Lucene search
+L

179 matches found

Tibco
Tibco
added 2021/03/22 5:5 p.m.22 views

TIBCO Security Advisory: March 23, 2021 - TIBCO Enterprise Message Service -2021-28822

TIBCO Enterprise Message Service Windows Platform Artifact Search vulnerability Original release date: March 23,2021 Last revised: CVE-2021-28822 Source: TIBCO Software Inc. Products Affected TIBCO Enterprise Message Service versions 8.5.1 and below TIBCO Enterprise Message Service - Community...

8.8CVSS8.4AI score0.00248EPSS
Exploits0Affected Software3
Tibco
Tibco
added 2021/03/22 4:13 p.m.24 views

TIBCO Security Advisory: March 23, 2021 - TIBCO Enterprise Message Service -2021-28821

TIBCO Enterprise Message Service Windows Platform Installation vulnerability Original release date: March 23,2021 Last revised: CVE-2021-28821 Source: TIBCO Software Inc. Products Affected TIBCO Enterprise Message Service versions 8.5.1 and below TIBCO Enterprise Message Service - Community Editi...

8.8CVSS8.3AI score0.00216EPSS
Exploits0Affected Software3
Tibco
Tibco
added 2021/03/22 4:13 p.m.26 views

TIBCO Security Advisory: March 23, 2021 - TIBCO Enterprise Message Service -2021-28821

TIBCO Enterprise Message Service Windows Platform Installation vulnerability Original release date: March 23,2021 Last revised: CVE-2021-28821 Source: TIBCO Software Inc. Products Affected TIBCO Enterprise Message Service versions 8.5.1 and below TIBCO Enterprise Message Service - Community Editi...

4.6CVSS7AI score0.00216EPSS
Exploits0Affected Software3
Tibco
Tibco
added 2021/03/20 1:9 a.m.23 views

TIBCO Security Advisory: March 23, 2021 - TIBCO FTL -2021-28820

TIBCO FTL Windows Platform Artifact Search vulnerability Original release date:March 23, 2021 Last revised: CVE-2021-28820 Source: TIBCO Software Inc. Products Affected TIBCO FTL - Community Edition versions 6.5.0 and below TIBCO FTL - Developer Edition versions 6.5.0 and below TIBCO FTL -...

8.8CVSS8.4AI score0.00251EPSS
Exploits0Affected Software3
Tibco
Tibco
added 2021/03/20 1:9 a.m.20 views

TIBCO Security Advisory: March 23, 2021 - TIBCO FTL -2021-28820

TIBCO FTL Windows Platform Artifact Search vulnerability Original release date:March 23, 2021 Last revised: CVE-2021-28820 Source: TIBCO Software Inc. Products Affected TIBCO FTL - Community Edition versions 6.5.0 and below TIBCO FTL - Developer Edition versions 6.5.0 and below TIBCO FTL -...

4.6CVSS6.8AI score0.00251EPSS
Exploits0Affected Software3
Tibco
Tibco
added 2021/03/19 11:21 p.m.21 views

TIBCO Security Advisory: March 23, 2021 - TIBCO Rendezvous -2021-28817

TIBCO Rendezvous Windows Platform Installation vulnerability Original release date:March 23, 2021 Last revised: CVE-2021-28817 Source: TIBCO Software Inc. Products Affected TIBCO Rendezvous versions 8.5.1 and below TIBCO Rendezvous Developer Edition versions 8.5.1 and below The following componen...

4.6CVSS7AI score0.00251EPSS
Exploits0Affected Software2
CISA
CISA
added 2021/01/21 12:0 a.m.21 views

CERT/CC and CISA Report Multiple Vulnerabilities in Dnsmasq

CISA and the CERT Coordination Center CERT/CC are aware of multiple vulnerabilities affecting Dnsmasq version 2.82 and prior. Dnsmasq is a widely-used, open-source software that provides Domain Name Service forwarding and caching and is common in Internet-of-Things IoT and other embedded devices....

7AI score
Exploits0References2
CERT
CERT
added 2020/12/23 12:0 a.m.156 views

Veritas Backup Exec is vulnerable to privilege escalation due to OPENSSLDIR location

Overview Veritas Backup Exec contains a privilege escalation vulnerability due to the use of an OPENSSLDIR variable that specifies a location where an unprivileged Windows user can create files. Description CVE-2019-1552 Veritas Backup Exec includes an OpenSSL component that specifies an OPENSSLD...

9.3CVSS6.3AI score0.00678EPSS
Exploits0References3
CISA
CISA
added 2020/12/08 12:0 a.m.11 views

CERT/CC Releases Information on Vulnerabilities Affecting Open-Source TCP/IP Stacks

The CERT Coordination Center CERT/CC has released information on 33 vulnerabilities, known as AMNESIA:33, affecting multiple embedded open-source Transmission Control Protocol/Internet Protocol TCP/IP stacks. A remote attacker could exploit some of these vulnerabilities to take control of an...

7AI score
Exploits0References2
CERT
CERT
added 2020/10/22 12:0 a.m.53 views

Chocolatey Boxstarter is vulnerable to privilege escalation due to weak ACLs

Overview Chocolatey Boxstarter fails to properly set ACLs, which can allow an unprivileged Windows user to be able to run arbitrary code with SYSTEM privileges. Description CVE-2020-15264 The Chocolatey Boxstarter installer fails to set a secure access-control list ACL on the...

8CVSS8.2AI score0.01551EPSS
Exploits0References2
CISA
CISA
added 2020/09/18 12:0 a.m.93 views

CISA Releases Emergency Directive on Microsoft Windows Netlogon Remote Protocol

The Cybersecurity and Infrastructure Security Agency CISA has released Emergency Directive ED 20-04 addressing a critical vulnerability— CVE-2020-1472—affecting Microsoft Windows Netlogon Remote Protocol. An unauthenticated attacker with network access to a domain controller could exploit this...

9.3CVSS1.2AI score0.99512EPSS
In wildExploits75References6
CISA
CISA
added 2020/09/17 12:0 a.m.78 views

CERT/CC Releases Information on Critical Vulnerability in Microsoft Windows Netlogon Remote Protocol

The CERT Coordination Center CERT/CC has released information on CVE-2020-1472, a vulnerability affecting Microsoft Windows Netlogon Remote Protocol. An unauthenticated attacker could exploit this vulnerability to obtain Active Directory domain administrator access. Although Microsoft provided...

9.3CVSS2.4AI score0.99512EPSS
Exploits75References3
CERT
CERT
added 2020/06/16 12:0 a.m.89 views

Treck IP stacks contain multiple vulnerabilities

Overview Treck IP stack implementations for embedded systems are affected by multiple vulnerabilities. This set of vulnerabilities was researched and reported by JSOF, who calls them Ripple20. Description Treck IP network stack software is designed for and used in a variety of embedded systems. T...

10CVSS8.5AI score0.36965EPSS
Exploits21References4
CISA
CISA
added 2020/06/09 12:0 a.m.34 views

CERT/CC Reports Vulnerability in Universal Plug and Play Protocol

The CERT Coordination Center CERT/CC has released information on a vulnerability—CVE-2020-12695—affecting versions of the Universal Plug and Play UPnP protocol released before April 17, 2020. UPnP protocol allows networked devices to discover and connect with each other. A remote attacker could...

7.8CVSS2.2AI score0.15193EPSS
Exploits3References2
ICS
ICS
added 2020/05/21 12:0 p.m.94 views

Critical Vulnerability in Citrix Application Delivery Controller, Gateway, and SD-WAN WANOP

Summary Note: As of January 24, 2020, Citrix has released all expected updates in response to CVE-2019-19781.1 On January 19, 2020, Citrix released firmware updates for Citrix Application Delivery Controller ADC and Citrix Gateway versions 11.1 and 12.0. On January 22, 2020, Citrix released...

9.8CVSS9.9AI score0.99999EPSS
Exploits48References60
0day.today
0day.today
added 2020/04/18 12:0 a.m.70 views

Common Desktop Environment 1.6 Local Privilege Escalation Exploit

A buffer overflow in the SanityCheck function in the Common Desktop Environment version distributed with Oracle Solaris 10 1/13 Update 11 and earlier allows local users to gain root privileges via a long calendar name or calendar owner passed to sdtcmconvert in a malicious calendar file. The open...

8.8CVSS8.7AI score0.01802EPSS
Exploits5
CISA
CISA
added 2020/03/05 12:0 a.m.14 views

Point-to-Point Protocol Daemon Vulnerability

The CERT Coordination Center CERT/CC has released information on a vulnerability affecting Point-to-Point Protocol Daemon versions 2.4.2 through 2.4.8. A remote attacker can exploit this vulnerability to take control of an affected system. Point-to-Point Protocol Daemon is used to establish...

6.7AI score
Exploits0References1
Krebs on Security
Krebs on Security
added 2020/01/13 10:17 p.m.70 views

Cryptic Rumblings Ahead of First 2020 Patch Tuesday

Sources tell KrebsOnSecurity that Microsoft Corp. is slated to release a software update on Tuesday to fix an extraordinarily serious security vulnerability in a core cryptographic component present in all versions of Windows. Those sources say Microsoft has quietly shipped a patch for the bug to...

5.8CVSS8.9AI score0.89436EPSS
Exploits14
Akamai Blog
Akamai Blog
added 2020/01/13 5:0 a.m.15 views

HTTP Cache Poisoning Advisory

Summary On January 14, 2020, CERT CC published an advisory warning of the potential use of Content Delivery Networks CDNs to cache malicious traffic. Akamai acknowledges this issue and has been aware of similar research in the past. This advisory...

2.4AI score
Exploits0
CISA
CISA
added 2020/01/08 12:0 a.m.14 views

Citrix Application Delivery Controller and Citrix Gateway Vulnerability

The CERT Coordination Center CERT/CC has released information on a vulnerability affecting Citrix Application Delivery Controller and Citrix Gateway. A remote attacker could exploit this vulnerability to run arbitrary code on a targeted system. This vulnerability was detected in exploits in the...

7.1AI score
Exploits0References2
Rows per page
Query Builder