4190 matches found
Vulnerabilities fixed in F5 BIG-IP and BIG-IQ
F5 has fixed vulnerabilities in BIG-IP and BIG-IQ products. A malicious party could exploit the vulnerabilities to cause a Denial-of-Service, or to bypass a security measure in order to bypass a security measure and thus use command-injection to manipulate the operation of the system manipulate t...
Vulnerabilities fixed in Oracle Analytics
Oracle has fixed vulnerabilities in several Analytics products. A malicious party could exploit the vulnerabilities to execute attacks that could result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Manipulation of data Access to sensitive data Oracle has...
Vulnerabilities fixed in Atlassian products
Atlassian has fixed vulnerabilities in several products, including Confluence and Jira. A malicious party could exploit vulnerabilities to launch attacks that can lead to the following categories of damage: Cross-Site Request Forgery XSRF. Denial-of-Service DoS. Circumvention of security measure...
Vulnerabilities fixed in Google Android and Samsung Mobile
Google has fixed vulnerabilities in Android. A malicious person can exploit the vulnerabilities to launch attacks that can lead to the following categories of damage: Denial-of-Service DoS. Remote code execution Administrator/Root rights Remote code execution User rights Access to sensitive data...
Vulnerabilities fixed in VMware Tools
VMware has fixed vulnerabilities in VMware Tools. A malicious person with access to a guest system in which VMWare Tools are installed can exploit the vulnerabilities to give themselves elevated privileges and thus potentially execute code with elevated privileges. VMware has released updates to...
Vulnerabilities fixed in Microsoft Windows
Microsoft has fixed vulnerabilities in Windows. The most serious vulnerability with reference CVE-2023-35349 is in Microsoft Message Queueing MSQS. This vulnerability allows an unauthenticated remote malicious person to execute arbitrary execute arbitrary code with service privileges. MSMQ is...
Vulnerabilities fixed in Microsoft Exchange
Microsoft has fixed vulnerabilities in Exchange. A malicious party could exploit the vulnerabilities to impersonate as another user and execute arbitrary code with privileges of that user, or gain access to the sensitive data in the victim's context. The most serious vulnerability has been given...
Vulnerabilities fixed in Microsoft Developer Tools
Microsoft has fixed vulnerabilities in several Developer tools. A malicious party can exploit the vulnerabilities to launch attacks execute attacks that can lead to the following categories of damage: Denial-of-Service DoS. Remote code execution User Rights Spoofing Access to sensitive data...
Vulnerabilities fixed in Siemens products
Siemens has fixed vulnerabilities in Parasolid, Solid Edge, TeamCenter, SoftwareCenter, SIMATIC, SICAM and Ruggedcom products. The vulnerabilities potentially enable a malicious party to execute attacks that could result in the following categories of damage: Denial-of-Service DoS. Manipulation o...
Vulnerabilities fixed in Oracle MySQL
Vulnerabilities have been fixed in Oracle MySQL products. A malicious party can exploit the vulnerabilities to launch attacks execute attacks that can lead to the following categories of damage: Denial-of-Service DoS. Remote code execution User rights Access to sensitive data Oracle has fixed the...
Vulnerabilities fixed in Oracle Communications
Vulnerabilities have been fixed in Oracle Communications products. A malicious party can exploit the vulnerabilities to launch attacks execute attacks that can result in the following categories of damage: Denial-of-Service DoS. Remote code execution Administrator/Root rights Remote code executio...
Vulnerabilities fixed in Citrix ADC and Citrix Gateway
Citrix has fixed vulnerabilities in NetScaler ADC and NetScaler Gateway. A malicious party could exploit the vulnerabilities to execute a cross-site scripting attack, obtain elevated privileges or execute arbitrary code. Citrix reports that the vulnerability with attribute CVE-2023-3519 is being...
Vulnerability fixed in MikroTik RouterOS
MikroTik has fixed a vulnerability in RouterOS. A unauthenticated malicious person could potentially abuse it to execute arbitrary code. To do so, malicious network traffic should be sent to the vulnerable device. sent. MikroTik indicates that systems are only vulnerable when they are use a...
Vulnerabilities fixed in Oracle Financial Services Applications
Vulnerabilities have been fixed in several Oracle Financial Services Applications. The vulnerabilities allow a malicious able to perform attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution Administrator/Root rights Access to...
Vulnerabilities fixed in Microsoft Office
Microsoft has fixed vulnerabilities in several Office products. The vulnerabilities allow a malicious person to perform execute attacks that can result in the following categories of damage: Denial-of-Service DoS Remote code execution User Rights Spoofing Access to sensitive data Increased user...
Vulnerabilities fixed in Microsoft Windows
Microsoft has fixed vulnerabilities in Windows. The vulnerabilities allow a malicious person to carry out attacks execute attacks that can lead to the following categories of damage: Denial-of-Service DoS Remote code execution User Rights Access to sensitive data Increased user privileges The mos...
Vulnerabilities fixed in Siemens products
Siemens has fixed vulnerabilities in SINEC INS, among others, SIMATIC, SINUMERIK, SIMOCODE, SIRPLUS, SCALANCE, JT Open, JT Utilities, Solid Edge, Automation License Manager, Mendix and RUGGEDCOM. The vulnerabilities potentially enable a malicious person to able to perform attacks that result in t...
Vulnerabilities fixed in Microsoft Developer Tools
Microsoft has fixed vulnerabilities in the various Developer Tools. The vulnerabilities allow a malicious party to execute attacks that result in the following categories of damage: Circumvention of security measure. Remote code execution User rights Increased user privileges The vulnerability in...
Vulnerabilities fixed in Microsoft Exchange Server
Microsoft has fixed vulnerabilities in Microsoft Exchange Server. The vulnerabilities allow an authenticated malicious person with access to the victim's network is able to impersonate impersonate another user and/or obtain elevated privileges. Very few details have been made available by Microso...
Vulnerability fixed in FortiMail
FortiNet has fixed a vulnerability in FortiMail. A malicious person with admin rights in a private, possibly self-hosted configured domain is able to read and modify system information modify for a domain for which it is not authorized. FortiNet has released updates to fix the vulnerability in...
Vulnerabilities fixed in WhatsApp
Two vulnerabilities have been fixed in WhatsApp. The vulnerability with reference CVE-2022-36934 allows a remote malicious person to able to execute arbitrary code during a video call. The vulnerability with attribute CVE-2022-27492 allows a remote malicious person to remotely able to execute...
Vulnerabilities fixed in Siemens products
Siemens has fixed vulnerabilities in RUGGEDCOM, SCALANCE and SIMATIC products. The vulnerabilities allow a malicious party potentially able to launch attacks that lead to the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Circumvention of authentication. Remote co...
Vulnerabilities fixed in IBM AIX
Vulnerabilities have been fixed in IBM AIX and VIOS. These vulnerabilities, in the Expat and BIND components, allow a malicious party to carry out attacks that result in the following categories of damage: Remote code execution User Rights Denial-of-Service DoS. Manipulation of data For these...
Vulnerabilities fixed in Oracle Supply Chain products
Oracle has fixed vulnerabilities in several products belonging to the Oracle Supply Chain Suite: Agile Engineering Data Management Agile PLM Agile Product Lifecycle Management for Process Autovue for Agile Product Lifecycle Management Product Lifecycle Analytics Transportation Management A...
Vulnerabilities fixed in Oracle Construction and Engineering
Oracle has fixed vulnerabilities in the following Construction and Engineering products: Primavera Unifier Instantis EnterpriseTrack The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS...
Vulnerabilities fixed in AWS patch solutions
Vulnerabilities have been fixed in several AWS patch solutions. These patch solutions were released by AWS to monitor for Java applications vulnerable to Log4Shell and patch these systems immediately. AWS has released three hotpatches released. A hot patch in the form of Debian or RPM packages th...
Vulnerabilities fixed in Oracle MySQL
Oracle has fixed vulnerabilities in the following MySQL products: MySQL Workbench MySQL Server MySQL Cluster MySQL Connectors MySQL Enterprise Monitor The vulnerabilities potentially enable a malicious party to execute attacks that result in the following categories of damage: Denial-of-Service D...
Vulnerabilities fixed in IBM QRadar
IBM has fixed vulnerabilities in QRadar. The vulnerabilities are in underlying software and libraries, such as the Linux kernel used, OpenSSL, Bash, OpenSSH, Kerberos and Mozilla software. A malicious party could exploit the vulnerabilities to causing a denial-of-service, executing arbitrary code...
Vulnerabilities fixed in Google Android
Vulnerabilities have been fixed in Google Android. The vulnerabilities allow a malicious person to carry out attacks execute attacks that can lead to the following categories of damage: Denial-of-Service DoS Access to sensitive data Increased user privileges The vulnerability with attribute...
Vulnerabilities fixed in SAP products
Vulnerabilities have been fixed in several SAP products. The vulnerabilities potentially enable a malicious person to launch attacks execute attacks that result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Circumvention of security measure. Remote code...
Vulnerabilities fixed in Red Hat products
Vulnerabilities have been fixed in Log4j version 1 in several Red Hat products. Log4j v1 has been End-of-Life since 2015 and it is recommended to upgrade to v2. In a number of Red Hat products Log4j v1 is still being used. These vulnerabilities allow a remote malicious person to execute arbitrary...
Vulnerability fixed in Linux kernel
A local malicious party can, by exploiting a buffer overflow vulnerability in the Linux kernel, gain elevated privileges acquire, execute arbitrary code or cause a denial of service cause a denial of service on the vulnerable system. -= Red Hat =- Red Hat has made updates available for...
Vulnerabilities fixed in Oracle Database Server
Oracle has fixed vulnerabilities in the following Oracle Database Server products: Database - Enterprise Edition Database Configuration Assistant Spatial and Graph Application Express APEX Engineered Systems Utilities The vulnerabilities allow a malicious person to carry out attacks execute attac...
Vulnerabilities fixed in Oracle Construction and Engineering
Oracle has fixed vulnerabilities in the following products: Primavera P6 Enterprise Project Portfolio Management Primavera P6 Professional Project Management Primavera Portfolio Management Primavera Data Warehouse Primavera Analytics Primavera Unifier Instantis EnterpriseTrack Primavera Gateway T...
Vulnerabilities fixed in Oracle Supply Chain
Oracle has fixed vulnerabilities in the following products: Demantra Demand Management Agile Engineering Data Management Agile PLM MCAD Connector Agile PLM Framework Agile Product Lifecycle Management Integration Pack for Oracle E-Business Suite Rapid Planning Product Lifecycle Analytics The...
Vulnerabilities fixed in GitLab Runner
Vulnerabilities have been fixed in GitLab Runner. A authenticated malicious party could potentially exploit them to cause a denial-of-service or to gain access to system data. GitLab developers have released updates to address the vulnerabilities in GitLab Runner 14.3.4, 14.4.2 and 14.5.2. For mo...
Vulnerability fixed in Trend Micro ServerProtect
Trend Micro has fixed a vulnerability in ServerProtect. A unauthenticated malicious party could potentially abuse it to bypass authentication. The vulnerability has a CVSS3.1 score of 9.8 assigned. Content-wise, however, few technical details made publicly available. Trend Micro has released...
Vulnerabilities fixed in Oracle Unbreakable Enterprise kernel
Vulnerabilities have been fixed in the Oracle Linux kernel. The vulnerabilities allow a malicious person to carry out attacks execute attacks that lead to the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution User rights Access to sensitive data...
Vulnerabilities fixed in Juniper Junos Space Platform
Vulnerabilities have been fixed in Junos Space Platform. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Bypassing authentication Circumvention of security measure Remote...
Vulnerabilities fixed in Xerox FreeFlow Print Server
Xerox has fixed vulnerabilities in Freeflow Print Server. This patch update includes, among other things, a fix for the PrintNightmare vulnerability located in the Windows Print Spooler service and affects the Windows Print Queue. Xerox has released updates to fix vulnerabilities in Freeflow prin...
Vulnerabilities fixed in Foxit Reader
Vulnerabilities have been fixed in Foxit PDF Reader and PDF Editor. The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Data manipulation. Remote code execution User Rights To exploit these...
Vulnerabilities fixed in Red Hat Openshift Container Platform
Vulnerabilities have been fixed in Red Hat Openshift Container Platform. The vulnerabilities allow a malicious party to perform attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution User rights Access to system data Increased...
Vulnerabilities fixed in Cisco Jabber for Windows
Vulnerabilities have been fixed in Cisco Jabber for Windows. A malicious party could exploit the vulnerabilities to obtain sensitive information or to cause a denial-of-service to the recipient of a specially prepared XMPP message. Cisco has released updates to fix the vulnerabilities. For more...
Vulnerabilities fixed in Oracle E-Business Suite
Vulnerabilities have been fixed in Oracle E-Business Suite. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Access to sensitive data Access to system data...
Vulnerabilities fixed in the Ubuntu kernel
Vulnerabilities have been fixed in the Ubuntu kernel. The vulnerabilities allow a malicious person to carry out attacks execute attacks that lead to the following categories of damage: Denial-of-Service DoS Manipulation of data Circumvention of security measure Remote code execution User rights...
Vulnerabilities fixed in OpenSSL
Vulnerabilities have been fixed in OpenSSL. The vulnerabilities allow a malicious party to remotely initiate a denial-of-service by offering a rogue certificate to to an SSL server or SSL client. When an SSL server still supports SSLv2, it is possible to inadvertently establish a connection and...
Vulnerability fixed in Red Hat kernel
Vulnerabilities have been fixed in the Red Hat kernel. The vulnerabilities allow a locally authenticated malicious agent to able to cause a denial-of-service and to launch a so-called chache-poisioning attack. -= Red Hat =- Red Hat has made updates available for Red Hat Enterprise Linux 8. You ca...
Vulnerabilities fixed in Oracle Communications
Vulnerabilities have been fixed in Oracle Communications. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS. Circumvention of security measure SQL Injection Accessing sensitive data Accessing...
Vulnerabilities fixed in kernel Oracle Enterprice Linux
Oracle has fixed vulnerabilities in its kernel. The vulnerabilities allow a locally authenticated malicious agent to opportunity to obtain system data and to cause a denial-of-service. -= Oracle =- Oracle has made updates available for Oracle Linux 6 and 7. U can install these updates using the...
Vulnerability fixed in IBM Spectrum Protect Operations Center
IBM has fixed a vulnerability in Spectrum Protect Operations Center. A malicious person with network access to the system could potentially exploit the vulnerability potentially exploit it to obtain information about the system. IBM has released updates to fix the vulnerability in Spectrum Protec...