Lucene search
K
NcscMost viewed

4190 matches found

NCSC
NCSC
added 2022/03/03 12:0 a.m.16 views

Vulnerability fixed in Elasticsearch and Kibana

Vulnerabilities have been fixed in Elasticsearch and Kibana. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Cross-Site Scripting XSS. Manipulation of data Increased user privileges Elastic has made updates...

6.1CVSS6.4AI score0.00909EPSS
Exploits0
NCSC
NCSC
added 2021/11/09 12:0 a.m.16 views

Vulnerability fixed in Microsoft Malware Protection Engine

Microsoft has fixed a vulnerability in the Microsoft Malware Protection Engine as used by Windows Defender and Microsoft System Center Endpoint Protection. The vulnerabilities allow a malicious person to execute arbitrary code. The following table lists the vulnerabilities...

9.3CVSS7.3AI score0.05462EPSS
Exploits0
NCSC
NCSC
added 2021/08/19 12:0 a.m.16 views

Vulnerabilities fixed in Cisco Expressway Series and TelePresence Video Communication Server

Vulnerabilities have been fixed in Cisco Expressway Series and TelePresence Video Communication Server. The vulnerabilities allow an authenticated remote malicious person to execute arbitrary code to execute under user privileges and under root privileges. Cisco has released updates to fix the...

9CVSS7AI score0.02395EPSS
Exploits0
NCSC
NCSC
added 2021/08/04 12:0 a.m.17 views

Vulnerabilities fixed in ElasticSearch

Elastic has fixed vulnerabilities in the Elastic Stack. A authenticated malicious person could exploit the vulnerabilities to obtain sensitive information or bypass a security measure. The vulnerabilities are located in Elasticsearch itself and in the Elastic App Search API. Elastic has released...

8.8CVSS6.7AI score0.01004EPSS
Exploits0
NCSC
NCSC
added 2021/07/21 12:0 a.m.16 views

Vulnerabilities fixed in Oracle Fusion Middleware products

Oracle has fixed vulnerabilities in several products in the Oracle Fusion product group. The vulnerabilities allow a malicious party potentially able to launch attacks that lead to the following categories of damage: Denial-of-Service DoS. Bypassing authentication Bypassing security measure Remot...

10CVSS7.5AI score0.97116EPSS
Exploits67
NCSC
NCSC
added 2021/05/06 12:0 a.m.16 views

Vulnerabilities fixed in Cisco Content Security Management Appliance

Vulnerabilities have been fixed in several Cisco security appliances. A malicious party could exploit the vulnerability to obtain sensitive information or to execute commands execute commands on the underlying system under root privileges. To exploit this latter vulnerability, the malicious party...

7.2CVSS7.2AI score0.01156EPSS
Exploits0
NCSC
NCSC
added 2021/05/04 12:0 a.m.16 views

Vulnerabilities fixed in Samsung products

Several vulnerabilities have been fixed in various Android-based products from Samsung. The vulnerabilities allow a malicious person, remotely or otherwise, to carry out attacks that lead to the following categories of damage: Manipulation of data Circumvention of security measure Remote code...

10CVSS8.8AI score0.06692EPSS
Exploits8
NCSC
NCSC
added 2021/04/29 12:0 a.m.16 views

Vulnerability fixed in Moxa NPort 5110 firmware

Moxa has fixed a vulnerability in the NP5110 firmware. The vulnerability potentially allows a malicious party to use the device to forward IP traffic to network segments that the initially did not have access to because the NPort devices facilitated IP forwarding. Moxa has released updates to fix...

7.5CVSS6.9AI score0.06908EPSS
Exploits0
NCSC
NCSC
added 2020/11/10 12:0 a.m.16 views

Vulnerabilities identified in GNU/Linux subsystem of Siemens SIMATIC S7-1500 CPU

Vulnerabilities have been identified in the GNU/Linux subsystem of Siemens SIMATIC S7-1500 CPU. The vulnerabilities allow a malicious person able to perform attacks leading to the following categories of damage: Denial-of-Service DoS. Manipulation of data Circumvention of security measure Remote...

10CVSS7.2AI score0.98745EPSS
Exploits76
NCSC
NCSC
added 2020/10/21 12:0 a.m.16 views

Vulnerabilities fixed in Oracle Database Server

Oracle has fixed vulnerabilities in the following Oracle Database products: Database - Enterprise Edition Text Spatial and Graph Application Express APEX SQL Developer The vulnerabilities allow a malicious person, whether or not unauthenticated and remote, potentially be able to launch attacks th...

9.8CVSS7.2AI score0.8904EPSS
Exploits16
NCSC
NCSC
added 2020/10/13 12:0 a.m.16 views

Vulnerabilities fixed in Microsoft Office products

Microsoft fixes multiple vulnerabilities in Microsoft Office and Sharepoint products. A malicious party could potentially exploit them to execute arbitrary code, to obtain elevated permissions, to gain access to sensitive data obtain access to sensitive data, to conduct a denial-of-service attack...

9.3CVSS6.9AI score0.70894EPSS
Exploits6
NCSC
NCSC
added 2026/06/29 8:2 a.m.15 views

Vulnerabilities handled in the n8n workflow automation platform

n8n has identified several vulnerabilities in the n8n workflow automation platform, particularly in versions 1.123.55, 2.24.0, 2.25.7, 2.26.1, and 2.26.2. These vulnerabilities affect various components of the n8n platform. Authorized users with workflow processing rights can exploit...

10CVSS5.9AI score0.00403EPSS
Exploits0References18
NCSC
NCSC
added 2026/06/09 6:45 p.m.15 views

Vulnerabilities present in Siemens products

Siemens has identified vulnerabilities in various products, including SCALANCE, SIMATIC, SINAMICS, SIPROTEC, and TIA Portal. These vulnerabilities pose a threat to malicious actors, who could exploit them to cause the following types of damage: - Denial-of-Service DoS attacks - Data manipulation ...

9.8CVSS7.3AI score0.47621EPSS
Exploits7References5
NCSC
NCSC
added 2026/06/09 6:15 p.m.15 views

Vulnerabilities in Microsoft Azure

Microsoft has addressed vulnerabilities in various Azure components. Malicious actors could exploit these vulnerabilities to impersonate other users, gain elevated privileges, execute arbitrary code, or potentially access sensitive data. The most severe vulnerability was found in HorizonDB and ha...

10CVSS5.7AI score0.00973EPSS
Exploits0
NCSC
NCSC
added 2026/05/21 7:55 a.m.15 views

Flattening of vulnerability issues within the Drupal core

Drupal has identified a vulnerability in the Drupal core versions starting from 8.9.0, specifically versions 10.x and 11.x. The vulnerability involves SQL injection in the Drupal’s database abstraction API. As a result, unauthorized malicious actors can execute arbitrary SQL injections on sites...

9.8CVSS6.2AI score0.84631EPSS
Exploits13References1
NCSC
NCSC
added 2026/05/13 11:39 a.m.15 views

Vulnerability concealment in Fortinet FortiAuthenticator

Fortinet has identified a vulnerability in FortiAuthenticator. This vulnerability relates to incorrect access control in FortiAuthenticator, allowing attackers to execute unauthorized code or commands. This occurs due to insufficient restrictions in the access control mechanism within the softwar...

9.8CVSS6.3AI score0.00551EPSS
Exploits0References1
NCSC
NCSC
added 2026/04/15 8:54 a.m.15 views

Microsoft Defender’s inability to address vulnerabilities

Microsoft has identified a vulnerability in System Center. A malicious individual could exploit this vulnerability by allowing Windows Defender to apply insufficient access control, thereby enabling an authorized attacker to escalate their privileges locally. UPDATE If Microsoft Defender...

7.8CVSS6.4AI score0.06749EPSS
Exploits3
NCSC
NCSC
added 2026/03/10 8:18 p.m.15 views

Vulnerability fixed in Microsoft Authenticator app

Microsoft has fixed a vulnerability in the Authenticator app for Android and iOS. A malicious party could exploit the vulnerability to gain access to sensitive data. Successful abuse requires the malicious party to trick the victim into installing a rogue app. This app can then be misused to...

5.5CVSS5.8AI score0.00603EPSS
Exploits0
NCSC
NCSC
added 2026/01/22 9:22 a.m.15 views

Vulnerability fixed in Palo Alto Networks PAN OS

Palo Alto Networks has fixed a vulnerability in PAN-OS. The vulnerability is in the way PAN-OS handles certain requests. Unauthenticated attackers can cause a denial-of-service DoS by repeatedly sending requests, which can cause the firewall to go into maintenance mode, disrupting normal...

8.7CVSS5.5AI score0.00674EPSS
Exploits0References1
NCSC
NCSC
added 2025/11/20 11:48 a.m.15 views

Vulnerabilities fixed in Arista EOS

Arista has fixed vulnerabilities in the Arista EOS platform. The vulnerabilities are related to the processing of malformed messages, which can lead to system crashes and denial-of-service conditions. High-privileged attackers can exploit these vulnerabilities, leading to severe operational...

7.1AI score0.00386EPSS
Exploits0References2
NCSC
NCSC
added 2025/10/08 1:3 p.m.15 views

Vulnerability fixed in Oracle E-Business Suite

Oracle has fixed a vulnerability in Oracle E-Business Suite Specifically for the Concurrent Processing component in versions 12.2.3 to 12.2.14. The vulnerability is located in the Concurrent Processing component of the Oracle E-Business Suite. Unauthenticated attackers can exploit this...

9.8CVSS6.9AI score0.99722EPSS
Exploits15References2
NCSC
NCSC
added 2025/07/08 6:23 p.m.15 views

Vulnerabilities fixed in Microsoft Windows

Microsoft has fixed vulnerabilities in Windows. A malicious party can exploit the vulnerabilities to carry out attacks that can lead to the following categories of damage: - Denial-of-Service DoS - Manipulation of data - Circumvention of a security measure - Execution of arbitrary code - Accessin...

9.8CVSS7.9AI score0.2188EPSS
Exploits15
NCSC
NCSC
added 2025/06/18 8:1 a.m.15 views

Vulnerabilities fixed in Apache Tomcat

Apache has fixed vulnerabilities in Apache Tomcat Specifically for versions 11.0.0-M1 to 11.0.7, 10.1.0-M1 to 10.1.41, and 9.0.0-M1 to 9.0.105. The vulnerabilities include denial-of-service due to insufficient limits on multipart headers, lack of resource allocation without limits, untrusted sear...

8.7CVSS7.9AI score0.64718EPSS
Exploits1References3
NCSC
NCSC
added 2025/03/11 12:30 p.m.15 views

Vulnerabilities fixed in Siemens products

Siemens has fixed vulnerabilities in various products such as SCALANCE, SIMATIC, SINAMICS, SINEMA, SiPass, Teamcenter and Tecnomatix. The vulnerabilities potentially enable a malicious person to carry out attacks that can lead to the following categories of damage: - Denial-of-Service DoS -...

9.8CVSS7.8AI score0.15379EPSS
Exploits0References11
NCSC
NCSC
added 2025/02/11 9:8 a.m.15 views

Vulnerabilities fixed in SAP products

SAP has fixed vulnerabilities in SAP NetWeaver, BusinessObjects Business Intelligence platform, Enterprise Project Connection and Commerce, among others. The vulnerabilities in SAP NetWeaver include a lack of access control, which allows unauthenticated attackers to gain access to sensitive serve...

9.8CVSS7.7AI score0.90709EPSS
Exploits9References1
NCSC
NCSC
added 2025/01/14 7:9 p.m.15 views

Vulnerabilities fixed in Microsoft Windows

Microsoft has fixed vulnerabilities in Windows. A malicious party can exploit the vulnerabilities to carry out attacks that can lead to the following categories of damage: - Denial of Service DoS - Circumvention of security measure - Execution of arbitrary code User Rights - Execution of arbitrar...

9.8CVSS9AI score0.80912EPSS
Exploits12
NCSC
NCSC
added 2024/12/11 8:53 a.m.15 views

Vulnerability fixed in Splunk Enterprise

Splunk has fixed a vulnerability in Splunk Enterprise and Splunk Secure Gateway. The vulnerability is in specific versions of Splunk Enterprise and Splunk Secure Gateway, allowing low-privileged users to remotely execute code without needing admin rights. Splunk has released updates to fix the...

8.8CVSS7.2AI score0.01084EPSS
Exploits0References1
NCSC
NCSC
added 2024/11/18 11:18 a.m.15 views

Vulnerability fixed in Adobe Photoshop

Adobe has fixed a vulnerability in Photoshop Specifically for versions 24.7.3, 25.11 and earlier. The vulnerability is in the way Adobe Photoshop handles certain files. A malicious party could exploit this vulnerability by tricking a user into opening a malicious file, which could lead to the...

7.8CVSS7.3AI score0.00299EPSS
Exploits0References1
NCSC
NCSC
added 2024/09/13 8:42 a.m.15 views

Vulnerabilities fixed in Citrix Workspace App for Windows

Citrix has fixed vulnerabilities in the Citrix Workspace App for Windows. A local malicious person could exploit the vulnerabilities to grant themselves elevated privileges and potentially execute code with SYSTEM privileges. Citrix has released updates to fix the vulnerabilities. See attached...

7.3CVSS7.4AI score0.00246EPSS
Exploits1References1
NCSC
NCSC
added 2024/04/18 12:0 a.m.15 views

Vulnerabilities fixed in Oracle Database Products

Oracle has fixed vulnerabilities in several Database Server products. A malicious party can exploit the vulnerabilities to perform attacks that could result in the following categories of damage: Denial-of-Service DoS Manipulation of data Circumvention of security measure Access to sensitive data...

10CVSS6.9AI score0.99999EPSS
Exploits68
NCSC
NCSC
added 2024/03/14 12:0 a.m.15 views

Vulnerabilities fixed in SAP products

SAP has fixed vulnerabilities in several SAP products, including Netweaver, HANA, Fiori and Business Objects. A malicious party can exploit the vulnerabilities to launch attacks execute attacks that can lead to the following categories of damage: Cross-Site Scripting XSS. Denial-of-Service DoS...

9.8CVSS7.5AI score0.99999EPSS
Exploits36
NCSC
NCSC
added 2024/03/07 12:0 a.m.15 views

Vulnerabilities fixed in GitLab Enterprise Edition and Community Edition

GitLab has fixed vulnerabilities in GitLab Enterprise Edition EE and Community Edition CE. A malicious party could vulnerabilities to exploit attacks that can result in the following categories of damage: Circumvention of security measure. Increased user privileges GitLab has released updates to...

8.1CVSS7AI score0.00706EPSS
Exploits2
NCSC
NCSC
added 2024/01/18 12:0 a.m.15 views

Vulnerabilities fixed in Oracle Hyperion

Oracle has fixed vulnerabilities in several Hyperion products. A malicious party can exploit the vulnerabilities to launch attacks execute attacks that can result in the following categories of damage: Denial-of-Service DoS. Data manipulation. Remote code execution User rights Access to sensitive...

9.8CVSS8.2AI score0.80819EPSS
Exploits20
NCSC
NCSC
added 2024/01/18 12:0 a.m.15 views

Vulnerabilities fixed in Oracle Java SE

Oracle has fixed vulnerabilities in several Java products. A malicious party can exploit the vulnerabilities to launch attacks execute attacks that can lead to the following categories of damage: Denial-of-Service DoS. Data manipulation. Remote code execution User rights Access to sensitive data...

7.5CVSS7.5AI score0.99999EPSS
Exploits20
NCSC
NCSC
added 2024/01/09 12:0 a.m.15 views

Vulnerabilities fixed in SAP products

SAP has fixed vulnerabilities in several products, including SAP, Netweaver, SAP GUI and HANA. A malicious person could exploit them to carry out attacks that can lead to the following categories of damage: Cross-Site Scripting XSS. Denial-of-Service DoS. Circumvention of security measure. Remote...

9.1CVSS7.3AI score0.99999EPSS
Exploits19
NCSC
NCSC
added 2023/12/13 12:0 a.m.15 views

Vulnerabilities fixed in SAP

SAP has fixed vulnerabilities in several products, including. Business Objects, SAP GUI, Master Data Governance, Netweaver and Solution Manager. A malicious party can exploit the vulnerabilities to carry out attacks that can lead to the following categories of damage: Cross-Site Scripting XSS...

9.8CVSS8.9AI score0.03307EPSS
Exploits2
NCSC
NCSC
added 2023/06/15 12:0 a.m.15 views

Vulnerability fixed in Citrix Virtual Apps and Deckstops

Citrix has fixed a vulnerability in the Virtual Delivery Agent for Virtual Apps and Desktops. An authenticated malicious party can exploit the vulnerability to launch applications and desktops for which it is not authorized. Citrix has released updates to fix the vulnerability in Virtual Apps and...

6.3CVSS6.9AI score0.00299EPSS
Exploits0
NCSC
NCSC
added 2023/02/23 12:0 a.m.15 views

Vulnerability fixed in VMware vRealize

VMware has fixed a vulnerability in vRealize Orchestrator and vRealize Automation. A malicious person with access to the Orchestrator could exploit the vulnerability for an XML External Entity XXE attack, potentially gaining access to sensitive data or grant themselves elevated privileges in the...

8.8CVSS7AI score0.01265EPSS
Exploits0
NCSC
NCSC
added 2022/12/13 12:0 a.m.15 views

Vulnerabilities fixed in Siemens products

Siemens has fixed vulnerabilities in Mendix, among others, Nucleus NET, RUGGEDCOM, SCALANCE, SICAM, SIMATIC, SIPROTEC and SIMATIC WinCC-OA. The vulnerabilities allow a malicious potentially able to launch attacks that result in the following categories of damage: Cross-Site Request Forgery XSRF...

10CVSS7.3AI score0.92488EPSS
Exploits47
NCSC
NCSC
added 2022/10/19 12:0 a.m.15 views

Vulnerabilities fixed in Oracle JD Edwards

Vulnerabilities have been fixed in Oracle JD Edwards. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution User rights Access to sensitive data Oracle ha...

10CVSS7.7AI score0.83223EPSS
Exploits6
NCSC
NCSC
added 2022/10/19 12:0 a.m.15 views

Vulnerabilities fixed in Oracle Communications

Vulnerabilities have been fixed in Oracle Communications. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Bypassing authentication Bypassing security measure Remote code...

10CVSS6.6AI score0.99019EPSS
Exploits233
NCSC
NCSC
added 2022/09/07 12:0 a.m.15 views

Vulnerabilities fixed in Android

Google has fixed vulnerabilities in the Android operating system. A malicious person could exploit them to cause the following categories of damage: Remote code execution Administrator/Root privileges Access to sensitive data Access to system data Increased user privileges To exploit the...

9.8CVSS6.1AI score0.04829EPSS
Exploits3
NCSC
NCSC
added 2022/07/20 12:0 a.m.15 views

Vulnerabilities fixed in Oracle Fusion Middleware

Oracle has fixed vulnerabilities in the following Fusion Middleware products: BI Publisher Business Intelligence Enterprise Edition Coherence Global Lifecycle Management NextGen OUI Framework HTTP Server Managed File Transfer Middleware Common Libraries and Tools Security Service SOA Suite...

9.8CVSS8.5AI score0.99677EPSS
Exploits126
NCSC
NCSC
added 2022/06/15 12:0 a.m.15 views

Vulnerabilities fixed in Intel processors

Vulnerabilities have been fixed in several Intel processors. The vulnerabilities allow a malicious person with local access to the processor to obtain sensitive data or cause a denial-of-service. Intel has released updates to fix the vulnerabilities. More information can be found on the pages...

5.5CVSS5.6AI score0.06451EPSS
Exploits0
NCSC
NCSC
added 2022/05/11 12:0 a.m.15 views

Vulnerabilities fixed in Adove InDesign

Adobe has fixed vulnerabilities in InDesign. The vulnerabilities allow a malicious person to execute arbitrary code execute with application privileges. To do this, the malicious party induces the victim to open a rogue file open. Adobe has released updates to fix the vulnerabilities. For more...

7.8CVSS7.4AI score0.00445EPSS
Exploits0
NCSC
NCSC
added 2022/05/10 12:0 a.m.15 views

Vulnerabilities fixed in Microsoft Developer Tools

Vulnerabilities have been fixed in Microsoft Developer Tools. The vulnerabilities allow a malicious party to cause a denial-of-service or to execute arbitrary code execute arbitrary code under the user's privileges. The vulnerability with reference CVE-2022-30129 allows a malicious person to...

8.8CVSS7.6AI score0.41717EPSS
Exploits1
NCSC
NCSC
added 2022/04/15 12:0 a.m.15 views

Vulnerability fixed in VMWare Cloud Director

A vulnerability has been fixed in VMWare Cloud Director. This vulnerability allows an authenticated outside attacker with network access to the VMWare Cloud Director tenant to execute execute arbitrary code and thereby gain access to the server. gain. VMWare has made updates available for VMware...

7.2CVSS7.4AI score0.0639EPSS
Exploits0
NCSC
NCSC
added 2022/03/14 12:0 a.m.15 views

Vulnerabilities fixed in IBM Spectrum Protect

IBM has fixed vulnerabilities in IBM Spectrum Protect and IBM Spectrum Protect Plus. The vulnerabilities allow a malicious able to launch attacks that result in the following categories of damage: Cross-Site Request Forgery XSRF. Denial-of-Service DoS. Manipulation of data Bypassing authenticatio...

9.8CVSS7.4AI score0.99295EPSS
Exploits242
NCSC
NCSC
added 2021/12/15 12:0 a.m.15 views

Vulnerabilities fixed in Red Hat OpenShift Logging

Red Hat has fixed vulnerabilities in OpenShift Logging. The vulnerabilities potentially allow a malicious party to launch attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Circumvention of security measure Remote code execution User rights Access to...

10CVSS7.3AI score0.99999EPSS
Exploits388
NCSC
NCSC
added 2021/07/30 12:0 a.m.15 views

Vulnerabilities fixed in Sophos UTM Up2Date

Sophos has fixed multiple vulnerabilities in Up2Date for Sophos UTM. A malicious party could potentially abuse it to cause a Denial-of-Service or to perform a execute a Cross-Site Scripting XSS attack. Such an attack can result in the execution of arbitrary script code in the browser used to visi...

7.5CVSS7.8AI score0.06968EPSS
Exploits5
Total number of security vulnerabilities4190