Yokogawa Rental & Lease Corporation Security Vulnerabilities

CVE-2024-5017

In WhatsUp Gold versions released before 2023.1.3, a path traversal vulnerability exists. A specially crafted unauthenticated HTTP request to AppProfileImport can lead can lead to information...

CVE-2024-5012

In WhatsUp Gold versions released before 2023.1.3, there is a missing authentication vulnerability in WUGDataAccess.Credentials. This vulnerability allows unauthenticated attackers to disclose Windows Credentials stored in the product Credential...

CVE-2024-36004

In the Linux kernel, the following vulnerability has been resolved: i40e: Do not use WQ_MEM_RECLAIM flag for workqueue Issue reported by customer during SRIOV testing, call trace: When both i40e and the i40iw driver are loaded, a warning in check_flush_dependency is being triggered. This seems...

KB5036896: Windows 10 version 1809 / Windows Server 2019 Security Update (April 2024)

The remote Windows host is missing security update 5036896. It is, therefore, affected by multiple vulnerabilities SmartScreen Prompt Security Feature Bypass Vulnerability (CVE-2024-29988) Secure Boot Security Feature Bypass Vulnerability (CVE-2024-20669, CVE-2024-26168, CVE-2024-26171, ...

KB5036909: Windows 2022 / Azure Stack HCI 22H2 Security Update (April 2024)

The remote Windows host is missing security update 5036909. It is, therefore, affected by multiple vulnerabilities SmartScreen Prompt Security Feature Bypass Vulnerability (CVE-2024-29988) Secure Boot Security Feature Bypass Vulnerability (CVE-2024-20669, CVE-2024-26168, CVE-2024-26171, ...

KB5031358: Windows 11 version 21H2 Security Update (October 2023)

The remote Windows host is missing security update 5031358. It is, therefore, affected by multiple vulnerabilities The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August...

KB5031362: Windows 10 Version 1607 and Windows Server 2016 Security Update (October 2023)

The remote Windows host is missing security update 5031362. It is, therefore, affected by multiple vulnerabilities The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August...

KB5028169: Windows 10 Version 1607 and Windows Server 2016 Security Update (July 2023)

The remote Windows host is missing security update 5028169. It is, therefore, affected by multiple vulnerabilities Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability (CVE-2023-35365, CVE-2023-35366, CVE-2023-35367) Windows Netlogon Information Disclosure...

KB5028168: Windows 10 version 1809 / Windows Server 2019 Security Update (July 2023)

The remote Windows host is missing security update 5028168. It is, therefore, affected by multiple vulnerabilities Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability (CVE-2023-35365, CVE-2023-35366, CVE-2023-35367) Windows Netlogon Information Disclosure...

KB5028166: Windows 10 Version 21H2 / Windows 10 Version 22H2 Security Update (July 2023)

The remote Windows host is missing security update 5028166. It is, therefore, affected by multiple vulnerabilities Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability (CVE-2023-35365, CVE-2023-35366, CVE-2023-35367) Windows Netlogon Information Disclosure...

KB5015877: Windows 8.1 and Windows Server 2012 R2 Security Update (July 2022)

The remote Windows host is missing security update 5015877 or cumulative update 5015874. It is, therefore, affected by multiple vulnerabilities: A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands....

KB5000851: Windows 7 and Windows Server 2008 R2 March 2021 Security Update

The remote Windows host is missing security update 5000851 or cumulative update 5000841. It is, therefore, affected by multiple vulnerabilities : A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands....

KB4601363: Windows 7 and Windows Server 2008 R2 February 2021 Security Update

The remote Windows host is missing security update 4601363 or cumulative update 4601347. It is, therefore, affected by multiple vulnerabilities : An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain...

Windows Server 2012 December 2017 Security Updates

The remote Windows host is missing security update 4054523 or cumulative update 4054520. It is, therefore, affected by multiple vulnerabilities : A remote code execution vulnerability exists in RPC if the server has Routing and Remote Access enabled. An attacker who successfully...

CVE-2024-28895

'Yahoo! JAPAN' App for Android v2.3.1 to v3.161.1 and 'Yahoo! JAPAN' App for iOS v3.2.2 to v4.109.0 contain a cross-site scripting vulnerability. If this vulnerability is exploited, an arbitrary script may be executed on the WebView of 'Yahoo! JAPAN' App via other app installed on the user's...

CVE-2024-21102

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Thread Pooling). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise...

KB5031407: Windows Server 2012 R2 Security Update (October 2023)

The remote Windows host is missing security update 5031407. It is, therefore, affected by multiple vulnerabilities Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability (CVE-2023-36577) Windows IIS Server Elevation of Privilege Vulnerability (CVE-2023-36434) ...

KB5031356: Windows 10 Version 21H2 / Windows 10 Version 22H2 Security Update (October 2023)

The remote Windows host is missing security update 5031356. It is, therefore, affected by multiple vulnerabilities The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August...

KB5028223: Windows Server 2012 R2 Security Update (July 2023)

The remote Windows host is missing security update 5028223. It is, therefore, affected by multiple vulnerabilities Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability (CVE-2023-35365, CVE-2023-35366, CVE-2023-35367) Windows Netlogon Information Disclosure...

KB5015875: Windows Server 2012 Security Update (July 2022)

The remote Windows host is missing security update 5015875 or cumulative update 5015863. It is, therefore, affected by multiple vulnerabilities: A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands....

KB5015862: Windows 7 and Windows Server 2008 R2 Security Update (July 2022)

The remote Windows host is missing security update 5015862 or cumulative update 5015866. It is, therefore, affected by multiple vulnerabilities: A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands....

KB5005094: Windows Server 2012 Security Update (August 2021)

The remote Windows host is missing security update 5005094 or cumulative update 5005099. It is, therefore, affected by multiple vulnerabilities : An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges. (CVE-2021-26425, CVE-2021-26426,...

KB5000809: Windows 10 Version 1803 March 2021 Security Update

The remote Windows host is missing security update 5000809. It is, therefore, affected by multiple vulnerabilities : An information disclosure vulnerability. An attacker can exploit this to disclose potentially sensitive information. (CVE-2021-24107, CVE-2021-26869, CVE-2021-26884) ...

KB4598289: Windows 7 and Windows Server 2008 R2 January 2021 Security Update

The remote Windows host is missing security update 4598289 or cumulative update 4598279. It is, therefore, affected by multiple vulnerabilities : A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands....

Windows 2008 December 2017 Multiple Security Updates

The remote Windows host is missing multiple security updates released on 2017/12/12. It is, therefore, affected by multiple vulnerabilities : An information vulnerability exists when Windows Media Player improperly discloses file information. Successful exploitation of the vulnerability...

KB5031361: Windows 10 version 1809 / Windows Server 2019 Security Update (October 2023)

The remote Windows host is missing security update 5031361. It is, therefore, affected by multiple vulnerabilities The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August...

KB5028182: Windows 11 version 21H2 Security Update (July 2023)

The remote Windows host is missing security update 5028182. It is, therefore, affected by multiple vulnerabilities Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability (CVE-2023-35365, CVE-2023-35366, CVE-2023-35367) Windows Netlogon Information Disclosure...

KB5015870: Windows Server 2008 Security Update (July 2022)

The remote Windows host is missing security update 5015870 or cumulative update 5015866. It is, therefore, affected by multiple vulnerabilities: A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands....

KB5007186: Windows 10 Version 2004 / Windows 10 Version 20H2 / Windows 10 Version 21H1 (November 2021)

The remote Windows host is missing security update 5007186. It is, therefore, affected by multiple vulnerabilities: An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges. (CVE-2021-36957, CVE-2021-41366, CVE-2021-41367, CVE-2021-41370,...

KB5006669: Windows 10 Version 1607 and Windows Server 2016 Security Update (October 2021)

The remote Windows host is missing security update 5006669. It is, therefore, affected by multiple vulnerabilities: A denial of service (DoS) vulnerability. An attacker can exploit this issue to cause the affected component to deny system or application services. (CVE-2021-36953, ...

KB5000853: Windows 8.1 and Windows Server 2012 R2 March 2021 Security Update

The remote Windows host is missing security update 5000853 or cumulative update 5000848. It is, therefore, affected by multiple vulnerabilities : A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands....

Windows 10 / Windows Server 2016 September 2017 Information Disclosure Vulnerability (CVE-2017-8529)

The remote Windows host is missing a security update or a registry setting required to enable protections for CVE-2017-8529. It is, therefore, affected by an information disclosure vulnerability: An information disclosure vulnerability exists when affected Microsoft scripting engines do not...

CVE-2024-1735

A vulnerability has been identified in armeria-saml versions less than 1.27.2, allowing the use of malicious SAML messages to bypass authentication. All users who rely on armeria-saml older than version 1.27.2 must upgrade to 1.27.2 or...

CVE-2024-36004

In the Linux kernel, the following vulnerability has been resolved: i40e: Do not use WQ_MEM_RECLAIM flag for workqueue Issue reported by customer during SRIOV testing, call trace: When both i40e and the i40iw driver are loaded, a warning in check_flush_dependency is being triggered. This seems to.....

CVE-2024-31413

Free of pointer not at start of buffer vulnerability exists in CX-One CX-One CXONE-AL[][]D-V4 (The version which was installed with a DVD ver. 4.61.1 or lower, and was updated through CX-One V4 auto update in January 2024 or prior) and Sysmac Studio SYSMAC-SE2[][][] (The version which was...

Security Updates for Exchange (May 2021)

The Microsoft Exchange Server installed on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - A security feature bypass vulnerability exists. An attacker can exploit this and bypass the security feature and perform unauthorized actions...

Security Updates for Microsoft Sharepoint 2016 (August 2021)

The Microsoft SharePoint Server 2016 installation on the remote host is missing security updates. It is, therefore, affected by a Server Spoofing Vulnerability. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version ...

Security Updates for Exchange (September 2019)

The Microsoft Exchange Server installed on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities : A spoofing vulnerability exists in Microsoft Exchange Server when Outlook Web App (OWA) fails to properly handle web requests. An attacker who...

glpi -- Unauthenticated Stored XSS

MITRE Corporation reports: In GLPI before version 9.5.2, the install/install.php endpoint insecurely stores user input into the database as url_base and url_base_api. These settings are referenced throughout the application and allow for vulnerabilities like Cross-Site Scripting and Insecure...

Language Security Updates Security Updates for Microsoft Sharepoint 2016 (March 2021)

The Microsoft SharePoint Server 2016 installation on the remote host is missing language security updates. It is, therefore, affected by Microsoft SharePoint Spoofing Vulnerability (CVE-2021-24104) Note that Nessus has not tested for this issue but has instead relied only on the application's...

Security Updates for Microsoft SharePoint Server 2019 (February 2021)

The Microsoft SharePoint Server 2019 installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities: An information disclosure vulnerability. An attacker can exploit this to disclose potentially sensitive information....

Security Updates for Microsoft SharePoint Server 2016 (November 2020)

The Microsoft SharePoint Server 2016 installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities : An Information Disclosure Vulnerability exists in Microsoft SharePoint. (CVE-2020-16979, CVE-2020-17017) A Spoofing Vulnerability exists...

glpi -- Unauthenticated File Deletion

MITRE Corporation reports: In GLPI before version 9.5.2, the pluginimage.send.php endpoint allows a user to specify an image from a plugin. The parameters can be maliciously crafted to instead delete the .htaccess file for the files directory. Any user becomes able to read all the files and...

CVE-2024-27164

Toshiba printers contain hardcoded credentials. As for the affected products/models/versions, see the reference...

CVE-2024-27174

Remote Command program allows an attacker to get Remote Code Execution. This vulnerability can be executed in combination with other vulnerabilities and difficult to execute alone. So, the CVSS score for this vulnerability alone is lower than the score listed in the "Base Score" of this...

KB5015807: Windows 10 Version 20H2 / 21H1 / 21H2 Security Update (July 2022)

The remote Windows host is missing security update 5015807. It is, therefore, affected by multiple vulnerabilities: A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. (CVE-2022-22024, ...

KB5005627: Windows 8.1 and Windows Server 2012 R2 September 2021 Security Update

The remote Windows host is missing security update 5005627 or cumulative update 5005613. It is, therefore, affected by multiple vulnerabilities : An memory corruption vulnerability exists. An attacker can exploit this to corrupt the memory and cause unexpected behaviors within the...

KB4598297: Windows Server 2012 January 2021 Security Update

The remote Windows host is missing security update 4598297 or cumulative update 4598278. It is, therefore, affected by multiple vulnerabilities : An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges. (CVE-2020-17087, CVE-2021-1648,...

Language Security Updates for Microsoft SharePoint Server 2016 (December 2020)

The Microsoft SharePoint Server 2016 installation on the remote host is missing language security updates. It is, therefore, affected by a Microsoft SharePoint Information Disclosure Vulnerability (CVE-2020-17089) Note that Nessus has not tested for this issue but has instead relied only on the...

Security Updates for Microsoft Sharepoint 2016 (May 2021)

The Microsoft SharePoint Server 2016 installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities: Microsoft SharePoint Server Remote Code Execution Vulnerability (CVE-2021-28474, CVE-2021-31181) Microsoft SharePoint Information Disclosure...