Lucene search
K
NcscMost viewed

4190 matches found

NCSC
NCSC
•added 2026/03/04 8:54 a.m.•13 views

Vulnerabilities fixed in VMware Aria Operations

Broadcom has fixed vulnerabilities in VMware Aria Operations. The vulnerabilities include privilege escalation, stored cross-site scripting XSS and command injection. The privilege escalation vulnerability could allow an attacker to gain elevated privileges, which could affect system integrity an...

9CVSS5.9AI score0.17424EPSS
Exploits0References2
NCSC
NCSC
•added 2026/02/06 9:25 a.m.•13 views

Vulnerability fixed in SmarterTools SmarterMail

SmarterTools has fixed vulnerabilities in SmarterMail. A malicious party could exploit the vulnerabilities to bypass authentication and execute arbitrary code with administrator privileges, and possibly SYSTEM. For successful abuse, the malicious party must have access to the API interface...

9.8CVSS6.2AI score0.96268EPSS
Exploits3References1
NCSC
NCSC
•added 2026/01/21 10:12 a.m.•13 views

Vulnerabilities fixed in Oracle MySQL

Oracle has fixed vulnerabilities in several Oracle MySQL components. The vulnerabilities allow highly privileged attackers to remotely exploit the server, which can lead to server crashes and denial of service. This problem can be exploited by attackers with network access, underscoring the need...

7.7CVSS5.7AI score0.73495EPSS
Exploits8References1
NCSC
NCSC
•added 2026/01/21 9:25 a.m.•13 views

Vulnerabilities fixed in Oracle Communications products

Oracle has fixed vulnerabilities in Oracle Communications products. The vulnerabilities allow attackers to gain unauthorized access to the system, which can lead to data manipulation and partial denial-of-service. Attackers can exploit these vulnerabilities via HTTP requests, potentially resultin...

10CVSS6.8AI score0.86767EPSS
Exploits34References1
NCSC
NCSC
•added 2025/12/10 2:59 p.m.•13 views

Vulnerabilities fixed in Adobe Experience Manager

Adobe has fixed vulnerabilities in Adobe Experience Manager. Most of the fixed vulnerabilities involve Cross-Site Scripting XSS, which can lead to execution of arbitrary code or increase user privileges. This does require user interaction. The vulnerability with reference CVE-2025-64540 concerns ...

9.3CVSS6.9AI score0.00698EPSS
Exploits0References1
NCSC
NCSC
•added 2025/11/21 4:3 p.m.•13 views

Vulnerabilities fixed in Oracle Fusion Middleware

Oracle has fixed vulnerabilities in Oracle Fusion Middleware components. The vulnerabilities allow unauthenticated attackers to access critical data over HTTP, which can lead to partial denial-of-service. The severity of these vulnerabilities is underscored by CVSS scores of 7.5, indicating...

9.8CVSS6.9AI score0.88312EPSS
Exploits10References1
NCSC
NCSC
•added 2025/11/15 2:57 p.m.•13 views

Vulnerability fixed in Fortinet FortiWeb

Fortinet has fixed a vulnerability in FortiWeb. Fortinet has fixed a vulnerability in FortiWeb. The vulnerability marked CVE-2025-64446 involves a relative path traversal vulnerability and allows an unauthenticated remote attacker to execute administrative commands via specially crafted HTTP...

9.8CVSS7AI score0.89177EPSS
Exploits17References5
NCSC
NCSC
•added 2025/10/23 1:26 p.m.•13 views

Vulnerabilities fixed in Oracle Enterprise Manager

Oracle fixed vulnerabilities in Enterprise Manager The vulnerabilities allow unauthorized attackers to gain access to sensitive data and can lead to denial-of-service DoS attacks. Specifically, the vulnerability in Oracle Enterprise Manager's Security Framework can be exploited by unauthenticated...

8.7CVSS6.7AI score0.64718EPSS
Exploits7References1
NCSC
NCSC
•added 2025/10/23 1:23 p.m.•13 views

Vulnerabilities fixed in Oracle E-Business Suite

Oracle has fixed vulnerabilities in Oracle E-Business Suite Specifically for versions 12.2.3 to 12.2.14. The vulnerabilities are in several components of Oracle E-Business Suite, including iStore, Product Hub, Workflow, Applications Manager, and Marketing. These vulnerabilities allow...

9.8CVSS7AI score0.00652EPSS
Exploits4References1
NCSC
NCSC
•added 2025/10/15 6:13 a.m.•13 views

Vulnerabilities fixed in Veeam Backup & Replication

Veeam has fixed vulnerabilities in Veeam Backup & Replication. The vulnerabilities are in Veeam Backup & Replication's Mount service and Backup Server, both of which are vulnerable to remote code execution RCE by authenticated domain users. This can lead to unauthorized access and manipulation of...

9.9CVSS8.1AI score0.00976EPSS
Exploits0References1
NCSC
NCSC
•added 2025/09/30 8:31 a.m.•13 views

Vulnerability fixed in IBM InfoSphere

IBM has fixed a vulnerability in InfoSphere Versions 11.7.0.0 to 11.7.1.6 The vulnerability is in how input is validated in affected versions of InfoSphere. Authenticated users can exploit this vulnerability to execute arbitrary commands with elevated privileges. This could lead to unauthorized...

8.8CVSS7.3AI score0.00417EPSS
Exploits0References1
NCSC
NCSC
•added 2025/08/28 8:36 a.m.•13 views

Vulnerabilities fixed in Cisco NX-OS Software

Cisco has fixed vulnerabilities in Cisco NX-OS Software Specifically for Nexus 3000 and 9000 Series Switches. The vulnerabilities are in several features of the Cisco NX-OS Software. A vulnerability in the command-line interface CLI allows authenticated local malicious actors to perform command...

7.4CVSS7.1AI score0.03221EPSS
Exploits0References4
NCSC
NCSC
•added 2025/08/12 1:3 p.m.•13 views

Vulnerabilities fixed in Siemens products

Siemens has fixed vulnerabilities in several products such as SIMATIC, SINEC, SIMAC, RUGGEDCOM, SIMOTION, SINAMICS, SIPROTEC and SINUMERIK. The vulnerabilities potentially enable a malicious person to carry out attacks that can lead to the following categories of damage: Denial-of-Service DoS...

9.8CVSS8.6AI score0.01253EPSS
Exploits2References12
NCSC
NCSC
•added 2025/06/30 12:58 p.m.•13 views

Vulnerabilities fixed in Adobe InDesign Desktop

Adobe has fixed vulnerabilities in InDesign Desktop Specifically for versions ID20.2, ID19.5.3, and earlier. The vulnerabilities include a Heap-based Buffer Overflow, Use After Free, NULL Pointer Dereference, and out-of-bounds read, all of which can lead to arbitrary code execution or disclosure ...

7.8CVSS7.8AI score0.00286EPSS
Exploits0References1
NCSC
NCSC
•added 2025/05/08 6:56 a.m.•13 views

Vulnerabilities fixed in SysAid On-Prem

SysAid has fixed vulnerabilities in SysAid On-Prem Versions up to 23.3.40 The vulnerability is in the unauthenticated XML External Entity XXE present in SysAid On-Prem versions up to 23.3.40. This vulnerability allows attackers to exploit the system without authentication. This can lead to...

9.8CVSS8.9AI score0.79475EPSS
Exploits4References1
NCSC
NCSC
•added 2024/07/19 7:34 a.m.•13 views

Vulnerabilities fixed in Apache HTTP Server

Two vulnerabilities have been fixed in Apache HTTP server 2.4. The first vulnerability CVE-2024-40725 can lead to source code leakage when files are accessed indirectly. The second vulnerability CVE-2024-40898 involves a Server Side Request Forgery SSRF that can be abused by a malicious person to...

9.1CVSS8.6AI score0.04134EPSS
Exploits5References3
NCSC
NCSC
•added 2024/05/16 12:45 p.m.•13 views

Vulnerability fixed in Adobe Dreamweaver

Adobe has fixed a vulnerability in Dreamweaver. A malicious party could exploit the vulnerability to execute an OS Command Injection, thus executing arbitrary code on the underlying system. Adobe has released updates to fix the vulnerability in Dreamweaver 21.4. For more information, see attached...

7.8CVSS7.7AI score0.00865EPSS
Exploits0References1
NCSC
NCSC
•added 2024/03/12 12:0 a.m.•13 views

Vulnerabilities fixed in Siemens products

Siemens has fixed vulnerabilities in various products such as. Cerberus, Ruggedcom, SCALANCE, Sentron, SIMATIC, Sinema, Sinteso, Siveillance and Solid Edge. The vulnerabilities allow a malicious party potentially able to launch attacks that could lead to the following categories of damage:...

10CVSS7AI score0.99999EPSS
Exploits86
NCSC
NCSC
•added 2023/04/13 12:0 a.m.•13 views

Vulnerabilities fixed in Juniper JunOS

Juniper has fixed vulnerabilities in JunOS. A malicious person can exploit the vulnerabilities to carry out attacks that can lead to the following categories of damage: Denial-of-Service DoS. Circumvention of security measure Remote code execution Administrator/Root rights Remote code execution...

9.8CVSS8.2AI score0.99931EPSS
Exploits41
NCSC
NCSC
•added 2022/11/08 12:0 a.m.•13 views

Vulnerabilities fixed in Microsoft Windows

Microsoft has fixed vulnerabilities in several components of Windows. The vulnerabilities allow a malicious party to perform attacks that result in the following categories of damage: Denial-of-Service DoS Circumvention of security measure Remote code execution User rights Access to sensitive dat...

8.8CVSS8.5AI score0.24623EPSS
Exploits1
NCSC
NCSC
•added 2022/11/08 12:0 a.m.•13 views

Vulnerabilities fixed in Microsoft Developer Tools

Vulnerabilities have been fixed in Microsoft Developer Tools. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Remote code execution User rights. Access to sensitive data Increased user privileges The table below...

7.8CVSS9.3AI score0.01336EPSS
Exploits1
NCSC
NCSC
•added 2022/10/12 12:0 a.m.•13 views

Vulnerabilities fixed in Microsoft Office

Vulnerabilities have been fixed in the Microsoft Office. The vulnerabilities allow a malicious party to perform attacks that result in the following categories of damage: Remote code execution User Rights Spoofing Access to sensitive data The tables below provide an overview of the vulnerabilitie...

8.8CVSS7.2AI score0.76397EPSS
Exploits1
NCSC
NCSC
•added 2022/09/13 12:0 a.m.•13 views

Vulnerabilities fixed in Microsoft Office products

Microsoft has fixed vulnerabilities in several Office products. A malicious party could exploit the vulnerabilities to execute arbitrary code in the context of the application. To execute code in Office and Visio, the malicious party does not need prior authentication, but needs to trick the vict...

8.8CVSS7.3AI score0.52885EPSS
Exploits5
NCSC
NCSC
•added 2022/09/13 12:0 a.m.•13 views

Vulnerabilities fixed in Siemens products

Siemens has fixed vulnerabilities in RUGGEDCOM, SCALANCE and SIMATIC products. The vulnerabilities allow a malicious party potentially able to launch attacks that lead to the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Circumvention of authentication. Remote co...

9.8CVSS6.9AI score0.78675EPSS
Exploits19
NCSC
NCSC
•added 2022/04/20 12:0 a.m.•13 views

Vulnerabilities fixed in Oracle Supply Chain

Oracle has fixed vulnerabilities in the following Supply Chain products: Advanced Supply Chain Planning Transportation Management Autovue for Agile Product Lifecycle Management. Agile Engineering Data Management Agile PLM MCAD Connector Agile PLM Framework Product Lifecycle Analytics The...

9.8CVSS9.9AI score0.99677EPSS
Exploits113
NCSC
NCSC
•added 2022/04/20 12:0 a.m.•13 views

Vulnerabilities fixed Oracle Communications Applications

Oracle has fixed vulnerabilities in the following products: Communications Billing and Revenue Management Communications ASAP Communications IP Service Activator Communications MetaSolv Solution Communications Order and Service Management Communications Design Studio Communications Network...

10CVSS9AI score0.97906EPSS
Exploits19
NCSC
NCSC
•added 2022/02/08 12:0 a.m.•13 views

Vulnerabilities fixed in Google Android

Vulnerabilities have been fixed in Google Android. The vulnerabilities allow a malicious person to carry out attacks execute attacks that can lead to the following categories of damage: Denial-of-Service DoS Access to sensitive data Increased user privileges The vulnerability with attribute...

10CVSS7.5AI score0.05927EPSS
Exploits0
NCSC
NCSC
•added 2022/01/19 12:0 a.m.•13 views

Vulnerabilities fixed in Oracle Communications

Oracle has fixed vulnerabilities in the following products: Communications Services Gatekeeper Communications Service Broker Communications Session Border Controller Enterprise Session Border Controller Enterprise Communications Broker Communications Operations Monitor Communications Interactive...

9.8CVSS7.4AI score0.99999EPSS
Exploits74
NCSC
NCSC
•added 2021/11/09 12:0 a.m.•13 views

Vulnerabilities fixed in Microsoft Developer Tools

Microsoft has fixed multiple vulnerabilities in Visual Studio and Visual Studio Code. The vulnerabilities allow a malicious person able to execute arbitrary code under the privileges of the user and obtain elevated privileges. Below is a summary of the various vulnerabilities described by compone...

9.8CVSS8.5AI score0.87816EPSS
Exploits1
NCSC
NCSC
•added 2021/10/20 12:0 a.m.•13 views

Vulnerabilities fixed in Oracle Communications products

Oracle has fixed vulnerabilities in the following Communications products: Communications Services Gatekeeper Communications Converged Application Server - Service Controller Communications Session Border Controller Enterprise Communications Broker Communications Operations Monitor Communications...

9.9CVSS8.6AI score0.99999EPSS
Exploits143
NCSC
NCSC
•added 2021/08/27 12:0 a.m.•13 views

Vulnerability fixed in NetApp Clustered Data ONTAP

NetApp has fixed a vulnerability in the BSD sub-layer of Clustered Data ONTAP. The vulnerability is located in the ipv6 impelementation and potentially allows a malicious party to cause a denial-of-service exploit. NetApp has released updates to fix the vulnerability in Clustered Data ONTAP. For...

7.5CVSS6.8AI score0.01221EPSS
Exploits0
NCSC
NCSC
•added 2021/04/21 12:0 a.m.•13 views

Vulnerabilities fixed in Oracle Siebel CRM

Vulnerabilities have been fixed in Oracle Siebel CRM. The vulnerabilities allow a malicious party to conduct attacks execute attacks that result in the following categories of damage: Remote code execution User rights. Access to sensitive data...

8.1CVSS8.6AI score0.88077EPSS
Exploits14
NCSC
NCSC
•added 2021/04/01 12:0 a.m.•13 views

Vulnerabilities fixed in Oracle Linux

Oracle has fixed multiple vulnerabilities in the Unbreakable Enterprise kernel for Oracle Enterprise Linux. The vulnerabilities potentially enable a local, authenticated malicious agent to execute attacks that result in the following categories of damage: Denial-of-Service DoS Remote code executi...

8.8CVSS8.1AI score0.06563EPSS
Exploits6
NCSC
NCSC
•added 2021/02/25 12:0 a.m.•13 views

Vulnerabilities fixed in Cisco Nexus 9000 series

Cisco has fixed vulnerabilities in Nexus 9000 Series Fabric Switches. The vulnerabilities allow an unauthenticated remote malicious party able to cause a denial-of-service cause and to bypass a security measure. Cisco categorizes these vulnerabilities according to the CVSSv3 method with a highest...

8.6CVSS6.8AI score0.01476EPSS
Exploits0
NCSC
NCSC
•added 2021/01/06 12:0 a.m.•13 views

Multiple vulnerabilities fixed in F5 BIG-IP products

Multiple vulnerabilities have been identified in F5 BIG-IP, an external malicious person could exploit them to create a denial of service condition, spoofing, execution of external code, data manipulation, cross-site scripting and trigger security restrictions on the targeted system. F5 has...

9.8CVSS7.3AI score0.99019EPSS
Exploits23
NCSC
NCSC
•added 2020/09/18 12:0 a.m.•13 views

Vulnerability fixed in Samba

Ubuntu has fixed a vulnerability in Samba. The vulnerability potentially allows a malicious party to obtain domain administrator rights. The vulnerability with reference CVE-2020-1472 in Samba in that case should be exploited in conjunction with a vulnerable Microsoft domain controller to be...

10CVSS6.4AI score0.99512EPSS
Exploits75
NCSC
NCSC
•added 2020/04/15 12:0 a.m.•13 views

Multiple vulnerabilities fixed in Oracle Java SE

Oracle has fixed several vulnerabilities in Oracle Java SE. A malicious party could potentially exploit the vulnerabilities to gain elevated privileges, to access potentially sensitive data or to launch a denial-of-service attack. An overview of the fixed vulnerabilities:...

8.3CVSS7.9AI score0.0623EPSS
Exploits0
NCSC
NCSC
•added 2026/06/12 7:45 a.m.•12 views

Vulnerabilities hidden in Fortinet FortiPortal

Fortinet identified a vulnerability in FortiPortal versions 7.0 through 7.4.7. The vulnerability relates to the FortiPortal API endpoints, where an external attacker with organizational user privileges could access sensitive network configuration data through specially crafted HTTP requests. Thes...

6.5CVSS5.4AI score0.00201EPSS
Exploits0References1
NCSC
NCSC
•added 2026/06/11 8:6 a.m.•12 views

Vulnerability handling in Fortinet FortiSandbox

Fortinet has identified a vulnerability in FortiSandbox versions 4.2 through 5.0.5, including FortiSandbox Cloud and FortiSandbox PaaS. The vulnerability involves OS command injection in the FortiSandbox’s webinterface. As a result, unauthorized attackers can execute arbitrary OS commands by...

9.8CVSS6.3AI score0.23393EPSS
Exploits0References1
NCSC
NCSC
•added 2026/05/13 9:23 a.m.•12 views

Vulnerabilities that can be addressed in Adobe Connect

Adobe has identified vulnerabilities in Adobe Connect versions 2025.9.15, 2025.8.157, and earlier versions. These vulnerabilities allow attackers to execute arbitrary code on the affected system. This can occur when users interact with malicious URLs or compromised web pages. The first...

9.6CVSS6.3AI score0.00635EPSS
Exploits0References1
NCSC
NCSC
•added 2026/05/12 5:53 p.m.•12 views

vulnerabilities handled in Microsoft Developer Tools

Microsoft has addressed vulnerabilities in various Developer Tools. A malicious individual could exploit these vulnerabilities to carry out attacks that can cause the following types of damage: - Denial-of-Service DoS attacks - Bypass of security measures - Execution of arbitrary code user rights...

10CVSS6.2AI score0.0243EPSS
Exploits0
NCSC
NCSC
•added 2026/04/14 11:37 a.m.•12 views

Vulnerabilities fixed in Siemens products

Siemens has fixed vulnerabilities in several products such as Analytics Toolkit, Ruggedcom, Industrial Edge Management Pro, SIDIS and TPM. The vulnerabilities potentially enable a malicious person to carry out attacks that can lead to the following categories of damage: - Denial-of-Service DoS -...

9.8CVSS7.3AI score0.73495EPSS
Exploits7References8
NCSC
NCSC
•added 2026/03/06 12:7 p.m.•12 views

Vulnerabilities fixed in Cisco Catalyst SD-WAN Manager

Cisco has fixed several vulnerabilities in the Cisco Catalyst SD-WAN Manager. The vulnerabilities are in the peering authentication mechanisms of the Cisco Catalyst SD-WAN Controller and Manager products. These vulnerabilities allow an unauthenticated remote attacker to bypass the authentication...

10CVSS6.5AI score0.57793EPSS
Exploits10References3
NCSC
NCSC
•added 2026/02/13 12:54 p.m.•12 views

Vulnerability fixed in BeyondTrust Remote Support

BeyondTrust has fixed a vulnerability in BeyondTrust Remote Support and some older versions of Privileged Remote Access. The vulnerability is in the software's pre-authentication, which allows unauthenticated attackers to execute operating system commands by sending specially crafted requests to...

9.9CVSS5.8AI score0.86091EPSS
Exploits11References1
NCSC
NCSC
•added 2026/02/10 7:4 p.m.•12 views

Vulnerability fixed in Microsoft Exchange

Microsoft has fixed a vulnerability in Exchange server. A malicious person could, without prior authentication, impersonate another user and thus gain access to sensitive data in the victim's context. Microsoft has made updates available that fix the described vulnerability. We recommend that you...

6.5CVSS5.5AI score0.09457EPSS
Exploits0
NCSC
NCSC
•added 2026/02/10 7:1 p.m.•12 views

Vulnerabilities fixed in Microsoft Windows

Microsoft has fixed vulnerabilities in Windows. A malicious party can exploit the vulnerabilities to carry out attacks that can lead to the following categories of damage: - Denial-of-Service DoS - Manipulation of data - Accessing sensitive data - Execution of arbitrary code user privileges -...

8.8CVSS5.9AI score0.25835EPSS
Exploits22
NCSC
NCSC
•added 2026/02/10 12:28 p.m.•12 views

Vulnerabilities fixed in SAP products

SAP has fixed vulnerabilities in several products, including SAP CRM, SAP S/4HANA, SAP NetWeaver Application Server ABAP, SAP Supply Chain Management, SAP BusinessObjects BI Platform, SAP Document Management System, SAP Commerce Cloud, and SAP Business Workflow. The vulnerabilities include code...

9.9CVSS7.6AI score0.0049EPSS
Exploits2References1
NCSC
NCSC
•added 2026/02/10 12:27 p.m.•12 views

Vulnerabilities fixed in Siemens products

Siemens has fixed vulnerabilities in various products such as Desigo, NX, Polarion, SENTRON, Simcenter, SINEC, SIPORT, Siveillance, Solid Edge, The vulnerabilities potentially enable a malicious person to carry out attacks that can lead to the following categories of damage: - Denial-of-Service D...

9.8CVSS8.4AI score0.78483EPSS
Exploits6References8
NCSC
NCSC
•added 2026/01/22 12:35 p.m.•12 views

Vulnerabilities fixed in GitLab Community Edition and Enterprise Edition

GitLab has fixed vulnerabilities in Community Edition CE and Enterprise Edition EE versions for 18.6.4, 18.7.2, and 18.8.2. Malicious parties can exploit the vulnerabilities to cause a denial-of-service DoS, or potentially gain access to sensitive data by bypassing security measures. GitLab has...

7.5CVSS5.5AI score0.00846EPSS
Exploits0References1
NCSC
NCSC
•added 2026/01/21 10:6 a.m.•12 views

Vulnerabilities fixed in Oracle Enterprise Manager

Oracle has fixed vulnerabilities in Oracle Enterprise Manager Base Platform and Oracle Application Testing Suite. The vulnerabilities allow unauthenticated attackers to gain unauthorized access, or can lead to a partial denial-of-service over HTTP. Oracle has released updates to fix the...

7.2CVSS8.4AI score0.02164EPSS
Exploits0References1
Total number of security vulnerabilities4190