Lucene search
+L

546 matches found

ncsc
ncsc
added 2024/04/12 12:0 a.m.7 views

Vulnerabilities fixed in Juniper JunOS

Juniper has fixed vulnerabilities in JunOS and JunOS Evolved. A malicious party could exploit the vulnerabilities to cause a denial-of-service, gain access to sensitive data or to bypass security measures to allow traffic pass through traffic that was not initially authorized. Juniper has release...

9.2CVSS8.3AI score0.01495EPSS
Exploits0
ncsc
ncsc
added 2024/04/11 12:0 a.m.5 views

Vulnerability fixed in node.js

A vulnerability has been fixed in node.js. A malicious party can exploit the vulnerability to use a command-injection to execute arbitrary code on the system with permissions of the application running in the vulnerable node.js. The developers of node.js have released updates to fix the...

8.1CVSS8.5AI score0.01411EPSS
Exploits0
ncsc
ncsc
added 2024/04/05 12:0 a.m.42 views

Vulnerabilities fixed in Esri Arcgis Portal

Esri has fixed vulnerabilities in Arcgis Portal. A malicious party could exploit the vulnerabilities to launch a Cross-Site Scripting attack, or perform a Cross-Site-Request-Forgery execution. Such attacks can lead to execution of arbitrary code in the victim's browser, or access to sensitive dat...

9.9CVSS7AI score0.01265EPSS
Exploits0
ncsc
ncsc
added 2024/04/05 12:0 a.m.5 views

Vulnerability fixed in IBM Websphere Application Server

IBM has fixed a vulnerability in Websphere Application Server. The vulnerability is located in the underlying jose4j library and allows an unauthenticated malicious party to cause a denial-of-service exploit. IBM has released updates to fix the vulnerability in Websphere Application Server. For...

6.5CVSS7AI score0.00879EPSS
Exploits1
ncsc
ncsc
added 2024/03/14 12:0 a.m.5 views

Vulnerability fixed in Schneider Electric EcoStruxure Power Design

Schneider Electric has fixed a vulnerability in EcoStruxure Power Design. A malicious party could exploit the vulnerability to execute arbitrary code with privileges of the Power Design user. Successful exploitation requires the malicious party to trick the victim into opening and executing a rog...

7.8CVSS7.4AI score0.00423EPSS
Exploits0
ncsc
ncsc
added 2024/03/07 12:0 a.m.7 views

Vulnerability fixed in Cisco Secure Client

Cisco has fixed a vulnerability in the Secure Client. A malicious party could exploit the vulnerability to use a malicious link to gain access to the SAML token of the victim and thus establish a VPN connection. Access to underlying systems and applications still require authentication. Cisco has...

8.2CVSS7AI score0.29906EPSS
Exploits0
ncsc
ncsc
added 2024/03/06 12:0 a.m.6 views

Vulnerabilities fixed in VMware products

VMware has fixed several vulnerabilities in VMware ESXI, VMware Workstation and VMware Fusion. A malicious person with local administrator rights in a virtual machine can exploit the vulnerabilities to execute code - with the rights of the application - execute code on the system on which the...

9.3CVSS7.5AI score0.03542EPSS
Exploits0
ncsc
ncsc
added 2024/02/23 12:0 a.m.8 views

Vulnerability fixed in SonicWall SSL-VPN products

SonicWall has fixed a vulnerability in SMA 100 series SSL VPNs. An authenticated malicious party can exploit the vulnerability exploit the vulnerability to establish a link to the mobile MFA device of another user and thus potentially gain access to sensitive data in the victim's context. SonicWa...

6.3CVSS6.8AI score0.00433EPSS
Exploits0
ncsc
ncsc
added 2024/02/19 12:0 a.m.4 views

Vulnerabilities fixed in IBM WebSphere Application Server

IBM has fixed vulnerabilities in WebSphere. The vulnerabilities are located in the Java component of WebSphere and allow a malicious party to carry out attacks that could lead to loss of data integrity and confidentiality. IBM did not release any other detailed information. A more precise risk...

7.5CVSS6.5AI score0.00918EPSS
Exploits0
ncsc
ncsc
added 2024/02/16 12:0 a.m.12 views

Vulnerabilities fixed in F5 BIG-IP and BIG-IQ

F5 has fixed vulnerabilities in BIG-IP and BIG-IQ products. A malicious party could exploit the vulnerabilities to cause a Denial-of-Service, or to bypass a security measure in order to bypass a security measure and thus use command-injection to manipulate the operation of the system manipulate t...

8.7CVSS8.5AI score0.01061EPSS
Exploits0
susecve
susecve
added 2024/02/09 3:0 a.m.4 views

SUSE CVE-2024-20328

A vulnerability in the VirusEvent feature of ClamAV could allow a local attacker to inject arbitrary commands with the privileges of the application service account.The vulnerability is due to unsafe handling of file names. A local attacker could exploit this vulnerability by supplying a file nam...

5.3CVSS7.2AI score0.84841EPSS
Exploits0References3
ncsc
ncsc
added 2024/01/23 12:0 a.m.6 views

Vulnerabilities fixed in Apple iOS and iPadOS

Apple has fixed vulnerabilities in iOS and iPadOS. A malicious party can exploit the vulnerabilities to launch attacks execute attacks that can lead to the following categories of damage: Circumvention of security measure. Remote code execution Administrator/Root rights Remote code execution User...

9.8CVSS7AI score0.78483EPSS
Exploits13
ncsc
ncsc
added 2024/01/16 12:0 a.m.2 views

Vulnerabilities fixed in Citrix Netscaler ADC and Netscaler Gateway

Citrix has fixed vulnerabilities in Netscaler ADC and Netscaler Gateway. A malicious party could exploit the vulnerabilities to cause a denial-of-service, or to execute arbitrary code execute arbitrary code on the vulnerable system. The vulnerability with attribute CVE-2023-6548 is located in the...

8.8CVSS7.9AI score0.57633EPSS
Exploits0
ncsc
ncsc
added 2024/01/05 12:0 a.m.6 views

Vulnerabilities fixed in Rockwell Automation FactoryTalk Activation Manager

Rockwell Automation has fixed vulnerabilities in the FactoryTalk Activation Manager. A malicious party could exploit them to cause a denial-of-service, or potentially execute arbitrary code on the vulnerable system and thereby take over the system and thus access and manipulate the system data an...

9.8CVSS7.8AI score0.78483EPSS
Exploits6
ncsc
ncsc
added 2023/12/15 12:0 a.m.5 views

Vulnerability fixed in IBM MQ

IBM has fixed a vulnerability in MQ. An unauthenticated malicious party could exploit the vulnerability to cause a denial-of-service attack. IBM has released updates to fix the vulnerability in the supported versions of MQ. For more information, see: https://www.ibm.com/support/pages/node/7096710...

7.5CVSS8.4AI score0.01449EPSS
Exploits1
ncsc
ncsc
added 2023/12/01 12:0 a.m.6 views

Vulnerabilities fixed in Apple iOS, iPadOS, MacOS and Safari

Apple has fixed vulnerabilities in iOS, iPadOS, MacOS and Safari. A malicious party could exploit the vulnerabilities to execute arbitrary code with user privileges, or to gain access to sensitive data. Successful exploitation requires the malicious party to trick the victim into following a rogu...

8.8CVSS8.7AI score0.17823EPSS
Exploits0
ncsc
ncsc
added 2023/12/01 12:0 a.m.8 views

Vulnerabilities fixed in Google Chrome

Google has fixed vulnerabilities in Chrome. A malicious person could exploit the vulnerabilities to execute arbitrary code with privileges of the browser, or to access sensitive data in the context of the browser. Successful exploitation requires the malicious party to trick the victim into openi...

9.6CVSS7.4AI score0.1963EPSS
Exploits0
ncsc
ncsc
added 2023/11/30 12:0 a.m.9 views

Vulnerabilities fixed in QlikTech Qlik Sense Vulnerabilities fixed in QlikTech Qlik Sense

QlikTech has fixed vulnerabilities in Qlik Sense Enterprise. An unauthenticated malicious person could exploit the vulnerabilities to execute arbitrary code on the system where Qlik Sense is installed, potentially taking over that system. take over. Qlik Sense reports having received reports that...

9.9CVSS8AI score0.84967EPSS
Exploits0
ncsc
ncsc
added 2023/11/16 12:0 a.m.4 views

Vulnerability fixed in Adobe InCopy

Adobe has fixed a vulnerability in InCopy. A malicious person could exploit the vulnerability to execute arbitrary code with privileges of the victim. For successful abuse, the malicious party must trick the victim into opening a rogue file. Adobe has released updates to fix the vulnerability in...

7.8CVSS7.3AI score0.00341EPSS
Exploits0
ncsc
ncsc
added 2023/11/16 12:0 a.m.9 views

Vulnerabilities fixed in Adobe Premiere Pro

Adobe has fixed vulnerabilities in Premiere Pro. A malicious party could exploit the vulnerabilities to gain access to system data, or to execute arbitrary code with privileges of the victim. Successful exploitation requires the malicious party to trick the victim into opening a rogue file. Adobe...

7.8CVSS7.9AI score0.00389EPSS
Exploits0
Rows per page
Query Builder