Lucene search
K
NcscMost viewed

4190 matches found

NCSC
NCSC
•added 2026/05/12 5:53 p.m.•11 views

The vulnerability was exploited in Microsoft SQL Server

Microsoft has identified a vulnerability in SQL Server. A malicious individual with authorized access can exploit this vulnerability to execute arbitrary code under the control of the SQL Server. Microsoft has provided updates that address the described vulnerabilities. We recommend that you...

8.8CVSS6.2AI score0.00555EPSS
Exploits0
NCSC
NCSC
•added 2026/05/12 5:53 p.m.•11 views

Vulnerabilities in Microsoft Dynamics

Microsoft has addressed vulnerabilities in various components of Dynamics. A malicious individual with access can exploit these vulnerabilities to gain elevated privileges, execute arbitrary code, and/or access sensitive data. The vulnerability with ID CVE-2026-33821 has been addressed by...

9.9CVSS6.1AI score0.01194EPSS
Exploits0
NCSC
NCSC
•added 2026/05/12 12:19 p.m.•11 views

vulnerabilities found in Apple MacOS

Apple has addressed several vulnerabilities in various versions of macOS including Sequoia, Sonoma, and Tahoe versions. These vulnerabilities involve memory management issues such as buffer overflows, use-after-free errors, out-of-bounds reads and writes, and integer overflows. These...

8.8CVSS6.8AI score0.07112EPSS
Exploits4References3
NCSC
NCSC
•added 2026/05/07 4:17 p.m.•11 views

Vulnerabilities managed in Ivanti Endpoint Manager Mobile

Ivanti has identified five vulnerabilities in Endpoint Manager Mobile EPMM, also known as MobileIron. One of these vulnerabilities, labeled CVE-2026-6973, allows an authenticated malicious actor with administrative access to remotely execute arbitrary code with administrator privileges. Ivanti...

9.8CVSS6.3AI score0.34454EPSS
Exploits0References1
NCSC
NCSC
•added 2026/04/29 8:12 a.m.•11 views

Vulnerabilities handled in Apache Camel

The Apache Software Foundation has identified vulnerabilities in Apache Camel. These vulnerabilities exist in various components of Apache Camel. The issues include insecure deserialization, insufficient filtering of email headers, incorrect authentication path matching, and improper processing o...

9.9CVSS6.1AI score0.00926EPSS
Exploits4References9
NCSC
NCSC
•added 2026/04/15 8:53 a.m.•11 views

Vulnerabilities in Microsoft Windows

Microsoft has fixed vulnerabilities in Windows. A malicious party can exploit the vulnerabilities to carry out attacks that can lead to the following categories of damage: - Denial-of-Service DoS - Manipulation of data - Accessing sensitive data - Execution of arbitrary code user privileges -...

9.8CVSS7.2AI score0.64095EPSS
Exploits15
NCSC
NCSC
•added 2026/04/10 2:28 p.m.•11 views

Vulnerability fixed in Cisco Smart Software Manager On-Prem

Cisco has fixed a vulnerability in Cisco Smart Software Manager On-Prem. A malicious party could exploit this vulnerability by inadvertently making an internal service component in Cisco Smart Software Manager On-Prem SSM On-Prem externally accessible. This allows a remote attacker to execute...

9.8CVSS6AI score0.00914EPSS
Exploits0References1
NCSC
NCSC
•added 2026/04/04 1:49 p.m.•11 views

Vulnerability fixed in Fortinet's FortiClient EMS

Fortinet has fixed a vulnerability in FortiClient EMS. The vulnerability involves improper access controls in FortiClient EMS. Unauthenticated attackers can bypass security controls by sending specially crafted requests and execute unauthorized code or commands. The vulnerability can be exploited...

9.8CVSS6AI score0.88505EPSS
Exploits8References1
NCSC
NCSC
•added 2026/03/20 2:3 p.m.•11 views

Vulnerabilities fixed in Microsoft Office

Microsoft has fixed vulnerabilities in several Office products. A malicious party could exploit the vulnerabilities to impersonate another user, gain access to sensitive data or execute arbitrary code in the victim's context. For successful abuse, the malicious party must be authenticated on the...

9.8CVSS7AI score0.31109EPSS
Exploits0
NCSC
NCSC
•added 2026/03/10 8:20 p.m.•11 views

Vulnerabilities fixed in Microsoft Office

Microsoft has fixed vulnerabilities in several Office products. A malicious party can exploit the vulnerabilities to impersonate another user, grant themselves elevated privileges and/or execute arbitrary code and potentially gain access to sensitive data in the victim's context. Successful...

9.3CVSS6.3AI score0.02408EPSS
Exploits1
NCSC
NCSC
•added 2026/02/10 7:11 p.m.•11 views

Vulnerabilities fixed in Microsoft Office

Microsoft has fixed vulnerabilities in Office components. A malicious party could exploit the vulnerabilities to bypass security measures, pretend to be another user and thus gain elevated privileges and access to sensitive data. For successful exploitation, the malicious party must trick the...

7.8CVSS5.6AI score0.03635EPSS
Exploits0
NCSC
NCSC
•added 2026/02/10 7:4 p.m.•11 views

Vulnerability fixed in Microsoft Exchange

Microsoft has fixed a vulnerability in Exchange server. A malicious person could, without prior authentication, impersonate another user and thus gain access to sensitive data in the victim's context. Microsoft has made updates available that fix the described vulnerability. We recommend that you...

6.5CVSS5.5AI score0.09457EPSS
Exploits0
NCSC
NCSC
•added 2026/01/28 9:32 a.m.•11 views

Vulnerability fixed in Fortinet products

Fortinet has fixed a vulnerability in FortiAnalyzer, FortiManager, FortiOS and FortiProxy products. The vulnerability is in specific implementations of FortiCloud SSO authentication. The vulnerability allows attackers with a registered device and a FortiCloud account to bypass authentication and...

9.8CVSS5.8AI score0.85844EPSS
Exploits0References2
NCSC
NCSC
•added 2026/01/22 12:35 p.m.•11 views

Vulnerabilities fixed in GitLab Community Edition and Enterprise Edition

GitLab has fixed vulnerabilities in Community Edition CE and Enterprise Edition EE versions for 18.6.4, 18.7.2, and 18.8.2. Malicious parties can exploit the vulnerabilities to cause a denial-of-service DoS, or potentially gain access to sensitive data by bypassing security measures. GitLab has...

7.5CVSS5.5AI score0.00846EPSS
Exploits0References1
NCSC
NCSC
•added 2026/01/21 10:10 a.m.•11 views

Vulnerabilities fixed in Oracle Analytics

Oracle has fixed vulnerabilities in Oracle Business Intelligence Enterprise Edition. The vulnerabilities allow unauthenticated attackers to cause a Denial-of-Service, or can lead to unauthorized access and modification of critical data. Oracle has released updates to fix the vulnerability. See...

9.8CVSS6.5AI score0.06215EPSS
Exploits1References1
NCSC
NCSC
•added 2026/01/21 9:27 a.m.•11 views

Vulnerabilities fixed in Oracle PeopleSoft

Oracle has fixed vulnerabilities in Oracle PeopleSoft. The vulnerabilities allow unauthenticated attackers to access and modify sensitive data. This can lead to unauthorized access and modifications to critical data, with CVSS scores ranging from 5.4 to 10.0, indicating moderate to significant ri...

10CVSS6.5AI score0.79807EPSS
Exploits15References1
NCSC
NCSC
•added 2026/01/16 1:34 p.m.•11 views

Vulnerability fixed in Fortinet FortiSIEM

Fortinet has fixed a vulnerability in FortiSIEM Versions 6.7.0 to 7.4.0. The vulnerability is in the way FortiSIEM handles TCP requests. Unauthenticated attackers can exploit this vulnerability to execute unauthorized code or commands through specially crafted TCP requests. This can lead to...

9.8CVSS7.4AI score0.42649EPSS
Exploits4References1
NCSC
NCSC
•added 2026/01/16 9:44 a.m.•11 views

Vulnerabilities fixed in Aruba Networks ArubaOS

Aruba Networks has fixed vulnerabilities in AOS-8 and AOS-10. The vulnerabilities are in the Web management interfaces of the AOS-8 and AOS-10 systems. These vulnerabilities include arbitrarily file deletion, stack overflow, command injection, and improper input handling. A malicious party can...

9.1CVSS7.8AI score0.01245EPSS
Exploits0References1
NCSC
NCSC
•added 2025/12/24 11:29 a.m.•11 views

Vulnerability fixed in HPE OneView Software

HPE has fixed a vulnerability in the HPE OneView Software. The vulnerability is in the way the OneView Software handles remote requests. When HPE OneView Software is accessible over the Internet, unauthenticated remote users can execute code. This could allow attackers to gain control of affected...

10CVSS7.3AI score0.89733EPSS
Exploits8References1
NCSC
NCSC
•added 2025/11/18 7:1 a.m.•11 views

Vulnerabilities fixed in GitLab

GitLab has fixed vulnerabilities in GitLab CE/EE versions for 18.3.6, 18.4.4, and 18.5.2. The vulnerabilities include the ability for attackers to remove Duo authentication flows, access sensitive information via GraphQL subscriptions, and bypass access controls on GitLab Pages. These...

7.8CVSS7.8AI score0.00375EPSS
Exploits4References1
NCSC
NCSC
•added 2025/11/04 12:53 p.m.•11 views

Vulnerabilities fixed in Apple iOS and iPadOS

Apple has fixed vulnerabilities in iOS 26.1 and iPadOS 26.1. The vulnerabilities affected several privacy and security issues, including unauthorized access to user data, the risk of data exfiltration, and memory management vulnerabilities that could lead to unexpected system crashes. Attackers...

8.8CVSS6.5AI score0.01378EPSS
Exploits1References1
NCSC
NCSC
•added 2025/10/23 1:49 p.m.•11 views

Vulnerabilities fixed in Oracle Hyperion

Oracle has fixed several vulnerabilities in Oracle Hyperion, including Hyperion Financial Management and Hyperion Data Relationship Management. The vulnerabilities in Oracle Hyperion allow unauthenticated attackers to gain access to the system, which can lead to unauthorized data access and...

9.8CVSS7.3AI score0.64718EPSS
Exploits3References1
NCSC
NCSC
•added 2025/10/23 7:19 a.m.•11 views

Vulnerabilities fixed in Oracle Database products

Oracle fixed vulnerabilities in Oracle Database Server products Vulnerabilities in Oracle Database Server allow unauthenticated attackers to gain unauthorized access to critical data, which can lead to breaches of data confidentiality, integrity and availability. Specific vulnerabilities, such as...

9.8CVSS7.6AI score0.64718EPSS
Exploits14References1
NCSC
NCSC
•added 2025/10/17 10:44 a.m.•11 views

Vulnerabilities fixed in Adobe Experience Manager

Adobe has fixed vulnerabilities in Adobe Experience Manager versions 6.5.23 and earlier. The vulnerabilities are in the configuration of Adobe Experience Manager, which allows attackers to execute arbitrary code without any user interaction. This can lead to unauthorized access and control of...

10CVSS8AI score0.87515EPSS
Exploits7References1
NCSC
NCSC
•added 2025/10/17 8:19 a.m.•11 views

Vulnerability fixed in WatchGuard Fireware OS

WatchGuard has fixed a vulnerability in Fireware OS Specific to certain VPN configurations. The vulnerability is in the way Fireware OS handles Out-of-bounds Write. This allows a malicious, unauthenticated attacker to execute arbitrary code. This could lead to serious consequences for affected...

9.8CVSS7.4AI score0.8637EPSS
Exploits2References1
NCSC
NCSC
•added 2025/10/14 6:13 p.m.•11 views

Vulnerabilities fixed in Microsoft Azure

Microsoft has fixed vulnerabilities in several Azure components. A malicious party could exploit the vulnerabilities to impersonate another user and potentially grant themselves elevated privileges, in order to gain access to sensitive data or execute arbitrary code with elevated privileges. The...

9.8CVSS7.3AI score0.071EPSS
Exploits0
NCSC
NCSC
•added 2025/09/18 12:2 p.m.•11 views

Vulnerabilities fixed in HPE Aruba Networking EdgeConnect SD-WAN Gateways

HPE has fixed vulnerabilities in HPE Aruba Networking EdgeConnect SD-WAN Gateways. The vulnerabilities are in the command-line interface and Web API of the HPE Aruba Networking EdgeConnect SD-WAN Gateways. These vulnerabilities allow authenticated attackers to execute arbitrary system commands wi...

8.8CVSS7.5AI score0.00599EPSS
Exploits0References1
NCSC
NCSC
•added 2025/08/13 9:35 a.m.•11 views

Vulnerabilities fixed in Fortinet products

Fortinet has fixed vulnerabilities in FortiOS, FortiProxy, FortiPAM, FortiSIEM, FortiWeb and FortiADC. The most serious vulnerability allows an unauthenticated attacker to remotely execute arbitrary code on FortiSIEM using custom CLI commands. Forti indicates that PoC code is available for this...

9.8CVSS8.1AI score0.56192EPSS
Exploits7References7
NCSC
NCSC
•added 2025/05/13 7:47 p.m.•11 views

Vulnerabilities fixed in Microsoft Windows

Microsoft has fixed vulnerabilities in Windows. A malicious party can exploit the vulnerabilities to carry out attacks that can lead to the following categories of damage: - Denial-of-Service DoS - Circumvention of a security measure - Execution of arbitrary code root/admin privileges - Execution...

8.8CVSS9.8AI score0.57672EPSS
Exploits10
NCSC
NCSC
•added 2025/05/08 8:40 a.m.•11 views

Vulnerabilities fixed in SonicWall SMA100

SonicWall has fixed vulnerabilities in the SMA100 series. The vulnerabilities are in the way the SMA100 series handles authenticated SSLVPN users. CVE-2025-32819 allows these users to bypass path-traversal controls and delete arbitrary files, which can lead to a reset of the device to factory...

8.8CVSS9.4AI score0.31537EPSS
Exploits1References1
NCSC
NCSC
•added 2025/04/30 1:12 p.m.•11 views

Vulnerabilities fixed in SAP products

SAP has fixed vulnerabilities in several products, including SAP Financial Consolidation, SAP Landscape Transformation, SAP NetWeaver Application Server ABAP, SAP Commerce Cloud, SAP ERP BW, SAP BusinessObjects Business Intelligence Platform, SAP KMC WPC, SAP Solution Manager, SAP S4CORE, and SAP...

10CVSS9.2AI score0.99359EPSS
Exploits31References4
NCSC
NCSC
•added 2025/04/08 1:57 p.m.•11 views

Vulnerabilities fixed in Siemens products

Siemens has fixed vulnerabilities in various products such as Industrial Edge Devices, Mendix, SENTRON, SIDIS, SIMATIC, SIPLUS,Insights Hub Private Cloud, Siemens License Server and Solid Edge. The vulnerabilities potentially enable a malicious person to carry out attacks that can lead to the...

10CVSS7.6AI score0.99098EPSS
Exploits25References9
NCSC
NCSC
•added 2025/04/01 8:42 a.m.•11 views

Vulnerabilities fixed in Apple iOS and iPadOS

Apple has fixed several vulnerabilities in iOS and iPadOS. The vulnerabilities include memory management issues, unauthorized access to sensitive user data, and the ability for applications to escape their sandbox environments. These vulnerabilities could lead to unauthorized access, data...

9.8CVSS8.2AI score0.18668EPSS
Exploits15References4
NCSC
NCSC
•added 2025/01/23 1:50 p.m.•11 views

Vulnerability fixed in SonicWall SMA1000 Appliance

SonicWall has fixed a vulnerability in the SMA1000 Appliance Management Console and Central Management Console. The vulnerability is located in the SMA1000 Appliance Management Console and Central Management Console, which allows remote, unauthenticated attackers to execute arbitrary OS commands...

9.8CVSS7.2AI score0.23432EPSS
Exploits1References1
NCSC
NCSC
•added 2025/01/22 1:34 p.m.•11 views

Vulnerabilities fixed in Oracle JD Edwards

Oracle has fixed vulnerabilities in JD Edwards EnterpriseOne Tools specifically for versions prior to 9.2.9.2. The vulnerabilities in Oracle JD Edwards EnterpriseOne Tools allow unauthenticated malicious actors to compromise the system via HTTP requests. This can lead to unauthorized access to...

9.8CVSS7.1AI score0.9378EPSS
Exploits7References1
NCSC
NCSC
•added 2025/01/22 1:33 p.m.•11 views

Vulnerabilities fixed in Oracle Financial Services

Oracle has fixed several vulnerabilities in Financial Services and components. The vulnerabilities allow unauthenticated attackers to gain access to critical data and compromise system integrity. Specific vulnerabilities can lead to compromise of confidentiality, integrity and availability, with...

10CVSS7.6AI score0.9378EPSS
Exploits16References1
NCSC
NCSC
•added 2024/11/12 6:54 p.m.•11 views

Vulnerabilities fixed in Microsoft Developer Tools

Microsoft has fixed vulnerabilities in .NET and Visual Studio. A malicious person could exploit the vulnerabilities to cause a denial-of-service, grant themselves elevated privileges or execute arbitrary code with application privileges. The most serious vulnerability has been assigned attribute...

9.8CVSS9AI score0.03512EPSS
Exploits0
NCSC
NCSC
•added 2024/09/10 6:20 p.m.•11 views

Vulnerabilities fixed in Siemens products

Siemens has fixed vulnerabilities in various products such as Mendix, SICAM, SIMATIC, SINEMA, SINUMERIK and Tecnomatix. The vulnerabilities potentially enable a malicious person to carry out attacks that can lead to the following categories of damage: - Denial-of-Service DoS - Manipulation of dat...

10CVSS8.2AI score0.99506EPSS
Exploits72References15
NCSC
NCSC
•added 2024/07/17 1:54 p.m.•11 views

Vulnerabilities fixed in Oracle MySQL

Vulnerabilities have been fixed in Oracle MySQL. A malicious party can exploit the vulnerabilities to carry out attacks that can lead to the following categories of damage: Denial-of-Service DoS. Access to sensitive data Access to system data Manipulation of data Remote code execution User rights...

9.8CVSS7.6AI score0.9378EPSS
Exploits11References35
NCSC
NCSC
•added 2024/04/19 12:0 a.m.•11 views

Vulnerabilities fixed in Oracle MySQL

Oracle has fixed vulnerabilities in several MySQL products. A malicious party can exploit the vulnerabilities to launch attacks execute attacks that can result in the following categories of damage: Denial-of-Service DoS. Manipulation of data Access to sensitive data Oracle has fixed the...

7.5CVSS6.9AI score0.99999EPSS
Exploits20
NCSC
NCSC
•added 2024/04/18 12:0 a.m.•11 views

Vulnerabilities fixed in Oracle Enterprise Manager

Oracle has fixed vulnerabilities in Enterprise Manager components. A malicious party could exploit the vulnerabilities to perform attacks that could result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Data manipulation. Remote code execution...

9.8CVSS6.9AI score0.99999EPSS
Exploits25
NCSC
NCSC
•added 2024/04/18 12:0 a.m.•11 views

Vulnerabilities fixed in Oracle Hyperion

Oracle has fixed vulnerabilities in several Hyperion products. A malicious party can exploit the vulnerabilities to launch attacks execute attacks that can result in the following categories of damage: Denial-of-Service DoS. Remote code execution Administrator/Root privileges Access to sensitive...

8.4CVSS7.3AI score0.81422EPSS
Exploits37
NCSC
NCSC
•added 2024/03/28 12:0 a.m.•11 views

Vulnerabilities fixed in Cisco products

Vulnerabilities have been fixed in several Cisco products. The vulnerabilities allow a malicious party to carry out attacks execute attacks that potentially result in the following categories of damage: Denial-of-Service DoS. Bypassing authentication Bypassing security measure Increased user...

8.6CVSS6.7AI score0.00816EPSS
Exploits0
NCSC
NCSC
•added 2024/03/05 12:0 a.m.•11 views

Vulnerabilities fixed in IBM MQ

IBM has fixed vulnerabilities in MQ. A malicious party could exploit the exploit the vulnerabilities to cause a denial-of-service gain access to sensitive data, or to launch a Cross-Site-Scripting XSS attack. Such an attack can lead to execution of arbitrary code in the browser of the victim, or...

9.8CVSS7.4AI score0.99999EPSS
Exploits21
NCSC
NCSC
•added 2024/02/22 12:0 a.m.•11 views

Vulnerability fixed in Atlassian Confluence

Atlassian has fixed a vulnerability in Confluence. A authenticated malicious party could exploit the vulnerability to perform execute a stored cross-site scripting attack. Such an attack can lead to execution of arbitrary code in the browser of the victim, or access sensitive information in the...

8.5CVSS6.5AI score0.00471EPSS
Exploits0
NCSC
NCSC
•added 2024/02/16 12:0 a.m.•11 views

Vulnerabilities fixed in F5 BIG-IP and BIG-IQ

F5 has fixed vulnerabilities in BIG-IP and BIG-IQ products. A malicious party could exploit the vulnerabilities to cause a Denial-of-Service, or to bypass a security measure in order to bypass a security measure and thus use command-injection to manipulate the operation of the system manipulate t...

8.7CVSS8.5AI score0.01061EPSS
Exploits0
NCSC
NCSC
•added 2024/01/18 12:0 a.m.•11 views

Vulnerabilities fixed in Oracle Analytics

Oracle has fixed vulnerabilities in several Analytics products. A malicious party could exploit the vulnerabilities to execute attacks that could result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Manipulation of data Access to sensitive data Oracle has...

8.2CVSS6.8AI score0.19442EPSS
Exploits5
NCSC
NCSC
•added 2024/01/16 12:0 a.m.•11 views

Vulnerabilities fixed in Atlassian products

Atlassian has fixed vulnerabilities in several products, including Confluence and Jira. A malicious party could exploit vulnerabilities to launch attacks that can lead to the following categories of damage: Cross-Site Request Forgery XSRF. Denial-of-Service DoS. Circumvention of security measure...

9.3CVSS8.4AI score0.85001EPSS
Exploits16
NCSC
NCSC
•added 2023/10/27 12:0 a.m.•11 views

Vulnerabilities fixed in VMware Tools

VMware has fixed vulnerabilities in VMware Tools. A malicious person with access to a guest system in which VMWare Tools are installed can exploit the vulnerabilities to give themselves elevated privileges and thus potentially execute code with elevated privileges. VMware has released updates to...

7.8CVSS7.5AI score0.01193EPSS
Exploits0
NCSC
NCSC
•added 2023/10/10 12:0 a.m.•11 views

Vulnerabilities fixed in Microsoft Windows

Microsoft has fixed vulnerabilities in Windows. The most serious vulnerability with reference CVE-2023-35349 is in Microsoft Message Queueing MSQS. This vulnerability allows an unauthenticated remote malicious person to execute arbitrary execute arbitrary code with service privileges. MSMQ is...

9.8CVSS7.7AI score0.99999EPSS
Exploits20
Total number of security vulnerabilities4190