Yokogawa Rental & Lease Corporation Security Vulnerabilities

KB4074587: Windows 7 and Windows Server 2008 R2 February 2018 Security Update

The remote Windows host is missing security update 4074587 or cumulative update 4074598. It is, therefore, affected by multiple vulnerabilities : A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The...

Security Updates for Exchange (February 2020)

The Microsoft Exchange Server installed on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities : An elevation of privilege vulnerability exists in Microsoft Exchange Server. An attacker who successfully exploited this vulnerability could...

Security Updates for Microsoft SharePoint Server (October 2018)

The Microsoft SharePoint Server installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities : A remote code execution vulnerability exists in Microsoft Word software when the software fails to properly handle objects in Protected...

Microsoft Security Advisory CVE-2024-30046 | .NET Denial of Service Vulnerability

Microsoft Security Advisory CVE-2024-30046 | .NET Denial of Service Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 7.0 and .NET 8.0. This advisory also provides guidance on what developers can do to update their...

Security Updates for Microsoft SharePoint Server 2016 (January 2021)

The Microsoft SharePoint Server 2016 installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities: A session spoofing vulnerability exists. An attacker can exploit this to perform actions with the privileges of another user....

Security Updates for Exchange (July 2019)

The Microsoft Exchange Server installed on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities : A cross-site-scripting (XSS) vulnerability exists when Microsoft Exchange Server does not properly sanitize a specially crafted web request to...

Automated Logic Corporation WebCTRL, i-VU, SiteScan Improper Limitation of a Pathname to a Restricted Directory (CVE-2017-9640)

A Path Traversal issue was discovered in Automated Logic Corporation (ALC) ALC WebCTRL, i-Vu, SiteScan Web prior to 6.5; ALC WebCTRL, SiteScan Web 6.1 and prior; ALC WebCTRL, i-Vu 6.0 and prior; ALC WebCTRL, i-Vu, SiteScan Web 5.5 and prior; and ALC WebCTRL, i-Vu, SiteScan Web 5.2 and prior. An...

KB4074589: Windows Server 2012 February 2018 Security Update

The remote Windows host is missing security update 4074589 or cumulative update 4074593. It is, therefore, affected by multiple vulnerabilities : A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The...

KB4074597: Windows 8.1 and Windows Server 2012 R2 February 2018 Security Update

The remote Windows host is missing security update 4074597 or cumulative update 4074594. It is, therefore, affected by multiple vulnerabilities : A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The...

CVE-2024-4358

In Progress Telerik Report Server, version 2024 Q1 (10.0.24.305) or earlier, on IIS, an unauthenticated attacker can gain access to Telerik Report Server restricted functionality via an authentication bypass...

CVE-2024-4202

In Progress® Telerik® Reporting versions prior to 2024 Q2 (18.1.24.514), a code execution attack is possible through an insecure instantiation...

glpi -- multiple related stored XSS vulnerabilities

MITRE Corporation reports: In GLPI before version 9.4.6 there are multiple related stored XSS vulnerabilities. The package is vulnerable to Stored XSS in the comments of items in the Knowledge base. Adding a comment with content "alert(1)" reproduces the attack. This can be exploited by a user...

KB4530689: Windows 10 Version 1607 and Windows Server 2016 December 2019 Security Update

The remote Windows host is missing security update 4530689. It is, therefore, affected by multiple vulnerabilities : A remote code execution vulnerability exists when Microsoft Windows OLE fails to properly validate user input. An attacker could exploit the vulnerability to execute...

KB4530692: Windows 7 and Windows Server 2008 R2 December 2019 Security Update

The remote Windows host is missing security update 4530692 or cumulative update 4530734. It is, therefore, affected by multiple vulnerabilities : A remote code execution vulnerability exists when Microsoft Windows OLE fails to properly validate user input. An attacker could exploit the...

Security Updates for Windows Server 2008 (June 2018)

The remote Windows host is missing security updates. It is, therefore, affected by multiple vulnerabilities : An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability...

KB4530698: Windows Server 2012 December 2019 Security Update

The remote Windows host is missing security update 4530698 or cumulative update 4530691. It is, therefore, affected by multiple vulnerabilities : A remote code execution vulnerability exists when Microsoft Windows OLE fails to properly validate user input. An attacker could exploit the...

KB4530715: Windows 10 Version 1809 and Windows Server 2019 December 2019 Security Update

The remote Windows host is missing security update 4530715. It is, therefore, affected by multiple vulnerabilities : A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating...

KB5001347: Windows 10 version 1607 / Windows Server 2016 Security Update (Apr 2021)

The remote Windows host is missing security updates. It is, therefore, affected by multiple vulnerabilities: Win32k Elevation of Privilege Vulnerability (CVE-2021-27072) Windows Media Photo Codec Information Disclosure Vulnerability (CVE-2021-27079) Microsoft Internet Messaging API Remote...

KB5001382: Windows 8.1 and Windows Server 2012 R2 Security Update (Apr 2021)

The remote Windows host is missing security updates. It is, therefore, affected by multiple vulnerabilities: Win32k Elevation of Privilege Vulnerability (CVE-2021-27072) Microsoft Internet Messaging API Remote Code Execution Vulnerability (CVE-2021-27089) RPC Endpoint Mapper Service...

KB4530730: Windows 8.1 and Windows Server 2012 R2 December 2019 Security Update

The remote Windows host is missing security update 4530730 or cumulative update 4530702. It is, therefore, affected by multiple vulnerabilities : A remote code execution vulnerability exists when Microsoft Windows OLE fails to properly validate user input. An attacker could exploit the...

CVE-2024-5142

Stored Cross-Site Scripting vulnerability in Social Module in M-Files Hubshare before version 5.0.3.8 allows authenticated attacker to run scripts in other users...

CVE-2024-1856

In Progress® Telerik® Reporting versions prior to 2024 Q1 (18.0.24.130), a code execution attack is possible by a remote threat actor through an insecure deserialization...

CVE-2024-21028

Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business Suite (component: LOV). Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

Security Updates for Microsoft SharePoint Server (September 2018)

The Microsoft SharePoint Server installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities : An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request...

Security Updates for Microsoft SharePoint Server (February 2020)

The Microsoft SharePoint Server installation on the remote host is missing security updates. It is, therefore, affected by a cross-site scripting vulnerability. A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web...

CVE-2021-47390

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Fix stack-out-of-bounds memory access from ioapic_write_indirect() KASAN reports the following issue: BUG: KASAN: stack-out-of-bounds in kvm_make_vcpus_request_mask+0x174/0x440 [kvm] Read of size 8 at addr...

Windows 2008 January 3 2018 Multiple Security Updates

The remote Windows host is missing multiple security updates released on 2018/01/03. It is, therefore, affected by multiple vulnerabilities : An information disclosure vulnerabilities exists in the way that the Color Management Module (ICM32.dll) handles objects in memory. This...

CVE-2024-4056

Denial of service condition in M-Files Server in versions before 24.4.13592.4 and after 23.11 (excluding 24.2 LTS) allows unauthenticated user to consume computing...

CVE-2024-4563

The Progress MOVEit Automation configuration export function prior to 2024.0.0 uses a cryptographic method with insufficient bit...

CVE-2024-4561

In WhatsUp Gold versions released before 2023.1.2 , a blind SSRF vulnerability exists in Whatsup Gold's FaviconController that allows an attacker to send arbitrary HTTP requests on behalf of the vulnerable...

CVE-2024-20929

Vulnerability in the Oracle Application Object Library product of Oracle E-Business Suite (component: DB Privileges). Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

CVE-2024-3892

A local code execution vulnerability is possible in Telerik UI for WinForms beginning in v2021.1.122 but prior to v2024.2.514. This vulnerability could allow an untrusted theme assembly to execute arbitrary code on the local Windows...

CVE-2023-4479

Stored XSS Vulnerability in M-Files Web versions before 23.8 allows attacker to execute script on users browser via stored HTML document within limited time...

KB5001339: Windows 10 version 1803 Security Update (April 2021)

The remote Windows host is missing security updates. It is, therefore, affected by multiple vulnerabilities: Win32k Elevation of Privilege Vulnerability (CVE-2021-27072, CVE-2021-28310) Windows Media Photo Codec Information Disclosure Vulnerability (CVE-2021-27079) Windows Event Tracing...

KB4480964: Windows 8.1 and Windows Server 2012 R2 January 2019 Security Update

The remote Windows host is missing security update 4480964 or cumulative update 4480963. It is, therefore, affected by multiple vulnerabilities : An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully...

KB4480972: Windows Server 2012 January 2019 Security Update

The remote Windows host is missing security update 4480972 or cumulative update 4480975. It is, therefore, affected by multiple vulnerabilities : An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully...

CVE-2024-1801

In Progress® Telerik® Reporting versions prior to 2024 Q1 (18.0.24.130), a code execution attack is possible by a local threat actor through an insecure deserialization...

CVE-2024-0563

Denial of service condition in M-Files Server in versions before 24.2 (excluding 23.2 SR7 and 23.8 SR5) allows anonymous user to cause denial of service against other anonymous...

CVE-2024-4562

In WhatsUp Gold versions released before 2023.1.2 , an SSRF vulnerability exists in Whatsup Gold's Issue exists in the HTTP Monitoring functionality. Due to the lack of proper authorization, any authenticated user can access the HTTP monitoring functionality, what leads to the Server Side...

CVE-2024-4162

A buffer error in Panasonic KW Watcher versions 1.00 through 2.83 may allow attackers malicious read access to...

CVE-2024-21030

Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business Suite (component: LOV). Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

CVE-2024-21031

Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business Suite (component: LOV). Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

CVE-2021-20599

Cleartext Transmission of Sensitive InformationCleartext transmission of sensitive information vulnerability in MELSEC iQ-R series Safety CPU R08/16/32/120SFCPU firmware versions "26" and prior and MELSEC iQ-R series SIL2 Process CPU R08/16/32/120PSFCPU firmware versions "11" and prior allows a...

KB4284867: Windows 7 and Windows Server 2008 R2 June 2018 Security Update

The remote Windows host is missing security update 4284867 or cumulative update 4284826. It is, therefore, affected by multiple vulnerabilities : An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who...

KB4580385: Windows Server 2008 October 2020 Security Update

The remote Windows host is missing security update 4580385 or cumulative update 4580378. It is, therefore, affected by multiple vulnerabilities : An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory. An attacker...

KB4284878: Windows 8.1 and Windows Server 2012 R2 June 2018 Security Update

The remote Windows host is missing security update 4284878 or cumulative update 4284815. It is, therefore, affected by multiple vulnerabilities : An elevation of privilege vulnerability exists when the (Human Interface Device) HID Parser Library driver improperly handles objects in...

KB4284846: Windows Server 2012 June 2018 Security Update

The remote Windows host is missing security update 4284846 or cumulative update 4284855. It is, therefore, affected by multiple vulnerabilities : An elevation of privilege vulnerability exists when the (Human Interface Device) HID Parser Library driver improperly handles objects in...

Windows 2008 November 2017 Multiple Security Updates

The remote Windows host is missing multiple security updates released on 2017/11/14. It is, therefore, affected by multiple vulnerabilities : An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory. (CVE-2017-11880) An information...

KB4471324: Windows 10 Version 1803 and Windows Server Version 1803 December 2018 Security Update

The remote Windows host is missing security update 4471324. It is, therefore, affected by multiple vulnerabilities : A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly. An attacker who successfully exploited this ...

Security Updates for Windows Server 2008 (February 2018)

The remote Windows host is missing security updates. It is, therefore, affected by multiple vulnerabilities : An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could...