Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2022-41033

Windows COM+ Event System Service Elevation of Privilege Vulnerability.

CVE
#vulnerability#windows

Related news

CVE-2022-45103: DSA-2022-340: Dell Unisphere for PowerMax, Dell Unisphere for PowerMax vApp, Dell Solutions Enabler vApp, Dell Unisphere 360, Dell VASA Provider vApp, and Dell PowerMax EMB Mgmt Security Update for Mu

Dell Unisphere for PowerMax vApp, VASA Provider vApp, and Solution Enabler vApp version 9.2.3.x contain an information disclosure vulnerability. A low privileged remote attacker could potentially exploit this vulnerability, leading to read arbitrary files on the underlying file system.

Microsoft Patch Tuesday October 2022: Exchange ProxyNotShell RCE, Windows COM+ EoP, AD EoP, Azure Arc Kubernetes EoP

Hello everyone! This episode will be about Microsoft Patch Tuesday for October 2022, including vulnerabilities that were added between September and October Patch Tuesdays. As usual, I use my open source Vulristics project to create the report. All vulnerabilities: 105Urgent: 2Critical: 1High: 29Medium: 71Low: 2 Let’s take a look at the most interesting vulnerabilities: Two […]

Update now! October patch Tuesday fixes actively used zero-day...but not the one you expected

Categories: Exploits and vulnerabilities Categories: News Tags: Microsoft Tags: Apple Tags: Google Tags: Android Tags: Samsung Tags: Xiaomi Tags: Adobe Tags: SAP Tags: VMWare Tags: Fortinet Tags: CVE-2022-41033 Tags: CVE-2022-41040 Tags: zero-day No fix for ProxyNotShell (Read more...) The post Update now! October patch Tuesday fixes actively used zero-day...but not the one you expected appeared first on Malwarebytes Labs.

Microsoft Patch Tuesday Fixes New Windows Zero-Day; No Patch for Exchange Server Bugs

Microsoft's Patch Tuesday update for the month of October has addressed a total of 85 security vulnerabilities, including fixes for an actively exploited zero-day flaw in the wild. Of the 85 bugs, 15 are rated Critical, 69 are rated Important, and one is rated Moderate in severity. The update, however, does not include mitigations for the actively exploited ProxyNotShell flaws in Exchange Server

Microsoft Patch Tuesday, October 2022 Edition

Microsoft today released updates to fix at least 85 security holes in its Windows operating systems and related software, including a new zero-day vulnerability in all supported versions of Windows that is being actively exploited. However, noticeably absent from this month's Patch Tuesday are any updates to address a pair of zero-day flaws being exploited this past month in Microsoft Exchange Server.

Microsoft Addresses Zero-Days, but Exchange Server Exploit Chain Remains Unpatched

The computing giant didn't fix ProxyNotLogon in October's Patch Tuesday, but it disclosed a rare 10-out-of-10 bug and patched two other zero-days, including one being exploited.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907