EUVD-2019-3811

Malware in sbrugna...

Malicious code in @bonk-sdk/sha256 (npm)

The package @bonk-sdk/sha256 was found to contain malicious code. --- -= Per source details. Do not edit below this line.=-...

CVE-2024-52521

Nextcloud Server is a self hosted personal cloud system. MD5 hashes were used to check background jobs for their uniqueness. This increased the chances of a background job with arguments falsely being identified as already existing and not be queued for execution. By changing the Hash to SHA256 t...

CVE-2019-12162

Upwork Time Tracker 5.2.2.716 doesn't verify the SHA256 hash of the downloaded program update before running it, which could lead to code execution or local privilege escalation by replacing the original update.exe...

Description of the security update for Word 2016: November 12, 2024 (KB5002619)

Description of the security update for Word 2016: November 12, 2024 KB5002619 Summary This security update resolves a Microsoft Word security feature bypass vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2024-49033. Note: To apply this...

Description of the security update for SharePoint Server 2019: November 12, 2024 (KB5002650)

Description of the security update for SharePoint Server 2019: November 12, 2024 KB5002650 Summary This security update for SharePoint Server provides defense-in-depth updates to help improve security-related features. To learn more about the updates, see Microsoft Advisory ADV240001. Notes: This...

Description of the security update for Microsoft Exchange Server 2019 and 2016: November 12, 2024 (KB5044062)

Description of the security update for Microsoft Exchange Server 2019 and 2016: November 12, 2024 KB5044062 Notice We have re-released the Exchange Server 2019 and 2016 November 12, 2024, security update SU to address the issue where Exchange Server stops processing Exchange Transport Rules ETR a...

CVE-2024-23924

Alpine Halo9 UPDMwemCmdCreatSHA256Hash Command Injection Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Alpine Halo9 devices. Authentication is not required to exploit this vulnerability. The...

Alpine Halo9 安全漏洞

Alpine Halo9 is a multimedia player from Alpine. A security vulnerability exists in Alpine Halo9 that stems from the UPDMwemCmdCreatSHA256Hash function containing a command injection issue...

Description of the security update for Office Online Server: September 10, 2024 (KB5002601)

Description of the security update for Office Online Server: September 10, 2024 KB5002601 Summary This security update resolves a Microsoft Excel elevation of privilege vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2024-43465. Notes:...

Description of the security update for Project 2016: August 13, 2024 (KB5002561)

Description of the security update for Project 2016: August 13, 2024 KB5002561 Summary This security update resolves a Microsoft Project remote code execution vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2024-38189. Note: To apply th...

End of support for Office 2016 and Office 2019

None None...

Security update 2023-08-15

...

Description of the security update for Office 2016: August 8, 2023 (KB5002465)

Description of the security update for Office 2016: August 8, 2023 KB5002465 Summary This security update for Microsoft Office provides defense-in-depth updates to help improve security-related features. To learn more about the vulnerability, see Microsoft advisory ADV230003. Note: To apply this...

Description of the security update for PowerPoint 2016: August 8, 2023 (KB4504720)

Description of the security update for PowerPoint 2016: August 8, 2023 KB4504720 Summary This security update for Microsoft Office provides defense-in-depth updates to help improve security-related features. To learn more about the vulnerability, see Microsoft advisory ADV230003. Note: To apply...

Description of the security update for Office Online Server: August 8, 2023 (KB5002435)

Description of the security update for Office Online Server: August 8, 2023 KB5002435 Summary This security update resolves a Microsoft Office remote code execution vulnerability and a Microsoft Excel remote code execution vulnerability. To learn more about the vulnerabilities, see the following...

Description of the security update for Outlook 2016: July 11, 2023 (KB5002427)

Description of the security update for Outlook 2016: July 11, 2023 KB5002427 Summary This security update resolves a Microsoft Outlook spoofing vulnerability, and Microsoft Outlook security feature bypass vulnerability. To learn more about the vulnerabilities, see the following security advisorie...

End of support for Office 2016 and Office 2019

None None...

Description of the security update for Office Online Server: June 13, 2023 (KB5002401)

Description of the security update for Office Online Server: June 13, 2023 KB5002401 Summary This security update resolves a Microsoft Excel remote code execution vulnerability. To learn more about the vulnerability, see the following security advisories:​​​​ ​​Microsoft Common Vulnerabilities an...

Description of the security update for Outlook 2013: June 13, 2023 (KB5002382)

Description of the security update for Outlook 2013: June 13, 2023 KB5002382 Summary This security update resolves a Microsoft Outlook remote code execution vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2023-33131. Note: To apply this...