Lucene search
K
NcscMost viewed

4189 matches found

NCSC
NCSC
•added 2022/11/08 12:0 a.m.•57 views

Vulnerabilities fixed in Google Android and Samsung Mobile

Google has fixed vulnerabilities in the Android operating system. A malicious person could exploit them to cause the following categories of damage: Denial-of-Service DoS Remote code execution User rights Access to sensitive data Access to system data Increased user privileges This update also...

9.8CVSS7.5AI score0.00834EPSS
Exploits2
NCSC
NCSC
•added 2022/06/23 12:0 a.m.•57 views

Vulnerabilities fixed in IBM Cognos

IBM has fixed vulnerabilities in Cognos. The vulnerabilities potentially enable a malicious person to launch attacks leading to the following categories of damage: Denial-of-Service DoS. Bypassing authentication Circumvention of security measure. Remote code execution Administrator/Root rights...

10CVSS9.6AI score0.44515EPSS
Exploits37
NCSC
NCSC
•added 2021/05/26 12:0 a.m.•57 views

Vulnerabilities fixed in Synology DiskStation Manager

Vulnerabilities have been fixed in Synology DiskStation Manager. The vulnerabilities allow a malicious party to carry out attacks execute attacks that lead to the following categories of damage: Remote code execution Administrator/Root privileges. Spoofing Access to sensitive data Synology has...

9.8CVSS7.3AI score0.03786EPSS
Exploits6
NCSC
NCSC
•added 2024/01/18 12:0 a.m.•56 views

Vulnerabilities fixed in Oracle Financial Services Applications

Oracle has fixed vulnerabilities in several Financial Services applications. A malicious party could exploit the vulnerabilities to execute attacks that could result in the following categories of damage: Denial-of-Service DoS Manipulation of data Circumvention of security measure Accessing...

10CVSS6.5AI score0.99654EPSS
Exploits50
NCSC
NCSC
•added 2023/10/19 12:0 a.m.•57 views

Vulnerabilities fixed in Oracle Communications Applications

Vulnerabilities have been fixed in Oracle Communications Applications products. A malicious party could exploit them to carry out attacks that can result in the following categories of damage: Denial-of-Service DoS. Remote code execution Administrator/Root privileges Access to sensitive data Acce...

9.8CVSS7.7AI score0.76768EPSS
Exploits41
NCSC
NCSC
•added 2021/11/09 12:0 a.m.•56 views

Vulnerabilities fixed in Nucleus NET stack

Forescout researchers have found 13 vulnerabilities in the Siemens Nucleus NET stack. This is a network stack that is used by both Siemens products as well as products from other vendors used. The vulnerabilities have collectively been named "NUCLEUS:13." assigned. The vulnerabilities were found ...

9.8CVSS7AI score0.03031EPSS
Exploits0
NCSC
NCSC
•added 2024/10/17 1:19 p.m.•56 views

Vulnerabilities fixed in Oracle Fusion Middleware

Oracle has fixed vulnerabilities in Fusion Middleware components, such as WebLogic Server, WebCenter and HTTP Server. A malicious party can exploit the vulnerabilities to launch attacks that can lead to the following categories of damage: - Denial-of-Service DoS - Manipulation of data - Execution...

10CVSS7.7AI score0.99615EPSS
Exploits22References1
NCSC
NCSC
•added 2024/07/04 6:45 a.m.•55 views

Vulnerabilities fixed in GitLab Enterprise Edition and Community Edition

GitLab has fixed vulnerabilities in GitLab Enterprise Edition and Community Edition. A malicious party could exploit the vulnerabilities to cause a denial-of-service, manipulate data in the repositories, or execute arbitrary commands with permissions from another user, which may include...

9.6CVSS7.6AI score0.32784EPSS
Exploits2References1
NCSC
NCSC
•added 2022/01/21 12:0 a.m.•56 views

Vulnerabilities fixed in F5 products

F5 has fixed multiple vulnerabilities in several F5 products, including BIG-IP and BIG-IQ. Most of the updates are relate to the Traffic Management Microkernel TMM, a component of virtually all BIG-IP modules. The vulnerability with reference CVE-2022-23008 concerns the NGINX Controller API...

9CVSS7.4AI score0.01112EPSS
Exploits0
NCSC
NCSC
•added 2021/12/15 12:0 a.m.•55 views

Vulnerabilities fixed in Schneider Electric products

Schneider Electric has fixed vulnerabilities in its PowerLogic and Modicon products. The vulnerabilities allow an unauthenticated malicious person to cause a denial-of-service or gain access to sensitive data. To do so, rogue network traffic must be sent to the vulnerable device be sent. Schneide...

9.8CVSS6.9AI score0.32974EPSS
Exploits0
NCSC
NCSC
•added 2021/06/09 12:0 a.m.•55 views

Fixed vulnerabilities in various Intel processors, chipsets, firmware, drivers and tools

Intel has fixed a sizable number of vulnerabilities in a range of processors, chipsets, firmware, drivers and tools. Many of the named chipsets are integrated and mostly present in systems built with Intel hardware. The associated tooling is generally included and installed by default. A maliciou...

8.8CVSS7.3AI score0.00887EPSS
Exploits3
NCSC
NCSC
•added 2024/06/14 6:30 a.m.•54 views

Vulnerabilities fixed in Adobe Experience Manager

Adobe has fixed a large number of vulnerabilities in Experience Manager. A malicious party can exploit the vulnerabilities to bypass security measures and launch a Cross-Site Scripting attack in various ways. Such an attack often results in execution of arbitrary code in the victim's browser, or...

9.8CVSS7AI score0.00882EPSS
Exploits0References1
NCSC
NCSC
•added 2022/11/02 12:0 a.m.•54 views

Vulnerabilities fixed in FortiOS

FortiNet has fixed vulnerabilities in FortiOS. A malicious party could exploit the vulnerabilities to gain access to system data, potentially manipulate it, or launch a Man-in-the-Middle attack. To manipulate system data, the malicious party needs need prior authentication. For performing a...

8.1CVSS7.2AI score0.22991EPSS
Exploits0
NCSC
NCSC
•added 2021/04/21 12:0 a.m.•54 views

Vulnerabilities fixed in Oracle Enterprise Manager

Vulnerabilities have been fixed in Oracle Enterprise Manager. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Bypassing authentication Accessing sensitive data Accessing...

9.8CVSS8.3AI score0.28839EPSS
Exploits6
NCSC
NCSC
•added 2021/03/30 12:0 a.m.•54 views

Vulnerabilities fixed in Esri ArcReader

Esri has fixed multiple vulnerabilities in ArcReader, ArcGIS Desktop, ArcGIS Engine and ArcGIS Pro. A malicious party could vulnerabilities potentially exploit them to execute arbitrary code execute arbitrary code under application privileges. To do so, the malicious party needs to induce an...

7.8CVSS7.9AI score0.02412EPSS
Exploits0
NCSC
NCSC
•added 2020/08/11 12:0 a.m.•54 views

Vulnerabilities fixed in Siemens products

Siemens has fixed vulnerabilities in several products. The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Remote code execution Administrator/Root privileges Siemens...

9.8CVSS7.7AI score0.98745EPSS
Exploits11
NCSC
NCSC
•added 2025/05/08 8:43 a.m.•53 views

Vulnerabilities fixed in Cisco IOS XE Software

Cisco has fixed vulnerabilities in Cisco IOS XE Software. The vulnerabilities in Cisco IOS XE Software include several issues, including insufficient input validation and improper memory management. These vulnerabilities can be exploited by unauthenticated attackers to cause denial-of-service DoS...

10CVSS7.9AI score0.17894EPSS
Exploits1References10
NCSC
NCSC
•added 2025/01/15 11:59 a.m.•53 views

Vulnerabilities fixed in Ivanti Endpoint Manager

Ivanti has fixed vulnerabilities in Ivanti Endpoint Manager EPM that were present in versions prior to the January 2025 security updates. The vulnerabilities include path traversal, SQL injection, deserialization, incorrect file name validation and insufficient signature validation. These...

9.8CVSS9.6AI score0.99762EPSS
Exploits4References1
NCSC
NCSC
•added 2023/09/07 12:0 a.m.•53 views

Vulnerabilities fixed in Google Android and Samsung Mobile

Google has fixed vulnerabilities in Android. A malicious person can exploit the vulnerabilities to carry out attacks that can lead to the following categories of damage: Denial-of-Service DoS. Remote code execution User rights Access to sensitive data Increased user privileges The most serious...

9.8CVSS7.9AI score0.02203EPSS
Exploits0
NCSC
NCSC
•added 2023/04/11 12:0 a.m.•53 views

Vulnerabilities fixed in SAP products

SAP has released updates for several products, including SAP, SAP Gui, CRM, Netweaver and Business Objects. A malicious person could vulnerabilities potentially exploit and cause damage in the categories below: Cross-Site Scripting XSS Denial-of-Service DoS. Manipulation of data Bypassing...

10CVSS7.4AI score0.23035EPSS
Exploits0
NCSC
NCSC
•added 2022/10/12 12:0 a.m.•53 views

Vulnerabilities fixed in Adobe products

Vulnerabilities have been fixed in Adobe products. The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Circumvention of security measure. Remote code execution...

10CVSS7.5AI score0.80023EPSS
Exploits0
NCSC
NCSC
•added 2026/05/15 6:49 a.m.•52 views

The vulnerability was exploited in AMD processors

AMD has addressed a vulnerability in certain processor models through a mitigation measure included in the Windows update of May 2026. This vulnerability affects certain AMD processors. A local malicious actor could exploit this vulnerability to execute arbitrary code on the system. The mitigatio...

7.3CVSS6.2AI score0.00258EPSS
Exploits0References6
NCSC
NCSC
•added 2025/08/13 10:5 a.m.•52 views

Vulnerabilities fixed in Adobe InDesign

Adobe has fixed vulnerabilities in InDesign Desktop versions 20.4, 19.5.4, and earlier. The vulnerabilities are in the way Adobe InDesign Desktop processes files. When a user opens a maliciously crafted file, it can lead to arbitrary code execution. Attackers can exploit these vulnerabilities to...

7.8CVSS8.3AI score0.00297EPSS
Exploits0References1
NCSC
NCSC
•added 2025/07/09 8:33 a.m.•52 views

Vulnerabilities fixed in Palo Alto PAN OS

Palo Alto Networks has fixed vulnerabilities in PAN-OS. The vulnerabilities include an information leak in the SD-WAN feature, which allows unauthorized users to intercept packets and access unsecured data from the firewall. This poses a risk to sensitive information being transmitted. In additio...

8.6CVSS7.9AI score0.01024EPSS
Exploits0References3
NCSC
NCSC
•added 2024/04/26 12:0 a.m.•52 views

Vulnerabilities fixed in Honeywell Experion and Safety Manager

Honeywell has fixed vulnerabilities in Experion, Experion Plantcruise and Safety Manager. A malicious party could exploit vulnerabilities to launch attacks that can result in the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution Administrator/Root...

9.1CVSS7.8AI score0.00779EPSS
Exploits0
NCSC
NCSC
•added 2023/03/14 12:0 a.m.•52 views

Vulnerabilities fixed in SAP products

SAP has released updates for several products, including SAP ERP, Netweaver, HAMA, Business Objects and SAP Solution Manager. A malicious party could potentially exploit the vulnerabilities and cause damage cause damage in the categories listed below: Cross-Site Scripting XSS Denial-of-Service Do...

9.9CVSS6.8AI score0.01184EPSS
Exploits0
NCSC
NCSC
•added 2023/03/03 12:0 a.m.•52 views

Vulnerabilities fixed in xWiki

The developers of Xwiki have fixed several vulnerabilities in Xwiki. An authenticated malicious person could exploit the vulnerabilities to execute arbitrary code, or to gain access to data to which the malicious party is not initially authorized. Xwiki has released updates to fix the...

10CVSS7.4AI score0.74757EPSS
Exploits13
NCSC
NCSC
•added 2022/09/30 12:0 a.m.•52 views

Vulnerabilities fixed in GitLab Community Edition (CE) and Enterprise Edition (EE).

GitLab has fixed vulnerabilities in Community Edition CE and Enterprise Edition EE. The vulnerabilities allow a malicious able to perform attacks that result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Remote code execution User Rights Access to sensitiv...

7.5CVSS8.5AI score0.02039EPSS
Exploits1
NCSC
NCSC
•added 2022/08/02 12:0 a.m.•52 views

Vulnerabilities fixed in Android

Google has fixed vulnerabilities in Android. Samsung has fixed these vulnerabilities fixed in Samsung Mobile. The vulnerabilities potentially enable a malicious person to carry out attacks that lead to the following categories of damage: Denial-of-Service DoS Remote code execution User Rights...

9.8CVSS9AI score0.01002EPSS
Exploits0
NCSC
NCSC
•added 2022/04/14 12:0 a.m.•52 views

Vulnerabilities fixed in SAP products

Vulnerabilities have been fixed in several SAP products. The vulnerabilities allow a malicious person to carry out attacks execute attacks that lead to the following categories of damage: Cross-Site Request Forgery XSRF. Cross-Site Scripting XSS Denial-of-Service DoS. Remote code execution User...

10CVSS8.5AI score0.99677EPSS
Exploits143
NCSC
NCSC
•added 2021/09/23 12:0 a.m.•52 views

Vulnerabilities fixed in Cisco products

Vulnerabilities have been fixed in Cisco products. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS. Bypassing authentication Bypassing security measure The vulnerability with attribute...

10CVSS6.7AI score0.02546EPSS
Exploits0
NCSC
NCSC
•added 2021/06/23 12:0 a.m.•52 views

Vulnerabilities fixed in Autodesk Design Review

Autodesk has fixed vulnerabilities in Design Review. The vulnerabilities allow a remote malicious person to execute arbitrary code under user privileges. Also, the vulnerabilities allow the malicious party to obtain obtain system information. To exploit the vulnerabilities the attacker must induc...

7.8CVSS7.3AI score0.02992EPSS
Exploits0
NCSC
NCSC
•added 2021/03/25 12:0 a.m.•52 views

Vulnerabilities fixed in Cisco products

Vulnerabilities have been fixed in Cisco products. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Cross-Site Scripting XSS. Denial-of-Service DoS. Remote code execution Administrator/Root rights Access to sensiti...

9.9CVSS6.8AI score0.3539EPSS
Exploits4
NCSC
NCSC
•added 2020/09/08 12:0 a.m.•52 views

Vulnerabilities fixed in Microsoft Windows

Microsoft fixes multiple vulnerabilities in Windows. A malicious party could potentially exploit the vulnerabilities to: - execute arbitrary code, - obtain elevated privileges, - gain access to sensitive data, - cause a denial-of-service, - bypass security measures, - circumvent authentication...

9.3CVSS7.6AI score0.53399EPSS
Exploits2
NCSC
NCSC
•added 2025/05/09 8:7 a.m.•51 views

Vulnerabilities fixed in F5 BIG-IP

F5 has fixed vulnerabilities in its BIG-IP systems. The vulnerabilities are in several configurations of the BIG-IP systems, including the Traffic Management Microkernel TMM that can be terminated by unpublished requests. This can lead to performance and stability issues, especially for software...

9.2CVSS8.3AI score0.26055EPSS
Exploits1References11
NCSC
NCSC
•added 2024/01/11 12:0 a.m.•51 views

Vulnerabilities fixed in Cisco products

Vulnerabilities have been fixed in several Cisco products. The vulnerabilities allow a malicious party to carry out attacks execute attacks that potentially result in the following categories of damage: Cross-Site Scripting XSS. Remote code execution Administrator/Root rights SQL Injection Access...

9.8CVSS7.3AI score0.01604EPSS
Exploits0
NCSC
NCSC
•added 2023/07/25 12:0 a.m.•52 views

Vulnerabilities fixed in Apple macOS

Apple has fixed vulnerabilities in macOS. A malicious party could exploit the vulnerabilities to launch attacks that can lead to the following categories of damage: Denial-of-Service DoS Manipulation of data Circumvention of security measure Remote code execution Administrator/Root rights Remote...

8.8CVSS7.8AI score0.18185EPSS
Exploits5
NCSC
NCSC
•added 2022/11/08 12:0 a.m.•51 views

Vulnerabilities fixed in Siemens products

Siemens has discovered several vulnerabilities in several products, including Ruggedcom, Simatic, Scalance and Sicam. A malicious person with access to the production network can exploit the exploit vulnerabilities to launch attacks that result in the following categories of damage: Cross-Site...

9.9CVSS8.6AI score0.23061EPSS
Exploits1
NCSC
NCSC
•added 2022/10/20 12:0 a.m.•51 views

Vulnerabilities fixed in several F5 products

F5 has fixed several vulnerabilities in BIG-IP and NGINX. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Circumvention of security measure Remote code execution...

8.8CVSS7.7AI score0.011EPSS
Exploits2
NCSC
NCSC
•added 2021/05/11 12:0 a.m.•51 views

Vulnerabilities fixed in Siemens SCALANCE W1750D (Aruba Instant Access Points)

Vulnerabilities have been fixed in Siemens SCALANCE W1750D. The vulnerabilities allow a malicious person to carry out attacks that lead to the following categories of damage: Cross-Site Scripting XSS. Denial-of-Service DoS. Bypassing authentication Circumvention of security measure Remote code...

10CVSS7AI score0.40523EPSS
Exploits11
NCSC
NCSC
•added 2020/09/01 12:0 a.m.•51 views

Vulnerabilities fixed in Red Hat JBoss Enterprise Application Platform

Vulnerabilities have been fixed in JBoss Enterprise Application Platform. The vulnerabilities allow a malicious party to execute attacks that result in the following categories of damage: Denial-of-Service DoS Circumvention of security measure Remote code execution User Rights SQL Injection Red H...

9.8CVSS9.2AI score0.17044EPSS
Exploits0
NCSC
NCSC
•added 2023/12/04 12:0 a.m.•50 views

Vulnerabilities fixed in Zyxel products

Zyxel has fixed vulnerabilities in the firmware of several ATP and USG series firewalls. A malicious party could exploit them to launch attacks that can result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Manipulation of data Access to system data...

7.5CVSS6.5AI score0.00881EPSS
Exploits0
NCSC
NCSC
•added 2022/07/12 12:0 a.m.•50 views

Vulnerabilities fixed in Siemens products

Vulnerabilities have been fixed in several Siemens products. The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Bypassing authentication Circumvention of security measure...

10CVSS8.1AI score0.02373EPSS
Exploits0
NCSC
NCSC
•added 2022/06/15 12:0 a.m.•51 views

Vulnerabilities fixed in SAP products

Vulnerabilities have been fixed in several SAP products. The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Cross-Site Request Forgery XSRF. Cross-Site Scripting XSS. Denial-of-Service DoS. Bypassing authentication...

9.8CVSS6.3AI score0.02062EPSS
Exploits4
NCSC
NCSC
•added 2021/10/12 12:0 a.m.•50 views

Vulnerabilities fixed in Siemens products

Vulnerabilities have been fixed in Siemens products. The vulnerabilities allow a malicious person to carry out attacks that lead to the following categories of damage: Cross-Site Request Forgery XSRF. Denial-of-Service DoS. Manipulation of data Circumvention of authentication Remote code executio...

10CVSS7.3AI score0.03055EPSS
Exploits1
NCSC
NCSC
•added 2020/11/10 12:0 a.m.•50 views

Vulnerabilities fixed in Microsoft Office products

Microsoft fixes multiple vulnerabilities in Microsoft Office and Sharepoint products. A malicious party could potentially exploit them to execute arbitrary code, to obtain elevated permissions, to gain access to sensitive data gain access to sensitive data, circumvent security measures, or...

9.3CVSS7.3AI score0.03942EPSS
Exploits2
NCSC
NCSC
•added 2024/12/09 1:36 p.m.•49 views

Vulnerabilities fixed in QNAP operating systems

QNAP has fixed vulnerabilities in several versions of their operating systems, including QTS and QuTS hero. The vulnerabilities include improper authentication, certificate validation issues, incorrect URL encryption, CRLF injection and command injection. These vulnerabilities allowed attackers t...

8.7CVSS8.3AI score0.01319EPSS
Exploits0References1
NCSC
NCSC
•added 2024/03/12 12:0 a.m.•49 views

Vulnerabilities fixed in Microsoft Azure

Microsoft has fixed vulnerabilities in several Azure products. A malicious party could exploit the vulnerabilities to gain elevated privileges and potentially execute arbitrary code with elevated privileges, or gain access to sensitive data. The most serious vulnerability is located in the...

9CVSS7AI score0.02197EPSS
Exploits0
NCSC
NCSC
•added 2022/10/14 12:0 a.m.•49 views

Vulnerability fixes in Juniper Junos OS and Junos OS Evolved

Vulnerabilities have been fixed in Juniper Junos OS and Junos OS Evolved. The vulnerabilities allow a malicious party to execute attacks that result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Circumvention of security measure. Remote code execution User...

9.8CVSS7.7AI score0.02468EPSS
Exploits0
NCSC
NCSC
•added 2022/07/20 12:0 a.m.•49 views

Vulnerabilities fixed in Oracle Communications Applications

Oracle has fixed vulnerabilities in the following products: Communications ASAP Communications Billing and Revenue Management Communications BRM - Elastic Charging Engine Communications Design Studio Communications Instant Messaging Server Communications Offline Mediation Controller Communication...

9.8CVSS9.4AI score0.99677EPSS
Exploits112
Total number of security vulnerabilities4189