Remove 2023 Remove Authentication Remove Operating System
article thumbnail

CVE-2023-40044, CVE-2023-42657: Progress Software Patches Multiple Vulnerabilities in WS_FTP Server

Tenable

Of the eight vulnerabilities, two are rated as critical: CVE Description Vendor Assigned CVSSv3 VPR* Severity CVE-2023-40044 WS_FTP.NET Deserialization Vulnerability in Ad Hoc Transfer Module 10.0 Critical CVE-2023-42657 WS_FTP Directory Traversal Vulnerability 9.9 High CVE-2023-40046 WS_FTP SQL Injection Vulnerability 8.2

article thumbnail

Microsoft’s October 2023 Patch Tuesday Addresses 103 CVEs (CVE-2023-36563, CVE-2023-41763)

Tenable

We omitted CVE-2023-44487 from our counts as this vulnerability was reported to MITRE and not Microsoft and does not exclusively affect Microsoft products. It was exploited in the wild as a zero-day and was publicly disclosed prior to the October 2023 Patch Tuesday release. Details about this flaw are included in our analysis below.

Windows 116
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Microsoft’s June 2023 Patch Tuesday Addresses 70 CVEs (CVE-2023-29357)

Tenable

Microsoft addresses 70 CVEs in its June 2023 Patch Tuesday update including six rated as critical. Critical CVE-2023-29357 | Microsoft SharePoint Server Elevation of Privilege Vulnerability CVE-2023-29357 is an EoP vulnerability in Microsoft SharePoint Server 2019 that was assigned a CVSSv3 score of 9.8 and rated critical.

Windows 98
article thumbnail

Microsoft’s March 2023 Patch Tuesday Addresses 76 CVEs (CVE-2023-23397)

Tenable

Microsoft’s March 2023 Patch Tuesday Addresses 76 CVEs (CVE-2023-23397) Microsoft addresses 76 CVEs including two zero-days exploited in the wild, one of which was publicly disclosed. This CVE count includes two CVEs (CVE-2023-1017 and CVE-2023-1018) in the third party Trusted Platform Module (TPM2.0)

Windows 98
article thumbnail

Microsoft’s February 2023 Patch Tuesday Addresses 75 CVEs (CVE-2023-23376)

Tenable

Microsoft’s February 2023 Patch Tuesday Addresses 75 CVEs (CVE-2023-23376) Microsoft addresses 75 CVEs including three zero-day vulnerabilities that were exploited in the wild. The vulnerability exists in the Common Log File System (CLFS) Driver, a logging service used by kernel-mode and user-mode applications.

Windows 100
article thumbnail

Microsoft’s January 2023 Patch Tuesday Addresses 98 CVEs (CVE-2023-21674)

Tenable

Microsoft’s January 2023 Patch Tuesday Addresses 98 CVEs (CVE-2023-21674) Microsoft addresses 98 CVEs including a zero-day vulnerability that was exploited in the wild. Microsoft patched 98 CVEs in its January 2023 Patch Tuesday Release, with 11 rated as critical, and 87 rated as important. Windows Authentication Methods.

Windows 100
article thumbnail

Microsoft’s August 2023 Patch Tuesday Addresses 73 CVEs (CVE-2023-38180)

Tenable

Microsoft also released two advisories (ADV230003 and ADV230004) this month as well as a patch for a vulnerability in AMD processors (CVE-2023-20569). Important CVE-2023-38180 |.NET NET and Visual Studio Denial of Service Vulnerability CVE-2023-38180 is a Denial of Service (DoS) vulnerability in Microsoft Visual Studio,NET versions 6.0

Windows 98