Yokogawa Rental & Lease Corporation Security Vulnerabilities

KB4601363: Windows 7 and Windows Server 2008 R2 February 2021 Security Update

The remote Windows host is missing security update 4601363 or cumulative update 4601347. It is, therefore, affected by multiple vulnerabilities : An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain...

Windows Server 2012 December 2017 Security Updates

The remote Windows host is missing security update 4054523 or cumulative update 4054520. It is, therefore, affected by multiple vulnerabilities : A remote code execution vulnerability exists in RPC if the server has Routing and Remote Access enabled. An attacker who successfully...

CVE-2024-5739

The in-app browser of LINE client for iOS versions below 14.9.0 contains a Universal XSS (UXSS) vulnerability. This vulnerability allows for cross-site scripting (XSS) where arbitrary JavaScript can be executed in the top frame from an embedded iframe on any displayed web site within the in-app...

Security Updates for Exchange (May 2021)

The Microsoft Exchange Server installed on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - A security feature bypass vulnerability exists. An attacker can exploit this and bypass the security feature and perform unauthorized actions...

KB5031407: Windows Server 2012 R2 Security Update (October 2023)

The remote Windows host is missing security update 5031407. It is, therefore, affected by multiple vulnerabilities Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability (CVE-2023-36577) Windows IIS Server Elevation of Privilege Vulnerability (CVE-2023-36434) ...

KB5031356: Windows 10 Version 21H2 / Windows 10 Version 22H2 Security Update (October 2023)

The remote Windows host is missing security update 5031356. It is, therefore, affected by multiple vulnerabilities The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August...

KB5028223: Windows Server 2012 R2 Security Update (July 2023)

The remote Windows host is missing security update 5028223. It is, therefore, affected by multiple vulnerabilities Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability (CVE-2023-35365, CVE-2023-35366, CVE-2023-35367) Windows Netlogon Information Disclosure...

KB5015875: Windows Server 2012 Security Update (July 2022)

The remote Windows host is missing security update 5015875 or cumulative update 5015863. It is, therefore, affected by multiple vulnerabilities: A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands....

KB5015862: Windows 7 and Windows Server 2008 R2 Security Update (July 2022)

The remote Windows host is missing security update 5015862 or cumulative update 5015866. It is, therefore, affected by multiple vulnerabilities: A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands....

KB5005094: Windows Server 2012 Security Update (August 2021)

The remote Windows host is missing security update 5005094 or cumulative update 5005099. It is, therefore, affected by multiple vulnerabilities : An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges. (CVE-2021-26425, CVE-2021-26426,...

KB5000809: Windows 10 Version 1803 March 2021 Security Update

The remote Windows host is missing security update 5000809. It is, therefore, affected by multiple vulnerabilities : An information disclosure vulnerability. An attacker can exploit this to disclose potentially sensitive information. (CVE-2021-24107, CVE-2021-26869, CVE-2021-26884) ...

KB4598289: Windows 7 and Windows Server 2008 R2 January 2021 Security Update

The remote Windows host is missing security update 4598289 or cumulative update 4598279. It is, therefore, affected by multiple vulnerabilities : A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands....

Windows 2008 December 2017 Multiple Security Updates

The remote Windows host is missing multiple security updates released on 2017/12/12. It is, therefore, affected by multiple vulnerabilities : An information vulnerability exists when Windows Media Player improperly discloses file information. Successful exploitation of the vulnerability...

KB5036893: Windows 11 version 22H2 Security Update (April 2024)

The remote Windows host is missing security update 5036893. It is, therefore, affected by multiple vulnerabilities SmartScreen Prompt Security Feature Bypass Vulnerability (CVE-2024-29988) Secure Boot Security Feature Bypass Vulnerability (CVE-2024-20669, CVE-2024-26168, CVE-2024-26171, ...

KB5036894: Windows 11 version 21H2 Security Update (April 2024)

The remote Windows host is missing security update 5036894. It is, therefore, affected by multiple vulnerabilities SmartScreen Prompt Security Feature Bypass Vulnerability (CVE-2024-29988) Secure Boot Security Feature Bypass Vulnerability (CVE-2024-20669, CVE-2024-26168, CVE-2024-26171, ...

KB5036899: Windows 10 Version 1607 / Windows Server 2016 Security Update (April 2024)

The remote Windows host is missing security update 5036899. It is, therefore, affected by multiple vulnerabilities Microsoft WDAC SQL Server ODBC Driver Remote Code Execution Vulnerability (CVE-2024-26214) Secure Boot Security Feature Bypass Vulnerability (CVE-2024-20669, CVE-2024-26168,...

KB5031441: Windows Server 2008 R2 Security Update (October 2023)

The remote Windows host is missing security update 5031441. It is, therefore, affected by multiple vulnerabilities Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability (CVE-2023-36577) Windows IIS Server Elevation of Privilege Vulnerability (CVE-2023-36434) ...

KB5005615: Windows 7 and Windows Server 2008 R2 September 2021 Security Update

The remote Windows host is missing security update 5005615 or cumulative update 5005633. It is, therefore, affected by multiple vulnerabilities : An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges. (CVE-2021-36955, CVE-2021-36963,...

KB5005607: Windows Server 2012 September 2021 Security Update

The remote Windows host is missing security update 5005607 or cumulative update 5005623. It is, therefore, affected by multiple vulnerabilities : An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges. (CVE-2021-36955, CVE-2021-36963,...

KB5005106: Windows 8.1 and Windows Server 2012 R2 Security Update (August 2021)

The remote Windows host is missing security update 5005106 or cumulative update 5005076. It is, therefore, affected by multiple vulnerabilities : An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges. (CVE-2021-26425, CVE-2021-26426,...

KB5000840: Windows Server 2012 March 2021 Security Update

The remote Windows host is missing security update 5000840 or cumulative update 5000847. It is, therefore, affected by multiple vulnerabilities : A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands....

KB4601345: Windows 10 Version 1809 and Windows Server 2019 February 2021 Security Update

The remote Windows host is missing security update 4601345. It is, therefore, affected by multiple vulnerabilities : An information disclosure vulnerability. An attacker can exploit this to disclose potentially sensitive information. (CVE-2021-1734, CVE-2021-24076, CVE-2021-24079,...

KB4598287: Windows Server 2008 January 2021 Security Update

The remote Windows host is missing security update 4598287 or cumulative update 4598288. It is, therefore, affected by multiple vulnerabilities : A security feature bypass vulnerability exists. An attacker can exploit this and bypass the security feature and perform unauthorized actions...

CVE-2024-31413

Free of pointer not at start of buffer vulnerability exists in CX-One CX-One CXONE-AL[][]D-V4 (The version which was installed with a DVD ver. 4.61.1 or lower, and was updated through CX-One V4 auto update in January 2024 or prior) and Sysmac Studio SYSMAC-SE2[][][] (The version which was...

KB5031361: Windows 10 version 1809 / Windows Server 2019 Security Update (October 2023)

The remote Windows host is missing security update 5031361. It is, therefore, affected by multiple vulnerabilities The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August...

KB5028182: Windows 11 version 21H2 Security Update (July 2023)

The remote Windows host is missing security update 5028182. It is, therefore, affected by multiple vulnerabilities Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability (CVE-2023-35365, CVE-2023-35366, CVE-2023-35367) Windows Netlogon Information Disclosure...

KB5015870: Windows Server 2008 Security Update (July 2022)

The remote Windows host is missing security update 5015870 or cumulative update 5015866. It is, therefore, affected by multiple vulnerabilities: A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands....

KB5007186: Windows 10 Version 2004 / Windows 10 Version 20H2 / Windows 10 Version 21H1 (November 2021)

The remote Windows host is missing security update 5007186. It is, therefore, affected by multiple vulnerabilities: An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges. (CVE-2021-36957, CVE-2021-41366, CVE-2021-41367, CVE-2021-41370,...

KB5006669: Windows 10 Version 1607 and Windows Server 2016 Security Update (October 2021)

The remote Windows host is missing security update 5006669. It is, therefore, affected by multiple vulnerabilities: A denial of service (DoS) vulnerability. An attacker can exploit this issue to cause the affected component to deny system or application services. (CVE-2021-36953, ...

KB5000853: Windows 8.1 and Windows Server 2012 R2 March 2021 Security Update

The remote Windows host is missing security update 5000853 or cumulative update 5000848. It is, therefore, affected by multiple vulnerabilities : A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands....

Windows 10 / Windows Server 2016 September 2017 Information Disclosure Vulnerability (CVE-2017-8529)

The remote Windows host is missing a security update or a registry setting required to enable protections for CVE-2017-8529. It is, therefore, affected by an information disclosure vulnerability: An information disclosure vulnerability exists when affected Microsoft scripting engines do not...

CVE-2024-27160

All the Toshiba printers contain a shell script using the same hardcoded key to encrypt logs. An attacker can decrypt the encrypted files using the hardcoded key. This vulnerability can be executed in combination with other vulnerabilities and difficult to execute alone. So, the CVSS score for...

CVE-2024-27162

Toshiba printers provide a web interface that will load the JavaScript file. The file contains insecure codes vulnerable to XSS and is loaded inside all the webpages provided by the printer. An attacker can steal the cookie of an admin user. As for the affected products/models/versions, see the...

CVE-2024-5008

In WhatsUp Gold versions released before 2023.1.3, an authenticated user with certain permissions can upload an arbitrary file and obtain RCE...

Security Updates for Microsoft Sharepoint 2016 (August 2021)

The Microsoft SharePoint Server 2016 installation on the remote host is missing security updates. It is, therefore, affected by a Server Spoofing Vulnerability. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version ...

Security Updates for Exchange (September 2019)

The Microsoft Exchange Server installed on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities : A spoofing vulnerability exists in Microsoft Exchange Server when Outlook Web App (OWA) fails to properly handle web requests. An attacker who...

CVE-2024-5019

In WhatsUp Gold versions released before 2023.1.3, an unauthenticated Arbitrary File Read issue exists in Wug.UI.Areas.Wug.Controllers.SessionController.CachedCSS. This vulnerability allows reading of any file with iisapppool\NmConsole...

CVE-2024-27156

The session cookies, used for authentication, are stored in clear-text logs. An attacker can retrieve authentication sessions. A remote attacker can retrieve the credentials and bypass the authentication mechanism. As for the affected products/models/versions, see the reference...

CVE-2024-27152

The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker can remotely compromise any Toshiba printer. As for the affected products/models/versions, see the reference...

CVE-2024-27145

The Toshiba printers provide several ways to upload files using the admin web interface. An attacker can remotely compromise any Toshiba printer. An attacker can overwrite any insecure files. This vulnerability can be executed in combination with other vulnerabilities and difficult to execute...

CVE-2024-3496

Attackers can bypass the web login authentication process to gain access to the printer's system information and upload malicious drivers to the printer. As for the affected products/models/versions, see the reference...

CVE-2024-27178

An attacker can get Remote Code Execution by overwriting files. Overwriting files is enable by falsifying file name variable. This vulnerability can be executed in combination with other vulnerabilities and difficult to execute alone. So, the CVSS score for this vulnerability alone is lower than...

CVE-2024-27176

An attacker can get Remote Code Execution by overwriting files. Overwriting files is enable by falsifying session ID variable. This vulnerability can be executed in combination with other vulnerabilities and difficult to execute alone. So, the CVSS score for this vulnerability alone is lower than.....

CVE-2024-5010

In WhatsUp Gold versions released before 2023.1.3, a vulnerability exists in the TestController functionality. A specially crafted unauthenticated HTTP request can lead to a disclosure of sensitive...

CVE-2024-5011

In WhatsUp Gold versions released before 2023.1.3, an uncontrolled resource consumption vulnerability exists. A specially crafted unauthenticated HTTP request to the TestController Chart functionality can lead to denial of...

CVE-2024-1735

A vulnerability has been identified in armeria-saml versions less than 1.27.2, allowing the use of malicious SAML messages to bypass authentication. All users who rely on armeria-saml older than version 1.27.2 must upgrade to 1.27.2 or...

CVE-2024-4883

In WhatsUp Gold versions released before 2023.1.3, a Remote Code Execution issue exists in Progress WhatsUp Gold. This vulnerability allows an unauthenticated attacker to achieve the RCE as a service account through...

CVE-2024-4884

In WhatsUp Gold versions released before 2023.1.3, an unauthenticated Remote Code Execution vulnerability in Progress WhatsUpGold. The Apm.UI.Areas.APM.Controllers.CommunityController allows execution of commands with iisapppool\nmconsole...

CVE-2024-5017

In WhatsUp Gold versions released before 2023.1.3, a path traversal vulnerability exists. A specially crafted unauthenticated HTTP request to AppProfileImport can lead can lead to information...

CVE-2024-5012

In WhatsUp Gold versions released before 2023.1.3, there is a missing authentication vulnerability in WUGDataAccess.Credentials. This vulnerability allows unauthenticated attackers to disclose Windows Credentials stored in the product Credential...