KB4483230: Windows 10 Version 1703 December 2018 OOB Security Update
The remote Windows host is missing security update 4483230. It is, therefore, affected by a remote code execution vulnerability: A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could...
7.5CVSS
7.8AI Score
0.047EPSS
Lorensbergs Connect2 3.13.7647.20190 is affected by an XSS vulnerability. Exploitation requires administrator privileges and is performed through the Wizard editor of the application. The attack requires an administrator to go into the Wizard editor and enter an XSS payload within the Page title,.....
4.8CVSS
4.8AI Score
0.001EPSS
Lorensbergs Connect2 3.13.7647.20190 is affected by an XSS vulnerability. Exploitation requires administrator privileges and is performed through the Wizard editor of the application. The attack requires an administrator to go into the Wizard editor and enter an XSS payload within the Page title,.....
4.8CVSS
0.001EPSS
Missing Password Field Masking vulnerability in Mitsubishi Electric Corporation EtherNet/IP configuration tools SW1DNN-EIPCT-BD and SW1DNN-EIPCTFX5-BD allows a remote unauthenticated attacker to know the password for MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 and MELSEC iQ-F Series...
6.2CVSS
6.6AI Score
0.001EPSS
glpi -- Reflexive XSS in Dropdown menus
MITRE Corporation reports: In GLPI after 0.68.1 and before 9.4.6, multiple reflexive XSS occur in Dropdown endpoints due to an invalid Content-Type. This has been fixed in version...
6CVSS
4AI Score
0.001EPSS
CVE-2023-2062 Information Disclosure vulnerability in EtherNet/IP Configuration tools
Missing Password Field Masking vulnerability in Mitsubishi Electric Corporation EtherNet/IP configuration tools SW1DNN-EIPCT-BD and SW1DNN-EIPCTFX5-BD allows a remote unauthenticated attacker to know the password for MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 and MELSEC iQ-F Series...
6.2CVSS
6.8AI Score
0.001EPSS
KB5034134: Windows 10 LTS 1507 Security Update (January 2024)
The remote Windows host is missing security update 5034134. It is, therefore, affected by multiple vulnerabilities Microsoft ODBC Driver Remote Code Execution Vulnerability (CVE-2024-20654) BitLocker Security Feature Bypass Vulnerability (CVE-2024-20666) Windows Kerberos Security Feature...
8.8CVSS
7.4AI Score
0.004EPSS
KB5033420: Windows Server 2012 R2 Security Update (December 2023)
The remote Windows host is missing security update 5033420. It is, therefore, affected by multiple vulnerabilities Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability (CVE-2023-36006) Win32k Elevation of Privilege Vulnerability (CVE-2023-36011) A...
8.8CVSS
7.9AI Score
0.035EPSS
KB5033379: Windows 10 LTS 1507 Security Update (December 2023)
The remote Windows host is missing security update 5033379. It is, therefore, affected by multiple vulnerabilities Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability (CVE-2023-36006) Win32k Elevation of Privilege Vulnerability (CVE-2023-36011) A...
8.8CVSS
8AI Score
0.035EPSS
KB5030286: Windows Server 2008 Security Update (September 2023)
The remote Windows host is missing security update 5030286. It is, therefore, affected by multiple vulnerabilities Windows GDI Elevation of Privilege Vulnerability (CVE-2023-36804, CVE-2023-38161) DHCP Server Service Information Disclosure Vulnerability (CVE-2023-36801, CVE-2023-38152) ...
7.8CVSS
7AI Score
0.005EPSS
KB5003233: Windows 7 and Windows Server 2008 R2 Security Update (May 2021)
The remote Windows host is missing security updates. It is, therefore, affected by multiple vulnerabilities: Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version...
9.9CVSS
7.3AI Score
0.937EPSS
KB5003171: Windows 10 version 1809 / Windows Server 2019 Security Update (May 2021)
The remote Windows host is missing security updates. It is, therefore, affected by multiple vulnerabilities: Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version...
9.9CVSS
7.3AI Score
0.937EPSS
KB4483234: Windows 10 Version 1803 and Windows Server Version 1803 December 2018 OOB Security Update
The remote Windows host is missing security update 4483234. It is, therefore, affected by a remote code execution vulnerability: A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could...
7.5CVSS
7.8AI Score
0.047EPSS
In the Linux kernel, the following vulnerability has been resolved: ice: fix locking for Tx timestamp tracking flush Commit 4dd0d5c33c3e ("ice: add lock around Tx timestamp tracker flush") added a lock around the Tx timestamp tracker flow which is used to cleanup any left over SKBs and prepare for....
6.6AI Score
0.0004EPSS
KB5034176: Windows Server 2008 Security Update (January 2024)
The remote Windows host is missing security update 5034176. It is, therefore, affected by multiple vulnerabilities Microsoft ODBC Driver Remote Code Execution Vulnerability (CVE-2024-20654) Windows Kerberos Security Feature Bypass Vulnerability (CVE-2024-20674) Windows Group Policy Elevation...
8.8CVSS
7.2AI Score
0.003EPSS
KB5033375: Windows 11 version 22H2 Security Update (December 2023)
The remote Windows host is missing security update 5033375. It is, therefore, affected by multiple vulnerabilities Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability (CVE-2023-36006) Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability...
8.8CVSS
8.1AI Score
0.035EPSS
KB5030213: Windows 10 Version 1607 and Windows Server 2016 Security Update (September 2023)
The remote Windows host is missing security update 5030213. It is, therefore, affected by multiple vulnerabilities DHCP Server Service Denial of Service Vulnerability (CVE-2023-38162) Windows GDI Elevation of Privilege Vulnerability (CVE-2023-36804, CVE-2023-38161) DHCP Server Service...
8.8CVSS
7.2AI Score
0.005EPSS
KB5006715: Windows Server 2008 Security Update (October 2021)
The remote Windows host is missing security update 5006715. It is, therefore, affected by multiple...
8.8CVSS
7.7AI Score
0.512EPSS
KB5003635: Windows 10 version 1909 Security Update (June 2021)
The remote Windows host is missing security update 5003635. It is, therefore, affected by multiple...
9.4CVSS
8.1AI Score
0.966EPSS
KB5003210: Windows Server 2008 Security Update (May 2021)
The remote Windows host is missing security updates. It is, therefore, affected by multiple vulnerabilities: Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version...
9.9CVSS
7.3AI Score
0.937EPSS
glpi -- Insecure Direct Object Reference on ajax/comments.ph
MITRE Corporation reports: In GLPI before 9.5.3, ajax/comments.php has an Insecure Direct Object Reference (IDOR) vulnerability that allows an attacker to read data from any database table (e.g., glpi_tickets, glpi_users,...
4.3CVSS
2.6AI Score
0.001EPSS
KB5034171: Windows Server 2012 R2 Security Update (January 2024)
The remote Windows host is missing security update 5034171. It is, therefore, affected by multiple vulnerabilities Microsoft ODBC Driver Remote Code Execution Vulnerability (CVE-2024-20654) Windows Kerberos Security Feature Bypass Vulnerability (CVE-2024-20674) Windows Group Policy Elevation...
8.8CVSS
7.2AI Score
0.004EPSS
KB5033383: Windows 11 version 22H2 Security Update (December 2023)
The remote Windows host is missing security update 5033383. It is, therefore, affected by multiple vulnerabilities Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability (CVE-2023-36006) Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability...
8.8CVSS
8AI Score
0.035EPSS
KB5030279: Windows Server 2012 Security Update (September 2023)
The remote Windows host is missing security update 5030279. It is, therefore, affected by multiple vulnerabilities DHCP Server Service Denial of Service Vulnerability (CVE-2023-38162) Windows GDI Elevation of Privilege Vulnerability (CVE-2023-36804, CVE-2023-38161) DHCP Server Service...
7.8CVSS
7AI Score
0.005EPSS
KB5021243: Windows 10 LTS 1507 Security Update (December 2022)
The remote Windows host is missing security update 5021243. It is, therefore, affected by multiple vulnerabilities PowerShell Remote Code Execution Vulnerability (CVE-2022-41076) A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute ...
8.5CVSS
8.3AI Score
0.01EPSS
KB5003681: Windows 8.1 and Windows Server 2012 R2 Security Update (June 2021)
The remote Windows host is missing security update 5003681. It is, therefore, affected by multiple...
9.4CVSS
8.5AI Score
0.966EPSS
KB4586817: Windows Server 2008 November 2020 Security Update
The Windows installation on the remote host is missing security update 4586781. It is, therefore, affected by multiple vulnerabilities. Please review the vendor advisory for more...
9.8CVSS
7.6AI Score
0.365EPSS
KB4483232: Windows 10 Version 1709 and Windows Server Version 1709 December 2018 OOB Security Update
The remote Windows host is missing security update 4483232. It is, therefore, affected by a remote code execution vulnerability: A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could...
7.5CVSS
7.8AI Score
0.047EPSS
Telegram Web 15.3.1 allows XSS via a certain payload derived from a Target Corporation website. NOTE: some third parties have been unable to discern any relationship between the Pastebin information and a possible XSS...
6.1CVSS
6AI Score
0.001EPSS
KB5034184: Windows Server 2012 Security Update (January 2024)
The remote Windows host is missing security update 5034184. It is, therefore, affected by multiple vulnerabilities Microsoft ODBC Driver Remote Code Execution Vulnerability (CVE-2024-20654) Windows Kerberos Security Feature Bypass Vulnerability (CVE-2024-20674) Windows Group Policy Elevation...
8.8CVSS
7.2AI Score
0.004EPSS
KB5033371: Windows 10 version 1809 / Windows Server 2019 Security Update (December 2023)
The remote Windows host is missing security update 5033371. It is, therefore, affected by multiple vulnerabilities Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability (CVE-2023-36006) Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability...
8.8CVSS
8AI Score
0.035EPSS
KB5033429: Windows Server 2012 Security Update (December 2023)
The remote Windows host is missing security update 5033429. It is, therefore, affected by multiple vulnerabilities Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability (CVE-2023-36006) Win32k Elevation of Privilege Vulnerability (CVE-2023-36011) A...
8.8CVSS
7.9AI Score
0.035EPSS
KB5006728: Windows 7 and Windows Server 2008 R2 Security Update (October 2021)
The remote Windows host is missing security update 5006728. It is, therefore, affected by multiple...
8.8CVSS
7.7AI Score
0.512EPSS
KB5003638: Windows 10 version 1607 / Windows Server 2016 Security Update (June 2021)
The remote Windows host is missing security update 5003638. It is, therefore, affected by multiple...
9.4CVSS
8.4AI Score
0.966EPSS
glpi -- Insecure Direct Object Reference on ajax/getDropdownValue.php
MITRE Corporation reports: In GLPI before 9.5.3, ajax/getDropdownValue.php has an Insecure Direct Object Reference (IDOR) vulnerability that allows an attacker to read data from any itemType (e.g., Ticket, Users,...
4.3CVSS
4.3AI Score
0.001EPSS
KB5035919: Windows Server 2008 R2 Security Update (March 2024)
The remote Windows host is missing security update 5035919. It is, therefore, affected by multiple vulnerabilities Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability (CVE-2024-21441, CVE-2024-21444, CVE-2024-21450, CVE-2024-26161, CVE-2024-26166) Windows USB...
8.8CVSS
7.9AI Score
0.001EPSS
KB5034129: Windows 2022 / Azure Stack HCI 22H2 Security Update (January 2024)
The remote Windows host is missing security update 5034129. It is, therefore, affected by multiple vulnerabilities Microsoft ODBC Driver Remote Code Execution Vulnerability (CVE-2024-20654) BitLocker Security Feature Bypass Vulnerability (CVE-2024-20666) Windows Kerberos Security Feature...
8.8CVSS
7.8AI Score
0.004EPSS
KB5033372: Windows 10 Version 21H2 / Windows 10 Version 22H2 Security Update (December 2023)
The remote Windows host is missing security update 5033372. It is, therefore, affected by multiple vulnerabilities Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability (CVE-2023-36006) Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability...
8.8CVSS
8.1AI Score
0.035EPSS
KB5032249: Windows Server 2012 R2 Security Update (November 2023)
The remote Windows host is missing security update 5032249. It is, therefore, affected by multiple vulnerabilities Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability (CVE-2023-36402) Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability...
9.8CVSS
8.5AI Score
0.05EPSS
KB5003173: Windows 10 version 2004 / Windows 10 version 20H2 Security Update (May 2021)
The remote Windows host is missing security updates. It is, therefore, affected by multiple vulnerabilities: Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version...
9.9CVSS
7.3AI Score
0.973EPSS
glpi -- bypass of the open redirect protection
MITRE Corporation reports: In GLPI before version 9.4.6, there is a vulnerability that allows bypassing the open redirect protection based which is based on a regexp. This is fixed in version...
6.1CVSS
4.3AI Score
0.005EPSS
RHEL 6 : dhcp (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. dhcp: unclosed TCP connections to OMAPI or failover ports can cause DoS (CVE-2016-2774) dhcp:...
7.2AI Score
0.922EPSS
JVN#17680667: Multiple vulnerabilities in Unifier and Unifier Cast
Unifier and Unifier Cast provided by Yokogawa Rental & Lease Corporation contains multiple vulnerabilities listed below. Incorrect Default Permissions configured by Cast Launcher (CWE-276) CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Base Score 7.8 CVE-2024-23847 Missing Authorization for...
8AI Score
0.0004EPSS
glpi -- SQL injection for all helpdesk instances
MITRE Corporation reports: In GLPI before version 9.4.6, there is a SQL injection vulnerability for all helpdesk instances. Exploiting this vulnerability requires a technician account. This is fixed in version...
7.6CVSS
3.6AI Score
0.001EPSS
Telegram Web 15.3.1 allows XSS via a certain payload derived from a Target Corporation website. NOTE: some third parties have been unable to discern any relationship between the Pastebin information and a possible XSS...
6.1CVSS
0.001EPSS
KB5037823: Windows Server 2012 R2 Security Update (May 2024)
The remote Windows host is missing security update 5037823. It is, therefore, affected by multiple vulnerabilities Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability (CVE-2024-30009, CVE-2024-30014, CVE-2024-30015, CVE-2024-30022, CVE-2024-30023,...
8.8CVSS
8AI Score
0.001EPSS
KB5034167: Windows Server 2008 R2 Security Update (January 2024)
The remote Windows host is missing security update 5034167. It is, therefore, affected by multiple vulnerabilities Microsoft ODBC Driver Remote Code Execution Vulnerability (CVE-2024-20654) Windows Kerberos Security Feature Bypass Vulnerability (CVE-2024-20674) Windows Group Policy Elevation...
8.8CVSS
7.1AI Score
0.004EPSS
KB5034119: Windows 10 Version 1607 and Windows Server 2016 Security Update (January 2024)
The remote Windows host is missing security update 5034119. It is, therefore, affected by multiple vulnerabilities Microsoft ODBC Driver Remote Code Execution Vulnerability (CVE-2024-20654) BitLocker Security Feature Bypass Vulnerability (CVE-2024-20666) Windows Kerberos Security Feature...
8.8CVSS
7.1AI Score
0.004EPSS
KB5034121: Windows 11 version 21H2 Security Update (January 2024)
The remote Windows host is missing security update 5034121. It is, therefore, affected by multiple vulnerabilities Microsoft ODBC Driver Remote Code Execution Vulnerability (CVE-2024-20654) BitLocker Security Feature Bypass Vulnerability (CVE-2024-20666) Windows Kerberos Security Feature...
8.8CVSS
7.3AI Score
0.004EPSS
KB5033118: Windows 2022 / Azure Stack HCI 22H2 Security Update (December 2023)
The remote Windows host is missing security update 5033118 or Azure HotPatch 5033464. It is, therefore, affected by multiple vulnerabilities Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability (CVE-2023-36006) Windows Cloud Files Mini Filter Driver Elevation of...
8.8CVSS
8AI Score
0.035EPSS