Lucene search
K
NcscMost viewed

4190 matches found

NCSC
NCSC
•added 2026/06/17 9:28 a.m.•14 views

Vulnerabilities in Oracle Fusion Middleware products

Oracle has identified several vulnerabilities in various products within the Oracle Fusion Middleware suite, including WebLogic Server, WebCenter Content, WebCenter Sites, WebCenter Portal, WebCenter Enterprise Capture, Identity Manager, Identity Manager Connector, Access Manager, Coherence,...

10CVSS5.9AI score0.00565EPSS
Exploits0References1
NCSC
NCSC
•added 2026/06/04 11:34 a.m.•14 views

Lack of transparency in Cisco Unified Communications Manager

Cisco has identified a vulnerability in Unified Communications Manager CM and Unified Communications Manager Session Management Edition CM SME. A malicious individual could exploit this vulnerability to carry out a Server-Side Request Forgery SSRF attack. Successful exploitation could result in t...

8.6CVSS5.8AI score0.41694EPSS
Exploits3References1
NCSC
NCSC
•added 2026/05/13 9:17 a.m.•14 views

Kwetsbaarheid verholpen in Cisco Crosswork Network Controller

Cisco has identified a vulnerability in the Cisco Crosswork Network Controller. This vulnerability involves a denial-of-service attack that can be exploited by unauthorized external attackers. The attack involves overwhelming the system with a large number of connection requests, causing services...

5.8AI score0.0031EPSS
Exploits0References1
NCSC
NCSC
•added 2026/05/12 5:53 p.m.•14 views

vulnerabilities present in Microsoft Office

Microsoft has identified vulnerabilities in various Office products. A malicious individual can exploit these vulnerabilities to impersonate another user or execute arbitrary code with the victim’s privileges, potentially accessing sensitive data within the context of the victim’s account. For...

9.6CVSS6.2AI score0.04421EPSS
Exploits0
NCSC
NCSC
•added 2026/03/05 9:36 a.m.•14 views

Vulnerabilities fixed in Kibana

Elastic has fixed vulnerabilities in Kibana. The vulnerabilities are in several components of Kibana. An authenticated user with view-only privileges can exploit an input validation flaw to cause a Denial of Service condition by sending specially crafted, misshapen payloads. This leads to excessi...

8.6CVSS6.1AI score0.00325EPSS
Exploits0References5
NCSC
NCSC
•added 2026/02/18 1:18 p.m.•14 views

Vulnerability fixed in Dell RecoverPoint for Virtual Machines

Dell has fixed a vulnerability in Dell RecoverPoint for Virtual Machines versions prior to 6.0.3.1 HF1. The vulnerability resides in hard-coded login credentials present in the software. This allows unauthenticated attackers on the same network to gain unauthorized access to the system. This coul...

10CVSS5.7AI score0.13131EPSS
Exploits1References3
NCSC
NCSC
•added 2026/02/13 1:24 p.m.•14 views

Vulnerabilities fixed in Apple macOS

Apple has fixed vulnerabilities in macOS, including versions Sequoia 15.7.4, Tahoe 26.3 and Sonoma 14.8.4. The vulnerabilities include memory corruption issues, unauthorized access to sensitive user data, and logging issues that could lead to unauthorized access to location information. The updat...

9CVSS5.6AI score0.22359EPSS
Exploits18References3
NCSC
NCSC
•added 2026/01/21 9:55 a.m.•14 views

Vulnerabilities fixed in Oracle Financial Services

Oracle has fixed vulnerabilities in several products, including Oracle Banking Liquidity Management, Oracle Financial Services Model Management and Oracle FLEXCUBE. The vulnerabilities in the Oracle products allow unauthenticated attackers to gain access to sensitive data and perpetrate...

9.3CVSS6.8AI score0.64718EPSS
Exploits5References1
NCSC
NCSC
•added 2025/10/23 1:20 p.m.•14 views

Vulnerabilities fixed in Oracle Communications products

Oracle has fixed several vulnerabilities in its Communications products, including Unified Assurance and Cloud Native Core. The vulnerabilities in Oracle Communications products allow malicious actors to gain unauthorized access, which can lead to partial or full Denial-of-Service DoS attacks...

9.8CVSS6.4AI score0.8496EPSS
Exploits40References1
NCSC
NCSC
•added 2025/10/08 1:3 p.m.•14 views

Vulnerability fixed in Oracle E-Business Suite

Oracle has fixed a vulnerability in Oracle E-Business Suite Specifically for the Concurrent Processing component in versions 12.2.3 to 12.2.14. The vulnerability is located in the Concurrent Processing component of the Oracle E-Business Suite. Unauthenticated attackers can exploit this...

9.8CVSS6.9AI score0.99722EPSS
Exploits15References2
NCSC
NCSC
•added 2025/09/26 7:0 a.m.•14 views

Vulnerabilities fixed in Zenitel ICX500 and ICX510 gateway

Zenitel has fixed vulnerabilities in the ICX500 and ICX510 gateway products. The vulnerabilities allow malicious parties to gain unauthorized access to the Billing Admin endpoint and execute arbitrary commands on the device. This can lead to serious compromise of device availability,...

8.8CVSS7.5AI score0.00258EPSS
Exploits0References1
NCSC
NCSC
•added 2025/06/12 11:4 a.m.•14 views

Vulnerabilities fixed in Fortinet FortiOS

Fortinet has fixed vulnerabilities in FortiOS. The vulnerabilities include improper certificate validation that allows attackers to connect to FortiClient via revoked certificates, leading to unauthorized access. In addition, there are vulnerabilities in session escalation and privilege managemen...

7.2CVSS7.5AI score0.01076EPSS
Exploits3References10
NCSC
NCSC
•added 2025/06/10 1:11 p.m.•14 views

Vulnerabilities fixed in Siemens products

Siemens has fixed vulnerabilities in several products such as RUGGEDCOM, SCALANCE, SIMATIC and Tecnomatix The vulnerabilities potentially enable a malicious person to carry out attacks that could lead to the following categories of damage: - Denial-of-Service DoS - Manipulation of data -...

9.9CVSS8.6AI score0.99999EPSS
Exploits183References6
NCSC
NCSC
•added 2025/04/01 8:41 a.m.•14 views

Vulnerabilities fixed in Apple macOS

Apple has fixed several vulnerabilities in macOS Specifically for Ventura 13.7.5, Sequoia 15.4 and Sonoma 14.7.5. The vulnerabilities include issues with unauthorized access to sensitive user data, logging issues, and vulnerabilities that allowed applications to obtain root privileges. These...

9.8CVSS7.5AI score0.18668EPSS
Exploits14References3
NCSC
NCSC
•added 2025/02/11 6:51 a.m.•14 views

Vulnerabilities fixed in F5 BIG-IP

F5 has fixed vulnerabilities in BIG-IP. A malicious party could exploit the vulnerabilities to launch attacks that could lead to the following categories of damage: - Denial-of-Service DoS. - Circumvention of a security measure - Execution of arbitrary code Root/admin - Execution of arbitrary cod...

9.8CVSS8.4AI score0.20743EPSS
Exploits19References11
NCSC
NCSC
•added 2024/08/06 9:25 a.m.•14 views

Vulnerabilities fixed in Google Android and Samsung Mobile

Google has fixed vulnerabilities in Android. A malicious party could exploit the vulnerabilities to cause a denial-of-service, or grant themselves elevated privileges on the device and thus execute arbitrary code, possibly with system privileges and gain access to sensitive data. Successful...

9.8CVSS7.8AI score0.02701EPSS
Exploits2References2
NCSC
NCSC
•added 2024/07/18 1:58 p.m.•14 views

Vulnerability fixed in HPE 3PAR Service Processor

A vulnerability has been fixed in HPE 3PAR Service Processor. An unauthenticated malicious person with access to the local network can exploit the vulnerability to bypass authentication. HPE has made an update available to fix the vulnerabilities. See the reference for more information...

9.8CVSS6.9AI score0.00624EPSS
Exploits0References2
NCSC
NCSC
•added 2024/02/19 12:0 a.m.•14 views

Vulnerabilities fixed in IBM Qradar

IBM has fixed vulnerabilities in Qradar and underlying components such as SIEM, Wincollect and Case Manager. A malicious person can exploit the vulnerabilities to launch attacks that can lead to the following categories of damage: Cross-Site Request Forgery XSRF. Cross-Site Scripting XSS...

9.8CVSS7AI score0.99999EPSS
Exploits62
NCSC
NCSC
•added 2024/01/22 12:0 a.m.•14 views

Vulnerabilities fixed in Lexmark printers

Lexmark has fixed vulnerabilities in the firmware of several printers. The vulnerabilities are located in the Postscript interpreter and allow a malicious person with the ability to print commands the ability to send arbitrary code execute arbitrary code on the vulnerable system. Lexmark has...

9.1CVSS7.7AI score0.00976EPSS
Exploits0
NCSC
NCSC
•added 2024/01/12 12:0 a.m.•14 views

Vulnerabilities fixed in GitLab Enterprise Edition and Community Edition

GitLab has fixed vulnerabilities in GitLab Community Edition CE and Enterprise Edition EE. A malicious party could vulnerabilities to exploit attacks that can result in the following categories of damage: Manipulation of data. Circumvention of security measure Remote code execution User rights...

10CVSS7.6AI score0.94955EPSS
Exploits16
NCSC
NCSC
•added 2023/12/19 12:0 a.m.•14 views

Vulnerabilities fixed in Zabbix

Vulnerabilities have been fixed in Zabbix. A malicious party can exploit the exploit the vulnerabilities to cause a Denial-of-Service, potentially execute arbitrary code with the privileges of the application, or use session hijacking to gain access to the data of a logged-in user. The developers...

9.8CVSS8AI score0.00873EPSS
Exploits0
NCSC
NCSC
•added 2023/08/09 12:0 a.m.•14 views

Vulnerabilities fixed in Adobe Dimension

Adobe has fixed vulnerabilities in Dimension. A malicious person could exploit the vulnerabilities to execute arbitrary code in the victim's scope, or to gain access to sensitive data in the victim's scope. For successful exploitation, the malicious party must trick the victim into opening a rogu...

7.8CVSS7.6AI score0.003EPSS
Exploits0
NCSC
NCSC
•added 2023/07/20 12:0 a.m.•14 views

Vulnerability fixed in Avaya Aura

Avaya has fixed a vulnerability in the Aura Device Services web service. An unauthenticated malicious person can exploit the exploit the vulnerability to execute arbitrary code with the permissions of the web service. Avaya has released updates to fix the vulnerability in Aura Device Services...

9.8CVSS7.8AI score0.03334EPSS
Exploits1
NCSC
NCSC
•added 2022/07/20 12:0 a.m.•14 views

Vulnerabilities fixed in Oracle Fusion Middleware

Oracle has fixed vulnerabilities in the following Fusion Middleware products: BI Publisher Business Intelligence Enterprise Edition Coherence Global Lifecycle Management NextGen OUI Framework HTTP Server Managed File Transfer Middleware Common Libraries and Tools Security Service SOA Suite...

9.8CVSS8.5AI score0.99677EPSS
Exploits126
NCSC
NCSC
•added 2022/07/12 12:0 a.m.•14 views

Vulnerabilities fixed in Microsoft Windows

Microsoft has fixed vulnerabilities in Windows. The vulnerabilities potentially enable a malicious person to launch attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS. Remote code execution Administrator/Root rights Remote code execution User rights...

8.8CVSS6.8AI score0.8834EPSS
Exploits5
NCSC
NCSC
•added 2022/06/15 12:0 a.m.•14 views

Vulnerabilities fixed in Intel processors

Vulnerabilities have been fixed in several Intel processors. The vulnerabilities allow a malicious person with local access to the processor to obtain sensitive data or cause a denial-of-service. Intel has released updates to fix the vulnerabilities. More information can be found on the pages...

5.5CVSS5.6AI score0.06451EPSS
Exploits0
NCSC
NCSC
•added 2022/06/14 12:0 a.m.•14 views

Vulnerability fixed in Siemens SCALANCE

A vulnerability has been fixed in Siemens SCALANCE. The vulnerability allows an unauthenticated remote malicious person capable of causing a denial-of-service. Siemens has released updates to fix the vulnerability. More information can be found on the page below:...

7.5CVSS6.8AI score0.00588EPSS
Exploits0
NCSC
NCSC
•added 2022/05/12 12:0 a.m.•14 views

Vulnerabilities fixed in IBM MQ

IBM has fixed multiple vulnerabilities in supporting software supplied with IBM MQ. The vulnerabilities are in Java, Eclipse Jetty and Websphere Liberty and were previously fixed in the individual products. A malicious party could potentially exploit the vulnerabilities to cause a...

9.8CVSS9.5AI score0.99298EPSS
Exploits16
NCSC
NCSC
•added 2022/03/14 12:0 a.m.•14 views

Vulnerabilities fixed in IBM Spectrum Protect

IBM has fixed vulnerabilities in IBM Spectrum Protect and IBM Spectrum Protect Plus. The vulnerabilities allow a malicious able to launch attacks that result in the following categories of damage: Cross-Site Request Forgery XSRF. Denial-of-Service DoS. Manipulation of data Bypassing authenticatio...

9.8CVSS7.4AI score0.99295EPSS
Exploits242
NCSC
NCSC
•added 2022/02/18 12:0 a.m.•14 views

Vulnerabilities fixed in snapd

Several vulnerabilities have been fixed in Canonical's snapd. The vulnerabilities allow a local malicious person to launch attacks execute attacks that result in the following categories of damage: Circumvention of security measure. Remote code execution Administrator/Root privileges Access to...

8.8CVSS7.2AI score0.00966EPSS
Exploits5
NCSC
NCSC
•added 2021/11/04 12:0 a.m.•14 views

Vulnerabilities fixed in Cisco Webex

Vulnerabilities have been fixed in Cisco Webex. The vulnerabilities marked CVE-2021-1500 and CVE-2021-40128 allow an unauthenticated remote malicious person able to trick a user to trick a user into opening a rogue Web page. The vulnerability with reference CVE-2021-40115 allows a malicious perso...

6.1CVSS6.4AI score0.00955EPSS
Exploits0
NCSC
NCSC
•added 2021/08/26 12:0 a.m.•14 views

Vulnerabilities fixed in Cisco NX-OS

Vulnerabilities have been fixed in Cisco NX-OS. A malicious person could potentially exploit the vulnerabilities to cause a denial-of-service cause. Both vulnerabilities are not exploitable with standard configuration. exploited. For the vulnerability with CVE attribute CVE-2021-1588 requires tha...

8.6CVSS7AI score0.01681EPSS
Exploits0
NCSC
NCSC
•added 2021/08/25 12:0 a.m.•14 views

Vulnerabilities fixed in F5 BIG-IP

Vulnerabilities have been fixed in F5 BIG-IP. The vulnerabilities allow a malicious party to launch attacks that lead to the following categories of damage: Cross-Site Request Forgery XSRF. Cross-Site Scripting XSS Denial-of-Service DoS. Remote code execution User Rights SQL Injection Access to...

9.9CVSS7.8AI score0.02215EPSS
Exploits0
NCSC
NCSC
•added 2021/07/21 12:0 a.m.•14 views

Vulnerabilities fixed in Oracle Supply Chain Products Suite

Oracle has fixed vulnerabilities in the following products within the Supply Chain Products Suite: Transportation Management Agile Engineering Data Management Agile PLM Framework An unauthenticated malicious person could potentially exploit them to cause a denial-of-service. In addition the...

7.8CVSS8.3AI score0.87553EPSS
Exploits1
NCSC
NCSC
•added 2021/02/26 12:0 a.m.•15 views

Vulnerability found in Rockwell Automation Logix Controllers

A vulnerability has been found in Rockwell Automation Logix Controllers. The vulnerability allows a malicious party to bypass authentication. After this, it is possible to modify the configuration of the vulnerable system and to execute arbitrary code execute. The attack should be performed from...

9.8CVSS7.2AI score0.25455EPSS
Exploits1
NCSC
NCSC
•added 2021/02/17 12:0 a.m.•14 views

Vulnerabilities fixed in Node.js

Vulnerabilities have been fixed in Node.js. The vulnerabilities allow a malicious person to perform attacks that lead to the following categories of damage: Denial-of-Service DoS. Circumvention of security measure Remote code execution User rights Access to system data -= Red Hat =- Red Hat has...

9.8CVSS8.9AI score0.69062EPSS
Exploits10
NCSC
NCSC
•added 2021/01/28 12:0 a.m.•14 views

Vulnerability fixed in Atlassian Bamboo

A vulnerability has been fixed in Atlassian Bamboo. A unauthenticated malicious person could exploit the vulnerability to obtain system data. Atlassian has released updates to fix the vulnerability in Bamboo. For more information, see: https://confluence.atlassian.com/bamboo...

5.3CVSS6.8AI score0.0111EPSS
Exploits0
NCSC
NCSC
•added 2021/01/14 12:0 a.m.•14 views

Vulnerabilities fixed in Oracle Unbreakable Enterprise kernel

Oracle has fixed vulnerabilities in the Unbreakable Enterprise kernel. The vulnerabilities allow a malicious party to perform attacks that result in the following categories of damage: Denial-of-Service DoS Circumvention of security measure Access to system data Increased user privileges -= Oracl...

8.8CVSS8.4AI score0.06692EPSS
Exploits1
NCSC
NCSC
•added 2020/12/08 12:0 a.m.•14 views

Vulnerabilities fixed in Siemens vulnerabilities

Vulnerabilities have been fixed in several Siemens products. The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Circumvention of security measure. Remote code execution Administrator/Root right...

10CVSS8.1AI score0.98745EPSS
Exploits13
NCSC
NCSC
•added 2020/10/30 12:0 a.m.•14 views

Vulnerability fixed in Nessus

A vulnerability has been fixed in Nessus. The vulnerability allows a local malicious person with valid login credentials on a Windows machine to execute arbitrary code under the user's privileges. Tenable has made updates available for Nessus to fix the vulnerability. More information can be foun...

7.8CVSS7.3AI score0.00392EPSS
Exploits0
NCSC
NCSC
•added 2026/06/11 8:12 a.m.•13 views

Vulnerabilities managed in Ivanti Endpoint Manager Mobile

Ivanti has identified several vulnerabilities in Ivanti Endpoint Manager Mobile. These vulnerabilities include an OS command injection vulnerability, where a remote attacker can execute arbitrary operating system commands with root privileges. Additionally, there is a vulnerability due to incorre...

7.2CVSS6.7AI score0.34454EPSS
Exploits0References1
NCSC
NCSC
•added 2026/06/09 6:40 p.m.•13 views

Flaws hidden in Microsoft Dynamics

Microsoft has identified a vulnerability in Dynamics on-premise. A malicious individual could exploit this vulnerability to gain increased privileges on the system. It is possible for a malicious person to gain privileges as a System Administrator. For successful exploitation, the malicious...

8.8CVSS5.5AI score0.0063EPSS
Exploits0
NCSC
NCSC
•added 2026/06/09 6:4 p.m.•13 views

vulnerabilities present in Microsoft Office

Microsoft has identified vulnerabilities in various Office products such as Sharepoint, Word, Project, and Excel. A malicious individual can exploit these vulnerabilities to carry out attacks that can cause various types of damage, as described in the tables below. For successful exploitation, th...

8.8CVSS7.3AI score0.01982EPSS
Exploits0
NCSC
NCSC
•added 2026/06/05 9:38 a.m.•13 views

Kwetsbaarheid verholpen in Cisco SD-WAN Manager

Cisco has identified a vulnerability in SD-WAN Manager, previously known as SD-WAN vManage. A malicious individual could exploit this vulnerability by uploading a specially crafted file to the affected system and thereby elevating their privileges to root user status. Cisco indicates that active...

7.8CVSS5.5AI score0.25323EPSS
Exploits2References1
NCSC
NCSC
•added 2026/03/10 8:15 p.m.•13 views

Vulnerabilities fixed in Microsoft Azure

Microsoft has fixed vulnerabilities in several Azure components. A malicious party could exploit the vulnerabilities to impersonate another user, grant themselves elevated privileges or gain access to sensitive data. Azure Entra ID: |----------------|------|-------------------------------------| ...

8.8CVSS5.8AI score0.01046EPSS
Exploits0
NCSC
NCSC
•added 2026/03/04 8:54 a.m.•13 views

Vulnerabilities fixed in VMware Aria Operations

Broadcom has fixed vulnerabilities in VMware Aria Operations. The vulnerabilities include privilege escalation, stored cross-site scripting XSS and command injection. The privilege escalation vulnerability could allow an attacker to gain elevated privileges, which could affect system integrity an...

9CVSS5.9AI score0.17424EPSS
Exploits0References2
NCSC
NCSC
•added 2026/02/06 9:25 a.m.•13 views

Vulnerability fixed in SmarterTools SmarterMail

SmarterTools has fixed vulnerabilities in SmarterMail. A malicious party could exploit the vulnerabilities to bypass authentication and execute arbitrary code with administrator privileges, and possibly SYSTEM. For successful abuse, the malicious party must have access to the API interface...

9.8CVSS6.2AI score0.96268EPSS
Exploits3References1
NCSC
NCSC
•added 2026/01/21 10:12 a.m.•13 views

Vulnerabilities fixed in Oracle MySQL

Oracle has fixed vulnerabilities in several Oracle MySQL components. The vulnerabilities allow highly privileged attackers to remotely exploit the server, which can lead to server crashes and denial of service. This problem can be exploited by attackers with network access, underscoring the need...

7.7CVSS5.7AI score0.73495EPSS
Exploits8References1
NCSC
NCSC
•added 2025/12/10 2:59 p.m.•13 views

Vulnerabilities fixed in Adobe Experience Manager

Adobe has fixed vulnerabilities in Adobe Experience Manager. Most of the fixed vulnerabilities involve Cross-Site Scripting XSS, which can lead to execution of arbitrary code or increase user privileges. This does require user interaction. The vulnerability with reference CVE-2025-64540 concerns ...

9.3CVSS6.9AI score0.00698EPSS
Exploits0References1
NCSC
NCSC
•added 2025/11/21 4:3 p.m.•13 views

Vulnerabilities fixed in Oracle Fusion Middleware

Oracle has fixed vulnerabilities in Oracle Fusion Middleware components. The vulnerabilities allow unauthenticated attackers to access critical data over HTTP, which can lead to partial denial-of-service. The severity of these vulnerabilities is underscored by CVSS scores of 7.5, indicating...

9.8CVSS6.9AI score0.88312EPSS
Exploits10References1
Total number of security vulnerabilities4190