253 matches found
The vulnerability of the NTLM Security Support Provider implementation in the Windows operating system allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the NTLM Security Support Provider in the Windows operating system is related to the lack of protection for service data. Exploiting this vulnerability can allow a malicious actor to gain unauthorized access to protected information...
CVE-2023-24900 Windows NTLM Security Support Provider Information Disclosure Vulnerability
...
Windows NTLM Security Support Provider Information Disclosure Vulnerability
...
PT-2023-2692 · Microsoft · Windows Ntlm Security Support Provider +1
Name of the Vulnerable Software and Affected Versions: Windows NTLM Security Support Provider affected versions not specified Description: The issue is related to the implementation of the NTLM Security Support Provider protocol in the Windows operating system, which lacks protection for service...
Description of the security update for Office 2013: March 14, 2023 (KB5002198)
Description of the security update for Office 2013: March 14, 2023 KB5002198 Summary This security update resolves a Microsoft Excel remote code execution vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2023-23399. Note: To apply this...
Debian: Security Advisory (DLA-2482-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DLA-1657-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DLA-3038-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DLA-2103-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DLA-465-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DLA-2532-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Description of the security update for Office Online Server: February 14, 2023 (KB5002309)
Description of the security update for Office Online Server: February 14, 2023 KB5002309 Summary This security update resolves a Microsoft Word remote code execution vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2023-21716...
CVE-2023-25136
OpenSSH server sshd 9.1 introduced a double-free vulnerability during options.kexalgorithms handling. This is fixed in OpenSSH 9.2. The double free can be leveraged, by an unauthenticated remote attacker in the default configuration, to jump to any location in the sshd address space. One...
DragonCastle - A PoC That Combines AutodialDLL Lateral Movement Technique And SSP To Scrape NTLM Hashes From LSASS Process
A PoC that combines AutodialDLL lateral movement technique and SSP to scrape NTLM hashes from LSASS process. Description Upload a DLL to the target machine. Then it enables remote registry to modify AutodialDLL entry and start/restart BITS service. Svchosts would load our DLL, set again AutodiaDL...
Description of the security update for SharePoint Server Subscription Edition Language Pack: November 8, 2022 (KB5002291)
Description of the security update for SharePoint Server Subscription Edition Language Pack: November 8, 2022 KB5002291 Summary This security update resolves a Microsoft Word remote code execution vulnerability and Microsoft Word information disclosure vulnerability. To learn more about the...
CVE-2022-38043
Windows Security Support Provider Interface Information Disclosure Vulnerability...
squid: buffer-over-read in SSPI and SMB authentication
A flaw was found in Squid. An incorrect integer overflow protection in the Squid SSPI and SMB authentication helpers is vulnerable to a buffer overflow attack, resulting in information disclosure...
squid: buffer-over-read in SSPI and SMB authentication
A flaw was found in Squid. An incorrect integer overflow protection in the Squid SSPI and SMB authentication helpers is vulnerable to a buffer overflow attack, resulting in information disclosure...
September 13, 2022-KB5017498 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10, version 20H2
September 13, 2022-KB5017498 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10, version 20H2 Release Date: September 13, 2022 Version: .NET Framework 3.5, 4.8 and 4.8.1 Summary This article describes the Cumulative Update for 3.5, 4.8 and 4.8.1 for Windows 10, version 20H2...
Description of the security update for the remote code execution vulnerability in Microsoft Visual Studio 2012 Update 5: August 9, 2022 (KB5016314)
Description of the security update for the remote code execution vulnerability in Microsoft Visual Studio 2012 Update 5: August 9, 2022 KB5016314 Note: This security update applies to all Visual Studio 2012 Update 5 editions except Isolated and Integrated Shells, Build Tools, Remote Tools, and...