4192 matches found
Vulnerabilities fixed in Oracle Communications
Vulnerabilities have been fixed in Oracle Communications products. A malicious party can exploit the vulnerabilities to launch attacks execute attacks that can result in the following categories of damage: Denial-of-Service DoS. Remote code execution Administrator/Root rights Remote code executio...
Vulnerabilities fixed in Microsoft Dynamics
Microsoft has fixed vulnerabilities in Power Apps and Dynamics. An authenticated malicious person could exploit the vulnerabilities to impersonate another user and execute arbitrary code execute arbitrary code with privileges of that user. Microsoft Power Apps:...
Vulnerabilities fixed in Juniper JunOS
Juniper has fixed vulnerabilities in JunOS. A malicious person can exploit the vulnerabilities to carry out attacks that can lead to the following categories of damage: Denial-of-Service DoS. Circumvention of security measure Remote code execution Administrator/Root rights Remote code execution...
Vulnerabilities fixed in Microsoft Windows
Microsoft has fixed vulnerabilities in several components of Windows. The vulnerabilities allow a malicious party to perform attacks that result in the following categories of damage: Denial-of-Service DoS Circumvention of security measure Remote code execution User rights Access to sensitive dat...
Vulnerabilities fixed in Oracle Fusion Middleware
Vulnerabilities have been fixed in Oracle Fusion Middleware. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution User rights Access to sensitive data...
Vulnerabilities fixed in Microsoft Office
Vulnerabilities have been fixed in the Microsoft Office. The vulnerabilities allow a malicious party to perform attacks that result in the following categories of damage: Remote code execution User Rights Spoofing Access to sensitive data The tables below provide an overview of the vulnerabilitie...
Vulnerability fixed in Apple iOS
Apple has fixed a vulnerability in iOS 16. A malicious person could potentially exploit the vulnerability to use a rogue email to effect a crash. At this time, very little information has been shared by Apple about the vulnerability. Also, nothing has been disclosed about possible active misuse a...
Vulnerabilities fixed in Microsoft Office products
Microsoft has fixed vulnerabilities in several Office products. A malicious party could exploit the vulnerabilities to execute arbitrary code in the context of the application. To execute code in Office and Visio, the malicious party does not need prior authentication, but needs to trick the vict...
Vulnerabilities fixed in IBM AIX
Vulnerabilities have been fixed in IBM AIX and VIOS. These vulnerabilities, in the Expat and BIND components, allow a malicious party to carry out attacks that result in the following categories of damage: Remote code execution User Rights Denial-of-Service DoS. Manipulation of data For these...
Vulnerability fixed in Microsoft Exchange Server
A vulnerability has been fixed in Microsoft Exchange Server. The vulnerability allows an authenticated malicious party to obtain obtain elevated privileges. To exploit the vulnerability the malicious party must have access to the Exchange Server and be authenticated with elevated privileges. If t...
Vulnerabilities fixed in IBM Cognos Analytics
Several vulnerabilities have been fixed in IBM Cognos Analytics. Most of the vulnerabilities are in third-party software components third-party software components included with IBM Cognos, including OpenSSL and Node.js. The vulnerabilities allow a malicious party to execute attacks that result i...
Vulnerabilities fixed in Oracle Supply Chain
Oracle has fixed vulnerabilities in the following Supply Chain products: Advanced Supply Chain Planning Transportation Management Autovue for Agile Product Lifecycle Management. Agile Engineering Data Management Agile PLM MCAD Connector Agile PLM Framework Product Lifecycle Analytics The...
Vulnerabilities fixed Oracle Communications Applications
Oracle has fixed vulnerabilities in the following products: Communications Billing and Revenue Management Communications ASAP Communications IP Service Activator Communications MetaSolv Solution Communications Order and Service Management Communications Design Studio Communications Network...
Vulnerabilities fixed in Google Android
Vulnerabilities have been fixed in Google Android. The vulnerabilities allow a malicious person to carry out attacks execute attacks that can lead to the following categories of damage: Denial-of-Service DoS Access to sensitive data Increased user privileges The vulnerability with attribute...
Vulnerabilities fixed in Microsoft Developer Tools
Microsoft has fixed multiple vulnerabilities in Visual Studio and Visual Studio Code. The vulnerabilities allow a malicious person able to execute arbitrary code under the privileges of the user and obtain elevated privileges. Below is a summary of the various vulnerabilities described by compone...
Vulnerabilities fixed in Oracle Communications products
Oracle has fixed vulnerabilities in the following Communications products: Communications Services Gatekeeper Communications Converged Application Server - Service Controller Communications Session Border Controller Enterprise Communications Broker Communications Operations Monitor Communications...
Vulnerabilities fixed in Cisco Nexus 9000 series
Cisco has fixed vulnerabilities in Nexus 9000 Series Fabric Switches. The vulnerabilities allow an unauthenticated remote malicious party able to cause a denial-of-service cause and to bypass a security measure. Cisco categorizes these vulnerabilities according to the CVSSv3 method with a highest...
Multiple vulnerabilities fixed in F5 BIG-IP products
Multiple vulnerabilities have been identified in F5 BIG-IP, an external malicious person could exploit them to create a denial of service condition, spoofing, execution of external code, data manipulation, cross-site scripting and trigger security restrictions on the targeted system. F5 has...
Vulnerability fixed in Samba
Ubuntu has fixed a vulnerability in Samba. The vulnerability potentially allows a malicious party to obtain domain administrator rights. The vulnerability with reference CVE-2020-1472 in Samba in that case should be exploited in conjunction with a vulnerable Microsoft domain controller to be...
Multiple vulnerabilities fixed in Oracle Java SE
Oracle has fixed several vulnerabilities in Oracle Java SE. A malicious party could potentially exploit the vulnerabilities to gain elevated privileges, to access potentially sensitive data or to launch a denial-of-service attack. An overview of the fixed vulnerabilities:...
Vulnerabilities found in Oracle Communications
Oracle has uncovered vulnerabilities in Oracle Communications. The vulnerabilities reside in two underlying products: SQLite and Log4j. These vulnerabilities were previously exploited by the developers of these products. Oracle has incorporated these updates into its own software. In SQLite, a...
Vulnerabilities hidden in Fortinet FortiPortal
Fortinet identified a vulnerability in FortiPortal versions 7.0 through 7.4.7. The vulnerability relates to the FortiPortal API endpoints, where an external attacker with organizational user privileges could access sensitive network configuration data through specially crafted HTTP requests. Thes...
Vulnerabilities that can be addressed in Adobe Connect
Adobe has identified vulnerabilities in Adobe Connect versions 2025.9.15, 2025.8.157, and earlier versions. These vulnerabilities allow attackers to execute arbitrary code on the affected system. This can occur when users interact with malicious URLs or compromised web pages. The first...
The vulnerability was exploited in Microsoft SQL Server
Microsoft has identified a vulnerability in SQL Server. A malicious individual with authorized access can exploit this vulnerability to execute arbitrary code under the control of the SQL Server. Microsoft has provided updates that address the described vulnerabilities. We recommend that you...
vulnerabilities handled in Microsoft Developer Tools
Microsoft has addressed vulnerabilities in various Developer Tools. A malicious individual could exploit these vulnerabilities to carry out attacks that can cause the following types of damage: - Denial-of-Service DoS attacks - Bypass of security measures - Execution of arbitrary code user rights...
Vulnerabilities fixed in Siemens products
Siemens has fixed vulnerabilities in several products such as Analytics Toolkit, Ruggedcom, Industrial Edge Management Pro, SIDIS and TPM. The vulnerabilities potentially enable a malicious person to carry out attacks that can lead to the following categories of damage: - Denial-of-Service DoS -...
Vulnerability fixed in Fortinet's FortiClient EMS
Fortinet has fixed a vulnerability in FortiClient EMS. The vulnerability involves improper access controls in FortiClient EMS. Unauthenticated attackers can bypass security controls by sending specially crafted requests and execute unauthorized code or commands. The vulnerability can be exploited...
Vulnerabilities fixed in Cisco Catalyst SD-WAN Manager
Cisco has fixed several vulnerabilities in the Cisco Catalyst SD-WAN Manager. The vulnerabilities are in the peering authentication mechanisms of the Cisco Catalyst SD-WAN Controller and Manager products. These vulnerabilities allow an unauthenticated remote attacker to bypass the authentication...
Vulnerability fixed in BeyondTrust Remote Support
BeyondTrust has fixed a vulnerability in BeyondTrust Remote Support and some older versions of Privileged Remote Access. The vulnerability is in the software's pre-authentication, which allows unauthenticated attackers to execute operating system commands by sending specially crafted requests to...
Vulnerability fixed in Microsoft Exchange
Microsoft has fixed a vulnerability in Exchange server. A malicious person could, without prior authentication, impersonate another user and thus gain access to sensitive data in the victim's context. Microsoft has made updates available that fix the described vulnerability. We recommend that you...
Vulnerabilities fixed in Microsoft Windows
Microsoft has fixed vulnerabilities in Windows. A malicious party can exploit the vulnerabilities to carry out attacks that can lead to the following categories of damage: - Denial-of-Service DoS - Manipulation of data - Accessing sensitive data - Execution of arbitrary code user privileges -...
Vulnerabilities fixed in SAP products
SAP has fixed vulnerabilities in several products, including SAP CRM, SAP S/4HANA, SAP NetWeaver Application Server ABAP, SAP Supply Chain Management, SAP BusinessObjects BI Platform, SAP Document Management System, SAP Commerce Cloud, and SAP Business Workflow. The vulnerabilities include code...
Vulnerabilities fixed in Siemens products
Siemens has fixed vulnerabilities in various products such as Desigo, NX, Polarion, SENTRON, Simcenter, SINEC, SIPORT, Siveillance, Solid Edge, The vulnerabilities potentially enable a malicious person to carry out attacks that can lead to the following categories of damage: - Denial-of-Service D...
Vulnerabilities fixed in Samsung mobile
Samsung has fixed vulnerabilities in several software components, including Emergency Sharing, KnoxGuard Manager, Settings, PACM, FacAtFunction, ShortcutService and Samsung Dialer, specific to the SMR Feb-2026 Release 1. The vulnerabilities are related to improper access management, improper...
Vulnerabilities fixed in GitLab Community Edition and Enterprise Edition
GitLab has fixed vulnerabilities in Community Edition CE and Enterprise Edition EE versions for 18.6.4, 18.7.2, and 18.8.2. Malicious parties can exploit the vulnerabilities to cause a denial-of-service DoS, or potentially gain access to sensitive data by bypassing security measures. GitLab has...
Vulnerabilities fixed in Oracle PeopleSoft
Oracle has fixed vulnerabilities in Oracle PeopleSoft. The vulnerabilities allow unauthenticated attackers to access and modify sensitive data. This can lead to unauthorized access and modifications to critical data, with CVSS scores ranging from 5.4 to 10.0, indicating moderate to significant ri...
Vulnerabilities fixed in Microsoft Azure
Microsoft has fixed vulnerabilities in several Azure components. A malicious party could exploit the vulnerabilities to impersonate another user and potentially grant themselves elevated privileges, in order to gain access to sensitive data or execute arbitrary code with elevated privileges. The...
Vulnerabilities fixed in Microsoft Office
Microsoft has fixed vulnerabilities in several Office products. A malicious party can exploit the vulnerabilities to carry out attacks that can lead to the following categories of damage: - Execution of arbitrary code User privileges - Accessing sensitive data - Obtaining elevated privileges -...
Zeroday vulnerabilities discovered in Microsoft SharePoint Server
Microsoft has released information about actively exploited zeroday vulnerabilities in on-premises versions of Microsoft SharePoint Server. SharePoint Online part of Microsoft 365 has not been affected. The zeroday vulnerabilities, marked CVE-2025-53770 and CVE-2025-53771, allow a malicious perso...
Vulnerabilities fixed in SonicWall SMA100
SonicWall has fixed vulnerabilities in the SMA100 series. The vulnerabilities are in the way the SMA100 series handles authenticated SSLVPN users. CVE-2025-32819 allows these users to bypass path-traversal controls and delete arbitrary files, which can lead to a reset of the device to factory...
Vulnerabilities fixed in Apple iOS and iPadOS
Apple has fixed several vulnerabilities in iOS and iPadOS. The vulnerabilities include memory management issues, unauthorized access to sensitive user data, and the ability for applications to escape their sandbox environments. These vulnerabilities could lead to unauthorized access, data...
Vulnerabilities fixed in Google Android and Samsung Mobile
Google has fixed vulnerabilities in Android. Included in this update are updates to closed-source components from Qualcomm, Imagination Technologies, Unisoc and MediaTek. Samsung has fixed vulnerabilities in Samsung Mobile that are relevant to Samsung mobile devices. The vulnerabilities include...
Vulnerabilities fixed in Microsoft Developer Tools
Microsoft has fixed vulnerabilities in several Developer Tools. A malicious person could exploit the vulnerabilities to cause a Denial-of-Service, grant themselves elevated privileges or execute arbitrary code with the victim's privileges. Successful exploitation requires the malicious party to...
Vulnerability fixed in SonicOS
A vulnerability has been fixed in SonicWall SonicOS IPSec. The vulnerability in SonicWall SonicOS IPSec allows an unauthenticated remote malicious person to cause Denial of Service DoS. SonicWall has made available a workaround and patch to fix the vulnerability. See the reference for more...
Vulnerabilities fixed in Oracle PeopleSoft
Vulnerabilities have been fixed in Oracle PeopleSoft. A malicious party can exploit the vulnerabilities to carry out attacks that can lead to the following categories of damage: Denial-of-Service DoS. Access to sensitive data Access to system data Manipulation of data Oracle has made updates...
Vulnerabilities fixed in Oracle MySQL
Vulnerabilities have been fixed in Oracle MySQL. A malicious party can exploit the vulnerabilities to carry out attacks that can lead to the following categories of damage: Denial-of-Service DoS. Access to sensitive data Access to system data Manipulation of data Remote code execution User rights...
Vulnerabilities fixed in Siemens products
Siemens has fixed vulnerabilities in several products, including SCALANCE, SICAM, Tecnomatix, SITOP and PowerSys. The vulnerabilities potentially enable a malicious person to carry out attacks that could lead to the following categories of damage: - Denial-of-Service DoS - Manipulation of data -...
Vulnerabilities fixed in PHP
Vulnerabilities have been fixed in PHP. A malicious person could exploit the vulnerabilities to execute arbitrary code with application privileges. The vulnerability with attribute CVE-2024-4577 is actually a re-entry of the vulnerability with attribute CVE-2012-1823. This vulnerability allows th...
Vulnerabilities fixed in Solarwinds Platform
Solarwinds has fixed vulnerabilities in Solarwinds Platform. A malicious party can exploit the vulnerabilities to cause a Denial-of-Service, execute a command injection, or perform a Cross-Site-Scripting attack. Such an attack can result in execution of arbitrary code in the victim's browser. For...
Vulnerabilities fixed in Aruba Networks ArubaOS
Aruba Networks fixed vulnerabilities in ArubaOS A malicious party could exploit the vulnerabilities to launch attacks that could lead to the following categories of damage: - Denial-of-Service DoS - Manipulation of data - Remote code execution Administrator/Root privileges - Access to system data...