4190 matches found
Vulnerabilities fixed in Oracle Database Server
Vulnerabilities have been fixed in Oracle Database Server. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution User rights Access to sensitive data Orac...
Vulnerabilities fixed in Oracle Financial Services Applications
Vulnerabilities have been fixed in Oracle Financial Services Applications. The vulnerabilities allow a malicious party to perform attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Circumvention of security measure Remote code execution User righ...
Vulnerability fixed in Apache Commons Text
A vulnerability has been fixed in Apache Commons Text. The vulnerability allows an unauthenticated remote malicious person potentially able to execute arbitrary code with the privileges of the vulnerable application. To do so, a malicious person must have specific text processed by the vulnerable...
Vulnerabilities fixed in Oracle MySQL
Oracle has fixed vulnerabilities in several MySQL products: Enterprise Manager Base Platform Oracle Application Testing Suite Enterprise Manager Ops Center Enterprise Manager for MySQL Database A malicious party can exploit the vulnerabilities to cause the following categories of damage: The...
Vulnerabilities fixed in Google Android and Samsung Mobile
Google has fixed vulnerabilities in Android. In addition to the vulnerabilities fixed by Google fixed vulnerabilities, Samsung itself has fixed 41 other vulnerabilities fixed in Samsung Mobile. The vulnerabilities potentially enable a malicious person to carry out attacks that lead to the followi...
Vulnerabilities fixed in IBM Tivoli Monitoring
Multiple vulnerabilities have been fixed in the WebSphere Application Server component of IBM Tivoli Monitoring. The vulnerabilities allow a malicious party to launch attacks execute attacks that result in the following categories of damage: Remote code execution User Rights Denial-of-Service DoS...
Vulnerabilities fixed in Microsoft Office
Vulnerabilities have been fixed in Microsoft Office. The vulnerabilities allow a remote malicious person to execute arbitrary code under the user's privileges or to bypass a security measure. Microsoft Office Excel: |----------------|------|-------------------------------------| | CVE ID | CVSS |...
Vulnerabilities fixed in Oracle Construction and Engineering
Oracle has fixed vulnerabilities in the following Construction and Engineering products: Primavera Unifier Instantis EnterpriseTrack The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS...
Vulnerabilities fixed in Siemens products
Vulnerabilities have been fixed in several Siemens products. The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Manipulation of data Remote code execution User Rights...
Vulnerability fixed in Microsoft Power BI
Microsoft has fixed a vulnerability in the Power BI Gateway. The vulnerability occurs when multiple users simultaneously using the gateway, causing the gateway to mixes sessions. A malicious party could potentially exploit this vulnerability to gain access to sensitive data. Abuse is not easy. Th...
Vulnerability fixed in IBM MQ
IBM has fixed a vulnerability in IBM MQ. The vulnerability allows an authenticated malicious party to cause a denial-of-service exploit. IBM has released updates to fix the vulnerabilities. For more information, see: https://www.ibm.com/support/pages/node/6564711...
Vulnerabilities fixed in NetApp Clustered Data ONTAP
NetApp has released updates to fix vulnerabilities in several third-party components for Clustered Data ONTAP. The vulnerabilities are in OpenSSL, PHP, OpenSSH and Apache and enable a malicious party to cause a denial-of-service cause, gain access to sensitive data and potentially manipulate data...
Vulnerabilities fixed in Siemens products
Vulnerabilities have been fixed in several Siemens products. The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Manipulation of data Circumvention of authentication...
Vulnerabilities fixed in GitLab
Vulnerabilities have been fixed in GitLab. The vulnerabilities potentially enable a malicious person to launch attacks leading to the following categories of damage: Denial-of-Service DoS Circumvention of security measure Accessing sensitive data Remote code execution User rights The vulnerabilit...
Vulnerabilities fixed in IBM Cognos Controller
IBM has fixed vulnerabilities in Cognos Controller. The vulnerabilities potentially enable a malicious person to launch attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Circumvention of security measure Remote code execution Use...
Vulnerability fixed in Polkit
Qualys researchers have found a vulnerability in the pkexec function of polkit. Polkit is a standard component of a large number of Linux distributions and was previously known as Policykit. Polkit controls communication between applications that elevated privileges and applications that do not...
Vulnerabilities fixed in Oracle Database Server
Oracle has fixed vulnerabilities in the following Oracle Database Server products: Database - Enterprise Edition Database Configuration Assistant Spatial and Graph Application Express APEX Engineered Systems Utilities The vulnerabilities allow a malicious person to carry out attacks execute attac...
Vulnerability fixed in Zoho ManageEngine Desktop Central
Zoho has fixed a vulnerability in ManageEngine Desktop Central. Desktop Central is a solution used by administrators to remotely manage devices within an organization. manage. The vulnerability makes it possible for a malicious person to bypass authentication and execute arbitrary code under the...
Vulnerabilities fixed in Citrix Hypervisor
Several security issues have been fixed in Citrix Hypervisor, which may cause the host to crash or become un responsive. Citrix has released updates to fix the vulnerabilities. More information can be found on the page below: https://support.citrix.com/article/CTX335432...
Vulnerabilities fixed in Microsoft Windows
Microsoft has fixed vulnerabilities in Windows. The vulnerabilities potentially enable a malicious person to launch attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Circumvention of security measure Remote code execution Administrator/Root rights...
Vulnerabilities fixed in Adobe products
Adobe has fixed vulnerabilities in several of its products. The vulnerabilities potentially enable a malicious person to execute attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution User Rights Increased user privileges Adobe...
Vulnerability fixed in Grafana
A vulnerability has been fixed in Grafana. The vulnerability with the attribute CVE-2021-43798 concerns a path-traversal vulnerability that allows an unauthenticated remote malicious person to potentially be able to gain access to sensitive data. On Twitter and elsewhere and others, exploits are...
Vulnerabilities fixed in McAfee Data Loss Prevention
McAfee has fixed vulnerabilities in the Data Loss Prevention extension for ePolicy Orchestrator. An authenticated malicious party could exploit the vulnerabilities to perform of an SQL injection or Cross-Site Scripting XSS attack. The latter can lead to the execution of arbitrary script code in t...
Vulnerabilities fixed in Microsoft Edge
Several vulnerabilities have been fixed in Microsoft Edge. A remote attacker could exploit some of these vulnerabilities exploit them to execute external code, bypass security measures and obtain sensitive information. Microsoft has made updates available that fix the described vulnerabilities...
Vulnerabilities fixed in Oracle Siebel CRM
Vulnerabilities have been fixed in Oracle Siebel CRM. The vulnerabilities allow a malicious party to conduct attacks execute attacks that result in the following categories of damage: Denail-Of-Service DOS. Remote code execution User Rights Provide elevated privileges Accessing sensitive data...
Vulnerabilities fixed in Apache web server
Apache Foundation has fixed two vulnerabilities in the apache web server. An unauthenticated remote malicious person could vulnerabilities potentially exploit them to cause a denial-of-service, or to obtain sensitive data. The Denial-of-Service can be caused by sending a specially prepared reques...
Vulnerabilities fixed in GitLab
Vulnerabilities have been fixed in GitLab. The vulnerabilities allow a malicious person to perform attacks that lead to the following categories of damage: Server Side Request Forgery SSRF. Cross-Site Scripting XSS Denial-of-Service DoS. Bypassing authentication Circumvention of security measure...
Issues fixed in Apache web server
Apache has released version 2.4.49 of the Apache Web server. In this version a number of vulnerabilities have been fixed. Please note that the 2.2.x branch is now at the end of the life of the Apache HTTP Server project and there will be no further activity take place, including security updates...
Vulnerabilities fixed in Microsoft Edge
Microsoft has made updates available to fix vulnerabilities fixes in Microsoft Edge. The vulnerabilities allow a malicious party potentially able to launch attacks that lead to the following categories of damage: Denial-of-Service DoS Circumvention of security measure Remote code execution User...
Vulnerabilities fixed in Google Android
Google has fixed vulnerabilities in Android. The vulnerabilities potentially enable a malicious person to carry out attacks that lead to the following categories of damage: Remote code execution User Rights Access to sensitive data Access to system data Increased user privileges Few technical...
Vulnerabilities fixed in Samsung Mobile
Vulnerabilities have been fixed in Android as used by Samsung Mobile products. The vulnerabilities allow a malicious party potentially able to launch attacks that lead to the following categories of damage: Denial-of-Service DoS. Remote code execution User Rights Access to sensitive data Access t...
Vulnerability discovered in Microsoft Windows
Researchers have discovered a vulnerability in Microsoft Windows 10 build 1809 and later. A local, authenticated malicious person could exploit the vulnerability to read the local SAM database and execute arbitrary code with SYSTEM privileges. -= Microsoft =- Microsoft has not yet made updates...
Vulnerabilities fixed in Siemens SIMATIC
Siemens has fixed vulnerabilities in Simatic products. The vulnerabilities potentially enable a malicious person to launch attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Circumvention of security measure Remote code execution...
Vulnerabilities fixed in Jenkins
Vulnerabilities have been fixed in Jenkins. The vulnerabilities allow a malicious person to perform attacks that lead to the following categories of damage: Cross-Site Request Forgery XSRF. Circumvention of security measure. Remote code execution User Rights Spoofing Increased user rights Jenkins...
Vulnerability fixed in Veeam Backup & Replication
A vulnerability has been fixed in Veeam Backup & Replication. The vulnerability potentially allows a malicious party to execute arbitrary code to execute arbitrary code because the Veeam application was vulnerable to a flaw in the deseralization logic of .NET remoting. Veeam's developers have mad...
Vulnerabilities fixed in AVEVA System Platform
AVEVA has fixed vulnerabilities in System Platform. The vulnerabilities allow a remote malicious person to gain gain unauthenticated access to the system and to cause a denial-of-service. AVEVA has released updates to fix the vulnerabilities. More information can be found on the page below:...
Vulnerabilities fixed in Aruba ClearPass Policy Manager
Vulnerabilities have been fixed in Aruba ClearPass Policy Manager. The vulnerabilities allow a malicious party to conduct attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS. Bypassing authentication. Remote code execution Administrator/Root rights...
Vulnerabilities fixed in Red Hat JBoss Web Server
Vulnerabilities have been fixed in Red Hat JBoss Web Server. The vulnerabilities allow a malicious party to cause a denial-of-service or to obtain sensitive data obtain. Red Hat has released updates to fix the vulnerabilities. More information can be found on the page below:...
Vulnerabilities fixed in IBM DB2
Vulnerabilities have been fixed in IBM DB2. The vulnerabilities allow a malicious person to perform attacks that lead to the following categories of damage: Denial-of-Service DoS Circumvention of security measure Accessing sensitive data IBM has released updates to fix the vulnerabilities. More...
Vulnerabilities fixed in Red Hat Openshift Container Platform
Red Hat has released updates to a large number of packages for its OpenShift Container Platform. The packages include several applications for which security advisories have previously been written, but for which Red Hat is now releasing a bundle for OpenShift 4.7.13 Malicious parties can exploit...
Vulnerabilities fixed in Joomla!
Vulnerabilities have been fixed in Joomla! The vulnerabilities allow a malicious person to launch attacks that lead to the following categories of damage: Cross-Site Request Forgery XSRF. Cross-Site Scripting XSS. Access to system data Joomla! has released updates to fix the vulnerabilities. More...
Vulnerabilities fixed in Microsoft Developer Tools
Vulnerabilities have been fixed in Windows Developer Tools. The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Remote code execution User privileges. Increased user privileges .NET Core & Visual Studio:...
Vulnerability fixed in Citrix ShareFile
A vulnerability has been fixed in the storage zones controller of Citrix ShareFile. The vulnerability allows an unauthenticated remote malicious party to obtain a sensitive data obtain. It is good practice to place these storage zone controllers in the in-house network with DMZ tooling to protect...
Vulnerabilities fixed in SUSE Linux Enterprise kernel
SUSE developers have fixed several vulnerabilities in the Linux kernel as used in SUSE Linux Enterprise. The vulnerabilities potentially enable a local malicious person to execute attacks that result in the following categories of damage: Denial-of-Service DoS Remote code execution...
Vulnerabilities fixed in Joomla
Several vulnerabilities have been fixed in Joomla. The vulnerabilities potentially enable a malicious party to launch attacks execute attacks that result in the following categories of damage: Cross-Site Scripting XSS. Manipulation of data Circumvention of security measure The vulnerability with...
Multiple vulnerabilities fixed in F5 BIG-IP products
F5 has fixed several vulnerabilities in BIG-IP. Malicious parties can exploit the vulnerabilities to cause a denial-of-service or perform cross-site scripting attacks. Authenticated malicious actors can exploit some of the vulnerabilities exploit them to bypass security measures and gain access...
Vulnerabilities fixed in Oracle Communications
Vulnerabilities have been fixed in Oracle Communications. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS. Circumvention of security measure SQL Injection Accessing sensitive data Accessing...
Vulnerabilities fixed in F5 BIG-IP
Vulnerabilities have been fixed in F5 BIG-IP. The vulnerabilities allow a malicious party to launch attacks that lead to the following categories of damage: Cross-Site Scripting XSS. Denial-of-Service DoS. Circumvention of security measure Spoofing Accessing sensitive data F5 has released updates...
Vulnerabilities fixed in Android 11
Vulnerabilities have been fixed in Android 11. The vulnerabilities allow a malicious person to carry out attacks execute attacks that lead to the following categories of damage: Denial-of-Service DoS. Bypassing authentication. Remote code execution User Rights Accessing sensitive data Access to...
Vulnerabilities fixed in WordPress
WordPress developers have fixed several vulnerabilities fixed. An authenticated remote malicious person could potentially exploit these vulnerabilities potentially exploit them to perform a Cross-Site Scripting XSS attack. Such an attack could lead to the execution of arbitrary script code in the...