Yokogawa Rental & Lease Corporation Security Vulnerabilities

KB4483230: Windows 10 Version 1703 December 2018 OOB Security Update

The remote Windows host is missing security update 4483230. It is, therefore, affected by a remote code execution vulnerability: A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could...

CVE-2021-43960

Lorensbergs Connect2 3.13.7647.20190 is affected by an XSS vulnerability. Exploitation requires administrator privileges and is performed through the Wizard editor of the application. The attack requires an administrator to go into the Wizard editor and enter an XSS payload within the Page title,.....

CVE-2021-43960

Lorensbergs Connect2 3.13.7647.20190 is affected by an XSS vulnerability. Exploitation requires administrator privileges and is performed through the Wizard editor of the application. The attack requires an administrator to go into the Wizard editor and enter an XSS payload within the Page title,.....

CVE-2023-2062

Missing Password Field Masking vulnerability in Mitsubishi Electric Corporation EtherNet/IP configuration tools SW1DNN-EIPCT-BD and SW1DNN-EIPCTFX5-BD allows a remote unauthenticated attacker to know the password for MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 and MELSEC iQ-F Series...

glpi -- Reflexive XSS in Dropdown menus

MITRE Corporation reports: In GLPI after 0.68.1 and before 9.4.6, multiple reflexive XSS occur in Dropdown endpoints due to an invalid Content-Type. This has been fixed in version...

CVE-2023-2062 Information Disclosure vulnerability in EtherNet/IP Configuration tools

Missing Password Field Masking vulnerability in Mitsubishi Electric Corporation EtherNet/IP configuration tools SW1DNN-EIPCT-BD and SW1DNN-EIPCTFX5-BD allows a remote unauthenticated attacker to know the password for MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 and MELSEC iQ-F Series...

KB5034134: Windows 10 LTS 1507 Security Update (January 2024)

The remote Windows host is missing security update 5034134. It is, therefore, affected by multiple vulnerabilities Microsoft ODBC Driver Remote Code Execution Vulnerability (CVE-2024-20654) BitLocker Security Feature Bypass Vulnerability (CVE-2024-20666) Windows Kerberos Security Feature...

KB5033420: Windows Server 2012 R2 Security Update (December 2023)

The remote Windows host is missing security update 5033420. It is, therefore, affected by multiple vulnerabilities Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability (CVE-2023-36006) Win32k Elevation of Privilege Vulnerability (CVE-2023-36011) A...

KB5033379: Windows 10 LTS 1507 Security Update (December 2023)

The remote Windows host is missing security update 5033379. It is, therefore, affected by multiple vulnerabilities Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability (CVE-2023-36006) Win32k Elevation of Privilege Vulnerability (CVE-2023-36011) A...

KB5030286: Windows Server 2008 Security Update (September 2023)

The remote Windows host is missing security update 5030286. It is, therefore, affected by multiple vulnerabilities Windows GDI Elevation of Privilege Vulnerability (CVE-2023-36804, CVE-2023-38161) DHCP Server Service Information Disclosure Vulnerability (CVE-2023-36801, CVE-2023-38152) ...

KB5003233: Windows 7 and Windows Server 2008 R2 Security Update (May 2021)

The remote Windows host is missing security updates. It is, therefore, affected by multiple vulnerabilities: Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version...

KB5003171: Windows 10 version 1809 / Windows Server 2019 Security Update (May 2021)

The remote Windows host is missing security updates. It is, therefore, affected by multiple vulnerabilities: Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version...

KB4483234: Windows 10 Version 1803 and Windows Server Version 1803 December 2018 OOB Security Update

The remote Windows host is missing security update 4483234. It is, therefore, affected by a remote code execution vulnerability: A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could...

CVE-2021-47449

In the Linux kernel, the following vulnerability has been resolved: ice: fix locking for Tx timestamp tracking flush Commit 4dd0d5c33c3e ("ice: add lock around Tx timestamp tracker flush") added a lock around the Tx timestamp tracker flow which is used to cleanup any left over SKBs and prepare for....

KB5034176: Windows Server 2008 Security Update (January 2024)

The remote Windows host is missing security update 5034176. It is, therefore, affected by multiple vulnerabilities Microsoft ODBC Driver Remote Code Execution Vulnerability (CVE-2024-20654) Windows Kerberos Security Feature Bypass Vulnerability (CVE-2024-20674) Windows Group Policy Elevation...

KB5033375: Windows 11 version 22H2 Security Update (December 2023)

The remote Windows host is missing security update 5033375. It is, therefore, affected by multiple vulnerabilities Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability (CVE-2023-36006) Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability...

KB5030213: Windows 10 Version 1607 and Windows Server 2016 Security Update (September 2023)

The remote Windows host is missing security update 5030213. It is, therefore, affected by multiple vulnerabilities DHCP Server Service Denial of Service Vulnerability (CVE-2023-38162) Windows GDI Elevation of Privilege Vulnerability (CVE-2023-36804, CVE-2023-38161) DHCP Server Service...

KB5006715: Windows Server 2008 Security Update (October 2021)

The remote Windows host is missing security update 5006715. It is, therefore, affected by multiple...

KB5003635: Windows 10 version 1909 Security Update (June 2021)

The remote Windows host is missing security update 5003635. It is, therefore, affected by multiple...

KB5003210: Windows Server 2008 Security Update (May 2021)

The remote Windows host is missing security updates. It is, therefore, affected by multiple vulnerabilities: Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version...

glpi -- Insecure Direct Object Reference on ajax/comments.ph

MITRE Corporation reports: In GLPI before 9.5.3, ajax/comments.php has an Insecure Direct Object Reference (IDOR) vulnerability that allows an attacker to read data from any database table (e.g., glpi_tickets, glpi_users,...

KB5034171: Windows Server 2012 R2 Security Update (January 2024)

The remote Windows host is missing security update 5034171. It is, therefore, affected by multiple vulnerabilities Microsoft ODBC Driver Remote Code Execution Vulnerability (CVE-2024-20654) Windows Kerberos Security Feature Bypass Vulnerability (CVE-2024-20674) Windows Group Policy Elevation...

KB5033383: Windows 11 version 22H2 Security Update (December 2023)

The remote Windows host is missing security update 5033383. It is, therefore, affected by multiple vulnerabilities Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability (CVE-2023-36006) Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability...

KB5030279: Windows Server 2012 Security Update (September 2023)

The remote Windows host is missing security update 5030279. It is, therefore, affected by multiple vulnerabilities DHCP Server Service Denial of Service Vulnerability (CVE-2023-38162) Windows GDI Elevation of Privilege Vulnerability (CVE-2023-36804, CVE-2023-38161) DHCP Server Service...

KB5021243: Windows 10 LTS 1507 Security Update (December 2022)

The remote Windows host is missing security update 5021243. It is, therefore, affected by multiple vulnerabilities PowerShell Remote Code Execution Vulnerability (CVE-2022-41076) A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute ...

KB5003681: Windows 8.1 and Windows Server 2012 R2 Security Update (June 2021)

The remote Windows host is missing security update 5003681. It is, therefore, affected by multiple...

KB4586817: Windows Server 2008 November 2020 Security Update

The Windows installation on the remote host is missing security update 4586781. It is, therefore, affected by multiple vulnerabilities. Please review the vendor advisory for more...

KB4483232: Windows 10 Version 1709 and Windows Server Version 1709 December 2018 OOB Security Update

The remote Windows host is missing security update 4483232. It is, therefore, affected by a remote code execution vulnerability: A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could...

CVE-2022-43363

Telegram Web 15.3.1 allows XSS via a certain payload derived from a Target Corporation website. NOTE: some third parties have been unable to discern any relationship between the Pastebin information and a possible XSS...

KB5034184: Windows Server 2012 Security Update (January 2024)

The remote Windows host is missing security update 5034184. It is, therefore, affected by multiple vulnerabilities Microsoft ODBC Driver Remote Code Execution Vulnerability (CVE-2024-20654) Windows Kerberos Security Feature Bypass Vulnerability (CVE-2024-20674) Windows Group Policy Elevation...

KB5033371: Windows 10 version 1809 / Windows Server 2019 Security Update (December 2023)

The remote Windows host is missing security update 5033371. It is, therefore, affected by multiple vulnerabilities Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability (CVE-2023-36006) Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability...

KB5033429: Windows Server 2012 Security Update (December 2023)

The remote Windows host is missing security update 5033429. It is, therefore, affected by multiple vulnerabilities Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability (CVE-2023-36006) Win32k Elevation of Privilege Vulnerability (CVE-2023-36011) A...

KB5006728: Windows 7 and Windows Server 2008 R2 Security Update (October 2021)

The remote Windows host is missing security update 5006728. It is, therefore, affected by multiple...

KB5003638: Windows 10 version 1607 / Windows Server 2016 Security Update (June 2021)

The remote Windows host is missing security update 5003638. It is, therefore, affected by multiple...

glpi -- Insecure Direct Object Reference on ajax/getDropdownValue.php

MITRE Corporation reports: In GLPI before 9.5.3, ajax/getDropdownValue.php has an Insecure Direct Object Reference (IDOR) vulnerability that allows an attacker to read data from any itemType (e.g., Ticket, Users,...

KB5035919: Windows Server 2008 R2 Security Update (March 2024)

The remote Windows host is missing security update 5035919. It is, therefore, affected by multiple vulnerabilities Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability (CVE-2024-21441, CVE-2024-21444, CVE-2024-21450, CVE-2024-26161, CVE-2024-26166) Windows USB...

KB5034129: Windows 2022 / Azure Stack HCI 22H2 Security Update (January 2024)

The remote Windows host is missing security update 5034129. It is, therefore, affected by multiple vulnerabilities Microsoft ODBC Driver Remote Code Execution Vulnerability (CVE-2024-20654) BitLocker Security Feature Bypass Vulnerability (CVE-2024-20666) Windows Kerberos Security Feature...

KB5033372: Windows 10 Version 21H2 / Windows 10 Version 22H2 Security Update (December 2023)

The remote Windows host is missing security update 5033372. It is, therefore, affected by multiple vulnerabilities Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability (CVE-2023-36006) Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability...

KB5032249: Windows Server 2012 R2 Security Update (November 2023)

The remote Windows host is missing security update 5032249. It is, therefore, affected by multiple vulnerabilities Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability (CVE-2023-36402) Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability...

KB5003173: Windows 10 version 2004 / Windows 10 version 20H2 Security Update (May 2021)

The remote Windows host is missing security updates. It is, therefore, affected by multiple vulnerabilities: Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version...

glpi -- bypass of the open redirect protection

MITRE Corporation reports: In GLPI before version 9.4.6, there is a vulnerability that allows bypassing the open redirect protection based which is based on a regexp. This is fixed in version...

RHEL 6 : dhcp (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. dhcp: unclosed TCP connections to OMAPI or failover ports can cause DoS (CVE-2016-2774) dhcp:...

JVN#17680667: Multiple vulnerabilities in Unifier and Unifier Cast

Unifier and Unifier Cast provided by Yokogawa Rental ＆ Lease Corporation contains multiple vulnerabilities listed below. Incorrect Default Permissions configured by Cast Launcher (CWE-276) CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Base Score 7.8 CVE-2024-23847 Missing Authorization for...

glpi -- SQL injection for all helpdesk instances

MITRE Corporation reports: In GLPI before version 9.4.6, there is a SQL injection vulnerability for all helpdesk instances. Exploiting this vulnerability requires a technician account. This is fixed in version...

CVE-2022-43363

Telegram Web 15.3.1 allows XSS via a certain payload derived from a Target Corporation website. NOTE: some third parties have been unable to discern any relationship between the Pastebin information and a possible XSS...

KB5037823: Windows Server 2012 R2 Security Update (May 2024)

The remote Windows host is missing security update 5037823. It is, therefore, affected by multiple vulnerabilities Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability (CVE-2024-30009, CVE-2024-30014, CVE-2024-30015, CVE-2024-30022, CVE-2024-30023,...

KB5034167: Windows Server 2008 R2 Security Update (January 2024)

The remote Windows host is missing security update 5034167. It is, therefore, affected by multiple vulnerabilities Microsoft ODBC Driver Remote Code Execution Vulnerability (CVE-2024-20654) Windows Kerberos Security Feature Bypass Vulnerability (CVE-2024-20674) Windows Group Policy Elevation...

KB5034119: Windows 10 Version 1607 and Windows Server 2016 Security Update (January 2024)

The remote Windows host is missing security update 5034119. It is, therefore, affected by multiple vulnerabilities Microsoft ODBC Driver Remote Code Execution Vulnerability (CVE-2024-20654) BitLocker Security Feature Bypass Vulnerability (CVE-2024-20666) Windows Kerberos Security Feature...

KB5034121: Windows 11 version 21H2 Security Update (January 2024)

The remote Windows host is missing security update 5034121. It is, therefore, affected by multiple vulnerabilities Microsoft ODBC Driver Remote Code Execution Vulnerability (CVE-2024-20654) BitLocker Security Feature Bypass Vulnerability (CVE-2024-20666) Windows Kerberos Security Feature...

KB5033118: Windows 2022 / Azure Stack HCI 22H2 Security Update (December 2023)

The remote Windows host is missing security update 5033118 or Azure HotPatch 5033464. It is, therefore, affected by multiple vulnerabilities Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability (CVE-2023-36006) Windows Cloud Files Mini Filter Driver Elevation of...