KB5036922: Windows Server 2008 R2 Security Update (April 2024)
The remote Windows host is missing security update 5036922. It is, therefore, affected by multiple vulnerabilities Microsoft WDAC SQL Server ODBC Driver Remote Code Execution Vulnerability (CVE-2024-26214) Windows rndismp6.sys Remote Code Execution Vulnerability (CVE-2024-26252,...
8.8CVSS
7.7AI Score
0.001EPSS
KB5014006: Windows Server 2008 Security Update (May 2022)
The remote Windows host is missing security update 5014006. It is, therefore, affected by multiple vulnerabilities Windows LDAP Remote Code Execution Vulnerability (CVE-2022-22012, CVE-2022-22013, CVE-2022-22014, CVE-2022-29128, CVE-2022-29129, CVE-2022-29130, CVE-2022-29137, CVE-2022-29139,...
9.8CVSS
7.9AI Score
0.897EPSS
MITRE Corporation reports: In GLPI after version 0.83.3 and before version 9.4.6, the CSRF tokens are generated using an insecure algorithm. The implementation uses rand and uniqid and MD5 which does not provide secure values. This is fixed in version...
9.3CVSS
3.7AI Score
0.003EPSS
Security Constraint Bypass in Spring Security
Spring Security does not consider URL path parameters when processing security constraints. By adding a URL path parameter with an encoded "/" to a request, an attacker may be able to bypass a security constraint. The root cause of this issue is a lack of clarity regarding the handling of path...
7.5CVSS
0.2AI Score
0.001EPSS
A vulnerability has been found in FAST/TOOLS and CI Server. The affected product's WEB HMI server's function to process HTTP requests has a security flaw (Reflected XSS) that allows the execution of malicious scripts. Therefore, if a client PC with inadequate security measures accesses a product...
5.8CVSS
6.9AI Score
0.0004EPSS
A vulnerability has been found in FAST/TOOLS and CI Server. The affected products have built-in accounts with no passwords set. Therefore, if the product is operated without a password set by default, an attacker can break into the affected product. The affected products and versions are as...
5.3CVSS
7AI Score
0.0004EPSS
KB5035849: Windows 10 version 1809 / Windows Server 2019 Security Update (March 2024)
The remote Windows host is missing security update 5035849. It is, therefore, affected by multiple vulnerabilities Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability (CVE-2024-21441, CVE-2024-21444, CVE-2024-21450, CVE-2024-26161, CVE-2024-26166) Windows USB...
8.8CVSS
8.1AI Score
0.001EPSS
KB5021296: Windows 8.1 and Windows Server 2012 R2 Security Update (December 2022)
The remote Windows host is missing security update 5021296. It is, therefore, affected by multiple vulnerabilities PowerShell Remote Code Execution Vulnerability (CVE-2022-41076) A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute ...
8.5CVSS
8.2AI Score
0.01EPSS
KB5020013: Windows Server 2008 R2 Security Update (November 2022)
The remote Windows host is missing security update 5020013. It is, therefore, affected by multiple vulnerabilities Windows Point-to-Point Tunneling Protocol Denial of Service Vulnerability (CVE-2022-41090, CVE-2022-41116) AMD: CVE-2022-23824 IBPB and Return Address Predictor Interactions...
8.8CVSS
8AI Score
0.531EPSS
KB5019980: Windows 11 22H2 Security Update (November 2022)
The remote Windows host is missing security update 5019980. It is, therefore, affected by multiple vulnerabilities AMD: CVE-2022-23824 IBPB and Return Address Predictor Interactions (CVE-2022-23824) Windows Group Policy Elevation of Privilege Vulnerability (CVE-2022-37992, CVE-2022-41086) ...
8.8CVSS
7.7AI Score
0.531EPSS
KB5020010: Windows 8.1 and Windows Server 2012 R2 Security Update (November 2022)
The remote Windows host is missing security update 5020010. It is, therefore, affected by multiple vulnerabilities AMD: CVE-2022-23824 IBPB and Return Address Predictor Interactions (CVE-2022-23824) Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability (CVE-2022-37966) Windows...
8.8CVSS
8AI Score
0.531EPSS
KB5007246: Windows Server 2008 Security Update (November 2021)
The remote Windows host is missing security update 5007246 or cumulative update 5007263. It is, therefore, affected by multiple vulnerabilities: An information disclosure vulnerability. An attacker can exploit this to disclose potentially sensitive information. (CVE-2021-38631,...
8.8CVSS
8.1AI Score
0.904EPSS
KB5039213: Windows 11 version 21H2 Security Update (June 2024)
The remote Windows host is missing security update 5039213. It is, therefore, affected by multiple vulnerabilities Microsoft Speech Application Programming Interface (SAPI) Remote Code Execution Vulnerability (CVE-2024-30097) Windows Remote Access Connection Manager Information Disclosure...
9.8CVSS
8.7AI Score
0.003EPSS
KB5039214: Windows 10 Version 1607 / Windows Server 2016 Security Update (June 2024)
The remote Windows host is missing security update 5039214. It is, therefore, affected by multiple vulnerabilities Microsoft Speech Application Programming Interface (SAPI) Remote Code Execution Vulnerability (CVE-2024-30097) Windows Remote Access Connection Manager Information Disclosure...
9.8CVSS
7.8AI Score
0.003EPSS
KB5037763: Windows 10 Version 1607 / Windows Server 2016 Security Update (May 2024)
The remote Windows host is missing security update 5037763. It is, therefore, affected by multiple vulnerabilities Windows MSHTML Platform Security Feature Bypass Vulnerability (CVE-2024-30040) Windows Common Log File System Driver Elevation of Privilege Vulnerability (CVE-2024-29996, ...
8.8CVSS
7.9AI Score
0.008EPSS
KB5035858: Windows 10 LTS 1507 Security Update (March 2024)
The remote Windows host is missing security update 5035858. It is, therefore, affected by multiple vulnerabilities Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability (CVE-2024-21441, CVE-2024-21444, CVE-2024-21450, CVE-2024-26161, CVE-2024-26166) Windows USB...
8.8CVSS
8.1AI Score
0.001EPSS
KB5035885: Windows Server 2012 R2 Security Update (March 2024)
The remote Windows host is missing security update 5035885. It is, therefore, affected by multiple vulnerabilities Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability (CVE-2024-21441, CVE-2024-21444, CVE-2024-21450, CVE-2024-26161, CVE-2024-26166) Windows USB...
8.8CVSS
8AI Score
0.001EPSS
KB5035854: Windows 11 version 21H2 Security Update (March 2024)
The remote Windows host is missing security update 5035854. It is, therefore, affected by multiple vulnerabilities Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability (CVE-2024-21441, CVE-2024-21444, CVE-2024-21450, CVE-2024-26161, CVE-2024-26166) Windows USB...
8.8CVSS
8.1AI Score
0.001EPSS
KB5021237: Windows 10 version 1809 / Windows Server 2019 Security Update (December 2022)
The remote Windows host is missing security update 5021237. It is, therefore, affected by multiple vulnerabilities PowerShell Remote Code Execution Vulnerability (CVE-2022-41076) Windows Subsystem for Linux (WSL2) Kernel Elevation of Privilege Vulnerability (CVE-2022-44689) A remote code...
8.5CVSS
8.4AI Score
0.022EPSS
KB5019961: Windows 11 Security Update (November 2022)
The remote Windows host is missing security update 5019961. It is, therefore, affected by multiple vulnerabilities AMD: CVE-2022-23824 IBPB and Return Address Predictor Interactions (CVE-2022-23824) Windows Group Policy Elevation of Privilege Vulnerability (CVE-2022-37992, CVE-2022-41086) ...
8.8CVSS
7.7AI Score
0.531EPSS
KB5019970: Windows 10 LTS 1507 Security Update (November 2022)
The remote Windows host is missing security update 5019970. It is, therefore, affected by multiple vulnerabilities AMD: CVE-2022-23824 IBPB and Return Address Predictor Interactions (CVE-2022-23824) Windows Group Policy Elevation of Privilege Vulnerability (CVE-2022-37992, CVE-2022-41086) ...
8.8CVSS
7.7AI Score
0.531EPSS
KB5020003: Windows Server 2012 Security Update (November 2022)
The remote Windows host is missing security update 5020003. It is, therefore, affected by multiple vulnerabilities AMD: CVE-2022-23824 IBPB and Return Address Predictor Interactions (CVE-2022-23824) Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability (CVE-2022-37966) Windows...
8.8CVSS
8AI Score
0.531EPSS
KB5004298: Windows 8.1 and Windows Server 2012 R2 Security Update (July 2021)
The remote Windows host is missing security update 5004298. It is, therefore, affected by multiple...
8.8CVSS
7.8AI Score
0.955EPSS
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 7.0.16. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to...
6.5CVSS
5.9AI Score
0.001EPSS
KB4465661 BitLocker Security Feature Bypass Vulnerability
The remote Windows host is missing security update 4465661. It is, therefore, affected by multiple vulnerabilities : A security feature bypass vulnerability exists when Windows improperly suspends BitLocker Device Encryption. An attacker with physical access to a powered off system ...
4.6CVSS
6.8AI Score
0.001EPSS
KB5037803: Windows Server 2008 R2 Security Update (May 2024)
The remote Windows host is missing security update 5037803. It is, therefore, affected by multiple vulnerabilities Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability (CVE-2024-30009, CVE-2024-30014, CVE-2024-30015, CVE-2024-30022, CVE-2024-30023,...
8.8CVSS
7.9AI Score
0.002EPSS
KB5021249: Windows Server 2022 Security Update (December 2022)
The remote Windows host is missing security update 5021249. It is, therefore, affected by multiple vulnerabilities PowerShell Remote Code Execution Vulnerability (CVE-2022-41076) A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute ...
8.5CVSS
8.4AI Score
0.022EPSS
KB4592497: Windows Server 2012 December 2020 Security Update
The remote Windows host is missing security update 4592497 or cumulative update 4592468. It is, therefore, affected by multiple vulnerabilities: An information disclosure vulnerability. An attacker can exploit this to disclose potentially sensitive information. (CVE-2020-17098,...
8.1CVSS
7.3AI Score
0.009EPSS
KB4586808: Windows Server 2012 November 2020 Security Update
The Windows installation on the remote host is missing security update 4586781. It is, therefore, affected by multiple vulnerabilities. Please review the vendor advisory for more...
9.8CVSS
7.6AI Score
0.264EPSS
KB5037836: Windows Server 2008 Security Update (May 2024)
The remote Windows host is missing security update 5037836. It is, therefore, affected by multiple vulnerabilities Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability (CVE-2024-30009, CVE-2024-30014, CVE-2024-30015, CVE-2024-30022, CVE-2024-30023,...
8.8CVSS
7.9AI Score
0.002EPSS
KB5035855: Windows 10 Version 1607 / Windows Server 2016 Security Update (March 2024)
The remote Windows host is missing security update 5035855. It is, therefore, affected by multiple vulnerabilities Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability (CVE-2024-21441, CVE-2024-21444, CVE-2024-21450, CVE-2024-26161, CVE-2024-26166) Windows USB...
8.8CVSS
8.1AI Score
0.001EPSS
KB5034122: Windows 10 Version 21H2 / Windows 10 Version 22H2 Security Update (January 2024)
The remote Windows host is missing security update 5034122. It is, therefore, affected by multiple vulnerabilities Microsoft ODBC Driver Remote Code Execution Vulnerability (CVE-2024-20654) BitLocker Security Feature Bypass Vulnerability (CVE-2024-20666) Windows Kerberos Security Feature...
8.8CVSS
7.8AI Score
0.004EPSS
KB5032197: Windows 10 Version 1607 and Windows Server 2016 Security Update (November 2023)
The remote Windows host is missing security update 5032197. It is, therefore, affected by multiple vulnerabilities Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability (CVE-2023-36402) Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability...
9.8CVSS
8.1AI Score
0.57EPSS
KB5016686: Windows Server 2008 Security Update (August 2022)
The remote Windows host is missing security update 5016686. It is, therefore, affected by multiple vulnerabilities Windows Point-to-Point Protocol (PPP) Denial of Service Vulnerability (CVE-2022-35747, CVE-2022-35769) Windows Point-to-Point Protocol (PPP) Remote Code Execution Vulnerability...
9.8CVSS
7.7AI Score
0.468EPSS
KB5014710: Windows 10 LTS 1507 Security Update (June 2022)
The remote Windows host is missing security update 5014710. It is, therefore, affected by multiple vulnerabilities Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability (CVE-2022-30139, CVE-2022-30141, CVE-2022-30143, CVE-2022-30146, CVE-2022-30149,...
8.8CVSS
8.2AI Score
0.961EPSS
KB5006699: Windows Server 2022 Security Update (October 2021)
The remote Windows host is missing security update 5006699. It is, therefore, affected by multiple...
8.8CVSS
7.7AI Score
0.512EPSS
KB4601366: Windows Server 2008 February 2021 Security Update
The remote Windows host is missing security update 4601366 or cumulative update 4601360. It is, therefore, affected by multiple vulnerabilities : A denial of service (DoS) vulnerability. An attacker can exploit this issue to cause the affected component to deny system or application...
9.8CVSS
10AI Score
0.051EPSS
KB5039225: Windows 10 LTS 1507 Security Update (June 2024)
The remote Windows host is missing security update 5039225. It is, therefore, affected by multiple vulnerabilities Microsoft Speech Application Programming Interface (SAPI) Remote Code Execution Vulnerability (CVE-2024-30097) Windows Remote Access Connection Manager Information Disclosure...
9.8CVSS
8.5AI Score
0.003EPSS
SSL/TLS: Known Compromised Certificate Detection
The remote SSL/TLS service is using an SSL/TLS certificate which is known to be compromised (e.g. known private keys, used by malware,...
5.9CVSS
5.9AI Score
EPSS
KB5032190: Windows 11 version 22H2 Security Update (November 2023)
The remote Windows host is missing security update 5032190. It is, therefore, affected by multiple vulnerabilities Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability (CVE-2023-36402) Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability...
9.8CVSS
8.8AI Score
0.57EPSS
KB5032198: Windows 2022 / Azure Stack HCI 22H2 Security Update (November 2023)
The remote Windows host is missing security update 5032198. It is, therefore, affected by multiple vulnerabilities Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability (CVE-2023-36402) Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability...
9.8CVSS
8.8AI Score
0.57EPSS
KB5017315: Windows 10 version 1809 / Windows Server 2019 Security Update (September 2022)
The remote Windows host is missing security update 5017315. It is, therefore, affected by multiple vulnerabilities Windows Photo Import API Elevation of Privilege Vulnerability (CVE-2022-26928) Windows Credential Roaming Service Elevation of Privilege Vulnerability (CVE-2022-30170) Windows...
9.8CVSS
7.8AI Score
0.235EPSS
KB5017327: Windows 10 LTS 1507 Security Update (September 2022)
The remote Windows host is missing security update 5017327. It is, therefore, affected by multiple vulnerabilities Windows Photo Import API Elevation of Privilege Vulnerability (CVE-2022-26928) Windows Credential Roaming Service Elevation of Privilege Vulnerability (CVE-2022-30170) Windows...
9.8CVSS
8.1AI Score
0.235EPSS
KB5016684: Windows Server 2012 Security Update (August 2022)
The remote Windows host is missing security update 5016684. It is, therefore, affected by multiple vulnerabilities Windows Point-to-Point Protocol (PPP) Denial of Service Vulnerability (CVE-2022-35747, CVE-2022-35769) Windows Point-to-Point Protocol (PPP) Remote Code Execution Vulnerability...
9.8CVSS
7.9AI Score
0.6EPSS
KB5014741: Windows Server 2012 Security Update (June 2022)
The remote Windows host is missing security update 5014741. It is, therefore, affected by multiple vulnerabilities Windows Network File System Remote Code Execution Vulnerability (CVE-2022-30136) Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability...
9.8CVSS
8.2AI Score
0.961EPSS
KB5014746: Windows 8.1 and Windows Server 2012 R2 Security Update (June 2022)
The remote Windows host is missing security update 5014746. It is, therefore, affected by multiple vulnerabilities Windows Network File System Remote Code Execution Vulnerability (CVE-2022-30136) Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability...
9.8CVSS
8.2AI Score
0.961EPSS
KB5014692: Windows 10 version 1809 / Windows Server 2019 Security Update (June 2022)
The remote Windows host is missing security update 5014692. It is, therefore, affected by multiple vulnerabilities Windows Network File System Remote Code Execution Vulnerability (CVE-2022-30136) Windows Kerberos Elevation of Privilege Vulnerability (CVE-2022-30165) Windows Lightweight...
9.8CVSS
8.3AI Score
0.961EPSS
KB4592449: Windows 10 Version 1903 and Windows 10 Version 1909 December 2020 Security Update
The remote Windows host is missing security update 4592449. It is, therefore, affected by multiple vulnerabilities: An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges. (CVE-2020-16958, CVE-2020-16959, CVE-2020-16960, CVE-2020-16961,...
8.5CVSS
7.9AI Score
0.009EPSS
KB4593226: Windows 10 Version 1607 and Windows Server 2016 December 2020 Security Update
The remote Windows host is missing security update 4593226. It is, therefore, affected by multiple vulnerabilities: An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges. (CVE-2020-16958, CVE-2020-16959, CVE-2020-16960, CVE-2020-16961,...
8.5CVSS
7.8AI Score
0.009EPSS
D-Link NAS nas_sharing.cgi command injection
Added: 04/24/2024 CVE: CVE-2024-3273 Background D-Link Network Attached Storage (NAS) devices allow different clients to connect to a centralized disk on a Local Area Network (LAN). Problem A backdoor and a command injection vulnerability in the nas_sharing.cgi script allow a remote...
9.8CVSS
8.7AI Score
0.935EPSS