Lucene search
K
NcscMost viewed

4192 matches found

NCSC
NCSC
•added 2023/07/19 12:0 a.m.•13 views

Vulnerabilities fixed in Oracle Communications

Vulnerabilities have been fixed in Oracle Communications products. A malicious party can exploit the vulnerabilities to launch attacks execute attacks that can result in the following categories of damage: Denial-of-Service DoS. Remote code execution Administrator/Root rights Remote code executio...

9.8CVSS7.9AI score0.99615EPSS
Exploits59
NCSC
NCSC
•added 2023/06/13 12:0 a.m.•13 views

Vulnerabilities fixed in Microsoft Dynamics

Microsoft has fixed vulnerabilities in Power Apps and Dynamics. An authenticated malicious person could exploit the vulnerabilities to impersonate another user and execute arbitrary code execute arbitrary code with privileges of that user. Microsoft Power Apps:...

5.4CVSS7.2AI score0.01488EPSS
Exploits0
NCSC
NCSC
•added 2023/04/13 12:0 a.m.•13 views

Vulnerabilities fixed in Juniper JunOS

Juniper has fixed vulnerabilities in JunOS. A malicious person can exploit the vulnerabilities to carry out attacks that can lead to the following categories of damage: Denial-of-Service DoS. Circumvention of security measure Remote code execution Administrator/Root rights Remote code execution...

9.8CVSS8.2AI score0.99931EPSS
Exploits41
NCSC
NCSC
•added 2022/11/08 12:0 a.m.•13 views

Vulnerabilities fixed in Microsoft Windows

Microsoft has fixed vulnerabilities in several components of Windows. The vulnerabilities allow a malicious party to perform attacks that result in the following categories of damage: Denial-of-Service DoS Circumvention of security measure Remote code execution User rights Access to sensitive dat...

8.8CVSS8.5AI score0.24623EPSS
Exploits1
NCSC
NCSC
•added 2022/10/19 12:0 a.m.•13 views

Vulnerabilities fixed in Oracle Fusion Middleware

Vulnerabilities have been fixed in Oracle Fusion Middleware. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution User rights Access to sensitive data...

9.8CVSS8.2AI score0.99298EPSS
Exploits23
NCSC
NCSC
•added 2022/10/12 12:0 a.m.•13 views

Vulnerabilities fixed in Microsoft Office

Vulnerabilities have been fixed in the Microsoft Office. The vulnerabilities allow a malicious party to perform attacks that result in the following categories of damage: Remote code execution User Rights Spoofing Access to sensitive data The tables below provide an overview of the vulnerabilitie...

8.8CVSS7.2AI score0.76397EPSS
Exploits1
NCSC
NCSC
•added 2022/10/11 12:0 a.m.•13 views

Vulnerability fixed in Apple iOS

Apple has fixed a vulnerability in iOS 16. A malicious person could potentially exploit the vulnerability to use a rogue email to effect a crash. At this time, very little information has been shared by Apple about the vulnerability. Also, nothing has been disclosed about possible active misuse a...

6.5CVSS6.2AI score0.008EPSS
Exploits0
NCSC
NCSC
•added 2022/09/13 12:0 a.m.•13 views

Vulnerabilities fixed in Microsoft Office products

Microsoft has fixed vulnerabilities in several Office products. A malicious party could exploit the vulnerabilities to execute arbitrary code in the context of the application. To execute code in Office and Visio, the malicious party does not need prior authentication, but needs to trick the vict...

8.8CVSS7.3AI score0.52885EPSS
Exploits5
NCSC
NCSC
•added 2022/07/29 12:0 a.m.•13 views

Vulnerabilities fixed in IBM AIX

Vulnerabilities have been fixed in IBM AIX and VIOS. These vulnerabilities, in the Expat and BIND components, allow a malicious party to carry out attacks that result in the following categories of damage: Remote code execution User Rights Denial-of-Service DoS. Manipulation of data For these...

10CVSS8AI score0.99999EPSS
Exploits358
NCSC
NCSC
•added 2022/05/11 12:0 a.m.•13 views

Vulnerability fixed in Microsoft Exchange Server

A vulnerability has been fixed in Microsoft Exchange Server. The vulnerability allows an authenticated malicious party to obtain obtain elevated privileges. To exploit the vulnerability the malicious party must have access to the Exchange Server and be authenticated with elevated privileges. If t...

8.2CVSS6.1AI score0.00842EPSS
Exploits0
NCSC
NCSC
•added 2022/04/25 12:0 a.m.•13 views

Vulnerabilities fixed in IBM Cognos Analytics

Several vulnerabilities have been fixed in IBM Cognos Analytics. Most of the vulnerabilities are in third-party software components third-party software components included with IBM Cognos, including OpenSSL and Node.js. The vulnerabilities allow a malicious party to execute attacks that result i...

9.8CVSS9.1AI score0.77385EPSS
Exploits30
NCSC
NCSC
•added 2022/04/20 12:0 a.m.•13 views

Vulnerabilities fixed in Oracle Supply Chain

Oracle has fixed vulnerabilities in the following Supply Chain products: Advanced Supply Chain Planning Transportation Management Autovue for Agile Product Lifecycle Management. Agile Engineering Data Management Agile PLM MCAD Connector Agile PLM Framework Product Lifecycle Analytics The...

9.8CVSS9.9AI score0.99677EPSS
Exploits113
NCSC
NCSC
•added 2022/04/20 12:0 a.m.•13 views

Vulnerabilities fixed Oracle Communications Applications

Oracle has fixed vulnerabilities in the following products: Communications Billing and Revenue Management Communications ASAP Communications IP Service Activator Communications MetaSolv Solution Communications Order and Service Management Communications Design Studio Communications Network...

10CVSS9AI score0.97906EPSS
Exploits19
NCSC
NCSC
•added 2022/02/08 12:0 a.m.•13 views

Vulnerabilities fixed in Google Android

Vulnerabilities have been fixed in Google Android. The vulnerabilities allow a malicious person to carry out attacks execute attacks that can lead to the following categories of damage: Denial-of-Service DoS Access to sensitive data Increased user privileges The vulnerability with attribute...

10CVSS7.5AI score0.05927EPSS
Exploits0
NCSC
NCSC
•added 2021/11/09 12:0 a.m.•13 views

Vulnerabilities fixed in Microsoft Developer Tools

Microsoft has fixed multiple vulnerabilities in Visual Studio and Visual Studio Code. The vulnerabilities allow a malicious person able to execute arbitrary code under the privileges of the user and obtain elevated privileges. Below is a summary of the various vulnerabilities described by compone...

9.8CVSS8.5AI score0.87816EPSS
Exploits1
NCSC
NCSC
•added 2021/10/20 12:0 a.m.•13 views

Vulnerabilities fixed in Oracle Communications products

Oracle has fixed vulnerabilities in the following Communications products: Communications Services Gatekeeper Communications Converged Application Server - Service Controller Communications Session Border Controller Enterprise Communications Broker Communications Operations Monitor Communications...

9.9CVSS8.6AI score0.99999EPSS
Exploits144
NCSC
NCSC
•added 2021/02/25 12:0 a.m.•13 views

Vulnerabilities fixed in Cisco Nexus 9000 series

Cisco has fixed vulnerabilities in Nexus 9000 Series Fabric Switches. The vulnerabilities allow an unauthenticated remote malicious party able to cause a denial-of-service cause and to bypass a security measure. Cisco categorizes these vulnerabilities according to the CVSSv3 method with a highest...

8.6CVSS6.8AI score0.01476EPSS
Exploits0
NCSC
NCSC
•added 2021/01/06 12:0 a.m.•13 views

Multiple vulnerabilities fixed in F5 BIG-IP products

Multiple vulnerabilities have been identified in F5 BIG-IP, an external malicious person could exploit them to create a denial of service condition, spoofing, execution of external code, data manipulation, cross-site scripting and trigger security restrictions on the targeted system. F5 has...

9.8CVSS7.3AI score0.99019EPSS
Exploits23
NCSC
NCSC
•added 2020/09/18 12:0 a.m.•13 views

Vulnerability fixed in Samba

Ubuntu has fixed a vulnerability in Samba. The vulnerability potentially allows a malicious party to obtain domain administrator rights. The vulnerability with reference CVE-2020-1472 in Samba in that case should be exploited in conjunction with a vulnerable Microsoft domain controller to be...

10CVSS6.4AI score0.99512EPSS
Exploits75
NCSC
NCSC
•added 2020/04/15 12:0 a.m.•13 views

Multiple vulnerabilities fixed in Oracle Java SE

Oracle has fixed several vulnerabilities in Oracle Java SE. A malicious party could potentially exploit the vulnerabilities to gain elevated privileges, to access potentially sensitive data or to launch a denial-of-service attack. An overview of the fixed vulnerabilities:...

8.3CVSS7.9AI score0.0623EPSS
Exploits0
NCSC
NCSC
•added 2026/06/17 8:50 a.m.•12 views

Vulnerabilities found in Oracle Communications

Oracle has uncovered vulnerabilities in Oracle Communications. The vulnerabilities reside in two underlying products: SQLite and Log4j. These vulnerabilities were previously exploited by the developers of these products. Oracle has incorporated these updates into its own software. In SQLite, a...

7.5CVSS5.5AI score0.00555EPSS
Exploits1References1
NCSC
NCSC
•added 2026/06/12 7:45 a.m.•12 views

Vulnerabilities hidden in Fortinet FortiPortal

Fortinet identified a vulnerability in FortiPortal versions 7.0 through 7.4.7. The vulnerability relates to the FortiPortal API endpoints, where an external attacker with organizational user privileges could access sensitive network configuration data through specially crafted HTTP requests. Thes...

6.5CVSS5.4AI score0.00201EPSS
Exploits0References1
NCSC
NCSC
•added 2026/05/13 9:23 a.m.•12 views

Vulnerabilities that can be addressed in Adobe Connect

Adobe has identified vulnerabilities in Adobe Connect versions 2025.9.15, 2025.8.157, and earlier versions. These vulnerabilities allow attackers to execute arbitrary code on the affected system. This can occur when users interact with malicious URLs or compromised web pages. The first...

9.6CVSS6.3AI score0.00635EPSS
Exploits0References1
NCSC
NCSC
•added 2026/05/12 5:53 p.m.•12 views

The vulnerability was exploited in Microsoft SQL Server

Microsoft has identified a vulnerability in SQL Server. A malicious individual with authorized access can exploit this vulnerability to execute arbitrary code under the control of the SQL Server. Microsoft has provided updates that address the described vulnerabilities. We recommend that you...

8.8CVSS6.2AI score0.00555EPSS
Exploits0
NCSC
NCSC
•added 2026/05/12 5:53 p.m.•12 views

vulnerabilities handled in Microsoft Developer Tools

Microsoft has addressed vulnerabilities in various Developer Tools. A malicious individual could exploit these vulnerabilities to carry out attacks that can cause the following types of damage: - Denial-of-Service DoS attacks - Bypass of security measures - Execution of arbitrary code user rights...

10CVSS6.2AI score0.0243EPSS
Exploits0
NCSC
NCSC
•added 2026/04/14 11:37 a.m.•12 views

Vulnerabilities fixed in Siemens products

Siemens has fixed vulnerabilities in several products such as Analytics Toolkit, Ruggedcom, Industrial Edge Management Pro, SIDIS and TPM. The vulnerabilities potentially enable a malicious person to carry out attacks that can lead to the following categories of damage: - Denial-of-Service DoS -...

9.8CVSS7.3AI score0.73495EPSS
Exploits7References8
NCSC
NCSC
•added 2026/04/04 1:49 p.m.•12 views

Vulnerability fixed in Fortinet's FortiClient EMS

Fortinet has fixed a vulnerability in FortiClient EMS. The vulnerability involves improper access controls in FortiClient EMS. Unauthenticated attackers can bypass security controls by sending specially crafted requests and execute unauthorized code or commands. The vulnerability can be exploited...

9.8CVSS6AI score0.88505EPSS
Exploits8References1
NCSC
NCSC
•added 2026/03/06 12:7 p.m.•12 views

Vulnerabilities fixed in Cisco Catalyst SD-WAN Manager

Cisco has fixed several vulnerabilities in the Cisco Catalyst SD-WAN Manager. The vulnerabilities are in the peering authentication mechanisms of the Cisco Catalyst SD-WAN Controller and Manager products. These vulnerabilities allow an unauthenticated remote attacker to bypass the authentication...

10CVSS6.5AI score0.57793EPSS
Exploits11References3
NCSC
NCSC
•added 2026/02/13 12:54 p.m.•12 views

Vulnerability fixed in BeyondTrust Remote Support

BeyondTrust has fixed a vulnerability in BeyondTrust Remote Support and some older versions of Privileged Remote Access. The vulnerability is in the software's pre-authentication, which allows unauthenticated attackers to execute operating system commands by sending specially crafted requests to...

9.9CVSS5.8AI score0.88115EPSS
Exploits11References1
NCSC
NCSC
•added 2026/02/10 7:4 p.m.•12 views

Vulnerability fixed in Microsoft Exchange

Microsoft has fixed a vulnerability in Exchange server. A malicious person could, without prior authentication, impersonate another user and thus gain access to sensitive data in the victim's context. Microsoft has made updates available that fix the described vulnerability. We recommend that you...

6.5CVSS5.5AI score0.08619EPSS
Exploits0
NCSC
NCSC
•added 2026/02/10 7:1 p.m.•12 views

Vulnerabilities fixed in Microsoft Windows

Microsoft has fixed vulnerabilities in Windows. A malicious party can exploit the vulnerabilities to carry out attacks that can lead to the following categories of damage: - Denial-of-Service DoS - Manipulation of data - Accessing sensitive data - Execution of arbitrary code user privileges -...

8.8CVSS5.9AI score0.25835EPSS
Exploits22
NCSC
NCSC
•added 2026/02/10 12:28 p.m.•12 views

Vulnerabilities fixed in SAP products

SAP has fixed vulnerabilities in several products, including SAP CRM, SAP S/4HANA, SAP NetWeaver Application Server ABAP, SAP Supply Chain Management, SAP BusinessObjects BI Platform, SAP Document Management System, SAP Commerce Cloud, and SAP Business Workflow. The vulnerabilities include code...

9.9CVSS7.6AI score0.0049EPSS
Exploits2References1
NCSC
NCSC
•added 2026/02/10 12:27 p.m.•12 views

Vulnerabilities fixed in Siemens products

Siemens has fixed vulnerabilities in various products such as Desigo, NX, Polarion, SENTRON, Simcenter, SINEC, SIPORT, Siveillance, Solid Edge, The vulnerabilities potentially enable a malicious person to carry out attacks that can lead to the following categories of damage: - Denial-of-Service D...

9.8CVSS8.4AI score0.78483EPSS
Exploits6References8
NCSC
NCSC
•added 2026/02/09 7:48 a.m.•12 views

Vulnerabilities fixed in Samsung mobile

Samsung has fixed vulnerabilities in several software components, including Emergency Sharing, KnoxGuard Manager, Settings, PACM, FacAtFunction, ShortcutService and Samsung Dialer, specific to the SMR Feb-2026 Release 1. The vulnerabilities are related to improper access management, improper...

8.5CVSS6AI score0.00295EPSS
Exploits1References1
NCSC
NCSC
•added 2026/01/22 12:35 p.m.•12 views

Vulnerabilities fixed in GitLab Community Edition and Enterprise Edition

GitLab has fixed vulnerabilities in Community Edition CE and Enterprise Edition EE versions for 18.6.4, 18.7.2, and 18.8.2. Malicious parties can exploit the vulnerabilities to cause a denial-of-service DoS, or potentially gain access to sensitive data by bypassing security measures. GitLab has...

7.5CVSS5.5AI score0.00846EPSS
Exploits0References1
NCSC
NCSC
•added 2026/01/21 9:27 a.m.•12 views

Vulnerabilities fixed in Oracle PeopleSoft

Oracle has fixed vulnerabilities in Oracle PeopleSoft. The vulnerabilities allow unauthenticated attackers to access and modify sensitive data. This can lead to unauthorized access and modifications to critical data, with CVSS scores ranging from 5.4 to 10.0, indicating moderate to significant ri...

10CVSS6.5AI score0.79807EPSS
Exploits15References1
NCSC
NCSC
•added 2025/10/14 6:13 p.m.•12 views

Vulnerabilities fixed in Microsoft Azure

Microsoft has fixed vulnerabilities in several Azure components. A malicious party could exploit the vulnerabilities to impersonate another user and potentially grant themselves elevated privileges, in order to gain access to sensitive data or execute arbitrary code with elevated privileges. The...

9.8CVSS7.3AI score0.071EPSS
Exploits0
NCSC
NCSC
•added 2025/09/09 6:23 p.m.•12 views

Vulnerabilities fixed in Microsoft Office

Microsoft has fixed vulnerabilities in several Office products. A malicious party can exploit the vulnerabilities to carry out attacks that can lead to the following categories of damage: - Execution of arbitrary code User privileges - Accessing sensitive data - Obtaining elevated privileges -...

8.8CVSS7.2AI score0.18084EPSS
Exploits0
NCSC
NCSC
•added 2025/07/23 3:31 p.m.•12 views

Zeroday vulnerabilities discovered in Microsoft SharePoint Server

Microsoft has released information about actively exploited zeroday vulnerabilities in on-premises versions of Microsoft SharePoint Server. SharePoint Online part of Microsoft 365 has not been affected. The zeroday vulnerabilities, marked CVE-2025-53770 and CVE-2025-53771, allow a malicious perso...

9.8CVSS7.6AI score0.99982EPSS
Exploits41References4
NCSC
NCSC
•added 2025/05/08 8:40 a.m.•12 views

Vulnerabilities fixed in SonicWall SMA100

SonicWall has fixed vulnerabilities in the SMA100 series. The vulnerabilities are in the way the SMA100 series handles authenticated SSLVPN users. CVE-2025-32819 allows these users to bypass path-traversal controls and delete arbitrary files, which can lead to a reset of the device to factory...

8.8CVSS9.4AI score0.31537EPSS
Exploits1References1
NCSC
NCSC
•added 2025/04/01 8:42 a.m.•12 views

Vulnerabilities fixed in Apple iOS and iPadOS

Apple has fixed several vulnerabilities in iOS and iPadOS. The vulnerabilities include memory management issues, unauthorized access to sensitive user data, and the ability for applications to escape their sandbox environments. These vulnerabilities could lead to unauthorized access, data...

9.8CVSS8.2AI score0.18668EPSS
Exploits15References4
NCSC
NCSC
•added 2025/02/04 9:13 a.m.•12 views

Vulnerabilities fixed in Google Android and Samsung Mobile

Google has fixed vulnerabilities in Android. Included in this update are updates to closed-source components from Qualcomm, Imagination Technologies, Unisoc and MediaTek. Samsung has fixed vulnerabilities in Samsung Mobile that are relevant to Samsung mobile devices. The vulnerabilities include...

9.8CVSS7.1AI score0.03301EPSS
Exploits3References2
NCSC
NCSC
•added 2024/10/08 7:59 p.m.•12 views

Vulnerabilities fixed in Microsoft Developer Tools

Microsoft has fixed vulnerabilities in several Developer Tools. A malicious person could exploit the vulnerabilities to cause a Denial-of-Service, grant themselves elevated privileges or execute arbitrary code with the victim's privileges. Successful exploitation requires the malicious party to...

9.8CVSS8.2AI score0.03009EPSS
Exploits0
NCSC
NCSC
•added 2024/07/18 12:25 p.m.•12 views

Vulnerability fixed in SonicOS

A vulnerability has been fixed in SonicWall SonicOS IPSec. The vulnerability in SonicWall SonicOS IPSec allows an unauthenticated remote malicious person to cause Denial of Service DoS. SonicWall has made available a workaround and patch to fix the vulnerability. See the reference for more...

7.5CVSS6.9AI score0.007EPSS
Exploits0References2
NCSC
NCSC
•added 2024/07/17 1:55 p.m.•12 views

Vulnerabilities fixed in Oracle PeopleSoft

Vulnerabilities have been fixed in Oracle PeopleSoft. A malicious party can exploit the vulnerabilities to carry out attacks that can lead to the following categories of damage: Denial-of-Service DoS. Access to sensitive data Access to system data Manipulation of data Oracle has made updates...

6.4CVSS7.1AI score0.93305EPSS
Exploits5References12
NCSC
NCSC
•added 2024/07/17 1:54 p.m.•12 views

Vulnerabilities fixed in Oracle MySQL

Vulnerabilities have been fixed in Oracle MySQL. A malicious party can exploit the vulnerabilities to carry out attacks that can lead to the following categories of damage: Denial-of-Service DoS. Access to sensitive data Access to system data Manipulation of data Remote code execution User rights...

9.8CVSS7.6AI score0.93305EPSS
Exploits11References35
NCSC
NCSC
•added 2024/06/11 1:29 p.m.•12 views

Vulnerabilities fixed in Siemens products

Siemens has fixed vulnerabilities in several products, including SCALANCE, SICAM, Tecnomatix, SITOP and PowerSys. The vulnerabilities potentially enable a malicious person to carry out attacks that could lead to the following categories of damage: - Denial-of-Service DoS - Manipulation of data -...

9.8CVSS7.9AI score0.99999EPSS
Exploits42References13
NCSC
NCSC
•added 2024/06/10 7:2 a.m.•12 views

Vulnerabilities fixed in PHP

Vulnerabilities have been fixed in PHP. A malicious person could exploit the vulnerabilities to execute arbitrary code with application privileges. The vulnerability with attribute CVE-2024-4577 is actually a re-entry of the vulnerability with attribute CVE-2012-1823. This vulnerability allows th...

9.8CVSS9.1AI score0.99998EPSS
Exploits105References4
NCSC
NCSC
•added 2024/06/07 6:26 a.m.•12 views

Vulnerabilities fixed in Solarwinds Platform

Solarwinds has fixed vulnerabilities in Solarwinds Platform. A malicious party can exploit the vulnerabilities to cause a Denial-of-Service, execute a command injection, or perform a Cross-Site-Scripting attack. Such an attack can result in execution of arbitrary code in the victim's browser. For...

7.5CVSS7.9AI score0.70561EPSS
Exploits10References4
NCSC
NCSC
•added 2024/05/16 12:41 p.m.•12 views

Vulnerabilities fixed in Aruba Networks ArubaOS

Aruba Networks fixed vulnerabilities in ArubaOS A malicious party could exploit the vulnerabilities to launch attacks that could lead to the following categories of damage: - Denial-of-Service DoS - Manipulation of data - Remote code execution Administrator/Root privileges - Access to system data...

9.8CVSS7.7AI score0.01651EPSS
Exploits0References1
Total number of security vulnerabilities4192