Lucene search
K
NcscMost viewed

4190 matches found

NCSC
NCSC
•added 2022/10/19 12:0 a.m.•9 views

Vulnerabilities fixed in Oracle Database Server

Vulnerabilities have been fixed in Oracle Database Server. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution User rights Access to sensitive data Orac...

9.1CVSS8.9AI score0.0486EPSS
Exploits2
NCSC
NCSC
•added 2022/10/19 12:0 a.m.•9 views

Vulnerabilities fixed in Oracle Financial Services Applications

Vulnerabilities have been fixed in Oracle Financial Services Applications. The vulnerabilities allow a malicious party to perform attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Circumvention of security measure Remote code execution User righ...

9.8CVSS9.6AI score0.97906EPSS
Exploits29
NCSC
NCSC
•added 2022/10/18 12:0 a.m.•9 views

Vulnerability fixed in Apache Commons Text

A vulnerability has been fixed in Apache Commons Text. The vulnerability allows an unauthenticated remote malicious person potentially able to execute arbitrary code with the privileges of the vulnerable application. To do so, a malicious person must have specific text processed by the vulnerable...

9.8CVSS9.3AI score0.99931EPSS
Exploits41
NCSC
NCSC
•added 2022/07/20 12:0 a.m.•9 views

Vulnerabilities fixed in Oracle MySQL

Oracle has fixed vulnerabilities in several MySQL products: Enterprise Manager Base Platform Oracle Application Testing Suite Enterprise Manager Ops Center Enterprise Manager for MySQL Database A malicious party can exploit the vulnerabilities to cause the following categories of damage: The...

10CVSS6.5AI score0.85315EPSS
Exploits26
NCSC
NCSC
•added 2022/07/07 12:0 a.m.•9 views

Vulnerabilities fixed in Google Android and Samsung Mobile

Google has fixed vulnerabilities in Android. In addition to the vulnerabilities fixed by Google fixed vulnerabilities, Samsung itself has fixed 41 other vulnerabilities fixed in Samsung Mobile. The vulnerabilities potentially enable a malicious person to carry out attacks that lead to the followi...

10CVSS7.5AI score0.03461EPSS
Exploits3
NCSC
NCSC
•added 2022/06/01 12:0 a.m.•9 views

Vulnerabilities fixed in IBM Tivoli Monitoring

Multiple vulnerabilities have been fixed in the WebSphere Application Server component of IBM Tivoli Monitoring. The vulnerabilities allow a malicious party to launch attacks execute attacks that result in the following categories of damage: Remote code execution User Rights Denial-of-Service DoS...

10CVSS7.9AI score0.99999EPSS
Exploits359
NCSC
NCSC
•added 2022/05/10 12:0 a.m.•9 views

Vulnerabilities fixed in Microsoft Office

Vulnerabilities have been fixed in Microsoft Office. The vulnerabilities allow a remote malicious person to execute arbitrary code under the user's privileges or to bypass a security measure. Microsoft Office Excel: |----------------|------|-------------------------------------| | CVE ID | CVSS |...

9.3CVSS7.1AI score0.11576EPSS
Exploits0
NCSC
NCSC
•added 2022/04/20 12:0 a.m.•9 views

Vulnerabilities fixed in Oracle Construction and Engineering

Oracle has fixed vulnerabilities in the following Construction and Engineering products: Primavera Unifier Instantis EnterpriseTrack The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS...

9.8CVSS9.3AI score0.97906EPSS
Exploits12
NCSC
NCSC
•added 2022/04/12 12:0 a.m.•9 views

Vulnerabilities fixed in Siemens products

Vulnerabilities have been fixed in several Siemens products. The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Manipulation of data Remote code execution User Rights...

9.9CVSS7.3AI score0.70561EPSS
Exploits6
NCSC
NCSC
•added 2022/04/12 12:0 a.m.•9 views

Vulnerability fixed in Microsoft Power BI

Microsoft has fixed a vulnerability in the Power BI Gateway. The vulnerability occurs when multiple users simultaneously using the gateway, causing the gateway to mixes sessions. A malicious party could potentially exploit this vulnerability to gain access to sensitive data. Abuse is not easy. Th...

3.7CVSS6.2AI score0.00797EPSS
Exploits0
NCSC
NCSC
•added 2022/04/06 12:0 a.m.•9 views

Vulnerability fixed in IBM MQ

IBM has fixed a vulnerability in IBM MQ. The vulnerability allows an authenticated malicious party to cause a denial-of-service exploit. IBM has released updates to fix the vulnerabilities. For more information, see: https://www.ibm.com/support/pages/node/6564711...

6.5CVSS6.6AI score0.01066EPSS
Exploits0
NCSC
NCSC
•added 2022/03/23 12:0 a.m.•9 views

Vulnerabilities fixed in NetApp Clustered Data ONTAP

NetApp has released updates to fix vulnerabilities in several third-party components for Clustered Data ONTAP. The vulnerabilities are in OpenSSL, PHP, OpenSSH and Apache and enable a malicious party to cause a denial-of-service cause, gain access to sensitive data and potentially manipulate data...

9.8CVSS7.5AI score0.99999EPSS
Exploits11
NCSC
NCSC
•added 2022/03/08 12:0 a.m.•9 views

Vulnerabilities fixed in Siemens products

Vulnerabilities have been fixed in several Siemens products. The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Manipulation of data Circumvention of authentication...

9.8CVSS8AI score0.87816EPSS
Exploits44
NCSC
NCSC
•added 2022/02/28 12:0 a.m.•9 views

Vulnerabilities fixed in GitLab

Vulnerabilities have been fixed in GitLab. The vulnerabilities potentially enable a malicious person to launch attacks leading to the following categories of damage: Denial-of-Service DoS Circumvention of security measure Accessing sensitive data Remote code execution User rights The vulnerabilit...

10CVSS7.5AI score0.80004EPSS
Exploits6
NCSC
NCSC
•added 2022/02/01 12:0 a.m.•9 views

Vulnerabilities fixed in IBM Cognos Controller

IBM has fixed vulnerabilities in Cognos Controller. The vulnerabilities potentially enable a malicious person to launch attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Circumvention of security measure Remote code execution Use...

9.8CVSS9AI score0.06257EPSS
Exploits0
NCSC
NCSC
•added 2022/01/26 12:0 a.m.•9 views

Vulnerability fixed in Polkit

Qualys researchers have found a vulnerability in the pkexec function of polkit. Polkit is a standard component of a large number of Linux distributions and was previously known as Policykit. Polkit controls communication between applications that elevated privileges and applications that do not...

7.8CVSS6.9AI score0.94921EPSS
Exploits151
NCSC
NCSC
•added 2022/01/19 12:0 a.m.•9 views

Vulnerabilities fixed in Oracle Database Server

Oracle has fixed vulnerabilities in the following Oracle Database Server products: Database - Enterprise Edition Database Configuration Assistant Spatial and Graph Application Express APEX Engineered Systems Utilities The vulnerabilities allow a malicious person to carry out attacks execute attac...

7.8CVSS6AI score0.99999EPSS
Exploits22
NCSC
NCSC
•added 2022/01/18 12:0 a.m.•9 views

Vulnerability fixed in Zoho ManageEngine Desktop Central

Zoho has fixed a vulnerability in ManageEngine Desktop Central. Desktop Central is a solution used by administrators to remotely manage devices within an organization. manage. The vulnerability makes it possible for a malicious person to bypass authentication and execute arbitrary code under the...

9.1CVSS7.3AI score0.24195EPSS
Exploits0
NCSC
NCSC
•added 2022/01/13 12:0 a.m.•9 views

Vulnerabilities fixed in Citrix Hypervisor

Several security issues have been fixed in Citrix Hypervisor, which may cause the host to crash or become un responsive. Citrix has released updates to fix the vulnerabilities. More information can be found on the page below: https://support.citrix.com/article/CTX335432...

8.8CVSS9AI score0.00333EPSS
Exploits0
NCSC
NCSC
•added 2022/01/11 12:0 a.m.•9 views

Vulnerabilities fixed in Microsoft Windows

Microsoft has fixed vulnerabilities in Windows. The vulnerabilities potentially enable a malicious person to launch attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Circumvention of security measure Remote code execution Administrator/Root rights...

10CVSS7.8AI score0.9279EPSS
Exploits33
NCSC
NCSC
•added 2021/12/15 12:0 a.m.•9 views

Vulnerabilities fixed in Adobe products

Adobe has fixed vulnerabilities in several of its products. The vulnerabilities potentially enable a malicious person to execute attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution User Rights Increased user privileges Adobe...

9.3CVSS7.4AI score0.02328EPSS
Exploits0
NCSC
NCSC
•added 2021/12/08 12:0 a.m.•9 views

Vulnerability fixed in Grafana

A vulnerability has been fixed in Grafana. The vulnerability with the attribute CVE-2021-43798 concerns a path-traversal vulnerability that allows an unauthenticated remote malicious person to potentially be able to gain access to sensitive data. On Twitter and elsewhere and others, exploits are...

7.5CVSS9.3AI score0.88849EPSS
Exploits44
NCSC
NCSC
•added 2021/11/02 12:0 a.m.•9 views

Vulnerabilities fixed in McAfee Data Loss Prevention

McAfee has fixed vulnerabilities in the Data Loss Prevention extension for ePolicy Orchestrator. An authenticated malicious party could exploit the vulnerabilities to perform of an SQL injection or Cross-Site Scripting XSS attack. The latter can lead to the execution of arbitrary script code in t...

8.4CVSS7.4AI score0.01044EPSS
Exploits0
NCSC
NCSC
•added 2021/10/22 12:0 a.m.•9 views

Vulnerabilities fixed in Microsoft Edge

Several vulnerabilities have been fixed in Microsoft Edge. A remote attacker could exploit some of these vulnerabilities exploit them to execute external code, bypass security measures and obtain sensitive information. Microsoft has made updates available that fix the described vulnerabilities...

9.6CVSS6.8AI score0.01041EPSS
Exploits0
NCSC
NCSC
•added 2021/10/20 12:0 a.m.•9 views

Vulnerabilities fixed in Oracle Siebel CRM

Vulnerabilities have been fixed in Oracle Siebel CRM. The vulnerabilities allow a malicious party to conduct attacks execute attacks that result in the following categories of damage: Denail-Of-Service DOS. Remote code execution User Rights Provide elevated privileges Accessing sensitive data...

7.8CVSS9.2AI score0.95707EPSS
Exploits23
NCSC
NCSC
•added 2021/10/05 12:0 a.m.•9 views

Vulnerabilities fixed in Apache web server

Apache Foundation has fixed two vulnerabilities in the apache web server. An unauthenticated remote malicious person could vulnerabilities potentially exploit them to cause a denial-of-service, or to obtain sensitive data. The Denial-of-Service can be caused by sending a specially prepared reques...

7.5CVSS7AI score0.99992EPSS
Exploits148
NCSC
NCSC
•added 2021/10/01 12:0 a.m.•9 views

Vulnerabilities fixed in GitLab

Vulnerabilities have been fixed in GitLab. The vulnerabilities allow a malicious person to perform attacks that lead to the following categories of damage: Server Side Request Forgery SSRF. Cross-Site Scripting XSS Denial-of-Service DoS. Bypassing authentication Circumvention of security measure...

8.7CVSS6.1AI score0.01227EPSS
Exploits1
NCSC
NCSC
•added 2021/09/16 12:0 a.m.•9 views

Issues fixed in Apache web server

Apache has released version 2.4.49 of the Apache Web server. In this version a number of vulnerabilities have been fixed. Please note that the 2.2.x branch is now at the end of the life of the Apache HTTP Server project and there will be no further activity take place, including security updates...

9.8CVSS9AI score0.99999EPSS
Exploits6
NCSC
NCSC
•added 2021/09/14 12:0 a.m.•9 views

Vulnerabilities fixed in Microsoft Edge

Microsoft has made updates available to fix vulnerabilities fixes in Microsoft Edge. The vulnerabilities allow a malicious party potentially able to launch attacks that lead to the following categories of damage: Denial-of-Service DoS Circumvention of security measure Remote code execution User...

8.8CVSS8.4AI score0.0559EPSS
Exploits2
NCSC
NCSC
•added 2021/08/03 12:0 a.m.•9 views

Vulnerabilities fixed in Google Android

Google has fixed vulnerabilities in Android. The vulnerabilities potentially enable a malicious person to carry out attacks that lead to the following categories of damage: Remote code execution User Rights Access to sensitive data Access to system data Increased user privileges Few technical...

10CVSS8.8AI score0.01377EPSS
Exploits1
NCSC
NCSC
•added 2021/08/03 12:0 a.m.•9 views

Vulnerabilities fixed in Samsung Mobile

Vulnerabilities have been fixed in Android as used by Samsung Mobile products. The vulnerabilities allow a malicious party potentially able to launch attacks that lead to the following categories of damage: Denial-of-Service DoS. Remote code execution User Rights Access to sensitive data Access t...

10CVSS8.9AI score0.06968EPSS
Exploits3
NCSC
NCSC
•added 2021/07/21 12:0 a.m.•9 views

Vulnerability discovered in Microsoft Windows

Researchers have discovered a vulnerability in Microsoft Windows 10 build 1809 and later. A local, authenticated malicious person could exploit the vulnerability to read the local SAM database and execute arbitrary code with SYSTEM privileges. -= Microsoft =- Microsoft has not yet made updates...

7.8CVSS7.2AI score0.67252EPSS
Exploits11
NCSC
NCSC
•added 2021/07/13 12:0 a.m.•9 views

Vulnerabilities fixed in Siemens SIMATIC

Siemens has fixed vulnerabilities in Simatic products. The vulnerabilities potentially enable a malicious person to launch attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Circumvention of security measure Remote code execution...

10CVSS7.1AI score0.9166EPSS
Exploits25
NCSC
NCSC
•added 2021/07/01 12:0 a.m.•9 views

Vulnerabilities fixed in Jenkins

Vulnerabilities have been fixed in Jenkins. The vulnerabilities allow a malicious person to perform attacks that lead to the following categories of damage: Cross-Site Request Forgery XSRF. Circumvention of security measure. Remote code execution User Rights Spoofing Increased user rights Jenkins...

7.5CVSS7.3AI score0.42521EPSS
Exploits0
NCSC
NCSC
•added 2021/07/01 12:0 a.m.•9 views

Vulnerability fixed in Veeam Backup & Replication

A vulnerability has been fixed in Veeam Backup & Replication. The vulnerability potentially allows a malicious party to execute arbitrary code to execute arbitrary code because the Veeam application was vulnerable to a flaw in the deseralization logic of .NET remoting. Veeam's developers have mad...

9.8CVSS7.5AI score0.01239EPSS
Exploits0
NCSC
NCSC
•added 2021/06/30 12:0 a.m.•9 views

Vulnerabilities fixed in AVEVA System Platform

AVEVA has fixed vulnerabilities in System Platform. The vulnerabilities allow a remote malicious person to gain gain unauthenticated access to the system and to cause a denial-of-service. AVEVA has released updates to fix the vulnerabilities. More information can be found on the page below:...

9.8CVSS6.9AI score0.01109EPSS
Exploits0
NCSC
NCSC
•added 2021/06/30 12:0 a.m.•9 views

Vulnerabilities fixed in Aruba ClearPass Policy Manager

Vulnerabilities have been fixed in Aruba ClearPass Policy Manager. The vulnerabilities allow a malicious party to conduct attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS. Bypassing authentication. Remote code execution Administrator/Root rights...

9CVSS8.6AI score0.99295EPSS
Exploits82
NCSC
NCSC
•added 2021/06/29 12:0 a.m.•9 views

Vulnerabilities fixed in Red Hat JBoss Web Server

Vulnerabilities have been fixed in Red Hat JBoss Web Server. The vulnerabilities allow a malicious party to cause a denial-of-service or to obtain sensitive data obtain. Red Hat has released updates to fix the vulnerabilities. More information can be found on the page below:...

7.5CVSS8.3AI score0.18114EPSS
Exploits15
NCSC
NCSC
•added 2021/06/24 12:0 a.m.•9 views

Vulnerabilities fixed in IBM DB2

Vulnerabilities have been fixed in IBM DB2. The vulnerabilities allow a malicious person to perform attacks that lead to the following categories of damage: Denial-of-Service DoS Circumvention of security measure Accessing sensitive data IBM has released updates to fix the vulnerabilities. More...

8.1CVSS6.4AI score0.0111EPSS
Exploits0
NCSC
NCSC
•added 2021/06/01 12:0 a.m.•9 views

Vulnerabilities fixed in Red Hat Openshift Container Platform

Red Hat has released updates to a large number of packages for its OpenShift Container Platform. The packages include several applications for which security advisories have previously been written, but for which Red Hat is now releasing a bundle for OpenShift 4.7.13 Malicious parties can exploit...

9.8CVSS7AI score0.3783EPSS
Exploits29
NCSC
NCSC
•added 2021/05/26 12:0 a.m.•9 views

Vulnerabilities fixed in Joomla!

Vulnerabilities have been fixed in Joomla! The vulnerabilities allow a malicious person to launch attacks that lead to the following categories of damage: Cross-Site Request Forgery XSRF. Cross-Site Scripting XSS. Access to system data Joomla! has released updates to fix the vulnerabilities. More...

6.5CVSS6.2AI score0.0098EPSS
Exploits1
NCSC
NCSC
•added 2021/05/11 12:0 a.m.•9 views

Vulnerabilities fixed in Microsoft Developer Tools

Vulnerabilities have been fixed in Windows Developer Tools. The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Remote code execution User privileges. Increased user privileges .NET Core & Visual Studio:...

9.3CVSS7AI score0.53582EPSS
Exploits0
NCSC
NCSC
•added 2021/04/28 12:0 a.m.•9 views

Vulnerability fixed in Citrix ShareFile

A vulnerability has been fixed in the storage zones controller of Citrix ShareFile. The vulnerability allows an unauthenticated remote malicious party to obtain a sensitive data obtain. It is good practice to place these storage zone controllers in the in-house network with DMZ tooling to protect...

9.8CVSS6.5AI score0.01081EPSS
Exploits0
NCSC
NCSC
•added 2021/04/16 12:0 a.m.•9 views

Vulnerabilities fixed in SUSE Linux Enterprise kernel

SUSE developers have fixed several vulnerabilities in the Linux kernel as used in SUSE Linux Enterprise. The vulnerabilities potentially enable a local malicious person to execute attacks that result in the following categories of damage: Denial-of-Service DoS Remote code execution...

8.8CVSS5.7AI score0.03259EPSS
Exploits9
NCSC
NCSC
•added 2021/03/05 12:0 a.m.•9 views

Vulnerabilities fixed in Joomla

Several vulnerabilities have been fixed in Joomla. The vulnerabilities potentially enable a malicious party to launch attacks execute attacks that result in the following categories of damage: Cross-Site Scripting XSS. Manipulation of data Circumvention of security measure The vulnerability with...

9.1CVSS6.7AI score0.06529EPSS
Exploits2
NCSC
NCSC
•added 2021/02/11 12:0 a.m.•9 views

Multiple vulnerabilities fixed in F5 BIG-IP products

F5 has fixed several vulnerabilities in BIG-IP. Malicious parties can exploit the vulnerabilities to cause a denial-of-service or perform cross-site scripting attacks. Authenticated malicious actors can exploit some of the vulnerabilities exploit them to bypass security measures and gain access...

8.5CVSS6.9AI score0.01062EPSS
Exploits0
NCSC
NCSC
•added 2021/01/21 12:0 a.m.•9 views

Vulnerabilities fixed in Oracle Communications

Vulnerabilities have been fixed in Oracle Communications. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS. Circumvention of security measure SQL Injection Accessing sensitive data Accessing...

9.8CVSS7.8AI score0.28839EPSS
Exploits6
NCSC
NCSC
•added 2020/12/17 12:0 a.m.•9 views

Vulnerabilities fixed in F5 BIG-IP

Vulnerabilities have been fixed in F5 BIG-IP. The vulnerabilities allow a malicious party to launch attacks that lead to the following categories of damage: Cross-Site Scripting XSS. Denial-of-Service DoS. Circumvention of security measure Spoofing Accessing sensitive data F5 has released updates...

7.8CVSS6.5AI score0.01423EPSS
Exploits0
NCSC
NCSC
•added 2020/12/08 12:0 a.m.•9 views

Vulnerabilities fixed in Android 11

Vulnerabilities have been fixed in Android 11. The vulnerabilities allow a malicious person to carry out attacks execute attacks that lead to the following categories of damage: Denial-of-Service DoS. Bypassing authentication. Remote code execution User Rights Accessing sensitive data Access to...

9.8CVSS9.4AI score0.04022EPSS
Exploits3
NCSC
NCSC
•added 2020/11/03 12:0 a.m.•9 views

Vulnerabilities fixed in WordPress

WordPress developers have fixed several vulnerabilities fixed. An authenticated remote malicious person could potentially exploit these vulnerabilities potentially exploit them to perform a Cross-Site Scripting XSS attack. Such an attack could lead to the execution of arbitrary script code in the...

9.8CVSS6.5AI score0.16119EPSS
Exploits1
Total number of security vulnerabilities4190