windows systems by modifying the XML file at C:\ProgramData\Universal Color Laser.gdl to replace the DLL path to unires.dll with a...
Vulnerability found in Microsoft Printer Spooler service
A vulnerability has been found in the Print Spooler service of Microsoft Windows. A local malicious person without administrator privileges can exploit this vulnerability by connecting to a rogue print server. From this print server, a printer driver is then installed. Although the driver should...
CVE-2021-38085
The Canon TR150 print driver through 3.71.2.10 is vulnerable to a privilege escalation issue. During the add printer process, a local attacker can overwrite CNMurGE.dll and, if timed properly, the overwritten DLL will be loaded into a SYSTEM process resulting in escalation of privileges. This...
Canon TR150 安全漏洞
The Canon TR150 is a printer from Canon Japan. A security vulnerability exists in Canon TR150. During the add printer process, a local attacker can exploit this vulnerability to overwrite CNMurGE.dll, load it into the SYSTEM process, and cause an escalation of privileges...
Black Hat 2021: Rapid7 Experts Share Key Day 1 Takeaways
OK, no big deal, we know how this goes. Once again, many of us are attending Black Hat in a virtual capacity as COVID-19 meanders its way out of our lives. The good news is that there’s an actual live component again this year in Las Vegas, and that’s progress. Here’s hoping that next year the...