548 matches found
Vulnerabilities fixed in NetApp products
NetApp has fixed multiple vulnerabilities in various Netapp products. The vulnerabilities allow an unauthenticated remote malicious party potentially able to launch attacks leading to the following categories of damage: Denial-of-Service DoS Manipulation of data Access to sensitive data NetApp ha...
Vulnerabilities fixed in Tivoli Netcool/OMNIbus
IBM Tivoli Netcool / OMNIbusGUI is vulnerable to stored cross-site scripting XSS. This security vulnerability CVE-2021-20336 allows users insert arbitrary JavaScript code into the Web interface, thereby altering the intended functionality, potentially lead to the release of login credentials with...
Vulnerabilities fixed in Google Chrome
Vulnerabilities have been fixed in Google Chrome. A malicious person could potentially exploit the vulnerabilities to cause a denial-of-service cause or execute arbitrary code with the privileges of the logged in user. As usual, Google is disclosing little information regarding the details of the...
Vulnerabilities fixed in NetBSD
The developers of NetBSD have fixed a number of vulnerabilities fixed in NetBSD's IP stack. Because packet IDs are not randomly are not randomly generated by default, a malicious party can predict the IP traffic. predict, allowing the malicious party to launch a man-in-the-middle attack to obtain...
Vulnerabilities fixed in IBM DB2
IBM has fixed two vulnerabilities in DB2. A local malicious party could exploit the vulnerabilities to cause a denial-of-service, or execute arbitrary code on the underlying system with root privileges. To do this, however, the malicious party must have local access to the vulnerable system. IBM...
Vulnerability fixed in GNU git
GNU has fixed a vulnerability in git. A malicious person could exploit the vulnerability to create a rogue repository from which scripts are automatically executed upon check out. This allows the malicious party to execute arbitrary code with permissions of git on the vulnerable system. GNU has...
Vulnerability fixed in Websphere Application Server
IBM has fixed a vulnerability in Websphere Application Server. A malicious party could exploit the vulnerability to gain access to sensitive data via Directory Traversal to gain access to sensitive data. IBM has released updates to fix the vulnerability in Websphere Application Server. For more...
Vulnerabilities fixed in Adobe Connect
Adobe has fixed vulnerabilities in Adobe Connect. A malicious party could potentially exploit the vulnerabilities remotely to execute arbitrary code under the privileges of the application. In addition, the vulnerabilities can be exploited to performing a Cross-Site Scripting XSS attack. A such...
Vulnerabilities fixed in SAP products
Vulnerabilities have been fixed in SAP products. The vulnerabilities enable a malicious person to launch attacks that lead to the following categories of damage: Cross-Site Request Forgery XSRF. Bypassing authentication Bypassing security measure Remote code execution User Rights SAP designates...
Vulnerability fixed in Xerox products
A vulnerability has been fixed in Xerox Phaser, WorkCentre and VersaLink. The vulnerability allows a malicious person to execute arbitrary code under the user's privileges. Xerox did not release any substantive details about this vulnerability. No CVE attribute has been assigned to this...
Vulnerability fixed in OpenSSH
A vulnerability has been fixed in OpenSSH. The vulnerability allows a malicious party with access to the SSH agent socket to cause a Denial-of-Service and potentially execute arbitrary code. execute. No CVE attribute has been reserved for this vulnerability yet. The developers of OpenSSH have...
Vulnerability fixed in Juniper JunOS
A vulnerability has been fixed in Juniper JunOS. The vulnerability allows a malicious person with access to the network in which the system resides is able to cause a denial-of-service. Juniper has released updates to fix the vulnerability. More information can be found on the page below:...
Vulnerabilities fixed in Google Chrome
Vulnerabilities have been fixed in Google Chrome. The vulnerabilities allow a malicious person to launch attacks that lead to the following categories of damage: Denial-of-Service DoS Circumvention of security measure Remote code execution User rights Access to sensitive data As usual, Google...
Serious vulnerabilities fixed in Microsoft Exchange Server
Vulnerabilities have been fixed in Microsoft Exchange Server. A combination of several vulnerabilities allow a malicious person remotely able to execute arbitrary code under SYSTEM privileges Microsoft states that the vulnerabilities with attribute CVE-2021-26855, CVE-2021-26857, CVE-2021-26858 a...
Vulnerabilities fixed in Cisco Nexus 9000 series
Cisco has fixed vulnerabilities in Nexus 9000 Series Fabric Switches. The vulnerabilities allow an unauthenticated remote malicious party able to cause a denial-of-service cause and to bypass a security measure. Cisco categorizes these vulnerabilities according to the CVSSv3 method with a highest...
Vulnerability fixed in Huawei S5700
A vulnerability has been fixed in the Huawei S5700 switch. The vulnerability allows a malicious party to cause a denial-of-service cause. Huawei has made little information made available. Huawei has released updates to fix the vulnerability. More information can be found on the page below:...
Vulnerability fixed in Atlassian Jira
A vulnerability has been fixed in Jira. The vulnerability allows unauthenticated a malicious person to gain access to system data Atlassian has released updates to fix the vulnerability. fix. More information can be found on the page below: https://jira.atlassian.com/browse/JRASERVER-72014...
Vulnerability fixed in BIND
A vulnerability has been fixed in ISC BIND. A malicious party could potentially exploit the vulnerability to cause a denial-of-service cause. This vulnerability can only be exploited when BIND is configured to make use of GSS-TSIG. This is not the default configuration. In environments where BIND...
Multiple vulnerabilities fixed in Google Chrome
Vulnerabilities have been fixed in Google Chrome. A malicious person could potentially exploit the vulnerabilities to cause a denial-of-service cause or execute arbitrary code with the privileges of the logged in user. As usual, Google is disclosing little information regarding the details of the...
Vulnerabilities fixed in Jira
Vulnerabilities have been fixed in JIRA. The vulnerabilities allow a malicious person to perform a Cross-Site Scripting attack and to obtain system data. Atlassian categorizes these vulnerabilities according to the CVSSv3 method with a highest score of 8.2. Atlassian has released updates to addre...