Lucene search
+L

546 matches found

ncsc
ncsc
added 2024/09/13 8:42 a.m.16 views

Vulnerabilities fixed in Citrix Workspace App for Windows

Citrix has fixed vulnerabilities in the Citrix Workspace App for Windows. A local malicious person could exploit the vulnerabilities to grant themselves elevated privileges and potentially execute code with SYSTEM privileges. Citrix has released updates to fix the vulnerabilities. See attached...

7.3CVSS7.4AI score0.00246EPSS
Exploits1References1
ncsc
ncsc
added 2024/09/13 8:30 a.m.5 views

Vulnerabilities fixed in Solarwinds Access Rights Manager

Solarwinds has fixed vulnerabilities in Access Rights Manager. A malicious person could exploit the vulnerabilities to grant themselves elevated privileges and execute arbitrary code with application privileges. Solarwinds has released updates to fix the vulnerabilities. See attached references f...

9CVSS7.9AI score0.03085EPSS
Exploits0References1
ncsc
ncsc
added 2024/09/11 9:31 a.m.10 views

Vulnerabilities fixed in Adobe products

Vulnerabilities have been fixed in Adobe products. The vulnerabilities allow a malicious person to launch attacks that result in the following categories of damage: - Denial-of-Service DoS - Remote code execution User rights - Access to system data Adobe has released updates to fix the...

9.8CVSS7.8AI score0.30326EPSS
Exploits0References6
ncsc
ncsc
added 2024/08/22 11:40 a.m.9 views

Vulnerabilities fixed in GitHub Enterprise Server

GitHub has fixed vulnerabilities in the Enterprise Server. A malicious party could exploit the vulnerabilities to access and potentially manipulate sensitive data. Also, under certain, unspecified conditions, a malicious party can use rogue SAML traffic to gain access to any account, including...

9.8CVSS7.3AI score0.01527EPSS
Exploits0References4
ncsc
ncsc
added 2024/08/14 12:52 p.m.9 views

Vulnerabilities fixed in Adobe Acrobat and Acrobat Reader

Adobe has fixed vulnerabilities in Acrobat and Acrobat Reader. A malicious party could exploit the vulnerabilities to execute arbitrary code with the victim's privileges and gain access to sensitive data. Successful exploitation requires the malicious party to trick the victim into opening a rogu...

7.8CVSS7.8AI score0.0455EPSS
Exploits0References1
ncsc
ncsc
added 2024/08/14 12:47 p.m.11 views

Vulnerabilities fixed in Adobe InDesign

Adobe has fixed vulnerabilities in InDesign. A malicious party could exploit the vulnerabilities to cause a denial-of-service, execute arbitrary code with the victim's privileges and potentially gain access to sensitive data. Successful exploitation requires the malicious party to trick the victi...

7.8CVSS7.9AI score0.00365EPSS
Exploits0References1
ncsc
ncsc
added 2024/08/14 12:44 p.m.7 views

Vulnerability fixed in Adobe Photoshop

Adobe has fixed a vulnerability in Photoshop. A malicious party could exploit the vulnerability to execute arbitrary code with the victim's privileges, potentially gaining access to sensitive data. Successful exploitation requires the malicious party to trick the victim into opening a rogue file...

7.8CVSS7.6AI score0.00315EPSS
Exploits0References1
ncsc
ncsc
added 2024/08/14 9:54 a.m.6 views

Vulnerabilities fixed in Ivanti Neurons for ITSM

Ivanti has fixed vulnerabilities in Neurons for ITSM. A malicious party could exploit the vulnerabilities to obtain login credentials to gain access to the vulnerable system. Ivanti has released updates to fix the vulnerabilities. See attached references for more information...

9.8CVSS7.4AI score0.01639EPSS
Exploits0References1
ncsc
ncsc
added 2024/08/07 9:4 a.m.11 views

Vulnerabilities fixed in Aruba Networks ArubaOS and InstantOS

Aruba Networks has fixed vulnerabilities in ArubaOS and InstantOS. A malicious party could exploit the vulnerabilities to cause a denial-of-service, or execute arbitrary code on the vulnerable system. Successful exploitation requires the malicious party to have access to the PAPI port, or the SSH...

9.8CVSS7.7AI score0.93305EPSS
Exploits12References1
ncsc
ncsc
added 2024/07/17 1:54 p.m.10 views

Vulnerabilities fixed in Oracle Analytics

Vulnerabilities have been fixed in Oracle Analytics. A malicious party can exploit the vulnerabilities to launch attacks that can lead to the following categories of damage: Denial-of-Service DoS. Access to sensitive data Access to system data Manipulation of data Remote code execution User right...

9.8CVSS7.5AI score0.93305EPSS
Exploits11References15
ncsc
ncsc
added 2024/06/20 2:9 p.m.8 views

Vulnerabilities fixed in Autodesk Autocad

Autodesk has fixed vulnerabilities in several AutoCad products. The vulnerabilities are in various parsers for cad file types. A malicious party could exploit the vulnerabilities to cause a denial-of-service, or potentially execute arbitrary code within the application. Successful exploitation...

7.8CVSS7.9AI score0.00416EPSS
Exploits0References1
ncsc
ncsc
added 2024/06/14 6:27 a.m.8 views

Vulnerability fixed in Adobe Creative Cloud Desktop Application

Adobe has fixed a vulnerability in Creative Cloud Desktop Application. A malicious person could exploit the vulnerability to execute arbitrary code with the victim's privileges. For successful abuse, the malicious party must trick the victim into opening a rogue file. Adobe has released updates t...

7.1CVSS7.8AI score0.00298EPSS
Exploits0References1
ncsc
ncsc
added 2024/06/13 1:37 p.m.5 views

Vulnerabilities fixed in Adobe ColdFusion

Adobe has fixed vulnerabilities in ColdFusion. A malicious party could exploit the vulnerabilities to bypass a security measure and gain access to sensitive data. Adobe has released updates to fix the vulnerabilities. See attached references for more information...

7.5CVSS7.2AI score0.237EPSS
Exploits0References1
ncsc
ncsc
added 2024/06/13 1:34 p.m.7 views

Vulnerabilities fixed in Adobe FrameMaker Publishing Server

Adobe has fixed vulnerabilities in FrameMaker Publishing Server. A malicious party could exploit the vulnerabilities to bypass authentication and potentially take over the system. In particular, systems that are accessible from public networks without additional measures are at increased risk...

10CVSS7.4AI score0.01051EPSS
Exploits0References1
ncsc
ncsc
added 2024/06/13 1:31 p.m.8 views

Vulnerability fixed in Adobe Photoshop

Adobe has fixed a vulnerability in Photoshop. A malicious person could exploit the vulnerability to execute arbitrary code with application privileges. Successful exploitation requires the malicious party to trick the victim into opening a rogue file. Adobe has released updates to fix the...

7.8CVSS7.7AI score0.00315EPSS
Exploits0References1
ncsc
ncsc
added 2024/06/11 11:51 a.m.7 views

Vulnerabilities fixed in Trend Micro Apex One

Trend Micro fixed vulnerabilities in Apex One A local malicious party could exploit the vulnerabilities to cause a denial-of-service DoS, or grant themselves elevated privileges and potentially execute arbitrary code on the local system. Trend Micro has released updates to fix the vulnerabilities...

7.8CVSS7.6AI score0.00889EPSS
Exploits0References1
ncsc
ncsc
added 2024/06/07 7:22 a.m.5 views

Vulnerabilities fixed in FortiNet FortiWebManager

FortiNet has fixed vulnerabilities in FortiWebManager. A malicious party could exploit the vulnerabilities to bypass a security measure and potentially perform actions that the malicious party is not initially authorized to perform. For successful exploitation, the malicious party must have at...

8.8CVSS7AI score0.00651EPSS
Exploits0References1
jvn
jvn
added 2024/05/10 6:11 a.m.3 views

"OfferBox" App uses a hard-coded secret key

Overview "OfferBox" App provided by i-plug inc. uses a hard-coded secret key for JWT CWE-321. Yuta Yamate of Rakuten Group, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact The hard-coded secret key for...

7.5CVSS6.6AI score0.00365EPSS
Exploits0References4
ncsc
ncsc
added 2024/05/02 12:0 a.m.7 views

Vulnerabilities fixed in Cisco IP phones

Cisco has fixed vulnerabilities in the firmware of several IP Phone systems. A malicious party could exploit the vulnerabilities to cause a denial-of-service, or gain access to sensitive data on the vulnerable device and thus potentially manipulate phone calls. Cisco has released updates to fix t...

7.5CVSS7AI score0.00873EPSS
Exploits0
ncsc
ncsc
added 2024/04/29 12:0 a.m.8 views

Vulnerabilities fixed in IBM MQ

IBM has fixed vulnerabilities in MQ. A malicious party could exploit the exploit the vulnerabilities to cause a denial-of-service or potentially execute arbitrary code on the vulnerable system. IBM has released updates to fix the vulnerabilities in MQ. For more information, see:...

7.5CVSS7.7AI score0.00925EPSS
Exploits0
Rows per page
Query Builder