4189 matches found
Vulnerabilities fixed in Google Android and Samsung Mobile
Google has fixed vulnerabilities in the Android operating system. A malicious person could exploit them to cause the following categories of damage: Denial-of-Service DoS Remote code execution User rights Access to sensitive data Access to system data Increased user privileges This update also...
Vulnerabilities fixed in IBM Cognos
IBM has fixed vulnerabilities in Cognos. The vulnerabilities potentially enable a malicious person to launch attacks leading to the following categories of damage: Denial-of-Service DoS. Bypassing authentication Circumvention of security measure. Remote code execution Administrator/Root rights...
Vulnerabilities fixed in Synology DiskStation Manager
Vulnerabilities have been fixed in Synology DiskStation Manager. The vulnerabilities allow a malicious party to carry out attacks execute attacks that lead to the following categories of damage: Remote code execution Administrator/Root privileges. Spoofing Access to sensitive data Synology has...
Vulnerabilities fixed in Oracle Financial Services Applications
Oracle has fixed vulnerabilities in several Financial Services applications. A malicious party could exploit the vulnerabilities to execute attacks that could result in the following categories of damage: Denial-of-Service DoS Manipulation of data Circumvention of security measure Accessing...
Vulnerabilities fixed in Oracle Communications Applications
Vulnerabilities have been fixed in Oracle Communications Applications products. A malicious party could exploit them to carry out attacks that can result in the following categories of damage: Denial-of-Service DoS. Remote code execution Administrator/Root privileges Access to sensitive data Acce...
Vulnerabilities fixed in Nucleus NET stack
Forescout researchers have found 13 vulnerabilities in the Siemens Nucleus NET stack. This is a network stack that is used by both Siemens products as well as products from other vendors used. The vulnerabilities have collectively been named "NUCLEUS:13." assigned. The vulnerabilities were found ...
Vulnerabilities fixed in Oracle Fusion Middleware
Oracle has fixed vulnerabilities in Fusion Middleware components, such as WebLogic Server, WebCenter and HTTP Server. A malicious party can exploit the vulnerabilities to launch attacks that can lead to the following categories of damage: - Denial-of-Service DoS - Manipulation of data - Execution...
Vulnerabilities fixed in GitLab Enterprise Edition and Community Edition
GitLab has fixed vulnerabilities in GitLab Enterprise Edition and Community Edition. A malicious party could exploit the vulnerabilities to cause a denial-of-service, manipulate data in the repositories, or execute arbitrary commands with permissions from another user, which may include...
Vulnerabilities fixed in F5 products
F5 has fixed multiple vulnerabilities in several F5 products, including BIG-IP and BIG-IQ. Most of the updates are relate to the Traffic Management Microkernel TMM, a component of virtually all BIG-IP modules. The vulnerability with reference CVE-2022-23008 concerns the NGINX Controller API...
Vulnerabilities fixed in Schneider Electric products
Schneider Electric has fixed vulnerabilities in its PowerLogic and Modicon products. The vulnerabilities allow an unauthenticated malicious person to cause a denial-of-service or gain access to sensitive data. To do so, rogue network traffic must be sent to the vulnerable device be sent. Schneide...
Fixed vulnerabilities in various Intel processors, chipsets, firmware, drivers and tools
Intel has fixed a sizable number of vulnerabilities in a range of processors, chipsets, firmware, drivers and tools. Many of the named chipsets are integrated and mostly present in systems built with Intel hardware. The associated tooling is generally included and installed by default. A maliciou...
Vulnerabilities fixed in Adobe Experience Manager
Adobe has fixed a large number of vulnerabilities in Experience Manager. A malicious party can exploit the vulnerabilities to bypass security measures and launch a Cross-Site Scripting attack in various ways. Such an attack often results in execution of arbitrary code in the victim's browser, or...
Vulnerabilities fixed in FortiOS
FortiNet has fixed vulnerabilities in FortiOS. A malicious party could exploit the vulnerabilities to gain access to system data, potentially manipulate it, or launch a Man-in-the-Middle attack. To manipulate system data, the malicious party needs need prior authentication. For performing a...
Vulnerabilities fixed in Oracle Enterprise Manager
Vulnerabilities have been fixed in Oracle Enterprise Manager. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Bypassing authentication Accessing sensitive data Accessing...
Vulnerabilities fixed in Esri ArcReader
Esri has fixed multiple vulnerabilities in ArcReader, ArcGIS Desktop, ArcGIS Engine and ArcGIS Pro. A malicious party could vulnerabilities potentially exploit them to execute arbitrary code execute arbitrary code under application privileges. To do so, the malicious party needs to induce an...
Vulnerabilities fixed in Siemens products
Siemens has fixed vulnerabilities in several products. The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Remote code execution Administrator/Root privileges Siemens...
Vulnerabilities fixed in Cisco IOS XE Software
Cisco has fixed vulnerabilities in Cisco IOS XE Software. The vulnerabilities in Cisco IOS XE Software include several issues, including insufficient input validation and improper memory management. These vulnerabilities can be exploited by unauthenticated attackers to cause denial-of-service DoS...
Vulnerabilities fixed in Ivanti Endpoint Manager
Ivanti has fixed vulnerabilities in Ivanti Endpoint Manager EPM that were present in versions prior to the January 2025 security updates. The vulnerabilities include path traversal, SQL injection, deserialization, incorrect file name validation and insufficient signature validation. These...
Vulnerabilities fixed in Google Android and Samsung Mobile
Google has fixed vulnerabilities in Android. A malicious person can exploit the vulnerabilities to carry out attacks that can lead to the following categories of damage: Denial-of-Service DoS. Remote code execution User rights Access to sensitive data Increased user privileges The most serious...
Vulnerabilities fixed in SAP products
SAP has released updates for several products, including SAP, SAP Gui, CRM, Netweaver and Business Objects. A malicious person could vulnerabilities potentially exploit and cause damage in the categories below: Cross-Site Scripting XSS Denial-of-Service DoS. Manipulation of data Bypassing...
Vulnerabilities fixed in Adobe products
Vulnerabilities have been fixed in Adobe products. The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Circumvention of security measure. Remote code execution...
The vulnerability was exploited in AMD processors
AMD has addressed a vulnerability in certain processor models through a mitigation measure included in the Windows update of May 2026. This vulnerability affects certain AMD processors. A local malicious actor could exploit this vulnerability to execute arbitrary code on the system. The mitigatio...
Vulnerabilities fixed in Adobe InDesign
Adobe has fixed vulnerabilities in InDesign Desktop versions 20.4, 19.5.4, and earlier. The vulnerabilities are in the way Adobe InDesign Desktop processes files. When a user opens a maliciously crafted file, it can lead to arbitrary code execution. Attackers can exploit these vulnerabilities to...
Vulnerabilities fixed in Palo Alto PAN OS
Palo Alto Networks has fixed vulnerabilities in PAN-OS. The vulnerabilities include an information leak in the SD-WAN feature, which allows unauthorized users to intercept packets and access unsecured data from the firewall. This poses a risk to sensitive information being transmitted. In additio...
Vulnerabilities fixed in Honeywell Experion and Safety Manager
Honeywell has fixed vulnerabilities in Experion, Experion Plantcruise and Safety Manager. A malicious party could exploit vulnerabilities to launch attacks that can result in the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution Administrator/Root...
Vulnerabilities fixed in SAP products
SAP has released updates for several products, including SAP ERP, Netweaver, HAMA, Business Objects and SAP Solution Manager. A malicious party could potentially exploit the vulnerabilities and cause damage cause damage in the categories listed below: Cross-Site Scripting XSS Denial-of-Service Do...
Vulnerabilities fixed in xWiki
The developers of Xwiki have fixed several vulnerabilities in Xwiki. An authenticated malicious person could exploit the vulnerabilities to execute arbitrary code, or to gain access to data to which the malicious party is not initially authorized. Xwiki has released updates to fix the...
Vulnerabilities fixed in GitLab Community Edition (CE) and Enterprise Edition (EE).
GitLab has fixed vulnerabilities in Community Edition CE and Enterprise Edition EE. The vulnerabilities allow a malicious able to perform attacks that result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Remote code execution User Rights Access to sensitiv...
Vulnerabilities fixed in Android
Google has fixed vulnerabilities in Android. Samsung has fixed these vulnerabilities fixed in Samsung Mobile. The vulnerabilities potentially enable a malicious person to carry out attacks that lead to the following categories of damage: Denial-of-Service DoS Remote code execution User Rights...
Vulnerabilities fixed in SAP products
Vulnerabilities have been fixed in several SAP products. The vulnerabilities allow a malicious person to carry out attacks execute attacks that lead to the following categories of damage: Cross-Site Request Forgery XSRF. Cross-Site Scripting XSS Denial-of-Service DoS. Remote code execution User...
Vulnerabilities fixed in Cisco products
Vulnerabilities have been fixed in Cisco products. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS. Bypassing authentication Bypassing security measure The vulnerability with attribute...
Vulnerabilities fixed in Autodesk Design Review
Autodesk has fixed vulnerabilities in Design Review. The vulnerabilities allow a remote malicious person to execute arbitrary code under user privileges. Also, the vulnerabilities allow the malicious party to obtain obtain system information. To exploit the vulnerabilities the attacker must induc...
Vulnerabilities fixed in Cisco products
Vulnerabilities have been fixed in Cisco products. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Cross-Site Scripting XSS. Denial-of-Service DoS. Remote code execution Administrator/Root rights Access to sensiti...
Vulnerabilities fixed in Microsoft Windows
Microsoft fixes multiple vulnerabilities in Windows. A malicious party could potentially exploit the vulnerabilities to: - execute arbitrary code, - obtain elevated privileges, - gain access to sensitive data, - cause a denial-of-service, - bypass security measures, - circumvent authentication...
Vulnerabilities fixed in F5 BIG-IP
F5 has fixed vulnerabilities in its BIG-IP systems. The vulnerabilities are in several configurations of the BIG-IP systems, including the Traffic Management Microkernel TMM that can be terminated by unpublished requests. This can lead to performance and stability issues, especially for software...
Vulnerabilities fixed in Cisco products
Vulnerabilities have been fixed in several Cisco products. The vulnerabilities allow a malicious party to carry out attacks execute attacks that potentially result in the following categories of damage: Cross-Site Scripting XSS. Remote code execution Administrator/Root rights SQL Injection Access...
Vulnerabilities fixed in Apple macOS
Apple has fixed vulnerabilities in macOS. A malicious party could exploit the vulnerabilities to launch attacks that can lead to the following categories of damage: Denial-of-Service DoS Manipulation of data Circumvention of security measure Remote code execution Administrator/Root rights Remote...
Vulnerabilities fixed in Siemens products
Siemens has discovered several vulnerabilities in several products, including Ruggedcom, Simatic, Scalance and Sicam. A malicious person with access to the production network can exploit the exploit vulnerabilities to launch attacks that result in the following categories of damage: Cross-Site...
Vulnerabilities fixed in several F5 products
F5 has fixed several vulnerabilities in BIG-IP and NGINX. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Circumvention of security measure Remote code execution...
Vulnerabilities fixed in Siemens SCALANCE W1750D (Aruba Instant Access Points)
Vulnerabilities have been fixed in Siemens SCALANCE W1750D. The vulnerabilities allow a malicious person to carry out attacks that lead to the following categories of damage: Cross-Site Scripting XSS. Denial-of-Service DoS. Bypassing authentication Circumvention of security measure Remote code...
Vulnerabilities fixed in Red Hat JBoss Enterprise Application Platform
Vulnerabilities have been fixed in JBoss Enterprise Application Platform. The vulnerabilities allow a malicious party to execute attacks that result in the following categories of damage: Denial-of-Service DoS Circumvention of security measure Remote code execution User Rights SQL Injection Red H...
Vulnerabilities fixed in Zyxel products
Zyxel has fixed vulnerabilities in the firmware of several ATP and USG series firewalls. A malicious party could exploit them to launch attacks that can result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Manipulation of data Access to system data...
Vulnerabilities fixed in Siemens products
Vulnerabilities have been fixed in several Siemens products. The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Bypassing authentication Circumvention of security measure...
Vulnerabilities fixed in SAP products
Vulnerabilities have been fixed in several SAP products. The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Cross-Site Request Forgery XSRF. Cross-Site Scripting XSS. Denial-of-Service DoS. Bypassing authentication...
Vulnerabilities fixed in Siemens products
Vulnerabilities have been fixed in Siemens products. The vulnerabilities allow a malicious person to carry out attacks that lead to the following categories of damage: Cross-Site Request Forgery XSRF. Denial-of-Service DoS. Manipulation of data Circumvention of authentication Remote code executio...
Vulnerabilities fixed in Microsoft Office products
Microsoft fixes multiple vulnerabilities in Microsoft Office and Sharepoint products. A malicious party could potentially exploit them to execute arbitrary code, to obtain elevated permissions, to gain access to sensitive data gain access to sensitive data, circumvent security measures, or...
Vulnerabilities fixed in QNAP operating systems
QNAP has fixed vulnerabilities in several versions of their operating systems, including QTS and QuTS hero. The vulnerabilities include improper authentication, certificate validation issues, incorrect URL encryption, CRLF injection and command injection. These vulnerabilities allowed attackers t...
Vulnerabilities fixed in Microsoft Azure
Microsoft has fixed vulnerabilities in several Azure products. A malicious party could exploit the vulnerabilities to gain elevated privileges and potentially execute arbitrary code with elevated privileges, or gain access to sensitive data. The most serious vulnerability is located in the...
Vulnerability fixes in Juniper Junos OS and Junos OS Evolved
Vulnerabilities have been fixed in Juniper Junos OS and Junos OS Evolved. The vulnerabilities allow a malicious party to execute attacks that result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Circumvention of security measure. Remote code execution User...
Vulnerabilities fixed in Oracle Communications Applications
Oracle has fixed vulnerabilities in the following products: Communications ASAP Communications Billing and Revenue Management Communications BRM - Elastic Charging Engine Communications Design Studio Communications Instant Messaging Server Communications Offline Mediation Controller Communication...