Security update for the Linux Kernel (Live Patch 47 for SLE 15 SP2)

This update for the Linux Kernel 5.3.18-15020024188 fixes several issues. The following security issues were fixed: CVE-2024-36904: tcp: Use refcountincnotzero in tcptwskunique bsc1225733. CVE-2024-43861: Fix memory leak for not ip packets bsc1229553. CVE-2021-47600: dm btree remove: fix use afte...

August 9, 2022-Security and Quality Rollup for .NET Framework 2.0, 3.0, 4.6.2 for Windows Server 2008 SP2 (KB5016741)

August 9, 2022-Security and Quality Rollup for .NET Framework 2.0, 3.0, 4.6.2 for Windows Server 2008 SP2 KB5016741 Applies to:Microsoft .NET Framework 2.0 Microsoft .NET Framework 3.0 Microsoft .NET Framework 4.6.2 IMPORTANT Verify that you have installed the required updates listed in the How t...

CVE-2020-36493

DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting XSS vulnerabilities in the component mediamain.php via the activepath, keyword, tag, fmdo=x&filename, CKEditor and CKEditorFuncNum parameters...

Siemens SINEMA Remote Connect Server 访问控制错误漏洞

Siemens SINEMA Remote Connect Server is a remote network management platform from Siemens, Germany. The platform is used to remotely access, maintain, control and diagnose the underlying network. An access control error vulnerability exists in Siemens SINEMA Remote Connect Server versions prior t...

Trend Micro InterScan Web Security Virtual Appliance 授权问题漏洞

Trend Micro InterScan Web Security Virtual Appliance IWSVA is a Web security gateway from Trend Micro that provides dynamic, integrated security protection for enterprise networks against Web-based threats. A command execution vulnerability exists in Trend Micro InterScan Web Security Virtual...

Preview of Quality Rollup for .NET Framework 2.0, 3.0, 4.5.2, 4.6 for Windows Server 2008 SP2 (KB4512196)

Preview of Quality Rollup for .NET Framework 2.0, 3.0, 4.5.2, 4.6 for Windows Server 2008 SP2 KB4512196 Applies to: Microsoft .NET Framework 2.0 Microsoft .NET Framework 3.0 Microsoft .NET Framework 4.5.2 Microsoft .NET Framework 4.6 This update is included in the Preview of Quality Rollup that's...

DedeCMS Cross-Site Scripting Vulnerability (CNVD-2018-19871)

DedeCMS is a PHP-based web content management system CMS. A cross-site scripting vulnerability exists in the /plus/feedbackajax.php file in DedeCMS version 5.7 SP2, which can be exploited by remote attackers to execute JavaScript code with the help of the onhashchange attribute in the 'msg'...

SQL Injection Vulnerability in DedeCMS

DedeCMS is a web content management system based on PHP+MySQL technology that supports multiple server platforms. A SQL injection vulnerability exists in DedeCMS v5.7 SP2, which can be exploited by attackers to obtain sensitive database information...

Cross-site scripting vulnerability in DedeCMS V5.7 SP2 official system "Topic Management".

Weaving dream content management system DedeCms is a PHP open source website management system. A cross-site scripting vulnerability exists in the "Topic Management" section of DedeCMS V5.7 SP2. Attackers can insert malicious js code in the page to obtain user cookies and other information,...

Arbitrary File Editing Vulnerability in KingCMS v6.1.1641_Sp2

KingCMS is a content management system based on WEB technology. KingCMS v6.1.1641Sp2 has an arbitrary file editing vulnerability. The vulnerability stems from not filtering the path of the file to be modified and the content of the file to be written, which can be exploited by an attacker to edit...

Update to add SHA-2 code signing support for Windows Server 2008 SP2

Update to add SHA-2 code signing support for Windows Server 2008 SP2 Summary This update provides support for the Secure Hash Algorithm-2 SHA-2 code signing and verification functionality in the 64-bit version of Windows Server 2008 Service Pack 2 SP2 which includes the following: Support for...

Code execution vulnerability in DedeCMS V5.7 SP2 (CNVD-2018-01221)

Weaving dream content management system DedeCms is a PHP open source website management system. DedeCMS V5.7 SP2 version of the tpl.php there is a code execution vulnerability, an attacker can use the vulnerability in the addition of new tags to upload a Trojan horse, get webshell...

Reliability Rollup 3179930 for the .NET Framework 4.5.2 on Windows Vista SP2, Windows 7 SP1, Windows Server 2008 SP2, and Windows Server 2008 R2 SP1

Reliability Rollup 3179930 for the .NET Framework 4.5.2 on Windows Vista SP2, Windows 7 SP1, Windows Server 2008 SP2, and Windows Server 2008 R2 SP1 This article describes the reliability rollup 3179930 for the Microsoft .NET Framework on Windows Vista Service Pack 2 SP2, Windows 7 SP1, Windows...

CVE-2016-0894

EMC RSA Data Loss Prevention 9.6 before SP2 P5 allows remote authenticated users to bypass intended object access restrictions via a modified parameter...

FAST/TOOLS vulnerable to improper restriction of XML external entity references

Overview FAST/TOOLS provided by Yokogawa Electric Corporation contains a vulnerability where XML external entity XXE references are not properly restricted CWE-611. Timur Yunusov, Alexey Osipov and Ilya Karpov of Positive Technologies reported this vulnerability to JPCERT/CC. JPCERT/CC coordinate...

PT-2012-5587 · Microsoft · .Net Framework

Name of the Vulnerable Software and Affected Versions: Microsoft .NET Framework versions 2.0 SP2 through 4.5 Description: The issue allows remote attackers to execute arbitrary JavaScript code by providing crafted data during execution of a .NET Framework application or an XAML browser applicatio...