Lucene search
+L

546 matches found

OSV
OSV
added 2024/11/15 4:15 p.m.5 views

CVE-2022-20626

A vulnerability in the web-based management interface of Cisco Prime Access Registrar Appliance could allow an authenticated, remote attacker to conduct a cross-site scripting attack against a user of the interface. The attacker would require valid credentials for the device. This vulnerability i...

5.4CVSS6AI score0.00436EPSS
Exploits0References1
NCSC
NCSC
added 2024/11/14 12:46 p.m.11 views

Vulnerability fixed in Schneider Electric Ecostruxture

Schneider Electric has fixed a vulnerability in the Ecostruxture Gateway. A malicious party could exploit the vulnerability to take over the gateway to gain access to the Ecostruxture landscape in use. For successful abuse, the malicious party must have access to the production environment. It is...

10CVSS7AI score0.00624EPSS
Exploits0References1
NCSC
NCSC
added 2024/11/14 12:42 p.m.6 views

Vulnerabilities fixed in Fortinet FortiClient

Fortinet has fixed vulnerabilities in FortiClient for Windows and macOS. A malicious party could exploit the vulnerabilities to grant themselves elevated privileges and execute arbitrary commands on the system. Fortinet has released updates to fix the vulnerabilities. See attached references for...

8.8CVSS7.8AI score0.00462EPSS
Exploits0References4
NCSC
NCSC
added 2024/11/14 12:38 p.m.4 views

Vulnerabilities fixed in Palo Alto PAN OS

Palo Alto Networks has fixed vulnerabilities in PAN-OS. A malicious party can exploit the vulnerabilities to bypass security measures to route traffic to and through the system that is not initially authorized, or cause a denial-of-service. Palo Alto has released updates to address the...

8.7CVSS7.2AI score0.0051EPSS
Exploits0References8
NCSC
NCSC
added 2024/11/13 8:51 a.m.6 views

Vulnerabilities fixed in Citrix Session Recording

Citrix fixed vulnerabilities in Citrix Session Recording A malicious person with limited privileges could exploit the vulnerabilities to gain access to service accounts and execute arbitrary code on the server. Researchers have published Proof-of-Concept code demonstrating the vulnerability with...

8CVSS8AI score0.14736EPSS
Exploits2References3
NCSC
NCSC
added 2024/11/07 8:55 a.m.6 views

Vulnerabilities fixed in Cisco Identity Services Engine

Cisco fixed vulnerabilities in Identity Services Engine ISE The vulnerabilities are located in the management interface and allow a malicious person to perform a Cross-Site Scripting attack. Such an attack could lead to execution of arbitrary code in the victim's browser, or access to sensitive...

6.5CVSS7AI score0.00545EPSS
Exploits0References2
NCSC
NCSC
added 2024/11/07 8:51 a.m.5 views

Vulnerabilities fixed in Aruba Networks ArubaOS

Aruba Networks has fixed vulnerabilities in ArubaOS. A malicious party could exploit the vulnerabilities to execute arbitrary commands on the underlying operating system. For successful abuse, the malicious party must have access to the management interface, or command-line. It is good practice n...

9.8CVSS7.7AI score0.01979EPSS
Exploits0References1
NCSC
NCSC
added 2024/11/07 8:47 a.m.6 views

Vulnerability fixed in Cisco Catalyst access points

Cisco has fixed a vulnerability in the Unified Industrial Wireless Software for Catalyst Heavy Duty Access Points. A malicious party could exploit the vulnerability to execute arbitrary commands on the underlying operating system without prior authentication. The vulnerability is located in the...

10CVSS7.6AI score0.03146EPSS
Exploits0References1
NCSC
NCSC
added 2024/10/30 11:36 a.m.4 views

Vulnerabilities fixed in Google Chrome

Google has fixed vulnerabilities in Chrome. A malicious party can exploit the most serious vulnerability CVE-2024-10487 to execute arbitrary code on the system on which the browser is installed via an out-of-bounds write. To do this, the victim only needs to visit an infected website or website...

8.8CVSS7.9AI score0.00653EPSS
Exploits0References3
NCSC
NCSC
added 2024/10/24 8:37 a.m.11 views

Vulnerabilities fixed in Cisco Adaptive Security Appliance and Firepower Threat Defense

Cisco has fixed vulnerabilities in Adaptive Security Appliance ASA and Firepower Threat Defense FTD. A malicious party could exploit the vulnerabilities to cause a Denial-of-Service on the system, disrupting the underlying service, bypassing implemented security measures to enable unauthorized...

9.9CVSS7.7AI score0.01158EPSS
Exploits0References11
NCSC
NCSC
added 2024/10/18 9:26 a.m.9 views

Vulnerabilities fixed in Oracle E-Business Suite

Oracle has fixed vulnerabilities in E-Business Suite. A malicious party could exploit the vulnerabilities to access and potentially manipulate sensitive data. Oracle has released updates to fix the vulnerabilities. See attached references for more information...

8.1CVSS8.8AI score0.00484EPSS
Exploits0References1
NCSC
NCSC
added 2024/10/17 1:20 p.m.10 views

Vulnerabilities fixed in Oracle MySQL

Oracle has fixed vulnerabilities in MySQL. A malicious party could exploit the vulnerabilities to cause a denial-of-service, or to access and potentially manipulate sensitive data in the database. Oracle has released updates to fix the vulnerabilities. See attached references for more information...

9.8CVSS7.4AI score0.8496EPSS
Exploits4References1
NCSC
NCSC
added 2024/10/17 1:18 p.m.6 views

Vulnerabilities fixed in Oracle Enterprise Manager

Oracle has fixed vulnerabilities in Enterprise Manager. A malicious party can exploit the vulnerabilities to launch attacks that can lead to the following categories of damage: - Denial-of-Service DoS - Execution of arbitrary code User privileges - Execution of arbitrary code Administrator...

9.8CVSS7.6AI score0.01433EPSS
Exploits1References1
NCSC
NCSC
added 2024/10/17 1:17 p.m.62 views

Vulnerabilities fixed in Oracle Communications

Oracle has fixed vulnerabilities in several Communications products and systems. A malicious party can exploit the vulnerabilities to launch attacks that can lead to the following categories of damage: - Denial-of-Service DoS - Manipulation of data - Execution of arbitrary code User Rights -...

10CVSS7.6AI score0.99987EPSS
Exploits179References1
NCSC
NCSC
added 2024/10/10 12:2 p.m.10 views

Vulnerabilities fixed in Palo Alto Expedition

Palo Alto has fixed vulnerabilities in Expedition. A malicious party could exploit the vulnerabilities to remotely execute arbitrary code, without prior authentication, on the system running Expedition, potentially obtaining login credentials and API keys. Expedition is a migration tool to conver...

9.9CVSS7.5AI score0.99597EPSS
Exploits9References1
NCSC
NCSC
added 2024/10/09 11:21 a.m.4 views

Vulnerability fixed in Ivanti Endpoint Manager Mobile

Ivanti has fixed a vulnerability in Endpoint Manager Mobile. A locally authenticated malicious party could exploit the vulnerability to obtain read and write permissions to sensitive configuration files. Ivanti has released updates to fix the vulnerability in Endpoint Manager Mobile. See the...

8.8CVSS6.6AI score0.00241EPSS
Exploits0References1
NCSC
NCSC
added 2024/10/04 10:11 a.m.30 views

Vulnerabilities fixed in Apple iOS and iPadOS

Apple has fixed vulnerabilities in iOS and iPadOS. VoieOver does not appear to handle sensitive data correctly, making it possible to use VoiceOver to have recently stored passwords read aloud. Apple has released updates to fix the vulnerabilities. See attached references for more information...

5.5CVSS6.6AI score0.09043EPSS
Exploits0References1
NCSC
NCSC
added 2024/09/13 5:0 p.m.6 views

Vulnerabilities fixed in Ivanti Endpoint Manager

Ivanti has fixed vulnerabilities in Ivanti Endpoint Manager. Vulnerabilities have been fixed in Ivanti Endpoint Manager. A malicious party can exploit the vulnerabilities to launch attacks that can lead to the following categories of damage: Remote code execution Administrator/Root privileges...

10CVSS7.8AI score0.59257EPSS
Exploits3References1
NCSC
NCSC
added 2024/09/13 8:52 a.m.13 views

Vulnerability fixed in Rockwell Automation FactoryTalk View Site

Rockwell Automation has fixed a vulnerability in FactoryTalk View Site. A malicious party could exploit the vulnerability to execute arbitrary code in the application, in the victim's context, using a Cross-Site Scripting attack. For successful exploitation, the malicious party must have access t...

9.8CVSS7.1AI score0.01284EPSS
Exploits0References1
NCSC
NCSC
added 2024/09/13 8:46 a.m.4 views

Vulnerability fixed in Rockwell Automation ThinManager

Rockwell Automation has fixed a vulnerability in ThinManager. A malicious party could exploit the vulnerability to install software on the vulnerable system to execute arbitrary code. Rockwell Automation has released updates to fix the vulnerability. See attached references for more information...

8.8CVSS7.3AI score0.11228EPSS
Exploits0References1
Rows per page
Query Builder