Tag: vulnerability

How to scan WordPress Websites With WPScan For Security Vulnerabilities

Posted on Temitope Odemo By Temitope Odemo No Comments on How to scan WordPress Websites With WPScan For Security Vulnerabilities
How to scan WordPress Websites With WPScan For Security Vulnerabilities

WordPress is a free Content Management System that you can easily use to quickly develop world-class websites. Over 60% of websites online were built with WordPress. In this article, you will learn how to scan WordPress Websites With WPScan For Security Vulnerabilities. Please see these interesting guides: WordPress site on Azure: How to create a…

Read More “How to scan WordPress Websites With WPScan For Security Vulnerabilities” »

Security | Vulnerability Scans and Assessment

CVE-2021-31693: VMware Tools for Windows update addresses a denial-of-service vulnerability

Posted on Christian By Christian No Comments on CVE-2021-31693: VMware Tools for Windows update addresses a denial-of-service vulnerability
CVE-2021-31693: VMware Tools for Windows update addresses a denial-of-service vulnerability

VMware Tools is a set of services and modules that enable several features in VMware products for better management of guests operating systems and seamless user interactions with them. VMware Tools has the ability to pass messages from the host operating system to the guest operating system. Here are some interesting guides: VMware Workstation states: What…

Read More “CVE-2021-31693: VMware Tools for Windows update addresses a denial-of-service vulnerability” »

Network | Monitoring

CVE-2021-22048: VMware vCenter Server updates address a privilege escalation vulnerability

Posted on Christian By Christian No Comments on CVE-2021-22048: VMware vCenter Server updates address a privilege escalation vulnerability
CVE-2021-22048: VMware vCenter Server updates address a privilege escalation vulnerability

VMware vCenter Server is advanced server management software that provides a centralized platform for controlling your VMware vSphere environments. It allows you to automate and deliver a virtual infrastructure across the hybrid cloud with confidence. With VMware Center, you gain centralized visibility, simplified and efficient management at scale, and extensibility across the hybrid cloud from a…

Read More “CVE-2021-22048: VMware vCenter Server updates address a privilege escalation vulnerability” »

Security | Vulnerability Scans and Assessment, Virtualization

VMSA-2022-0026: An arbitrary file read vulnerability in VMware Aria Operations

Posted on Christian By Christian No Comments on VMSA-2022-0026: An arbitrary file read vulnerability in VMware Aria Operations
VMSA-2022-0026: An arbitrary file read vulnerability in VMware Aria Operations

VMware Aria Operations (formerly VMware vRealize Operations) automates and simplifies IT management with full-stack visibility from physical, virtual and cloud infrastructure including Virtual Machines (VMs) and containers to the applications they support. In this article, we shall discuss how to remediate “VMSA-2022-0026: An arbitrary file read vulnerability in VMware Aria Operations”. Learn about this event…

Read More “VMSA-2022-0026: An arbitrary file read vulnerability in VMware Aria Operations” »

Security | Vulnerability Scans and Assessment, Virtualization

Microsoft Support Diagnostic Tool Vulnerability Fix

Posted on Christian By Christian 4 Comments on Microsoft Support Diagnostic Tool Vulnerability Fix
Microsoft Support Diagnostic Tool Vulnerability Fix

On May 30, 2022, Microsoft released a statement about a zero-day remote code execution flaw, designated CVE-2022-30190. This flaw pertains to the Windows vulnerability in the Microsoft Support Diagnostic Tool (MSDT). Furthermore, The Microsoft Security Response Center team has outlined this security flaw and its impact on specific Windows and Windows Server versions. Please see…

Read More “Microsoft Support Diagnostic Tool Vulnerability Fix” »

Windows

CVE-2022-22948: Patch available to address vCenter Server information disclosure vulnerability 

Posted on Christian By Christian No Comments on CVE-2022-22948: Patch available to address vCenter Server information disclosure vulnerability 
CVE-2022-22948: Patch available to address vCenter Server information disclosure vulnerability 

VMware vCenter Server is an advanced server management software that provides a centralized platform for controlling vSphere environments for visibility across hybrid clouds. You can quickly deploy vCenter Server as a pre-packaged, optimized, and easy-to-maintain virtual appliance. This article discusses “CVE-2022-22948: Patch available to address vCenter Server information disclosure vulnerability”. Please see How to schedule and…

Read More “CVE-2022-22948: Patch available to address vCenter Server information disclosure vulnerability ” »

Security | Vulnerability Scans and Assessment

Mitigate Windows Print Spooler Remote Code Execution Vulnerability

Posted on Christian By Christian No Comments on Mitigate Windows Print Spooler Remote Code Execution Vulnerability
Mitigate Windows Print Spooler Remote Code Execution Vulnerability

Microsoft has issued an advisory for another zero-day Windows print spooler vulnerability tracked as CVE-2021-36958 that allows local attackers to gain SYSTEM privileges on a computer. As stated by Microsoft, a “remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploits this vulnerability could…

Read More “Mitigate Windows Print Spooler Remote Code Execution Vulnerability” »

Security | Vulnerability Scans and Assessment

Workaround for “SeriousSAM or HiveNightmare” registry vulnerability for Windows 10 and 11

Posted on Christian By Christian 2 Comments on Workaround for “SeriousSAM or HiveNightmare” registry vulnerability for Windows 10 and 11
Workaround for “SeriousSAM or HiveNightmare” registry vulnerability for Windows 10 and 11

An elevation of privilege vulnerability exists because of overly permissive Access Control Lists (ACLs) on multiple system files. Including the Security Accounts Manager (SAM) database. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data. Or create new accounts with…

Read More “Workaround for “SeriousSAM or HiveNightmare” registry vulnerability for Windows 10 and 11” »

Security | Vulnerability Scans and Assessment

Out-of-Band Security Update for PrintNightmare: Patch released for Windows Print Spooler Remote Code Execution Vulnerability

Posted on Christian By Christian No Comments on Out-of-Band Security Update for PrintNightmare: Patch released for Windows Print Spooler Remote Code Execution Vulnerability
Out-of-Band Security Update for PrintNightmare: Patch released for Windows Print Spooler Remote Code Execution Vulnerability

Microsoft has released an Out-of-Band (OOB) security update for CVE-2021-34527, which is also referred to as PrintNightmare. This is a cumulative update release. Therefore, it contains all previous security fixes and should be applied immediately to fully protect your systems.  This fix addresses the public known Print Spooler vulnerability (PrintNightmare). It also includes a new feature that allows customers to implement stronger protections. See this…

Read More “Out-of-Band Security Update for PrintNightmare: Patch released for Windows Print Spooler Remote Code Execution Vulnerability” »

Security | Vulnerability Scans and Assessment

How to perform vulnerability scan on Microsoft SQL Server

Posted on Christian By Christian No Comments on How to perform vulnerability scan on Microsoft SQL Server
How to perform vulnerability scan on Microsoft SQL Server

In this article, we shall discuss “How to perform vulnerability scan on Microsoft SQL Server”. SQL Vulnerability Assessment is a new feature embedded in some of the most recent versions of SQL Server Management Studio. See the following guide on MySQL, how to reset Mysql Root password. How to access MySQL Server from command Prompt,…

Read More “How to perform vulnerability scan on Microsoft SQL Server” »

Security | Vulnerability Scans and Assessment