Lucene search
K
NcscMost viewed

4190 matches found

NCSC
NCSC
•added 2024/10/17 1:15 p.m.•17 views

Vulnerabilities fixed in Oracle Database products

Oracle has fixed vulnerabilities in several Database products and subsystems, including the Core database, Application Express, Autonomous Health Framework, Essbase, GoldenGate, SQL Developer and Secure Backup. A malicious party can exploit the vulnerabilities to launch attacks that can lead to t...

10CVSS7.5AI score0.99999EPSS
Exploits147References1
NCSC
NCSC
•added 2024/07/17 1:52 p.m.•17 views

Vulnerabilities fixed in Oracle Communications

Vulnerabilities have been fixed in Oracle Communications. A malicious party could exploit the vulnerabilities to launch attacks that could result in the following categories of damage: Denial-of-Service DoS. Access to sensitive data Access to system data Manipulation of data Remote code execution...

9.8CVSS7.7AI score0.99999EPSS
Exploits105References40
NCSC
NCSC
•added 2024/06/18 11:46 a.m.•17 views

Vulnerabilities fixed in VMware vCenter

VMware has fixed vulnerabilities in vCenter Server. A malicious party could exploit the vulnerabilities to grant themselves elevated privileges and execute arbitrary code on the server. For successful abuse, however, the malicious party must have access to the LAN infrastructure. VMware has...

9.8CVSS8AI score0.22377EPSS
Exploits3References1
NCSC
NCSC
•added 2023/11/14 12:0 a.m.•17 views

Vulnerabilities fixed in Microsoft System Center

Microsoft has fixed vulnerabilities in System Center. A malicious party could exploit the vulnerabilities to gain elevated permissions or gain access to sensitive data. For successful abuse, the malicious party needs local access. Open Management Infrastructure:...

7.8CVSS8.8AI score0.01399EPSS
Exploits0
NCSC
NCSC
•added 2023/10/12 12:0 a.m.•17 views

Vulnerabilities fixed in Adobe Bridge and Photoshop

Adobe has fixed vulnerabilities in Photoshop and Bridge. A malicious party could exploit the vulnerabilities to execute attacks that could lead to the execution of arbitrary code with the victim's privileges. In order for the code to be executed in order for the code to be executed, the malicious...

7.8CVSS7.1AI score0.00435EPSS
Exploits0
NCSC
NCSC
•added 2023/04/25 12:0 a.m.•17 views

Vulnerabilities fixed in Zyxel Firewalls and Access Points

Zyxel has fixed vulnerabilities in the firmware of several USG, APT, VPN and ZyWall systems. A malicious party can exploit the vulnerabilities exploit them for attacks that can result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Remote code execution...

9.8CVSS7.8AI score0.99284EPSS
Exploits8
NCSC
NCSC
•added 2023/03/14 12:0 a.m.•17 views

Vulnerabilities fixed in Siemens products

Siemens has fixed vulnerabilities in SCALANCE, among others, RuggedCom, SIMATIC, SIPROTEC and Mendix. The vulnerabilities allow a malicious party potentially capable of carrying out attacks that lead to the following categories of damage: Denial-of-Service DoS. Accessing sensitive data Bypassing...

10CVSS7.5AI score0.94921EPSS
Exploits204
NCSC
NCSC
•added 2022/10/28 12:0 a.m.•17 views

Vulnerabilities fixed in Apple iOS and iPadOS

Apple has fixed vulnerabilities in iOS and iPadOS. The vulnerabilities potentially allow a malicious person to launch attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Circumvention of security measure Remote code execution Administrator/Root rights...

9.8CVSS7AI score0.1593EPSS
Exploits2
NCSC
NCSC
•added 2022/03/23 12:0 a.m.•17 views

Vulnerabilities fixed in HP printers

HP has fixed vulnerabilities in several printers. The vulnerabilities allow an unauthenticated malicious person with network access to the printer to execute arbitrary code execute arbitrary code, cause a denial-of-service, or access gain access to sensitive information. HP has released updates t...

10CVSS7.6AI score0.07022EPSS
Exploits0
NCSC
NCSC
•added 2021/11/30 12:0 a.m.•17 views

Vulnerabilities fixed in IBM MQ

IBM has fixed several vulnerabilities in MQ. A malicious person could potentially exploit the vulnerabilities locally to cause a denial-of-service, gain access to sensitive data or execute arbitrary code under the user's privileges. IBM has released updates to fix the vulnerability. More...

8.2CVSS7.8AI score0.00646EPSS
Exploits0
NCSC
NCSC
•added 2021/11/22 12:0 a.m.•17 views

Vulnerabilities fixed in Wind River Linux

Vulnerabilities have been fixed in Wind River Linux. The vulnerabilities allow a malicious person to carry out attacks execute attacks that lead to the following categories of damage: Denial-of-Service DoS Circumvention of security measure Remote code execution Administrator/Root rights Remote co...

9.8CVSS7.2AI score0.58373EPSS
Exploits46
NCSC
NCSC
•added 2021/11/02 12:0 a.m.•17 views

Vulnerabilities fixed in Google Android

Vulnerabilities have been fixed in Google Android. The vulnerabilities allow a malicious person to carry out attacks execute attacks that lead to the following categories of damage: Denial-of-Service DoS Remote code execution Administrator/Root rights Access to sensitive data Increased user...

10CVSS7.8AI score0.04447EPSS
Exploits2
NCSC
NCSC
•added 2021/10/13 12:0 a.m.•17 views

Vulnerability fixed in SonicOS

SonicWall has fixed a vulnerability in SonicOS. A malicious party could potentially exploit the vulnerability to send a user on the vulnerable SonicWall system via a header redirection to a rogue website under the control of the malicious party's control. However, the rogue website and the...

6.1CVSS6.9AI score0.13041EPSS
Exploits4
NCSC
NCSC
•added 2021/09/03 12:0 a.m.•17 views

Vulnerabilities fixed in Dell EMC NetWorker

Dell has fixed two vulnerabilities in EMC NetWorker. A malicious party with user rights on the NetWorker server could access sensitive data on NetWorker clients via path-traveral. data on NetWorker clients. Dell has released updates to fix the vulnerabilities in EC Networker 19.4.0.4. Also, Dell...

6.8CVSS6.9AI score0.00929EPSS
Exploits0
NCSC
NCSC
•added 2021/08/30 12:0 a.m.•17 views

Vulnerabilities fixed in Wind River Linux

Wind River has found and fixed vulnerabilities in Wind River Linux. The vulnerabilities potentially enable a malicious person to able to perform attacks that result in the following categories of damage: Denial-of-Service DoS Remote code execution User Rights Access to sensitive data Access to...

9.8CVSS7.7AI score0.87816EPSS
Exploits63
NCSC
NCSC
•added 2021/08/04 12:0 a.m.•18 views

Vulnerabilities fixed in ElasticSearch

Elastic has fixed vulnerabilities in the Elastic Stack. A authenticated malicious person could exploit the vulnerabilities to obtain sensitive information or bypass a security measure. The vulnerabilities are located in Elasticsearch itself and in the Elastic App Search API. Elastic has released...

8.8CVSS6.7AI score0.01004EPSS
Exploits0
NCSC
NCSC
•added 2021/04/29 12:0 a.m.•17 views

Vulnerability fixed in Moxa NPort 5110 firmware

Moxa has fixed a vulnerability in the NP5110 firmware. The vulnerability potentially allows a malicious party to use the device to forward IP traffic to network segments that the initially did not have access to because the NPort devices facilitated IP forwarding. Moxa has released updates to fix...

7.5CVSS6.9AI score0.06908EPSS
Exploits0
NCSC
NCSC
•added 2021/03/31 12:0 a.m.•17 views

Vulnerability fixed in Foxit products

A vulnerability has been fixed in Foxit products. The vulnerability allows an unauthenticated remote malicious person able to cause a denial-of-service with potentially the execution of arbitrary code under privileges of the victim. To do this, the malicious party must induce the victim to open a...

7.8CVSS7.4AI score0.02692EPSS
Exploits0
NCSC
NCSC
•added 2020/12/08 12:0 a.m.•17 views

Vulnerabilities fixed in Microsoft Office

Microsoft has fixed several vulnerabilities in Microsoft Office and Microsoft SharePoint. The vulnerabilities allow a malicious potentially able to launch attacks that result in the following categories of damage: Bypassing security measure; Executing arbitrary code under user privileges; Spoofin...

10CVSS7.6AI score0.04131EPSS
Exploits3
NCSC
NCSC
•added 2020/09/11 12:0 a.m.•17 views

Vulnerabilities fixed in Apache ActiveMQ

Apache has fixed vulnerabilities in Apache ActiveMQ. The vulnerabilities potentially allow a malicious party to impersonate pose as a legitimate server trusted by the user. This allows the malicious party to gain access to data sent by the victim was sent encrypted. The victim is under the...

9.8CVSS7.2AI score0.51225EPSS
Exploits0
NCSC
NCSC
•added 2020/09/10 12:0 a.m.•17 views

Vulnerability found in BIG-IP

F5 has found a vulnerability in BIG-IP. The vulnerability enables an unauthenticated remote malicious party to opportunity to decrypt TLS-encrypted messages. The malicious party must perform a rogue TLS handshake to do so. BIG-IP categorizes this vulnerability according to the CVSSv3 method with ...

5.9CVSS6.9AI score0.01206EPSS
Exploits0
NCSC
NCSC
•added 2026/06/11 8:15 a.m.•16 views

Vulnerabilities in Adobe ColdFusion

Adobe has addressed several vulnerabilities in Adobe ColdFusion versions 2023.19, 2025.8, and earlier versions. These vulnerabilities include improper input validation, which allows arbitrary code to be executed without user interaction. There is also a path traversal vulnerability that enables...

10CVSS6.3AI score0.08871EPSS
Exploits0References1
NCSC
NCSC
•added 2026/06/10 12:2 p.m.•16 views

Veeam Backup & Replication’s vulnerability handling capabilities

Veeam has identified a vulnerability in Backup & Replication. This vulnerability allows an authenticated domain user to execute remote code on the Backup Server. As a result, an attacker with domain credentials can exploit this vulnerability to gain control over backup operations. This is a...

9.4CVSS8.5AI score0.02042EPSS
Exploits0References1
NCSC
NCSC
•added 2026/06/09 6:35 p.m.•16 views

Vulnerabilities in Microsoft Exchange

Microsoft has patched vulnerabilities in Exchange, both on-premise and online versions. A malicious individual could exploit these vulnerabilities to impersonate other users and access sensitive data. Additionally, a malicious actor could execute arbitrary code. The most severe vulnerability...

9.1CVSS5.8AI score0.01015EPSS
Exploits0
NCSC
NCSC
•added 2026/06/05 8:34 a.m.•16 views

The vulnerability was exploited in SolarWinds Serv-U.

SolarWinds has identified a vulnerability in Serv-U. A malicious individual could exploit this vulnerability to cause a Denial-of-Service attack by sending a specially crafted POST message. SolarWinds has released a hotfix and published mitigation measures to address this vulnerability and preven...

7.5CVSS5.5AI score0.10659EPSS
Exploits2References2
NCSC
NCSC
•added 2026/05/29 12:26 p.m.•16 views

Vulnerabilities in Oracle E-Business Suite components

Oracle has discovered vulnerabilities in various components of the Oracle E-Business Suite, including Oracle Payments, Oracle Internet Procurement Connector, Oracle Financials Common Modules, Oracle iAssets, Oracle Public Sector Financials International, Oracle Universal Work Queue, Oracle Payrol...

9.9CVSS5.8AI score0.00677EPSS
Exploits2References1
NCSC
NCSC
•added 2026/05/15 12:8 p.m.•16 views

The vulnerability was exploited in Exim.

The developers of Exim introduced a vulnerability in the Exim Mail Transfer Agent versions prior to 4.99.3. This vulnerability involves a use-after-free in the BDAT body parsing process, specifically when certain GnuTLS backend configurations are used. An unauthorized attacker can exploit this...

9.8CVSS6.4AI score0.01225EPSS
Exploits2References4
NCSC
NCSC
•added 2026/05/12 12:18 p.m.•16 views

Vulnerabilities found in Apple iOS and iPadOS

Apple has addressed several vulnerabilities in various versions of iOS and iPadOS. These vulnerabilities involve incorrect memory management mechanisms, such as use-after-free, buffer overflows, out-of-bounds reads and writes, race conditions, type confusion, null pointer dereferences, and...

8.8CVSS7.2AI score0.07112EPSS
Exploits4References5
NCSC
NCSC
•added 2026/03/12 7:3 a.m.•16 views

Vulnerabilities fixed in Adobe Acrobat Reader

Adobe has fixed vulnerabilities in Adobe Acrobat Reader versions up to 25.001.21265. The vulnerabilities include a Use After Free vulnerability that can be exploited to achieve arbitrary code execution. This vulnerability is triggered when a user opens a maliciously crafted file. In addition, the...

7.8CVSS5.9AI score0.00352EPSS
Exploits0References1
NCSC
NCSC
•added 2026/02/10 7:8 p.m.•16 views

Vulnerabilities fixed in Microsoft Azure

Microsoft has fixed vulnerabilities in several Azure components. A malicious party could exploit the vulnerabilities to impersonate another user, potentially grant themselves elevated privileges and thus execute arbitrary code or gain access to sensitive data. Of the vulnerabilities labeled...

9.8CVSS6.1AI score0.02344EPSS
Exploits0
NCSC
NCSC
•added 2026/01/22 9:22 a.m.•16 views

Vulnerability fixed in Palo Alto Networks PAN OS

Palo Alto Networks has fixed a vulnerability in PAN-OS. The vulnerability is in the way PAN-OS handles certain requests. Unauthenticated attackers can cause a denial-of-service DoS by repeatedly sending requests, which can cause the firewall to go into maintenance mode, disrupting normal...

8.7CVSS5.5AI score0.00674EPSS
Exploits0References1
NCSC
NCSC
•added 2026/01/22 9:3 a.m.•16 views

Vulnerabilities fixed in Atlassian products

Atlassian has fixed vulnerabilities in several products, which use Oracle middle-ware products such as the Oracle Utilities Application Framework, WebLogic Server, Data Integrator and Business Intelligence Enterprise Edition. These vulnerabilities allow unauthenticated attackers to perform a deni...

10CVSS8.3AI score0.79807EPSS
Exploits19References1
NCSC
NCSC
•added 2026/01/21 10:12 a.m.•16 views

Vulnerabilities fixed in Oracle JD Edwards

Oracle has fixed vulnerabilities in Oracle JD Edwards EnterpriseOne Tools. The vulnerabilities in Oracle JD Edwards EnterpriseOne Tools allow unauthenticated attackers to access critical data and compromise systems. Oracle has released updates to address the vulnerabilities. See attached referenc...

8.1CVSS6.7AI score0.26049EPSS
Exploits6References1
NCSC
NCSC
•added 2026/01/21 10:11 a.m.•16 views

Vulnerabilities fixed in Oracle Java

Oracle has fixed vulnerabilities in Oracle Java SE. The vulnerabilities, particularly in the JavaFX component, allow unauthenticated attackers to compromise systems through untrusted code, which can lead to denial of service DoS attacks and unauthorized access to sensitive data. Exploitation of...

8.8CVSS5.6AI score0.01067EPSS
Exploits4References1
NCSC
NCSC
•added 2026/01/08 12:28 p.m.•16 views

Vulnerabilities fixed in Hanwha camera systems

Hanwha has fixed vulnerabilities in several camera systems, including issues with XML validation, certificate validation, permissions management for guest accounts, video analytics and hard-coded encryption key. The vulnerabilities include an issue with the validation of incoming XML requests,...

9.3CVSS7.1AI score0.00369EPSS
Exploits0References1
NCSC
NCSC
•added 2025/12/02 1:25 p.m.•16 views

Vulnerabilities fixed in Google Android and Samsung Mobile

Google has fixed vulnerabilities in Android. Samsung has fixed vulnerabilities relevant to Samsung mobile in Samsung mobile. The vulnerabilities are primarily related to improper input validation, which can result in system crashes and remote denial of service attacks via malicious base stations...

9.8CVSS7.8AI score0.00591EPSS
Exploits5References2
NCSC
NCSC
•added 2025/11/03 8:17 a.m.•16 views

Vulnerabilities fixed in IBM QRadar SIEM

IBM has fixed vulnerabilities in IBM QRadar SIEM Specific to Version 7.5.0 Update Pack 13 Independent Fix 02. The vulnerabilities include a stored cross-site scripting XSS vulnerability that allows authenticated users to inject JavaScript into the Web interface. This can lead to compromise of use...

8.5CVSS6AI score0.00163EPSS
Exploits0References2
NCSC
NCSC
•added 2025/10/23 2:13 p.m.•16 views

Vulnerabilities fixed in Oracle PeopleSoft

Oracle has fixed vulnerabilities in Oracle PeopleSoft Specifically for versions 8.60, 8.61, 8.62 and 9.2. The vulnerabilities in Oracle PeopleSoft allow attackers to gain unauthorized access to sensitive data and can lead to data manipulation. This includes vulnerabilities that allow both low- an...

9.4CVSS7AI score0.02164EPSS
Exploits15References1
NCSC
NCSC
•added 2025/06/18 8:1 a.m.•16 views

Vulnerabilities fixed in Apache Tomcat

Apache has fixed vulnerabilities in Apache Tomcat Specifically for versions 11.0.0-M1 to 11.0.7, 10.1.0-M1 to 10.1.41, and 9.0.0-M1 to 9.0.105. The vulnerabilities include denial-of-service due to insufficient limits on multipart headers, lack of resource allocation without limits, untrusted sear...

8.7CVSS7.9AI score0.64718EPSS
Exploits1References3
NCSC
NCSC
•added 2025/05/14 8:21 a.m.•16 views

Vulnerabilities fixed in Adobe Animate

Adobe has fixed vulnerabilities in Animate versions 24.0.8, 23.0.11 and earlier. The vulnerabilities include a critical vulnerability that allows arbitrary code execution via an out-of-bounds write, a NULL Pointer Dereference that can lead to application crashes, and several integer-related...

7.8CVSS8.2AI score0.00235EPSS
Exploits0References1
NCSC
NCSC
•added 2025/02/14 8:46 a.m.•16 views

Vulnerabilities fixed in Siemens products

Siemens has fixed vulnerabilities in several products such as APOGEE, Opcenter, RUGGEDCOM, SCALANCE, SIMATIC, SIPROTEC and Teamcenter. The vulnerabilities potentially enable a malicious person to carry out attacks that could lead to the following categories of damage: - Denial-of-Service DoS -...

10CVSS7.5AI score0.99654EPSS
Exploits64References14
NCSC
NCSC
•added 2024/11/18 11:18 a.m.•16 views

Vulnerability fixed in Adobe Photoshop

Adobe has fixed a vulnerability in Photoshop Specifically for versions 24.7.3, 25.11 and earlier. The vulnerability is in the way Adobe Photoshop handles certain files. A malicious party could exploit this vulnerability by tricking a user into opening a malicious file, which could lead to the...

7.8CVSS7.3AI score0.00299EPSS
Exploits0References1
NCSC
NCSC
•added 2024/09/13 8:42 a.m.•16 views

Vulnerabilities fixed in Citrix Workspace App for Windows

Citrix has fixed vulnerabilities in the Citrix Workspace App for Windows. A local malicious person could exploit the vulnerabilities to grant themselves elevated privileges and potentially execute code with SYSTEM privileges. Citrix has released updates to fix the vulnerabilities. See attached...

7.3CVSS7.4AI score0.00246EPSS
Exploits1References1
NCSC
NCSC
•added 2024/04/18 12:0 a.m.•16 views

Vulnerabilities fixed in Oracle Database Products

Oracle has fixed vulnerabilities in several Database Server products. A malicious party can exploit the vulnerabilities to perform attacks that could result in the following categories of damage: Denial-of-Service DoS Manipulation of data Circumvention of security measure Access to sensitive data...

10CVSS6.9AI score0.99999EPSS
Exploits68
NCSC
NCSC
•added 2024/02/09 12:0 a.m.•16 views

Vulnerabilities fixed in Fortinet FortiOS

Fortinet has fixed vulnerabilities in FortiOS. A unauthenticated malicious party could exploit the vulnerabilities to cause a denial-of-service, or to execute arbitrary code execute arbitrary code on the vulnerable system. Also, a malicious party could potentially gain access to the FortiLink...

9.8CVSS8AI score0.99999EPSS
Exploits39
NCSC
NCSC
•added 2024/01/22 12:0 a.m.•16 views

Vulnerability fixed in VMware Tanzu Spring Framework

VMWare Tanzu has fixed a vulnerability in Spring Framework. An unauthenticated malicious person could exploit the vulnerability to cause a denial-of-service on an application running in the framework. The prerequisite for successful exploitation is that the application uses of the...

7.5CVSS7.5AI score0.01048EPSS
Exploits0
NCSC
NCSC
•added 2023/08/21 12:0 a.m.•16 views

Vulnerabilities fixed in IBM Cognos Analytics

IBM has fixed vulnerabilities in Cognos Analytics. A malicious party could exploit the vulnerabilities to perform a Server-Site-Request-Forgery attack in order to collect system information without prior authorizations to collect system information. Also, a malicious party could potentially execu...

7.3CVSS7.5AI score0.01411EPSS
Exploits0
NCSC
NCSC
•added 2023/07/13 12:0 a.m.•16 views

Vulnerabilities fixed in FortiNet FortiOS and FortiProxy

FortiNet has fixed vulnerabilities in FortiOS and FortiProxy. A malicious party could exploit the vulnerabilities to execute arbitrary execute arbitrary code on the vulnerable system, or under specific circumstances to take over a user's session. The vulnerability with attribute CVE-2023-33308...

9.8CVSS7.8AI score0.01873EPSS
Exploits0
NCSC
NCSC
•added 2023/06/13 12:0 a.m.•16 views

Vulnerabilities fixed in Zoom

Zoom has fixed vulnerabilities in the Zoom client for Windows and macOS. A malicious party could exploit the vulnerabilities to cause a denial-of-service, to grant themselves elevated privileges granted or gain access to sensitive information. Zoom has released updates to fix the vulnerabilities ...

8.8CVSS7AI score0.00983EPSS
Exploits0
NCSC
NCSC
•added 2023/06/01 12:0 a.m.•16 views

Vulnerabilities fixed in IBM QRadar Wincollect Agent

IBM has fixed vulnerabilities in the Wincollect Agent of QRadar. A local malicious person could exploit the vulnerabilities to grant themselves elevated privileges and execute arbitrary code execute code with permissions from the underlying system. IBM has released updates to fix the...

8.2CVSS7.3AI score0.00203EPSS
Exploits0
Total number of security vulnerabilities4190