Lucene search
K
NcscMost viewed

4190 matches found

NCSC
NCSC
added 2024/08/07 9:4 a.m.10 views

Vulnerabilities fixed in Aruba Networks ArubaOS and InstantOS

Aruba Networks has fixed vulnerabilities in ArubaOS and InstantOS. A malicious party could exploit the vulnerabilities to cause a denial-of-service, or execute arbitrary code on the vulnerable system. Successful exploitation requires the malicious party to have access to the PAPI port, or the SSH...

9.8CVSS7.7AI score0.9378EPSS
Exploits12References1
NCSC
NCSC
added 2024/07/30 8:42 a.m.10 views

Vulnerabilities fixed in Apple macOS

Apple has fixed vulnerabilities in macOS. A malicious person could exploit the vulnerabilities to bypass a security measure, grant themselves elevated privileges, access sensitive data, execute arbitrary code, possibly with kernel privileges or cause a Denial-of-Service. Successful abuse requires...

9.8CVSS7.8AI score0.99506EPSS
Exploits76References3
NCSC
NCSC
added 2024/07/17 1:52 p.m.10 views

Vulnerabilities fixed in Oracle Communications Applications

Vulnerabilities have been fixed in Oracle Communications Applications. A malicious party could exploit the vulnerabilities to launch attacks that could result in the following categories of damage: Denial-of-Service DoS. Access to sensitive data Access to system data Manipulation of data...

9.8CVSS7.5AI score0.99999EPSS
Exploits31References17
NCSC
NCSC
added 2024/07/09 7:37 p.m.10 views

Vulnerabilities fixed in Microsoft Office

Microsoft has fixed vulnerabilities in Office, Sharepoint and Outlook. A malicious party could exploit the vulnerabilities to impersonate another user or execute arbitrary code with the victim's privileges, potentially gaining access to sensitive data. Successful exploitation requires the malicio...

8.8CVSS9AI score0.5318EPSS
Exploits1
NCSC
NCSC
added 2024/07/09 6:40 p.m.10 views

Vulnerabilities fixed in Siemens Products

Siemens has fixed vulnerabilities in various products such as Mendix, RUGGEDOM, SIMATIC, SINEMA, SIPROTEC and the Engineering Platforms for various systems. The vulnerabilities potentially enable a malicious person to carry out attacks that can lead to the following categories of damage: -...

9.9CVSS7.5AI score0.9378EPSS
Exploits8References16
NCSC
NCSC
added 2024/07/01 7:10 a.m.10 views

Vulnerabilities fixed in Adobe Commerce

Adobe has fixed vulnerabilities in Commerce and Magento. A malicious party could exploit the vulnerabilities to bypass security measures and execute arbitrary code, possibly with administrator privileges. Proof-of-Concept code PoC has been published for the vulnerability with reference...

9.8CVSS9.6AI score0.99994EPSS
Exploits26References1
NCSC
NCSC
added 2024/06/25 10:17 a.m.10 views

Vulnerabilities fixed in Avaya IP Office

Avaya has fixed vulnerabilities in IP Office. A malicious party could exploit the vulnerabilities to execute arbitrary code on the central system, potentially taking over the system. For successful abuse, the malicious party must have access to the Web Control interface, but does not need prior...

10CVSS7.9AI score0.00777EPSS
Exploits0References1
NCSC
NCSC
added 2024/06/11 12:37 p.m.10 views

Vulnerabilities fixed in SAP products

SAP has fixed vulnerabilities in several SAP products, including Business Objects, HANA, CRM and NetWeaver. A malicious party can exploit the vulnerabilities to launch attacks that can lead to the following categories of damage: - Denial-of-Service DoS - Bypassing authentication - Cross-Site...

8.1CVSS6.4AI score0.00541EPSS
Exploits0References1
NCSC
NCSC
added 2024/06/10 7:2 a.m.10 views

Vulnerabilities fixed in PHP

Vulnerabilities have been fixed in PHP. A malicious person could exploit the vulnerabilities to execute arbitrary code with application privileges. The vulnerability with attribute CVE-2024-4577 is actually a re-entry of the vulnerability with attribute CVE-2012-1823. This vulnerability allows th...

9.8CVSS9.1AI score0.99998EPSS
Exploits105References4
NCSC
NCSC
added 2024/06/07 7:21 a.m.10 views

Vulnerabilities fixed in Google Android and Samsung Mobile

Google has fixed vulnerabilities in Android. The vulnerabilities allow a malicious person to grant themselves elevated privileges, cause a denial-of-service or gain access to sensitive data. Successful exploitation requires the malicious party to trick the victim into opening a rogue link, or...

9.8CVSS7.5AI score0.00724EPSS
Exploits0References2
NCSC
NCSC
added 2024/06/07 6:26 a.m.10 views

Vulnerabilities fixed in Solarwinds Platform

Solarwinds has fixed vulnerabilities in Solarwinds Platform. A malicious party can exploit the vulnerabilities to cause a Denial-of-Service, execute a command injection, or perform a Cross-Site-Scripting attack. Such an attack can result in execution of arbitrary code in the victim's browser. For...

7.5CVSS7.9AI score0.70561EPSS
Exploits10References4
NCSC
NCSC
added 2024/05/30 7:56 a.m.10 views

Vulnerability fixed in Check Point VPN products

Check Point has fixed a vulnerability in Quantum Gateway VPN systems. Check Point reports observing active abuse attempts. A path-traversal bug allows a malicious party to gain access to the username and password credentials of local accounts on the VPN system. If these local accounts, are...

8.6CVSS7.2AI score0.99978EPSS
Exploits52References2
NCSC
NCSC
added 2024/05/27 11:26 a.m.10 views

Vulnerabilities fixed in GitLab Enterprise Edition and Community Edition

GitLab has fixed vulnerabilities in Enterprise Edition EE and Community Edition CE. A malicious party can exploit the vulnerabilities to cause a Denial-of-Service DoS, or collect sensitive data via a Cross-Site-Scripting attack XSS to take over accounts. GitLab has released updates to fix the...

8.2CVSS6.8AI score0.00802EPSS
Exploits5References1
NCSC
NCSC
added 2024/04/19 12:0 a.m.10 views

Vulnerabilities fixed in Oracle Systems

Oracle has fixed vulnerabilities in components of System Software. A malicious person with physical access to the hardware, or local access to the infrastructure, can exploit the vulnerabilities to exploit attacks that could result in the following categories of damage: Cross-Site Scripting XSS...

9.8CVSS6.6AI score0.46836EPSS
Exploits12
NCSC
NCSC
added 2024/04/10 12:0 a.m.10 views

Vulnerabilities fixed in Microsoft Office

Microsoft has fixed vulnerabilities in Excel and Sharepoint. The vulnerability in Excel allows a malicious person to execute arbitrary code with the victim's privileges. For successful exploitation, the malicious party must trick the victim into opening a rogue file. The vulnerability in Sharepoi...

7.8CVSS7.2AI score0.01395EPSS
Exploits0
NCSC
NCSC
added 2024/03/08 12:0 a.m.10 views

Vulnerabilities fixed in Apple macOS

Apple has fixed vulnerabilities in macOS. A malicious party could exploit the vulnerabilities to launch attacks that can lead to the following categories of damage: Circumvention of security measure. Remote code execution Administrator/Root rights Remote code execution User rights Access to...

9.8CVSS7.3AI score0.9378EPSS
Exploits14
NCSC
NCSC
added 2024/01/25 12:0 a.m.10 views

Vulnerabilities fixed in Hewlett Packard OneView

Hewlett Packard has fixed vulnerabilities in OneView. A malicious party can exploit the vulnerabilities to launch attacks execute attacks that could result in the following categories of damage: Cross-Site Request Forgery XSRF. Denial-of-Service DoS. Circumvention of authentication Remote code...

9CVSS9.7AI score0.99999EPSS
Exploits5
NCSC
NCSC
added 2024/01/18 12:0 a.m.10 views

Vulnerabilities fixed in Oracle PeopleSoft

Oracle has fixed vulnerabilities in PeopleSoft Enterprise PeopleTools. A malicious party could exploit the vulnerabilities to cause a denial-of-service, or to gain access to sensitive data. Causing a Denial-of-Service does not require prior authentication is required. Successful access to sensiti...

7.5CVSS7.2AI score0.99999EPSS
Exploits20
NCSC
NCSC
added 2023/12/21 12:0 a.m.10 views

Vulnerabilities fixed in Tenable Nessus Network Monitor

Tenable has fixed vulnerabilities in Nessus Network Monitor and underlying software. An unauthenticated malicious person could potentially exploit the vulnerability with reference CVE-2023-5363 potentially exploit it to cause a denial-of-service DoS or to gain access to sensitive system data. In...

9.8CVSS7.3AI score0.97107EPSS
Exploits18
NCSC
NCSC
added 2023/12/05 12:0 a.m.10 views

Vulnerabilities fixed in Google Android and Samsung Mobile

Google has fixed vulnerabilities in Android. A malicious person can exploit the vulnerabilities to launch attacks that can lead to the following categories of damage: Denial-of-Service DoS. Remote code execution Administrator/Root rights Remote code execution User rights Access to sensitive data...

9.8CVSS9.2AI score0.08423EPSS
Exploits8
NCSC
NCSC
added 2023/11/16 12:0 a.m.10 views

Vulnerabilities fixed in Adobe After Effects

Adobe has fixed vulnerabilities in After Effects. A malicious party could exploit the vulnerabilities to gain access to system data, or to execute arbitrary code with privileges of the victim. Successful exploitation requires the malicious party to trick the victim into opening a rogue file. Adob...

7.8CVSS7.9AI score0.00401EPSS
Exploits0
NCSC
NCSC
added 2023/10/27 12:0 a.m.10 views

Vulnerabilities fixed in SugarCRM

Vulnerabilities have been fixed in SugarCRM. A malicious party can exploit the vulnerabilities to conduct a Cross-Site Scripting attack. Such an attack can lead to execution of arbitrary code in the context of the victim's victim's browser, or access sensitive data in the context of the victim's...

8.8CVSS6.9AI score0.00597EPSS
Exploits0
NCSC
NCSC
added 2023/10/19 12:0 a.m.10 views

Vulnerabilities fixed in Oracle Financial Services Applications

Vulnerabilities have been fixed in Oracle Financial Services Applications products. A malicious party could exploit them to launch attacks that can result in the following categories of damage: Denial-of-Service DoS Manipulation of data Bypassing authentication Accessing sensitive data Oracle has...

9.9CVSS7.2AI score0.99615EPSS
Exploits25
NCSC
NCSC
added 2023/10/19 12:0 a.m.10 views

Vulnerabilities fixed in Oracle Analytics

Vulnerabilities have been fixed in Oracle Analytics products. A malicious party can exploit the vulnerabilities to launch attacks execute attacks that can result in the following categories of damage: Denial-of-Service DoS. Circumvention of security measure Accessing sensitive data Accessing syst...

9.9CVSS7.7AI score0.8383EPSS
Exploits16
NCSC
NCSC
added 2023/10/10 12:0 a.m.10 views

Vulnerabilities fixed in F5 BIG-IP

F5 has fixed vulnerabilities in BIG-IP. An authenticated malicious person with access to the management interface, or access to the shell of the system, could exploit the vulnerabilities to cause a Denial-of-Service, obtain sensitive information or, through a Cross-Site-Scripting attack, execute...

9.9CVSS7.5AI score0.99999EPSS
Exploits19
NCSC
NCSC
added 2023/08/08 12:0 a.m.10 views

Vulnerabilities fixed in Microsoft Exchange

Microsoft has fixed vulnerabilities in Exchange. A malicious party could exploit the vulnerabilities to impersonate as another user and execute arbitrary code with privileges of that user, or gain access to the sensitive data in the victim's context. The most serious vulnerability has been given...

9.8CVSS7.4AI score0.16813EPSS
Exploits0
NCSC
NCSC
added 2023/07/19 12:0 a.m.10 views

Vulnerabilities fixed in Oracle MySQL

Vulnerabilities have been fixed in Oracle MySQL products. A malicious party can exploit the vulnerabilities to launch attacks execute attacks that can lead to the following categories of damage: Denial-of-Service DoS. Remote code execution User rights Access to sensitive data Oracle has fixed the...

9.1CVSS7.8AI score0.73461EPSS
Exploits3
NCSC
NCSC
added 2023/07/19 12:0 a.m.10 views

Vulnerabilities fixed in Oracle Enterprise Manager

Vulnerabilities have been fixed in Oracle Enterprise Manager products. A malicious party can exploit the vulnerabilities to execute attacks that can result in the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution Administrator/Root rights Access to...

9.8CVSS8.3AI score0.8377EPSS
Exploits11
NCSC
NCSC
added 2023/07/11 12:0 a.m.10 views

Vulnerabilities fixed in Microsoft Paint3D

Microsoft has fixed vulnerabilities in Paint3D. The vulnerabilities allow a malicious person to execute arbitrary execute code with user privileges. The malicious must do so to trick the victim into opening a rogue image. open. Paint3D comes installed by default, but maintained through the...

7.8CVSS7.1AI score0.00852EPSS
Exploits0
NCSC
NCSC
added 2023/06/15 12:0 a.m.10 views

Vulnerabilities fixed in Google Chrome

Google has fixed vulnerabilities in Chrome. A malicious person could exploit the vulnerabilities to cause a denial-of-service cause or potentially execute arbitrary code with privileges of the victim. Google has released updates to fix the vulnerabilities in Chrome 114.0.5735.133 for linux and...

8.8CVSS7.8AI score0.13813EPSS
Exploits0
NCSC
NCSC
added 2023/06/13 12:0 a.m.10 views

Vulnerabilities fixed in Microsoft Office

Microsoft has fixed vulnerabilities in several Office products. A malicious party could exploit the vulnerabilities to execute attacks that could result in the following categories of damage: Denial-of-Service DoS. Remote code execution User Rights Spoofing Increased user privileges In order to...

9.8CVSS9.1AI score0.99649EPSS
Exploits19
NCSC
NCSC
added 2023/06/13 12:0 a.m.10 views

Vulnerabilities fixed in Siemens products

Siemens has fixed vulnerabilities in SIMATIC, SICAM, SIMOTION, WinCC, Solid Edge and Scalance products. The vulnerabilities allow a malicious party potentially capable of carrying out attacks that can result in the following categories of damage: Denial-of-Service DoS Manipulation of data...

10CVSS7.7AI score0.95764EPSS
Exploits92
NCSC
NCSC
added 2023/05/09 12:0 a.m.10 views

Vulnerabilities fixed in Microsoft Office

Microsoft has fixed vulnerabilities in several Office products. A malicious party could exploit the vulnerabilities to carry out attacks that could result in the following categories of damage: Microsoft Teams: |----------------|------|-------------------------------------| | CVE ID | CVSS | Impa...

7.8CVSS6.5AI score0.85395EPSS
Exploits7
NCSC
NCSC
added 2023/02/09 12:0 a.m.10 views

Vulnerability fixed in Red Hat Fuse

Red Hat has fixed a vulnerability in Fuse 7. The vulnerability is located in the Hazelcast integrated in Fuse Connection Cache and allows an unauthenticated malicious agent to able to manipulate data in the cluster without prior authentication or authorization. Red Hat has released updates to fix...

9.1CVSS7AI score0.01021EPSS
Exploits0
NCSC
NCSC
added 2023/01/11 12:0 a.m.10 views

Vulnerability fixed in Microsoft Malicious Software Removal Tool

Microsoft has fixed a vulnerability in the Windows Malicious Software Removal Tool as used by Microsoft System Center Endpoint Protection and Microsoft Malware Protection Engine. The vulnerability allows a malicious party to obtain of elevated privileges. Windows Malicious Software Removal Tool:...

6.3CVSS6.1AI score0.00378EPSS
Exploits0
NCSC
NCSC
added 2022/12/13 12:0 a.m.10 views

Vulnerability fixed in Citrix Gateway and ADC

Citrix has fixed a vulnerability in Citrix Gateway and Citrix ADC. An unauthenticated remote malicious person could exploit the exploit the vulnerability to execute arbitrary code. To do so, rogue network traffic must be sent to the vulnerable system be sent. Gateway and ADC systems are only...

9.8CVSS9.4AI score0.06931EPSS
Exploits1
NCSC
NCSC
added 2022/11/08 12:0 a.m.10 views

Vulnerabilities fixed in Microsoft Azure

Vulnerabilities have been fixed in Microsoft Azure. The vulnerabilities allow a malicious party to obtain elevated privileges obtain or to execute arbitrary code under the privileges of the user. The vulnerabilities marked CVE-2022-3602 and CVE-2022-3786 are located in OpenSSL and were previously...

9.8CVSS7.5AI score0.92488EPSS
Exploits7
NCSC
NCSC
added 2022/10/25 12:0 a.m.10 views

Vulnerabilities fixed in Apple macOS

Apple has fixed vulnerabilities in macOS. The vulnerabilities potentially enable a malicious person to launch attacks that lead to the following categories of damage: Denial-of-Service DoS Manipulation of data Circumvention of security measure. Remote code execution Administrator/Root rights Remo...

9.8CVSS8.1AI score0.3197EPSS
Exploits49
NCSC
NCSC
added 2022/10/19 12:0 a.m.10 views

Vulnerabilities fixed in Oracle E-Business Suite

Vulnerabilities have been fixed in Oracle E-Business Suite. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution Administrator/Root privileges Access to...

9.8CVSS9.2AI score0.98342EPSS
Exploits9
NCSC
NCSC
added 2022/10/19 12:0 a.m.10 views

Vulnerabilities fixed in Oracle Java SE

Vulnerabilities have been fixed in Oracle Java SE. The vulnerabilities allow a malicious party to perform attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution User rights Access to sensitive data Oracle has fix...

7.5CVSS7.6AI score0.68796EPSS
Exploits1
NCSC
NCSC
added 2022/09/13 12:0 a.m.10 views

Vulnerabilities fixed in Siemens products

Siemens has fixed vulnerabilities in RUGGEDCOM, SCALANCE and SIMATIC products. The vulnerabilities allow a malicious party potentially able to launch attacks that lead to the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Circumvention of authentication. Remote co...

9.8CVSS6.9AI score0.78675EPSS
Exploits19
NCSC
NCSC
added 2022/08/04 12:0 a.m.10 views

Vulnerabilities fixed in BMC Track-It!

BMC has fixed vulnerabilities in Track-It! A malicious person could exploit the vulnerabilities to execute arbitrary code under service account privileges or for gaining access to sensitive data. For accomplishing the former does not require authentication. BMC has released updates to fix the...

9.8CVSS7.2AI score0.01443EPSS
Exploits0
NCSC
NCSC
added 2022/07/20 12:0 a.m.10 views

Vulnerabilities fixed in Oracle Enterprise Manager

Oracle has fixed vulnerabilities in the following Enterprise Manager products: Enterprise Manager Base Platform Enterprise Manager Ops Center Oracle Application Testing Suite Enterprise Manager for MySQL Database The vulnerabilities potentially enable a malicious party to execute attacks that...

10CVSS7.2AI score0.99677EPSS
Exploits108
NCSC
NCSC
added 2022/07/15 12:0 a.m.10 views

Vulnerabilities fixed in Juniper products

Juniper has fixed vulnerabilities in several products. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Circumvention of security measure Remote code execution User rights...

9.8CVSS8.7AI score0.50732EPSS
Exploits12
NCSC
NCSC
added 2022/07/07 12:0 a.m.10 views

Vulnerabilities fixed in IBM Tivoli Netcool Impact

Vulnerabilities have been fixed in IBM Tivoli Netcool Impact. The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS. Circumvention of security measure Spoofing Accessing sensitive data Accessing...

10CVSS7.1AI score0.95764EPSS
Exploits25
NCSC
NCSC
added 2022/06/16 12:0 a.m.10 views

Vulnerabilities fixed in Cisco Identity Services Engine

Vulnerabilities have been fixed in Cisco Identity Services Engine. The vulnerabilities allow a malicious party to access system data or to bypass authentication. Cisco has released updates to fix the vulnerabilities. More information can be found on the pages below: CVE-2022-20733...

9.8CVSS6.8AI score0.01045EPSS
Exploits0
NCSC
NCSC
added 2022/06/08 12:0 a.m.10 views

Vulnerabilities fixed in IBM Cognos Command Center

Several vulnerabilities have been fixed in IBM Cognos Command Center. The vulnerabilities allow a malicious party to execute attacks that result in the following categories of damage: Denial-of-Service DoS Remote code execution User Rights Spoofing Access to sensitive data Increased user privileg...

9.8CVSS9.9AI score0.81147EPSS
Exploits17
NCSC
NCSC
added 2022/06/02 12:0 a.m.10 views

Vulnerabilities fixed in IBM QRadar SIEM

Vulnerabilities have been fixed in the IBM QRadar Data Synchronization App for IBM QRadar SIEM. The vulnerabilities are are in underlying software and libraries, such as Node.js and SQLite. The vulnerabilities potentially enable a malicious person to able to perform attacks that result in the...

9.8CVSS9.3AI score0.37286EPSS
Exploits16
NCSC
NCSC
added 2022/05/10 12:0 a.m.10 views

Vulnerabilities fixed in Microsoft Office

Vulnerabilities have been fixed in Microsoft Office. The vulnerabilities allow a remote malicious person to execute arbitrary code under the user's privileges or to bypass a security measure. Microsoft Office Excel: |----------------|------|-------------------------------------| | CVE ID | CVSS |...

9.3CVSS7.1AI score0.11576EPSS
Exploits0
NCSC
NCSC
added 2022/04/20 12:0 a.m.10 views

Vulnerabilities fixed in Liferay

Vulnerabilities have been fixed in Liferay Portal versions 7.3.3 through through 7.4.1. The vulnerabilities allow a malicious party to perform a Cross-Site Scripting attack or unintentionally view the list of groups and sites used within the portal. Liferay has made updates available for Liferay...

5.4CVSS6.5AI score0.00738EPSS
Exploits0
Total number of security vulnerabilities4190