Yokogawa Rental & Lease Corporation Security Vulnerabilities

CVE-2024-21121

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 7.0.16. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to...

CVE-2024-5142 XSS in Hubshare's social module

Stored Cross-Site Scripting vulnerability in Social Module in M-Files Hubshare before version 5.0.3.8 allows authenticated attacker to run scripts in other users...

CVE-2024-0563 Denial of service condition in M-Files Server

Denial of service condition in M-Files Server in versions before 24.2 (excluding 23.2 SR7 and 23.8 SR5) allows anonymous user to cause denial of service against other anonymous...

KB5036922: Windows Server 2008 R2 Security Update (April 2024)

The remote Windows host is missing security update 5036922. It is, therefore, affected by multiple vulnerabilities Microsoft WDAC SQL Server ODBC Driver Remote Code Execution Vulnerability (CVE-2024-26214) Windows rndismp6.sys Remote Code Execution Vulnerability (CVE-2024-26252,...

KB5036950: Windows Server 2008 Security Update (April 2024)

The remote Windows host is missing security update 5036950. It is, therefore, affected by multiple vulnerabilities Microsoft WDAC SQL Server ODBC Driver Remote Code Execution Vulnerability (CVE-2024-26214) Windows rndismp6.sys Remote Code Execution Vulnerability (CVE-2024-26252,...

KB5014006: Windows Server 2008 Security Update (May 2022)

The remote Windows host is missing security update 5014006. It is, therefore, affected by multiple vulnerabilities Windows LDAP Remote Code Execution Vulnerability (CVE-2022-22012, CVE-2022-22013, CVE-2022-22014, CVE-2022-29128, CVE-2022-29129, CVE-2022-29130, CVE-2022-29137, CVE-2022-29139,...

KB5035849: Windows 10 version 1809 / Windows Server 2019 Security Update (March 2024)

The remote Windows host is missing security update 5035849. It is, therefore, affected by multiple vulnerabilities Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability (CVE-2024-21441, CVE-2024-21444, CVE-2024-21450, CVE-2024-26161, CVE-2024-26166) Windows USB...

KB5021296: Windows 8.1 and Windows Server 2012 R2 Security Update (December 2022)

The remote Windows host is missing security update 5021296. It is, therefore, affected by multiple vulnerabilities PowerShell Remote Code Execution Vulnerability (CVE-2022-41076) A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute ...

KB5020013: Windows Server 2008 R2 Security Update (November 2022)

The remote Windows host is missing security update 5020013. It is, therefore, affected by multiple vulnerabilities Windows Point-to-Point Tunneling Protocol Denial of Service Vulnerability (CVE-2022-41090, CVE-2022-41116) AMD: CVE-2022-23824 IBPB and Return Address Predictor Interactions...

KB5019980: Windows 11 22H2 Security Update (November 2022)

The remote Windows host is missing security update 5019980. It is, therefore, affected by multiple vulnerabilities AMD: CVE-2022-23824 IBPB and Return Address Predictor Interactions (CVE-2022-23824) Windows Group Policy Elevation of Privilege Vulnerability (CVE-2022-37992, CVE-2022-41086) ...

KB5020010: Windows 8.1 and Windows Server 2012 R2 Security Update (November 2022)

The remote Windows host is missing security update 5020010. It is, therefore, affected by multiple vulnerabilities AMD: CVE-2022-23824 IBPB and Return Address Predictor Interactions (CVE-2022-23824) Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability (CVE-2022-37966) Windows...

KB5007246: Windows Server 2008 Security Update (November 2021)

The remote Windows host is missing security update 5007246 or cumulative update 5007263. It is, therefore, affected by multiple vulnerabilities: An information disclosure vulnerability. An attacker can exploit this to disclose potentially sensitive information. (CVE-2021-38631,...

Security Constraint Bypass in Spring Security

Spring Security does not consider URL path parameters when processing security constraints. By adding a URL path parameter with an encoded "/" to a request, an attacker may be able to bypass a security constraint. The root cause of this issue is a lack of clarity regarding the handling of path...

KB5039213: Windows 11 version 21H2 Security Update (June 2024)

The remote Windows host is missing security update 5039213. It is, therefore, affected by multiple vulnerabilities Microsoft Speech Application Programming Interface (SAPI) Remote Code Execution Vulnerability (CVE-2024-30097) Windows Remote Access Connection Manager Information Disclosure...

KB5039214: Windows 10 Version 1607 / Windows Server 2016 Security Update (June 2024)

The remote Windows host is missing security update 5039214. It is, therefore, affected by multiple vulnerabilities Microsoft Speech Application Programming Interface (SAPI) Remote Code Execution Vulnerability (CVE-2024-30097) Windows Remote Access Connection Manager Information Disclosure...

KB5037763: Windows 10 Version 1607 / Windows Server 2016 Security Update (May 2024)

The remote Windows host is missing security update 5037763. It is, therefore, affected by multiple vulnerabilities Windows MSHTML Platform Security Feature Bypass Vulnerability (CVE-2024-30040) Windows Common Log File System Driver Elevation of Privilege Vulnerability (CVE-2024-29996, ...

KB5035854: Windows 11 version 21H2 Security Update (March 2024)

The remote Windows host is missing security update 5035854. It is, therefore, affected by multiple vulnerabilities Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability (CVE-2024-21441, CVE-2024-21444, CVE-2024-21450, CVE-2024-26161, CVE-2024-26166) Windows USB...

KB5035858: Windows 10 LTS 1507 Security Update (March 2024)

The remote Windows host is missing security update 5035858. It is, therefore, affected by multiple vulnerabilities Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability (CVE-2024-21441, CVE-2024-21444, CVE-2024-21450, CVE-2024-26161, CVE-2024-26166) Windows USB...

KB5035885: Windows Server 2012 R2 Security Update (March 2024)

The remote Windows host is missing security update 5035885. It is, therefore, affected by multiple vulnerabilities Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability (CVE-2024-21441, CVE-2024-21444, CVE-2024-21450, CVE-2024-26161, CVE-2024-26166) Windows USB...

KB5021237: Windows 10 version 1809 / Windows Server 2019 Security Update (December 2022)

The remote Windows host is missing security update 5021237. It is, therefore, affected by multiple vulnerabilities PowerShell Remote Code Execution Vulnerability (CVE-2022-41076) Windows Subsystem for Linux (WSL2) Kernel Elevation of Privilege Vulnerability (CVE-2022-44689) A remote code...

KB5019961: Windows 11 Security Update (November 2022)

The remote Windows host is missing security update 5019961. It is, therefore, affected by multiple vulnerabilities AMD: CVE-2022-23824 IBPB and Return Address Predictor Interactions (CVE-2022-23824) Windows Group Policy Elevation of Privilege Vulnerability (CVE-2022-37992, CVE-2022-41086) ...

KB5019970: Windows 10 LTS 1507 Security Update (November 2022)

The remote Windows host is missing security update 5019970. It is, therefore, affected by multiple vulnerabilities AMD: CVE-2022-23824 IBPB and Return Address Predictor Interactions (CVE-2022-23824) Windows Group Policy Elevation of Privilege Vulnerability (CVE-2022-37992, CVE-2022-41086) ...

KB5020003: Windows Server 2012 Security Update (November 2022)

The remote Windows host is missing security update 5020003. It is, therefore, affected by multiple vulnerabilities AMD: CVE-2022-23824 IBPB and Return Address Predictor Interactions (CVE-2022-23824) Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability (CVE-2022-37966) Windows...

KB5004298: Windows 8.1 and Windows Server 2012 R2 Security Update (July 2021)

The remote Windows host is missing security update 5004298. It is, therefore, affected by multiple...

KB5037803: Windows Server 2008 R2 Security Update (May 2024)

The remote Windows host is missing security update 5037803. It is, therefore, affected by multiple vulnerabilities Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability (CVE-2024-30009, CVE-2024-30014, CVE-2024-30015, CVE-2024-30022, CVE-2024-30023,...

KB5021249: Windows Server 2022 Security Update (December 2022)

The remote Windows host is missing security update 5021249. It is, therefore, affected by multiple vulnerabilities PowerShell Remote Code Execution Vulnerability (CVE-2022-41076) A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute ...

KB4592497: Windows Server 2012 December 2020 Security Update

The remote Windows host is missing security update 4592497 or cumulative update 4592468. It is, therefore, affected by multiple vulnerabilities: An information disclosure vulnerability. An attacker can exploit this to disclose potentially sensitive information. (CVE-2020-17098,...

KB4586808: Windows Server 2012 November 2020 Security Update

The Windows installation on the remote host is missing security update 4586781. It is, therefore, affected by multiple vulnerabilities. Please review the vendor advisory for more...

glpi -- Any CalDAV calendars is read-only for every authenticated user

MITRE Corporation reports: In GLPI before version 9.5.3, any authenticated user has read-only permissions to the planning of every other user, even admin ones. This issue is fixed in version 9.5.3. As a workaround, one can remove the caldav.php file to block access to CalDAV...

KB5037836: Windows Server 2008 Security Update (May 2024)

The remote Windows host is missing security update 5037836. It is, therefore, affected by multiple vulnerabilities Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability (CVE-2024-30009, CVE-2024-30014, CVE-2024-30015, CVE-2024-30022, CVE-2024-30023,...

KB5035855: Windows 10 Version 1607 / Windows Server 2016 Security Update (March 2024)

The remote Windows host is missing security update 5035855. It is, therefore, affected by multiple vulnerabilities Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability (CVE-2024-21441, CVE-2024-21444, CVE-2024-21450, CVE-2024-26161, CVE-2024-26166) Windows USB...

KB5034122: Windows 10 Version 21H2 / Windows 10 Version 22H2 Security Update (January 2024)

The remote Windows host is missing security update 5034122. It is, therefore, affected by multiple vulnerabilities Microsoft ODBC Driver Remote Code Execution Vulnerability (CVE-2024-20654) BitLocker Security Feature Bypass Vulnerability (CVE-2024-20666) Windows Kerberos Security Feature...

KB5032197: Windows 10 Version 1607 and Windows Server 2016 Security Update (November 2023)

The remote Windows host is missing security update 5032197. It is, therefore, affected by multiple vulnerabilities Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability (CVE-2023-36402) Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability...

KB5016686: Windows Server 2008 Security Update (August 2022)

The remote Windows host is missing security update 5016686. It is, therefore, affected by multiple vulnerabilities Windows Point-to-Point Protocol (PPP) Denial of Service Vulnerability (CVE-2022-35747, CVE-2022-35769) Windows Point-to-Point Protocol (PPP) Remote Code Execution Vulnerability...

KB5014710: Windows 10 LTS 1507 Security Update (June 2022)

The remote Windows host is missing security update 5014710. It is, therefore, affected by multiple vulnerabilities Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability (CVE-2022-30139, CVE-2022-30141, CVE-2022-30143, CVE-2022-30146, CVE-2022-30149,...

KB5006699: Windows Server 2022 Security Update (October 2021)

The remote Windows host is missing security update 5006699. It is, therefore, affected by multiple...

KB4601366: Windows Server 2008 February 2021 Security Update

The remote Windows host is missing security update 4601366 or cumulative update 4601360. It is, therefore, affected by multiple vulnerabilities : A denial of service (DoS) vulnerability. An attacker can exploit this issue to cause the affected component to deny system or application...

KB4465661 BitLocker Security Feature Bypass Vulnerability

The remote Windows host is missing security update 4465661. It is, therefore, affected by multiple vulnerabilities : A security feature bypass vulnerability exists when Windows improperly suspends BitLocker Device Encryption. An attacker with physical access to a powered off system ...

KB5039225: Windows 10 LTS 1507 Security Update (June 2024)

The remote Windows host is missing security update 5039225. It is, therefore, affected by multiple vulnerabilities Microsoft Speech Application Programming Interface (SAPI) Remote Code Execution Vulnerability (CVE-2024-30097) Windows Remote Access Connection Manager Information Disclosure...

SSL/TLS: Known Compromised Certificate Detection

The remote SSL/TLS service is using an SSL/TLS certificate which is known to be compromised (e.g. known private keys, used by malware,...

D-Link NAS nas_sharing.cgi command injection

Added: 04/24/2024 CVE: CVE-2024-3273 Background D-Link Network Attached Storage (NAS) devices allow different clients to connect to a centralized disk on a Local Area Network (LAN). Problem A backdoor and a command injection vulnerability in the nas_sharing.cgi script allow a remote...

D-Link NAS nas_sharing.cgi command injection

Added: 04/24/2024 CVE: CVE-2024-3273 Background D-Link Network Attached Storage (NAS) devices allow different clients to connect to a centralized disk on a Local Area Network (LAN). Problem A backdoor and a command injection vulnerability in the nas_sharing.cgi script allow a remote...

KB5032190: Windows 11 version 22H2 Security Update (November 2023)

The remote Windows host is missing security update 5032190. It is, therefore, affected by multiple vulnerabilities Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability (CVE-2023-36402) Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability...

KB5032198: Windows 2022 / Azure Stack HCI 22H2 Security Update (November 2023)

The remote Windows host is missing security update 5032198. It is, therefore, affected by multiple vulnerabilities Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability (CVE-2023-36402) Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability...

KB5017315: Windows 10 version 1809 / Windows Server 2019 Security Update (September 2022)

The remote Windows host is missing security update 5017315. It is, therefore, affected by multiple vulnerabilities Windows Photo Import API Elevation of Privilege Vulnerability (CVE-2022-26928) Windows Credential Roaming Service Elevation of Privilege Vulnerability (CVE-2022-30170) Windows...

KB5017327: Windows 10 LTS 1507 Security Update (September 2022)

The remote Windows host is missing security update 5017327. It is, therefore, affected by multiple vulnerabilities Windows Photo Import API Elevation of Privilege Vulnerability (CVE-2022-26928) Windows Credential Roaming Service Elevation of Privilege Vulnerability (CVE-2022-30170) Windows...

KB5016684: Windows Server 2012 Security Update (August 2022)

The remote Windows host is missing security update 5016684. It is, therefore, affected by multiple vulnerabilities Windows Point-to-Point Protocol (PPP) Denial of Service Vulnerability (CVE-2022-35747, CVE-2022-35769) Windows Point-to-Point Protocol (PPP) Remote Code Execution Vulnerability...

KB5014741: Windows Server 2012 Security Update (June 2022)

The remote Windows host is missing security update 5014741. It is, therefore, affected by multiple vulnerabilities Windows Network File System Remote Code Execution Vulnerability (CVE-2022-30136) Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability...

KB5014746: Windows 8.1 and Windows Server 2012 R2 Security Update (June 2022)

The remote Windows host is missing security update 5014746. It is, therefore, affected by multiple vulnerabilities Windows Network File System Remote Code Execution Vulnerability (CVE-2022-30136) Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability...

KB5014692: Windows 10 version 1809 / Windows Server 2019 Security Update (June 2022)

The remote Windows host is missing security update 5014692. It is, therefore, affected by multiple vulnerabilities Windows Network File System Remote Code Execution Vulnerability (CVE-2022-30136) Windows Kerberos Elevation of Privilege Vulnerability (CVE-2022-30165) Windows Lightweight...