KB5021293: Windows Server 2008 Security Update (December 2022)
The remote Windows host is missing security update 5021293. It is, therefore, affected by multiple vulnerabilities PowerShell Remote Code Execution Vulnerability (CVE-2022-41076) A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute ...
8.5CVSS
8.2AI Score
0.01EPSS
KB5021234: Windows 11 Security Update (December 2022)
The remote Windows host is missing security update 5021234. It is, therefore, affected by multiple vulnerabilities PowerShell Remote Code Execution Vulnerability (CVE-2022-41076) Windows Subsystem for Linux (WSL2) Kernel Elevation of Privilege Vulnerability (CVE-2022-44689) A remote code...
8.5CVSS
8.4AI Score
0.022EPSS
KB5006674: Windows 11 Security Update (October 2021)
The remote Windows host is missing security update 5006674. It is, therefore, affected by multiple...
8.8CVSS
7.6AI Score
0.512EPSS
Security Updates for Microsoft Office Products (March 2019)
The Microsoft Office Products are missing a security update. It is, therefore, affected by the following vulnerability : A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory. An attacker who successfully ...
7.8CVSS
7.7AI Score
0.015EPSS
glpi -- Improve encryption algorithm
MITRE Corporation reports: In GLPI before version 9.5.0, the encryption algorithm used is insecure. The security of the data encrypted relies on the password used, if a user sets a weak/predictable password, an attacker could decrypt data. This is fixed in version 9.5.0 by using a more secure...
7.8CVSS
4.2AI Score
0.001EPSS
A vulnerability has been found in FAST/TOOLS and CI Server. The affected product's WEB HMI server's function to process HTTP requests has a security flaw (Reflected XSS) that allows the execution of malicious scripts. Therefore, if a client PC with inadequate security measures accesses a product...
5.8CVSS
6.9AI Score
0.0004EPSS
A vulnerability has been found in FAST/TOOLS and CI Server. The affected products have built-in accounts with no passwords set. Therefore, if the product is operated without a password set by default, an attacker can break into the affected product. The affected products and versions are as...
5.3CVSS
7AI Score
0.0004EPSS
KB5037836: Windows Server 2008 Security Update (May 2024)
The remote Windows host is missing security update 5037836. It is, therefore, affected by multiple vulnerabilities Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability (CVE-2024-30009, CVE-2024-30014, CVE-2024-30015, CVE-2024-30022, CVE-2024-30023,...
8.8CVSS
7.9AI Score
0.002EPSS
KB5035855: Windows 10 Version 1607 / Windows Server 2016 Security Update (March 2024)
The remote Windows host is missing security update 5035855. It is, therefore, affected by multiple vulnerabilities Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability (CVE-2024-21441, CVE-2024-21444, CVE-2024-21450, CVE-2024-26161, CVE-2024-26166) Windows USB...
8.8CVSS
8.1AI Score
0.001EPSS
KB5034122: Windows 10 Version 21H2 / Windows 10 Version 22H2 Security Update (January 2024)
The remote Windows host is missing security update 5034122. It is, therefore, affected by multiple vulnerabilities Microsoft ODBC Driver Remote Code Execution Vulnerability (CVE-2024-20654) BitLocker Security Feature Bypass Vulnerability (CVE-2024-20666) Windows Kerberos Security Feature...
8.8CVSS
7.8AI Score
0.004EPSS
KB5032197: Windows 10 Version 1607 and Windows Server 2016 Security Update (November 2023)
The remote Windows host is missing security update 5032197. It is, therefore, affected by multiple vulnerabilities Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability (CVE-2023-36402) Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability...
9.8CVSS
8.1AI Score
0.57EPSS
KB5016686: Windows Server 2008 Security Update (August 2022)
The remote Windows host is missing security update 5016686. It is, therefore, affected by multiple vulnerabilities Windows Point-to-Point Protocol (PPP) Denial of Service Vulnerability (CVE-2022-35747, CVE-2022-35769) Windows Point-to-Point Protocol (PPP) Remote Code Execution Vulnerability...
9.8CVSS
7.7AI Score
0.468EPSS
KB5014710: Windows 10 LTS 1507 Security Update (June 2022)
The remote Windows host is missing security update 5014710. It is, therefore, affected by multiple vulnerabilities Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability (CVE-2022-30139, CVE-2022-30141, CVE-2022-30143, CVE-2022-30146, CVE-2022-30149,...
8.8CVSS
8.2AI Score
0.961EPSS
KB5006699: Windows Server 2022 Security Update (October 2021)
The remote Windows host is missing security update 5006699. It is, therefore, affected by multiple...
8.8CVSS
7.7AI Score
0.512EPSS
KB4601366: Windows Server 2008 February 2021 Security Update
The remote Windows host is missing security update 4601366 or cumulative update 4601360. It is, therefore, affected by multiple vulnerabilities : A denial of service (DoS) vulnerability. An attacker can exploit this issue to cause the affected component to deny system or application...
9.8CVSS
10AI Score
0.051EPSS
KB5039225: Windows 10 LTS 1507 Security Update (June 2024)
The remote Windows host is missing security update 5039225. It is, therefore, affected by multiple vulnerabilities Microsoft Speech Application Programming Interface (SAPI) Remote Code Execution Vulnerability (CVE-2024-30097) Windows Remote Access Connection Manager Information Disclosure...
9.8CVSS
8.5AI Score
0.003EPSS
SSL/TLS: Known Compromised Certificate Detection
The remote SSL/TLS service is using an SSL/TLS certificate which is known to be compromised (e.g. known private keys, used by malware,...
5.9CVSS
5.9AI Score
EPSS
KB5036922: Windows Server 2008 R2 Security Update (April 2024)
The remote Windows host is missing security update 5036922. It is, therefore, affected by multiple vulnerabilities Microsoft WDAC SQL Server ODBC Driver Remote Code Execution Vulnerability (CVE-2024-26214) Windows rndismp6.sys Remote Code Execution Vulnerability (CVE-2024-26252,...
8.8CVSS
7.7AI Score
0.001EPSS
KB5036950: Windows Server 2008 Security Update (April 2024)
The remote Windows host is missing security update 5036950. It is, therefore, affected by multiple vulnerabilities Microsoft WDAC SQL Server ODBC Driver Remote Code Execution Vulnerability (CVE-2024-26214) Windows rndismp6.sys Remote Code Execution Vulnerability (CVE-2024-26252,...
8.8CVSS
7.7AI Score
0.001EPSS
KB5014006: Windows Server 2008 Security Update (May 2022)
The remote Windows host is missing security update 5014006. It is, therefore, affected by multiple vulnerabilities Windows LDAP Remote Code Execution Vulnerability (CVE-2022-22012, CVE-2022-22013, CVE-2022-22014, CVE-2022-29128, CVE-2022-29129, CVE-2022-29130, CVE-2022-29137, CVE-2022-29139,...
9.8CVSS
7.9AI Score
0.897EPSS
KB4465661 BitLocker Security Feature Bypass Vulnerability
The remote Windows host is missing security update 4465661. It is, therefore, affected by multiple vulnerabilities : A security feature bypass vulnerability exists when Windows improperly suspends BitLocker Device Encryption. An attacker with physical access to a powered off system ...
4.6CVSS
6.8AI Score
0.001EPSS
KB5035849: Windows 10 version 1809 / Windows Server 2019 Security Update (March 2024)
The remote Windows host is missing security update 5035849. It is, therefore, affected by multiple vulnerabilities Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability (CVE-2024-21441, CVE-2024-21444, CVE-2024-21450, CVE-2024-26161, CVE-2024-26166) Windows USB...
8.8CVSS
8.1AI Score
0.001EPSS
KB5021296: Windows 8.1 and Windows Server 2012 R2 Security Update (December 2022)
The remote Windows host is missing security update 5021296. It is, therefore, affected by multiple vulnerabilities PowerShell Remote Code Execution Vulnerability (CVE-2022-41076) A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute ...
8.5CVSS
8.2AI Score
0.01EPSS
KB5019980: Windows 11 22H2 Security Update (November 2022)
The remote Windows host is missing security update 5019980. It is, therefore, affected by multiple vulnerabilities AMD: CVE-2022-23824 IBPB and Return Address Predictor Interactions (CVE-2022-23824) Windows Group Policy Elevation of Privilege Vulnerability (CVE-2022-37992, CVE-2022-41086) ...
8.8CVSS
7.7AI Score
0.499EPSS
KB5020013: Windows Server 2008 R2 Security Update (November 2022)
The remote Windows host is missing security update 5020013. It is, therefore, affected by multiple vulnerabilities Windows Point-to-Point Tunneling Protocol Denial of Service Vulnerability (CVE-2022-41090, CVE-2022-41116) AMD: CVE-2022-23824 IBPB and Return Address Predictor Interactions...
8.8CVSS
8AI Score
0.499EPSS
KB5020010: Windows 8.1 and Windows Server 2012 R2 Security Update (November 2022)
The remote Windows host is missing security update 5020010. It is, therefore, affected by multiple vulnerabilities AMD: CVE-2022-23824 IBPB and Return Address Predictor Interactions (CVE-2022-23824) Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability (CVE-2022-37966) Windows...
8.8CVSS
8AI Score
0.499EPSS
KB5007246: Windows Server 2008 Security Update (November 2021)
The remote Windows host is missing security update 5007246 or cumulative update 5007263. It is, therefore, affected by multiple vulnerabilities: An information disclosure vulnerability. An attacker can exploit this to disclose potentially sensitive information. (CVE-2021-38631,...
8.8CVSS
8.1AI Score
0.904EPSS
KB5039213: Windows 11 version 21H2 Security Update (June 2024)
The remote Windows host is missing security update 5039213. It is, therefore, affected by multiple vulnerabilities Microsoft Speech Application Programming Interface (SAPI) Remote Code Execution Vulnerability (CVE-2024-30097) Windows Remote Access Connection Manager Information Disclosure...
9.8CVSS
8.7AI Score
0.003EPSS
KB5039214: Windows 10 Version 1607 / Windows Server 2016 Security Update (June 2024)
The remote Windows host is missing security update 5039214. It is, therefore, affected by multiple vulnerabilities Microsoft Speech Application Programming Interface (SAPI) Remote Code Execution Vulnerability (CVE-2024-30097) Windows Remote Access Connection Manager Information Disclosure...
9.8CVSS
7.8AI Score
0.003EPSS
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 7.0.16. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to...
6.5CVSS
5.9AI Score
0.001EPSS
Fedora 29 : python36 (2019-7df59302e0)
Update Python 3.6 to 3.6.9, the latest security release of the 3.6 branch. Changelog for 3.6.9 final and 3.6.9 release candidate 1. Includes security fixes for CVE-2019-9636, CVE-2019-9740, CVE-2019-10160. Note that Tenable Network Security has extracted the preceding description block directly...
9.8CVSS
8.8AI Score
0.007EPSS
glpi -- Multiple SQL Injections Stemming From isNameQuoted()
MITRE Corporation reports: In GLPI before version 9.5.2, when supplying a back tick in input that gets put into a SQL query,the application does not escape or sanitize allowing for SQL Injection to occur. Leveraging this vulnerability an attacker is able to exfiltrate sensitive information like...
8.7CVSS
2.7AI Score
0.001EPSS
KB5037763: Windows 10 Version 1607 / Windows Server 2016 Security Update (May 2024)
The remote Windows host is missing security update 5037763. It is, therefore, affected by multiple vulnerabilities Windows MSHTML Platform Security Feature Bypass Vulnerability (CVE-2024-30040) Windows Common Log File System Driver Elevation of Privilege Vulnerability (CVE-2024-29996, ...
8.8CVSS
7.9AI Score
0.008EPSS
KB5035858: Windows 10 LTS 1507 Security Update (March 2024)
The remote Windows host is missing security update 5035858. It is, therefore, affected by multiple vulnerabilities Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability (CVE-2024-21441, CVE-2024-21444, CVE-2024-21450, CVE-2024-26161, CVE-2024-26166) Windows USB...
8.8CVSS
8.1AI Score
0.001EPSS
KB5035885: Windows Server 2012 R2 Security Update (March 2024)
The remote Windows host is missing security update 5035885. It is, therefore, affected by multiple vulnerabilities Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability (CVE-2024-21441, CVE-2024-21444, CVE-2024-21450, CVE-2024-26161, CVE-2024-26166) Windows USB...
8.8CVSS
8AI Score
0.001EPSS
KB5035854: Windows 11 version 21H2 Security Update (March 2024)
The remote Windows host is missing security update 5035854. It is, therefore, affected by multiple vulnerabilities Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability (CVE-2024-21441, CVE-2024-21444, CVE-2024-21450, CVE-2024-26161, CVE-2024-26166) Windows USB...
8.8CVSS
8.1AI Score
0.001EPSS
KB5021237: Windows 10 version 1809 / Windows Server 2019 Security Update (December 2022)
The remote Windows host is missing security update 5021237. It is, therefore, affected by multiple vulnerabilities PowerShell Remote Code Execution Vulnerability (CVE-2022-41076) Windows Subsystem for Linux (WSL2) Kernel Elevation of Privilege Vulnerability (CVE-2022-44689) A remote code...
8.5CVSS
8.4AI Score
0.022EPSS
KB5019961: Windows 11 Security Update (November 2022)
The remote Windows host is missing security update 5019961. It is, therefore, affected by multiple vulnerabilities AMD: CVE-2022-23824 IBPB and Return Address Predictor Interactions (CVE-2022-23824) Windows Group Policy Elevation of Privilege Vulnerability (CVE-2022-37992, CVE-2022-41086) ...
8.8CVSS
7.7AI Score
0.499EPSS
KB5019970: Windows 10 LTS 1507 Security Update (November 2022)
The remote Windows host is missing security update 5019970. It is, therefore, affected by multiple vulnerabilities AMD: CVE-2022-23824 IBPB and Return Address Predictor Interactions (CVE-2022-23824) Windows Group Policy Elevation of Privilege Vulnerability (CVE-2022-37992, CVE-2022-41086) ...
8.8CVSS
7.7AI Score
0.499EPSS
KB5020003: Windows Server 2012 Security Update (November 2022)
The remote Windows host is missing security update 5020003. It is, therefore, affected by multiple vulnerabilities AMD: CVE-2022-23824 IBPB and Return Address Predictor Interactions (CVE-2022-23824) Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability (CVE-2022-37966) Windows...
8.8CVSS
8AI Score
0.499EPSS
KB5004298: Windows 8.1 and Windows Server 2012 R2 Security Update (July 2021)
The remote Windows host is missing security update 5004298. It is, therefore, affected by multiple...
8.8CVSS
7.8AI Score
0.955EPSS
KB5037803: Windows Server 2008 R2 Security Update (May 2024)
The remote Windows host is missing security update 5037803. It is, therefore, affected by multiple vulnerabilities Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability (CVE-2024-30009, CVE-2024-30014, CVE-2024-30015, CVE-2024-30022, CVE-2024-30023,...
8.8CVSS
7.9AI Score
0.002EPSS
KB5021249: Windows Server 2022 Security Update (December 2022)
The remote Windows host is missing security update 5021249. It is, therefore, affected by multiple vulnerabilities PowerShell Remote Code Execution Vulnerability (CVE-2022-41076) A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute ...
8.5CVSS
8.4AI Score
0.022EPSS
KB4592497: Windows Server 2012 December 2020 Security Update
The remote Windows host is missing security update 4592497 or cumulative update 4592468. It is, therefore, affected by multiple vulnerabilities: An information disclosure vulnerability. An attacker can exploit this to disclose potentially sensitive information. (CVE-2020-17098,...
8.1CVSS
7.3AI Score
0.009EPSS
KB4586808: Windows Server 2012 November 2020 Security Update
The Windows installation on the remote host is missing security update 4586781. It is, therefore, affected by multiple vulnerabilities. Please review the vendor advisory for more...
9.8CVSS
7.6AI Score
0.264EPSS
Fedora 30 : python36 (2019-7723d4774a)
Update Python 3.6 to 3.6.9, the latest security release of the 3.6 branch. Changelog for 3.6.9 final and 3.6.9 release candidate 1. Includes security fixes for CVE-2019-9636, CVE-2019-9740, CVE-2019-10160. Note that Tenable Network Security has extracted the preceding description block directly...
9.8CVSS
8.8AI Score
0.007EPSS
Security Updates for Microsoft Exchange Server (CVE-2021-1730) (February 2021)
The Microsoft Exchange Server installed on the remote host is missing security updates. It is, therefore, affected by a spoofing vulnerability: A spoofing vulnerability exists. An attacker can exploit this to perform actions with the privileges of another user....
5.4CVSS
6.4AI Score
0.001EPSS
KB5037770: Windows 11 version 21H2 Security Update (May 2024)
The remote Windows host is missing security update 5037770. It is, therefore, affected by multiple vulnerabilities Windows MSHTML Platform Security Feature Bypass Vulnerability (CVE-2024-30040) Windows Common Log File System Driver Elevation of Privilege Vulnerability (CVE-2024-29996, ...
8.8CVSS
7.8AI Score
0.008EPSS
KB5037771: Windows 11 version 22H2 / Windows 11 version 23H2 Security Update (May 2024)
The remote Windows host is missing security update 5037771. It is, therefore, affected by multiple vulnerabilities Windows MSHTML Platform Security Feature Bypass Vulnerability (CVE-2024-30040) Windows Common Log File System Driver Elevation of Privilege Vulnerability (CVE-2024-29996, ...
8.8CVSS
7.8AI Score
0.008EPSS
KB5035857: Windows 2022 / Azure Stack HCI 22H2 Security Update (March 2024)
The remote Windows host is missing security update 5035857 or Azure HotPatch 5035959. It is, therefore, affected by multiple vulnerabilities Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability (CVE-2024-21441, CVE-2024-21444, CVE-2024-21450, CVE-2024-26161,...
8.8CVSS
8.1AI Score
0.001EPSS