Lucene search
K
NcscMost viewed

4189 matches found

NCSC
NCSC
•added 2022/07/20 12:0 a.m.•49 views

Vulnerabilities fixed in Oracle Communications Applications

Oracle has fixed vulnerabilities in the following products: Communications ASAP Communications Billing and Revenue Management Communications BRM - Elastic Charging Engine Communications Design Studio Communications Instant Messaging Server Communications Offline Mediation Controller Communication...

9.8CVSS9.4AI score0.99677EPSS
Exploits112
NCSC
NCSC
•added 2022/01/19 12:0 a.m.•49 views

Vulnerabilities fixed in Oracle Fusion Middleware

Oracle has fixed vulnerabilities in the following Oracle Fusion Middleware products: Fusion Middleware HTTP Server Fusion Middleware MapViewer BI Publisher formerly XML Publisher BAM Business Activity Monitoring WebCenter Portal Business Intelligence Enterprise Edition Data Integrator WebLogic...

9.8CVSS7.6AI score0.99999EPSS
Exploits68
NCSC
NCSC
•added 2021/07/14 12:0 a.m.•50 views

Vulnerabilities fixed in VMware ESXi

VMware has fixed two vulnerabilities in ESXi. The vulnerability with reference CVE-2021-21994 is located in the Small Footprint CIM Broker SFCB and allows a remote malicious person to bypass authentication. This requires rogue network traffic be sent to port 5989 of the ESXi server. The...

9.8CVSS7AI score0.01158EPSS
Exploits0
NCSC
NCSC
•added 2021/03/09 12:0 a.m.•49 views

Vulnerabilities fixed in Microsoft Windows

Microsoft fixes multiple vulnerabilities in Windows. A malicious party could potentially exploit the vulnerabilities to: Cause a denial-of-service, Bypass security measures, Execute arbitrary code, Obtain elevated privileges, Access sensitive data. The vulnerabilities marked CVE-2021-26867 CVSS...

10CVSS6.9AI score0.19274EPSS
Exploits6
NCSC
NCSC
•added 2020/08/11 12:0 a.m.•49 views

Vulnerabilities fixed in Microsoft Windows

Microsoft fixes multiple vulnerabilities in Windows. A remote malicious person could potentially exploit them to execute arbitrary code, to obtain elevated privileges obtain elevated privileges, to access sensitive data or to perform a denial-of-service attack. Below is a summary of the various...

10CVSS6.8AI score0.99512EPSS
Exploits86
NCSC
NCSC
•added 2026/02/23 2:27 p.m.•48 views

Vulnerabilities fixed in Splunk Enterprise and Splunk Cloud Platform

Splunk has fixed vulnerabilities in Splunk Enterprise and Splunk Cloud Platform. The vulnerabilities are in several versions of Splunk Enterprise and Splunk Cloud Platform. They allow low-privileged users to bypass protections, view sensitive information, and abuse the REST API for user...

6.8CVSS8.4AI score0.05145EPSS
Exploits0References8
NCSC
NCSC
•added 2023/03/03 12:0 a.m.•48 views

Vulnerabilities fixed in GitLab Enterprise and Community Editions

GitLab has fixed several vulnerabilities in GitLab Enterprise Edition and Community Edition. A malicious party could exploit vulnerabilities to launch attacks that can result in the following categories of damage: Cross-Site Scripting XSS. Denial-of-Service DoS. Circumvention of security measure...

8.7CVSS6.5AI score0.9242EPSS
Exploits0
NCSC
NCSC
•added 2023/02/17 12:0 a.m.•48 views

Vulnerabilities fixed in FortiNet FortiOS

FortiNet has fixed vulnerabilities in FortiOS. A malicious party can exploit the vulnerabilities to launch attacks execute attacks that can result in the following categories of damage: Cross-Site Scripting XSS. Manipulation of data Access to sensitive data Increased user privileges With the...

8.8CVSS6.4AI score0.00927EPSS
Exploits0
NCSC
NCSC
•added 2023/01/27 12:0 a.m.•48 views

Vulnerabilities fixed in Tracker software PDF-Xchange

Tracker Software has fixed several vulnerabilities in PDF-Xchange. The vulnerabilities are located in the various filters for graphics files and allow a malicious party to cause a denial-of-service, or potentially execute arbitrary code execute with user privileges. Abuse requires the malicious...

7.8CVSS7.4AI score0.00536EPSS
Exploits0
NCSC
NCSC
•added 2024/03/14 12:0 a.m.•47 views

Vulnerabilities fixed in Cisco IOS XR

Cisco has fixed vulnerabilities in IOS XR. A malicious person could exploit the vulnerabilities to circumvent a security measure bypass, cause a denial-of-service, or execute arbitrary execute arbitrary code on the vulnerable system. To successfully execute arbitrary code, the malicious party mus...

7.8CVSS7.6AI score0.0064EPSS
Exploits0
NCSC
NCSC
•added 2023/03/23 12:0 a.m.•47 views

Vulnerabilities fixed in Cisco IOS XE

Cisco has fixed vulnerabilities in IOS XE. An authenticated malicious party could exploit the vulnerabilities to gain access to system data, cause a denial-of-service, or to grant themselves elevated privileges and potentially execute arbitrary execute arbitrary code on the vulnerable system. To...

8.6CVSS7.8AI score0.01714EPSS
Exploits0
NCSC
NCSC
•added 2022/05/12 12:0 a.m.•47 views

Vulnerabilities fixed in Dell PowerEdge

Dell has fixed vulnerabilities in PowerEdge Server based on the AMD EPYC platform. The vulnerabilities allow a local malicious party to cause a denial-of-service, access gain access to sensitive data or potentially execute code. Dell has released updates to fix the vulnerabilities. For more...

5.5CVSS7.1AI score0.00262EPSS
Exploits0
NCSC
NCSC
•added 2022/05/06 12:0 a.m.•47 views

Vulnerabilities fixed in F5 products

Vulnerabilities have been fixed in products from F5, including BIG-IP and Traffix SDC. The vulnerabilities allow a malicious able to launch attacks that result in the following categories of damage: Cross-Site Request Forgery XSRF. Cross-Site Scripting XSS Denial-of-Service DoS. Manipulation of...

9.8CVSS7.7AI score0.99956EPSS
Exploits63
NCSC
NCSC
•added 2022/05/06 12:0 a.m.•47 views

Vulnerabilities fixed in Aruba ClearPass Policy Manager

Aruba has fixed vulnerabilities in ClearPass Policy Manager CPPM. The vulnerabilities potentially enable a malicious person to able to perform attacks that result in the following categories of damage: Cross-Site Request Forgery XSRF Cross-Site Scripting XSS Denial-of-Service DoS. Manipulation of...

10CVSS8.5AI score0.03273EPSS
Exploits0
NCSC
NCSC
•added 2022/03/01 12:0 a.m.•47 views

Vulnerabilities fixed in Aruba AOS-CX switches

Vulnerabilities have been fixed in Aruba AOS-CX switches. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Cross-Site Scripting XSS. Denial-of-Service DoS. Manipulation of data Remote code execution...

9CVSS8AI score0.50445EPSS
Exploits2
NCSC
NCSC
•added 2021/11/09 12:0 a.m.•47 views

Vulnerability fixed in Microsoft SQL Server

Microsoft has fixed a vulnerability in Microsoft SQL Server. The vulnerability allows a malicious party to launch Cross-Site Scripting XSS and Cross-Site Request Forgery CSRF attack. execute. By combining the two methods, an attacker can execute arbitrary code on the server under the privileges o...

9.6CVSS7.2AI score0.0062EPSS
Exploits0
NCSC
NCSC
•added 2020/12/08 12:0 a.m.•47 views

Vulnerabilities fixed in Android

Several vulnerabilities have been fixed in Google Android. The most serious of these vulnerabilities is a critical security issue in the Media Framework component that allows an external malicious party can execute arbitrary code within the context of an authorized process. Google released update...

10CVSS9.2AI score0.07137EPSS
Exploits1
NCSC
NCSC
•added 2025/05/13 9:19 a.m.•46 views

Vulnerabilities fixed in Apple macOS

Apple has fixed vulnerabilities in macOS Specifically for Ventura 13.7.6, Sequoia 15.5 and Sonoma 14.7.6. The vulnerabilities include several issues, such as memory damage from processing maliciously created Web content, unauthorized access to sensitive user data, and unexpected system...

9.2CVSS7.6AI score0.38474EPSS
Exploits5References3
NCSC
NCSC
•added 2025/03/27 9:18 a.m.•46 views

Vulnerabilities fixed in Splunk Enterprise and Splunk Cloud Platform

Splunk fixed vulnerabilities in Splunk Enterprise and Splunk Cloud Platform The vulnerabilities allow low-privileged users to abuse higher user privileges, which can lead to unauthorized actions and access to sensitive information. This can occur through phishing attacks and Cross-Site Request...

8.7CVSS6.8AI score0.13987EPSS
Exploits0References8
NCSC
NCSC
•added 2025/02/18 8:9 a.m.•46 views

Vulnerabilities fixed in Fortinet FortiSwitch, FortiManager, FortiAnalyzer, FortiOS and FortiProxy

Fortinet has fixed vulnerabilities in several products, including FortiOS, FortiProxy, FortiPAM, FortiSwitchManager, FortiSandbox, FortiManager and FortiAnalyzer. The vulnerabilities include the ability for privileged attackers to execute arbitrary code or commands by sending specially crafted...

9.8CVSS8.2AI score0.98259EPSS
Exploits9References10
NCSC
NCSC
•added 2024/03/13 12:0 a.m.•47 views

Vulnerabilities fixed in Fortinet FortiOS and FortiProxy

Fortinet has fixed vulnerabilities in FortiOS and FortiProxy. A malicious party could exploit the vulnerabilities to execute arbitrary code, gain access to sensitive data or to elevate privileges. The vulnerability with reference CVE-2024-23112 applies to FortiOS and FortiProxy SSLVPN, and allows...

9.8CVSS7.2AI score0.03279EPSS
Exploits0
NCSC
NCSC
•added 2023/12/15 12:0 a.m.•46 views

Vulnerabilities fixed in GitLab Enterprise Edition and Community Edition

GitLab has fixed vulnerabilities in GitLab Community Edition CE and Enterprise Edition EE. A malicious party could vulnerabilities to exploit attacks that can result in the following categories of damage: Manipulation of data. Circumvention of security measure Spoofing Access to sensitive data...

8.8CVSS6.9AI score0.00733EPSS
Exploits0
NCSC
NCSC
•added 2022/06/15 12:0 a.m.•46 views

Vulnerabilities fixed in Adobe Illustrator

Adobe has fixed several vulnerabilities in Illustrator 2021 and 2022. A malicious party could exploit the vulnerabilities to execute arbitrary code in the context of the application, or to gain access to sensitive data. The malicious party must trick the victim into opening a rogue file. Adobe ha...

7.8CVSS7.4AI score0.02424EPSS
Exploits0
NCSC
NCSC
•added 2022/06/08 12:0 a.m.•46 views

Vulnerability fixed in Fortinet products

Vulnerabilities have been fixed in several products from Fortinet. The vulnerabilities allow a malicious party to execute attacks that result in the following categories of damage: Cross-Site Scripting XSS. Manipulation of data Circumvention of security measure Remote code execution...

9.8CVSS6.2AI score0.997EPSS
Exploits10
NCSC
NCSC
•added 2022/04/20 12:0 a.m.•46 views

Vulnerabilities fixed in Oracle Fusion Middleware

Oracle has fixed vulnerabilities in the following Fusion Middleware products: Business Intelligence Enterprise Edition Business Process Management Suite Coherence Data Integrator HTTP Server Helidon Identity Manager Identity Manager Connector Internet Directory JDeveloper Managed File Transfer...

9.8CVSS9.2AI score0.97906EPSS
Exploits28
NCSC
NCSC
•added 2021/12/10 12:0 a.m.•46 views

Vulnerabilities fixed in Autodesk products

Vulnerabilities have been fixed in several Autodesk products. The vulnerabilities potentially allow a malicious person to execute code under the application's permissions. To exploit requires a malicious party to trick a user into opening a rogue file open. The vulnerabilities are in two modules...

7.8CVSS7.2AI score0.0154EPSS
Exploits0
NCSC
NCSC
•added 2021/06/22 12:0 a.m.•46 views

Vulnerabilities fixed in Autodesk products

Autodesk has fixed vulnerabilities in several products. The vulnerabilities allow an unauthenticated remote malicious person to remote user to execute arbitrary code under privileges of the user and to manipulate data. To exploit the vulnerabilities exploit, the malicious party must induce the...

7.8CVSS7.8AI score0.02743EPSS
Exploits0
NCSC
NCSC
•added 2021/05/06 12:0 a.m.•46 views

Vulnerabilities fixed in Cisco Unified Communications Manager

Vulnerabilities have been fixed in Cisco Unified Communications Manager. An authenticated malicious party could potentially exploit the vulnerability with CVE attribute CVE-2021-1478 potentially exploit it to cause a Denial-of-Service attack. To do so, the Java Management Extensions JMX network...

8.1CVSS7.9AI score0.01081EPSS
Exploits0
NCSC
NCSC
•added 2021/02/26 12:0 a.m.•46 views

Vulnerabilities fixed in MongoDB

Vulnerabilities have been fixed in MongoDB. The vulnerabilities allow an unauthorized remote malicious person to obtain opportunity to obtain sensitive data. The malicious party must perform a successful man-in-the-middle attack that undoes the encryption of data is undone. Exploiting this...

6.8CVSS6.5AI score0.00432EPSS
Exploits0
NCSC
NCSC
•added 2021/02/09 12:0 a.m.•46 views

Vulnerabilities fixed in SAP products

Vulnerabilities have been fixed in SAP products. The vulnerabilities allow a malicious person to launch attacks that lead to the following categories of damage: Cross-Site Scripting XSS SQL Injection Denial-of-Service DoS. Remote code execution User Rights Access to sensitive data Bypassing...

9.9CVSS7.1AI score0.29847EPSS
Exploits3
NCSC
NCSC
•added 2020/11/17 12:0 a.m.•46 views

Vulnerabilities fixed in GitLab

Several vulnerabilities have been fixed in GitLab. The vulnerabilities potentially allow a malicious person to launch attacks execute attacks that result in the following categories of damage: Cross-Site Request Forgery XSRF. Cross-Site Scripting XSS Denial-of-Service DoS. Manipulation of data...

8.7CVSS6.5AI score0.68639EPSS
Exploits0
NCSC
NCSC
•added 2025/07/09 8:47 a.m.•46 views

Vulnerabilities fixed in Adobe Framemaker

Adobe has fixed vulnerabilities in Adobe Framemaker Versions 2020.8, 2022.6 and earlier. The vulnerabilities in Adobe Framemaker are related to several types of vulnerabilities, including Heap-based Buffer Overflow, Integer Underflow, and NULL Pointer Dereference. These vulnerabilities can lead t...

7.8CVSS8.1AI score0.00214EPSS
Exploits0References1
NCSC
NCSC
•added 2024/10/11 8:23 a.m.•45 views

Vulnerabilities fixed in Gitlab Enterprise Edition and Community Edition

GitLab has fixed vulnerabilities in Enterprise Edition EE and Community Edition CE. A malicious party could exploit the vulnerabilities to cause a denial-of-service, gain access to sensitive data, or execute code in the context of another user, potentially including users with administrator...

9.6CVSS7.5AI score0.02093EPSS
Exploits2References1
NCSC
NCSC
•added 2024/04/19 12:0 a.m.•45 views

Vulnerabilities fixed in Oracle VirtualBox

Oracle has fixed vulnerabilities in VirtualBox. A malicious party can exploit the vulnerabilities to launch attacks execute attacks that can lead to the following categories of damage: Denial-of-Service DoS. Remote code execution Administrator/Root privileges Access to sensitive data For successf...

8.8CVSS7.9AI score0.0178EPSS
Exploits3
NCSC
NCSC
•added 2023/06/13 12:0 a.m.•45 views

Vulnerabilities fixed in Microsoft Developer Tools

Microsoft has fixed vulnerabilities in several Developer Tools. A malicious party can exploit the vulnerabilities to launch attacks execute attacks that can lead to the following categories of damage: Denial-of-Service DoS. Remote code execution Administrator/Root privileges Remote code execution...

7.8CVSS8.5AI score0.52164EPSS
Exploits2
NCSC
NCSC
•added 2022/07/13 12:0 a.m.•45 views

Vulnerabilities fixed in SAP products

Vulnerabilities have been fixed in several SAP products. The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Bypassing authentication Bypassing security measure SQL...

8.8CVSS6.7AI score0.00903EPSS
Exploits0
NCSC
NCSC
•added 2022/04/14 12:0 a.m.•45 views

Vulnerabilities fixed in Cisco products

Vulnerabilities have been fixed in several Cisco products. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS. Remote code execution Administrator/Root privileges Increased user privileges...

10CVSS7.6AI score0.1986EPSS
Exploits0
NCSC
NCSC
•added 2021/10/21 12:0 a.m.•45 views

Vulnerability fixed in Cisco Meeting Server

A vulnerability has been fixed in Cisco Meeting Server. The vulnerability has been labeled CVE-2021-40122 and allows an unauthenticated remote malicious party to cause a Denial-of-Service DoS attack. By sending a large amount of messages to the vulnerable API Call Bridge, a malicious party can...

7.8CVSS7AI score0.01126EPSS
Exploits0
NCSC
NCSC
•added 2020/09/08 12:0 a.m.•45 views

Vulnerabilities fixed in Microsoft Office products

Microsoft fixes multiple vulnerabilities in Microsoft Office and OneDrive products. A malicious party could potentially exploit them to execute arbitrary code, to obtain elevated privileges gain access to sensitive data, or for performing a Cross-Site-Scripting XSS attack. This could include if t...

8.8CVSS6.8AI score0.04441EPSS
Exploits1
NCSC
NCSC
•added 2026/03/12 2:44 p.m.•44 views

Vulnerabilities fixed in Cisco IOS XR

Cisco has fixed vulnerabilities in Cisco IOS XR Software. The vulnerabilities are in the command-line interface CLI of Cisco IOS XR, which allows authenticated local attackers to execute arbitrary root-level commands or obtain full administrative privileges. In addition, there is a problem with t...

8.8CVSS6.1AI score0.00318EPSS
Exploits0References3
NCSC
NCSC
•added 2021/12/13 12:0 a.m.•44 views

Multiple vulnerabilities fixed in IBM Spectrum Protect

IBM has fixed vulnerabilities in Spectrum Protect and software bundled with Spectrum Protect. The bundled software covers previously fixed vulnerabilities in underlying products and libraries such as Golang, DB2, Node.js, PostgreSQL, OpenSSH, OpenSSH and others. Previous security advisories...

9.8CVSS7.2AI score0.98124EPSS
Exploits81
NCSC
NCSC
•added 2025/01/22 1:36 p.m.•43 views

Vulnerabilities fixed in Oracle Fusion Middleware

Oracle has fixed several vulnerabilities in its products, including Oracle Fusion Middleware, Oracle WebLogic Server, and Oracle HTTP Server. The vulnerabilities are in several Oracle products, including Oracle WebLogic Server versions 12.2.1.4.0 and 14.1.1.0.0, which allow unauthenticated...

10CVSS7.5AI score0.99957EPSS
Exploits20References1
NCSC
NCSC
•added 2023/06/15 12:0 a.m.•43 views

Vulnerabilities fixed in Adobe Commerce and Magento

Adobe has fixed vulnerabilities in Commerce and Magento. A malicious party could exploit the vulnerabilities to circumvent a security measure, gain access to arbitrary files on the vulnerable system and execute arbitrary code. Adobe has released updates to fix the vulnerabilities in Adobe Commerc...

9.1CVSS7.1AI score0.01223EPSS
Exploits0
NCSC
NCSC
•added 2023/05/11 12:0 a.m.•43 views

Vulnerabilities fixed in Aruba Networks ArubaOS and InstantOS

Aruba Networks has fixed vulnerabilities in systems running run on ArubaOS and InstantOS. An unauthenticated malicious party could exploit the vulnerabilities to cause a denial-of-service, gain access to system data or execute code on the underlying system with user privileges. To exploit the...

9.8CVSS7.5AI score0.02118EPSS
Exploits0
NCSC
NCSC
•added 2022/10/19 12:0 a.m.•43 views

Vulnerabilities fixed in Oracle Communications Applications

Vulnerabilities have been fixed in Oracle Communications Applications. The vulnerabilities allow a malicious party to perform attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution User rights Access to sensitive data Access to...

10CVSS7.8AI score0.97906EPSS
Exploits35
NCSC
NCSC
•added 2021/01/14 12:0 a.m.•43 views

Vulnerabilities fixed in Cisco products

Vulnerabilities have been fixed in Cisco products. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Cross-Site Scripting XSS. Manipulation of data Circumvention of security measure Remote code execution User Rights...

7.8CVSS7AI score0.02146EPSS
Exploits0
NCSC
NCSC
•added 2020/10/22 12:0 a.m.•43 views

Vulnerabilities fixed in Cisco ASA and FTD

Vulnerabilities have been fixed in Cisco Adaptive Security Appliance ASA and Cisco Firepower Threat Defense FTD. The vulnerabilities allow a malicious party to conduct attacks execute attacks that result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS...

8.6CVSS6.1AI score0.85439EPSS
Exploits2
NCSC
NCSC
•added 2022/08/15 12:0 a.m.•42 views

Vulnerabilities fixed in NVIDIA GPU Display Drivers

NVidia has fixed vulnerabilities in the GPU Display Driver, and supporting software. The vulnerabilities allow a local malicious party to carry out attacks resulting in the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution Administrator/Root rights...

7.8CVSS7.6AI score0.00378EPSS
Exploits0
NCSC
NCSC
•added 2022/04/13 12:0 a.m.•42 views

Vulnerabilities fixed in Adobe products

Adobe has fixed vulnerabilities in Acrobat, After Effects, Photoshop and Reader. The vulnerabilities allow a malicious person to able to execute arbitrary code within the context of the user. The vulnerabilities in Acrobat and Reader additionally allow a malicious party the ability to view...

9.3CVSS7.6AI score0.17378EPSS
Exploits0
NCSC
NCSC
•added 2022/03/09 12:0 a.m.•42 views

Vulnerabilities fixed in SAP products

Vulnerabilities have been fixed in several SAP products. The vulnerabilities potentially enable a malicious person to launch attacks execute attacks that result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Bypassing authentication. Remote code execution...

10CVSS8.4AI score0.99999EPSS
Exploits371
Total number of security vulnerabilities4189