Security Updates for Windows Server 2008 (February 2018)
The remote Windows host is missing security updates. It is, therefore, affected by multiple vulnerabilities : An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could...
7CVSS
7.4AI Score
0.19EPSS
In the Linux kernel, the following vulnerability has been resolved: i40e: Do not use WQ_MEM_RECLAIM flag for workqueue Issue reported by customer during SRIOV testing, call trace: When both i40e and the i40iw driver are loaded, a warning in check_flush_dependency is being triggered. This seems to.....
6.7AI Score
0.0004EPSS
Security Updates for Microsoft SharePoint Server 2019 (December 2020)
The Microsoft SharePoint Server 2019 installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities : An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges. (CVE-2020-17089) A remote code...
8.8CVSS
7.9AI Score
0.025EPSS
Security Updates for Microsoft SharePoint Server (April 2019)
The Microsoft SharePoint Server installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities : A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web...
5.4CVSS
5.4AI Score
0.001EPSS
Security Updates for Microsoft Sharepoint Server (June 2018)
The Microsoft Sharepoint Server installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities : An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request...
5.4CVSS
5.6AI Score
0.005EPSS
In the Linux kernel, the following vulnerability has been resolved: i40e: Do not use WQ_MEM_RECLAIM flag for workqueue Issue reported by customer during SRIOV testing, call trace: When both i40e and the i40iw driver are loaded, a warning in check_flush_dependency is being triggered. This seems to.....
6.5AI Score
0.0004EPSS
CVE-2024-35927 drm: Check output polling initialized before disabling
In the Linux kernel, the following vulnerability has been resolved: drm: Check output polling initialized before disabling In drm_kms_helper_poll_disable() check if output polling support is initialized before disabling polling. If not flag this as a warning. Additionally in...
6.2AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: drm: Check output polling initialized before disabling In drm_kms_helper_poll_disable() check if output polling support is initialized before disabling polling. If not flag this as a warning. Additionally in...
6.5AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: drm: Check output polling initialized before disabling In drm_kms_helper_poll_disable() check if output polling support is initialized before disabling polling. If not flag this as a warning. Additionally in...
6.3AI Score
0.0004EPSS
KB5001337: Windows 10 version 1909 / Windows Server 1909 Security Update (Apr 2021)
The remote Windows host is missing security updates. It is, therefore, affected by multiple vulnerabilities: Win32k Elevation of Privilege Vulnerability (CVE-2021-27072, CVE-2021-28310) Windows Media Photo Codec Information Disclosure Vulnerability (CVE-2021-27079) Windows Event Tracing...
8.8CVSS
7.6AI Score
0.079EPSS
KB5001342: Windows 10 version 1809 / Windows Server 2019 Security Update (Apr 2021)
The remote Windows host is missing security updates. It is, therefore, affected by multiple vulnerabilities: Win32k Elevation of Privilege Vulnerability (CVE-2021-27072, CVE-2021-28310) Windows Media Photo Codec Information Disclosure Vulnerability (CVE-2021-27079) Windows Event Tracing...
8.8CVSS
7.6AI Score
0.079EPSS
KB4534312: Windows Server 2008 January 2020 Security Update
The remote Windows host is missing security update 4534312 or cumulative update 4534303. It is, therefore, affected by multiple vulnerabilities : An information disclosure vulnerability exists in the Windows Common Log File System (CLFS) driver when it fails to properly handle objects in...
9.8CVSS
7.9AI Score
0.975EPSS
KB4467702: Windows 10 Version 1803 and Windows Server Version 1803 November 2018 Security Update
The remote Windows host is missing security update 4467702. It is, therefore, affected by multiple vulnerabilities : A security feature bypass vulnerability exists in Microsoft JScript that could allow an attacker to bypass Device Guard. (CVE-2018-8417) An elevation of privilege...
9.8CVSS
8.3AI Score
0.947EPSS
KB4480966: Windows 10 Version 1803 and Windows Server Version 1803 January 2019 Security Update
The remote Windows host is missing security update 4480966. It is, therefore, affected by multiple vulnerabilities : A memory corruption vulnerability exists in the Windows DHCP client when an attacker sends specially crafted DHCP responses to a client. An attacker who successfully ...
7.8CVSS
8.2AI Score
0.933EPSS
KB4480978: Windows 10 Version 1709 and Windows Server Version 1709 January 2019 Security Update
The remote Windows host is missing security update 4480978. It is, therefore, affected by multiple vulnerabilities : An information disclosure vulnerability exists when Windows Subsystem for Linux improperly handles objects in memory. An attacker who successfully exploited this ...
7.8CVSS
8.1AI Score
0.021EPSS
Windows 8.1 and Windows Server 2012 R2 November 2017 Security Updates
The remote Windows host is missing security update 4048961 or cumulative update 4048958. It is, therefore, affected by multiple vulnerabilities : A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt...
7.8CVSS
8AI Score
0.759EPSS
Windows Server 2012 November 2017 Security Updates
The remote Windows host is missing security update 4048962 or cumulative update 4048959. It is, therefore, affected by multiple vulnerabilities : An information disclosure vulnerability exists in the way that the Microsoft Windows Embedded OpenType (EOT) font engine parses specially...
7.8CVSS
8.1AI Score
0.759EPSS
KB4103726: Windows Server 2012 May 2018 Security Update
The remote Windows host is missing security update 4103726 or cumulative update 4103730. It is, therefore, affected by multiple vulnerabilities : An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who...
7.8CVSS
8.7AI Score
0.975EPSS
KB4471329: Windows 10 Version 1709 and Windows Server Version 1709 December 2018 Security Update
The remote Windows host is missing security update 4471329. It is, therefore, affected by multiple vulnerabilities : A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly. An attacker who successfully exploited this ...
9.8CVSS
8.3AI Score
0.053EPSS
KB4467678: Windows Server 2012 November 2018 Security Update
The remote Windows host is missing security update 4467678 or cumulative update 4467701. It is, therefore, affected by multiple vulnerabilities : A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The...
9.8CVSS
8AI Score
0.947EPSS
KB4467106: Windows 7 and Windows Server 2008 R2 November 2018 Security Update
The remote Windows host is missing security update 4467106 or cumulative update 4467107. It is, therefore, affected by multiple vulnerabilities : A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The...
9.8CVSS
7.9AI Score
0.947EPSS
KB4467686: Windows 10 Version 1709 and Windows Server Version 1709 November 2018 Security Update
The remote Windows host is missing security update 4467686. It is, therefore, affected by multiple vulnerabilities : A security feature bypass vulnerability exists in Microsoft JScript that could allow an attacker to bypass Device Guard. (CVE-2018-8417) A remote code execution...
8.8CVSS
8.4AI Score
0.947EPSS
KB4580387: Windows 7 and Windows Server 2008 R2 October 2020 Security Update
The remote Windows host is missing security update 4580387 or cumulative update 4580345. It is, therefore, affected by multiple vulnerabilities : An elevation of privilege vulnerability exists when the Windows Application Compatibility Client Library improperly handles registry...
8.8CVSS
8.2AI Score
0.015EPSS
KB4463104: Windows Server 2008 October 2018 Security Update
The remote Windows host is missing security update 4463104 or cumulative update 4463097. It is, therefore, affected by multiple vulnerabilities : An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing...
8.8CVSS
7.9AI Score
0.939EPSS
KB4462931: Windows Server 2012 October 2018 Security Update
The remote Windows host is missing security update 4462931 or cumulative update 4462929. It is, therefore, affected by multiple vulnerabilities : An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing...
8.8CVSS
7.7AI Score
0.939EPSS
KB4056897: Windows 7 and Windows Server 2008 R2 January 2018 Security Update (Meltdown)(Spectre)
The remote Windows host is missing security update 4056897 or cumulative update 4056894. It is, therefore, affected by multiple vulnerabilities : An vulnerability exists within microprocessors utilizing speculative execution and indirect branch prediction, which may allow an attacker...
5.6CVSS
7.6AI Score
0.976EPSS
KB4056898: Windows 8.1 and Windows Server 2012 R2 January 2018 Security Update (Meltdown)(Spectre)
The remote Windows host is missing security update 4056898 or cumulative update 4056895. It is, therefore, affected by multiple vulnerabilities : An vulnerability exists within microprocessors utilizing speculative execution and indirect branch prediction, which may allow an attacker...
5.6CVSS
8AI Score
0.976EPSS
Windows 7 and Windows Server 2008 R2 November 2017 Security Updates
The remote Windows host is missing security update 4048960 or cumulative update 4048957. It is, therefore, affected by multiple vulnerabilities : A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt...
7.8CVSS
8.1AI Score
0.759EPSS
CVE-2024-35927 drm: Check output polling initialized before disabling
In the Linux kernel, the following vulnerability has been resolved: drm: Check output polling initialized before disabling In drm_kms_helper_poll_disable() check if output polling support is initialized before disabling polling. If not flag this as a warning. Additionally in...
6.7AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix oops during rmmod on single-CPU platforms During the removal of the idxd driver, registered offline callback is invoked as part of the clean up process. However, on systems with only one CPU online, no valid...
6.4AI Score
0.0004EPSS
Security Updates for Microsoft SharePoint Server (June 2019)
The Microsoft SharePoint Server installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities : A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web...
7.8CVSS
6.7AI Score
0.018EPSS
Security Updates for Microsoft Sharepoint Server (February 2019)
The Microsoft Sharepoint Server installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities : An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request...
9.8CVSS
8.5AI Score
0.974EPSS
In the Linux kernel, the following vulnerability has been resolved: drm/i915/gt: Reset queue_priority_hint on parking Originally, with strict in order execution, we could complete execution only when the queue was empty. Preempt-to-busy allows replacement of an active request that may complete...
7.3AI Score
0.0004EPSS
RHEL 7 : dhcp (RHSA-2021:2414)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:2414 advisory. dhcp: stack-based buffer overflow when parsing statements with colon-separated hex digits in config or lease files in dhcpd and dhclient...
7.4CVSS
8AI Score
0.003EPSS
Security Updates for Microsoft Sharepoint Server (March 2019)
The Microsoft Sharepoint Server installation on the remote host is missing a security update. It is, therefore, affected by the following vulnerabilities: A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web...
9.8CVSS
7.7AI Score
0.974EPSS
In the Linux kernel, the following vulnerability has been resolved: drm/i915/gt: Reset queue_priority_hint on parking Originally, with strict in order execution, we could complete execution only when the queue was empty. Preempt-to-busy allows replacement of an active request that may complete...
6.2AI Score
0.0004EPSS
RHEL 6 : dhcp (RHSA-2021:2419)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:2419 advisory. dhcp: stack-based buffer overflow when parsing statements with colon-separated hex digits in config or lease files in dhcpd and dhclient...
7.4CVSS
8AI Score
0.003EPSS
RHEL 7 : dhcp (RHSA-2021:2405)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:2405 advisory. dhcp: stack-based buffer overflow when parsing statements with colon-separated hex digits in config or lease files in dhcpd and dhclient...
7.4CVSS
8AI Score
0.003EPSS
RHEL 7 : dhcp (RHSA-2021:2469)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:2469 advisory. dhcp: stack-based buffer overflow when parsing statements with colon-separated hex digits in config or lease files in dhcpd and dhclient...
7.4CVSS
8AI Score
0.003EPSS
RHEL 8 : dhcp (RHSA-2021:2420)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:2420 advisory. dhcp: stack-based buffer overflow when parsing statements with colon-separated hex digits in config or lease files in dhcpd and dhclient...
7.4CVSS
8AI Score
0.003EPSS
RHEL 7 : dhcp (RHSA-2021:2415)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:2415 advisory. dhcp: stack-based buffer overflow when parsing statements with colon-separated hex digits in config or lease files in dhcpd and dhclient...
7.4CVSS
8AI Score
0.003EPSS
RHEL 8 : dhcp (RHSA-2021:2416)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:2416 advisory. dhcp: stack-based buffer overflow when parsing statements with colon-separated hex digits in config or lease files in dhcpd and dhclient...
7.4CVSS
8AI Score
0.003EPSS
In the Linux kernel, the following vulnerability has been resolved: xsk: fix usage of multi-buffer BPF helpers for ZC XDP Currently when packet is shrunk via bpf_xdp_adjust_tail() and memory type is set to MEM_TYPE_XSK_BUFF_POOL, null ptr dereference happens: [1136314.192256] BUG: kernel NULL...
6.3AI Score
0.0004EPSS
7.3AI Score
CVE-2024-26611 xsk: fix usage of multi-buffer BPF helpers for ZC XDP
In the Linux kernel, the following vulnerability has been resolved: xsk: fix usage of multi-buffer BPF helpers for ZC XDP Currently when packet is shrunk via bpf_xdp_adjust_tail() and memory type is set to MEM_TYPE_XSK_BUFF_POOL, null ptr dereference happens: [1136314.192256] BUG: kernel NULL...
6.4AI Score
0.0004EPSS
CVE-2024-26611 xsk: fix usage of multi-buffer BPF helpers for ZC XDP
In the Linux kernel, the following vulnerability has been resolved: xsk: fix usage of multi-buffer BPF helpers for ZC XDP Currently when packet is shrunk via bpf_xdp_adjust_tail() and memory type is set to MEM_TYPE_XSK_BUFF_POOL, null ptr dereference happens: [1136314.192256] BUG: kernel NULL...
6.6AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Ensure safe user copy of completion record If CONFIG_HARDENED_USERCOPY is enabled, copying completion record from event log cache to user triggers a kernel bug. [ 1987.159822] usercopy: Kernel memory exposure...
6.5AI Score
0.0004EPSS
CVE-2024-26746 dmaengine: idxd: Ensure safe user copy of completion record
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Ensure safe user copy of completion record If CONFIG_HARDENED_USERCOPY is enabled, copying completion record from event log cache to user triggers a kernel bug. [ 1987.159822] usercopy: Kernel memory exposure...
6.6AI Score
0.0004EPSS
KB4457984: Windows Server 2008 September 2018 Security Update
The remote Windows host is missing security update 4457984 or cumulative update 4458010. It is, therefore, affected by multiple vulnerabilities : An information disclosure vulnerability exists in Windows when the Windows bowser.sys kernel-mode driver fails to properly handle objects in...
9.8CVSS
8AI Score
0.968EPSS
KB4338823: Windows 7 and Windows Server 2008 R2 July 2018 Security Update
The remote Windows host is missing security update 4338823 or cumulative update 4338818. It is, therefore, affected by multiple vulnerabilities : An elevation of privilege vulnerability exists in .NET Framework which could allow an attacker to elevate their privilege level. ...
8.8CVSS
8.2AI Score
0.95EPSS