Update now! Microsoft fixes two zero-days in August's Patch Tuesday

Microsoft has published fixes for 141 separate vulnerabilities in its batch of August updates, fixing a total of 118 CVEs in multiple products. This is a new monthly record if you look at the CVE count. Publicly disclosed computer security flaws are listed in the Common Vulnerabilities and...

Microsoft Patch Tuesday, June 2022 Edition

Microsoft on Tuesday released software updates to fix 60 security vulnerabilities in its Windows operating systems and other software, including a zero-day flaw in all supported Microsoft Office versions on all flavors of Windows thats seen active exploitation for at least two months now. On a...

The vulnerability of the diagnostic data collection and troubleshooting tool from Microsoft Support Diagnostics Tool for Windows operating systems, related to errors in processing the invoked URL address, allows a perpetrator to execute arbitrary code with privileges of the invoking application.

The vulnerability of the Microsoft Support Diagnostics Tool for collecting diagnostic data and troubleshooting issues on Windows operating systems is related to errors in processing the requested URL. Exploiting this vulnerability allows a malicious actor to execute arbitrary code with privileges...

Zoho ManageEngine OpManager SQL Injection Vulnerability (CNVD-2021-88240)

ZOHO ZOHO ManageEngine OpManager is an end-to-end integrated network management software, which can realize all-round, visualized, unified and centralized monitoring and management of IT infrastructure such as network devices, servers, hosts, WAN links, applications and services within the...

CVE-2021-40493

Zoho ManageEngine OpManager before 125437 is vulnerable to SQL Injection in the support diagnostics module. This occurs via the pollingObject parameter of the getDataCollectionFailureReason API...

CVE-2021-40493

Zoho ManageEngine OpManager before 125437 is vulnerable to SQL Injection in the support diagnostics module. This occurs via the pollingObject parameter of the getDataCollectionFailureReason API...

Sql injection

Zoho ManageEngine OpManager before 125437 is vulnerable to SQL Injection in the support diagnostics module. This occurs via the pollingObject parameter of the getDataCollectionFailureReason API...

CVE-2021-40493

Zoho ManageEngine OpManager before 125437 is vulnerable to SQL Injection in the support diagnostics module. This occurs via the pollingObject parameter of the getDataCollectionFailureReason API...

CVE-2021-40493

Zoho ManageEngine OpManager before 125437 is vulnerable to SQL Injection in the Support Diagnostics module via the pollingObject parameter of the getDataCollectionFailureReason API. The issue arises from insufficient validation of HTTP request parameters processed by that method, as described in ...

ZOHO ManageEngine OpManager SQL注入漏洞

ZOHO ZOHO ManageEngine OpManager is an end-to-end integrated network management software, which can realize all-round, visualized, unified and centralized monitoring and management of IT infrastructure such as network devices, servers, hosts, WAN links, applications and services within the...