Lucene search
K
NcscMost viewed

4190 matches found

NCSC
NCSC
•added 2023/03/16 12:0 a.m.•6 views

Vulnerability fixed in Adobe Creative Cloud Desktop Application

Adobe has fixed a vulnerability in Creative Cloud Desktop Application. A local malicious person could abuse the vulnerability to execute arbitrary code. The malicious party does not need prior authorizations on the application. Adobe has released updates to fix the vulnerability in Creative Cloud...

8.6CVSS7.1AI score0.00355EPSS
Exploits0
NCSC
NCSC
•added 2023/03/16 12:0 a.m.•6 views

Vulnerabilities fixed in Adobe Dimension

Adobe has fixed vulnerabilities in Dimension. A local malicious person could exploit the vulnerabilities to execute arbitrary code execute with application privileges, or to access gain access to sensitive data in the context of the application. Adobe has released updates to fix the vulnerabiliti...

7.8CVSS7.3AI score0.00437EPSS
Exploits0
NCSC
NCSC
•added 2023/03/08 12:0 a.m.•6 views

Vulnerability fixed in FortiOS

FortiNet has fixed a vulnerability in FortiOS. The vulnerability is located in the management environment and allows an unauthenticated malicious person, with access to that management interface, be able to perform a denial-of-service on the management interface, or execute arbitrary code on the...

9.8CVSS7.7AI score0.17797EPSS
Exploits1
NCSC
NCSC
•added 2023/03/08 12:0 a.m.•6 views

Vulnerabilities fixed in Google Chrome

Google has fixed several vulnerabilities in Chrome. A remote malicious person could exploit the vulnerabilities to perform execute attacks that could result in the following categories of damage: Denial-of-Service DoS Circumvention of security measure Remote code execution User rights Access to...

8.8CVSS9.7AI score0.01163EPSS
Exploits7
NCSC
NCSC
•added 2023/03/02 12:0 a.m.•6 views

Vulnerability fixed in Cisco Finesse and Unified Contact Center

Cisco has fixed a vulnerability in Finesse and Unified Contact Center. The vulnerability is in the nginx component. When configured as a reverse proxy, an unauthenticated remote malicious person could exploit it to cause a denial-of-service on the system. Cisco has released updates to fix the...

7.5CVSS6.9AI score0.00795EPSS
Exploits0
NCSC
NCSC
•added 2023/03/02 12:0 a.m.•6 views

Vulnerabilities fixed in HP Serviceguard

HP has fixed vulnerabilities in Serviceguard. A malicious person could exploit the vulnerabilities to cause a denial-of-service, or possibly to execute arbitrary code with application privileges. HP has released updates to fix the vulnerabilities in Serviceguard linux A.15.00.00 and A.12.80.05. F...

9.8CVSS7.7AI score0.00787EPSS
Exploits0
NCSC
NCSC
•added 2023/02/24 12:0 a.m.•6 views

Vulnerabilities fixed in Cisco Firepower and UCS Fabric Interconnect systems

Cisco has fixed vulnerabilities in FX-OS, as used in Firepower and UCS Fabric systems. The vulnerability with reference CVE-2023-20016 allows a malicious person with access to backups to gain access to the backup data from the vulnerable devices. This allows the malicious party gain access to the...

6.7CVSS8.2AI score0.00223EPSS
Exploits0
NCSC
NCSC
•added 2023/02/20 12:0 a.m.•6 views

Vulnerabilities fixed in IBM MQ Operator and Queue Manager

IBM has fixed vulnerabilities in MQ Operator and Queue Manager. An unauthenticated malicious person could exploit them to cause a denial-of-service, or potentially execute arbitrary code on the vulnerable system. The vulnerabilities are located in the underlying libksba and sqlite libraries. IBM...

9.8CVSS9.7AI score0.19193EPSS
Exploits4
NCSC
NCSC
•added 2023/02/17 12:0 a.m.•6 views

Vulnerabilities fixed in ClamAV

ClamAV has fixed two vulnerabilities in ClamAV. A unauthenticated remote malicious person could exploit them to obtain sensitive information, or to execute arbitrary code with privileges from ClamAV. ClamAV has released updates to fix the vulnerabilities in ClamAV 1.0.1, 0.105.2 and 0.103.8. For...

9.8CVSS7.9AI score0.29314EPSS
Exploits5
NCSC
NCSC
•added 2023/02/16 12:0 a.m.•6 views

Vulnerabilities fixed in Git and GitLab

The Git community has fixed vulnerabilities in Git. A malicious party with a repository under its control could exploit the vulnerabilities to gain access to sensitive data, or overwrite arbitrary files on the system of the victim's system. The vulnerability is in the way Git handles symbolic...

7.5CVSS9.7AI score0.01144EPSS
Exploits3
NCSC
NCSC
•added 2023/02/14 12:0 a.m.•6 views

Vulnerabilities fixed in Microsoft Office

Microsoft has fixed vulnerabilities in several Office components. For an overview of the vulnerabilities, see list below. The most serious vulnerability is in MS Word and has attribute CVE-2023-21716 assigned. This vulnerability allows a remote malicious person to execute arbitrary code with user...

9.8CVSS7AI score0.82302EPSS
Exploits11
NCSC
NCSC
•added 2023/02/14 12:0 a.m.•6 views

Vulnerabilities fixed in Microsoft Windows

Microsoft has fixed vulnerabilities in Windows. The vulnerabilities allow a malicious person to carry out attacks execute attacks that can lead to the following categories of damage: Denial-of-Service DoS. Remote code execution Administrator/Root rights Remote code execution User rights Access to...

9.8CVSS7.1AI score0.43172EPSS
Exploits0
NCSC
NCSC
•added 2023/02/14 12:0 a.m.•6 views

Vulnerabilities fixed in IBM Qradar SIEM

IBM has fixed several vulnerabilities in Qradar SIEM. The vulnerabilities are in underlying third-party products and have been previously fixed by the relevant developers and already previously described in previous security advisories. IBM is now bundling these updates now in the latest version ...

9.8CVSS6.2AI score0.06451EPSS
Exploits6
NCSC
NCSC
•added 2023/02/14 12:0 a.m.•6 views

Vulnerabilities fixed in Apple macOS, iOS, iPadOS and Safari

Apple has fixed vulnerabilities in macOS Ventura, iOS, iPadOS and Safari for Big Sur and Monterey. A malicious party could exploit vulnerabilities to execute arbitrary code, or to gain access to sensitive data. To execute code with kernel privileges, or to gain access to sensitive data, the...

8.8CVSS7.5AI score0.09426EPSS
Exploits0
NCSC
NCSC
•added 2023/02/06 12:0 a.m.•6 views

Vulnerability fixed in Dell EMC Networker

Dell has fixed a vulnerability in EMC Networker client. A unauthenticated malicious person could exploit the vulnerability to execute arbitrary code with application privileges. The vulnerability can be exploited when the Networker Client uses the oldauth authentication method. Dell has released...

9.8CVSS7.5AI score0.0103EPSS
Exploits0
NCSC
NCSC
•added 2023/02/06 12:0 a.m.•6 views

Vulnerability fixed in Dell Repository Manager

Dell has fixed a vulnerability in Repository Manager. A local malicious person could exploit the vulnerability to execute arbitrary code on the underlying operating system. The vulnerability can be exploited during the installation of systems. Dell has released updates to fix the vulnerability in...

7.8CVSS7.4AI score0.00132EPSS
Exploits0
NCSC
NCSC
•added 2023/02/02 12:0 a.m.•6 views

Vulnerabilities fixed in F5 BIG-IP

F5 has incorporated several vulnerabilities into BIG-IP. A malicious party could exploit the vulnerabilities to bypass security measures to enable traffic that is not permitted. Also, a malicious party could exploit the vulnerabilities to cause a denial-of-service on sub-processes of the BIG-IP...

8.5CVSS7.5AI score0.72646EPSS
Exploits0
NCSC
NCSC
•added 2023/02/01 12:0 a.m.•6 views

Vulnerability fixed in VMware vRealize Operations

A vulnerability has been fixed in VMware vRealize Operations. A malicious person with user privileges within the same network is able to able to bypass Cross-Site Request Forgery CSRF protection. As a result, a malicious party may be able to launch a CSRF attack cross-site request forgery attack ...

8.8CVSS6.5AI score0.00404EPSS
Exploits0
NCSC
NCSC
•added 2023/01/27 12:0 a.m.•6 views

Vulnerability remedied in Keycloak

A vulnerability has been fixed in Keycloak. A malicious party can exploit the vulnerability to gain access via path-traversal to sensitive data. The vulnerability is caused by the fact that URL redirects where the client accepts wildcards are not correctly are processed correctly. -= Red Hat =- R...

9.1CVSS6.7AI score0.05796EPSS
Exploits0
NCSC
NCSC
•added 2023/01/26 12:0 a.m.•6 views

Vulnerability found in KeePass

A vulnerability has been found in KeePass. A malicious person could potentially exploit the vulnerability to gain access to data stored in a KeePass database. This could include usernames, passwords and email addresses. Successful misuse requires that the malicious party have access to the system...

5.5CVSS6.1AI score0.03661EPSS
Exploits2
NCSC
NCSC
•added 2023/01/12 12:0 a.m.•6 views

Vulnerabilities fixed in Juniper Junos OS

Juniper has fixed vulnerabilities in Junos OS for several products. A malicious party could potentially exploit them to cause a denial-of-service. The vulnerabilities CVE-2023-22391, CVE-2023-22396, CVE-2023-22399 and CVE-2023-22403 can be exploited by an unauthenticated malicious person via the...

7.5CVSS6.8AI score0.00644EPSS
Exploits0
NCSC
NCSC
•added 2023/01/11 12:0 a.m.•6 views

Vulnerability fixed in Azure Service Fabric

A vulnerability has been fixed in Microsoft Azure Service Fabric Container. The vulnerability potentially allows a malicious party to able to take over the vulnerable Service Fabric cluster. Azure Service Fabric Container: |----------------|------|-------------------------------------| | CVE ID |...

7CVSS6.1AI score0.00708EPSS
Exploits0
NCSC
NCSC
•added 2023/01/03 12:0 a.m.•6 views

Vulnerability fixed in MISP

A vulnerability has been fixed in MISP. The vulnerability allows an authenticated malicious person to perform a Cross-Site Scripting XSS attack. Such an attack can result in the execution of arbitrary script code in the browser used to visit the application being visited. CIRCL has released an...

6.1CVSS6.6AI score0.00415EPSS
Exploits0
NCSC
NCSC
•added 2022/12/23 12:0 a.m.•6 views

Vulnerabilities fixed in HCL Lotus Notes

HCL has fixed vulnerabilities in Lotus Notes. A unauthenticated malicious person could exploit the vulnerabilities to cause a denial-of-service, or to potentially execute arbitrary execute arbitrary code with user privileges. HCL has released updates to fix the vulnerabilities in Lotus Notes 9.0....

9.8CVSS7.7AI score0.00704EPSS
Exploits0
NCSC
NCSC
•added 2022/12/23 12:0 a.m.•6 views

Vulnerability fixed in HP OfficeConnect 1820 and 1850 switches

HPO has fixed a vulnerability in the firmware of its OfficeConnect 1820 and 1850 switches. An unauthenticated malicious party could, by exploiting the vulnerability, perform a directory traversal and thereby gain access to system data. This data could potentially be used to setting up further...

7.5CVSS6.9AI score0.01765EPSS
Exploits0
NCSC
NCSC
•added 2022/12/22 12:0 a.m.•6 views

Vulnerability fixed in NetApp OnCommand Insight

NetApp has fixed a vulnerability in OnCommand Insight. A unauthenticated malicious person with access to the management interface, could exploit the vulnerability to obtain system data and cause a denial-of-service cause. The vulnerability does not allow the malicious party to access the collecte...

8.6CVSS6.8AI score0.00529EPSS
Exploits0
NCSC
NCSC
•added 2022/12/19 12:0 a.m.•6 views

Vulnerabilities fixed in Samba

Vulnerabilities have been fixed in Samba. The vulnerabilities allow a malicious party to obtain elevated privileges or to obtain sensitive data. The vulnerabilities marked CVE-2022-37966, CVE-2022-37967 and CVE-2022-38023 are vulnerabilities in RC4-HMAC that were previously fixed by Microsoft. Th...

9.8CVSS6.7AI score0.04488EPSS
Exploits0
NCSC
NCSC
•added 2022/12/16 12:0 a.m.•6 views

Vulnerability fixed in Exact Synergy

A vulnerability has been fixed in Exact Synergy Enterprise. The vulnerability allows a malicious party to use Cross-Site Scripting XSS to execute arbitrary code under the rights of the user. A malicious party needs to be authenticated to be able to see within the application a profile picture, in...

7.8CVSS6.8AI score0.00223EPSS
Exploits0
NCSC
NCSC
•added 2022/12/15 12:0 a.m.•6 views

Vulnerabilities fixed in Lansweeper

Vulnerabilities have been fixed in Lansweeper. The vulnerabilities allow a malicious party to access sensitive data and to execute arbitrary code execute arbitrary code under administrator/root privileges. The vulnerabilities marked CVE-2022-32573 and CVE-2022-29517 are exploited by sending a rog...

9.9CVSS8AI score0.60199EPSS
Exploits5
NCSC
NCSC
•added 2022/12/02 12:0 a.m.•6 views

Vulnerabilities fixed in Sophos firewall

Sophos has fixed several vulnerabilities in Sophos firewall. A malicious party could exploit the vulnerabilities to obtain system data through API calls and Cross-Site-Scripting XSS attacks. In addition, arbitrary code can be executed if the malicious party has gained management rights or gained...

9.8CVSS7AI score0.98905EPSS
Exploits0
NCSC
NCSC
•added 2022/11/24 12:0 a.m.•6 views

Vulnerabilities fixed in SolarWinds products

Vulnerabilities have been fixed in several SolarWinds products, including Platform and Orion. The vulnerabilities allow an authenticated malicious person able to execute arbitrary code execute under application permissions or to elevate permissions. SolarWinds has released updates to address the...

8.8CVSS7.5AI score0.16813EPSS
Exploits0
NCSC
NCSC
•added 2022/11/15 12:0 a.m.•6 views

Vulnerability fixed in Zoom

A vulnerability has been fixed in Zoom. The vulnerability allows a local malicious party to gain access to sensitive data, such as meeting data and chat messages sent during meetings. This is caused by a combination of insufficient cleaning of the data after the meeting is closed and the use of a...

3.3CVSS6.8AI score0.00268EPSS
Exploits0
NCSC
NCSC
•added 2022/11/11 12:0 a.m.•6 views

Vulnerabilities fixed in IBM QRadar SIEM

IBM has fixed vulnerabilities in QRadar SIEM and in the QRadar Assistant App. A malicious party could potentially exploit them for attacks that could result in the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution User rights Access to sensitive data...

9.8CVSS9.1AI score0.2241EPSS
Exploits14
NCSC
NCSC
•added 2022/10/28 12:0 a.m.•6 views

Vulnerabilities fixed in ArubaOS and SD-WAN

Aruba Networks has fixed vulnerabilities in ArubaOS and Aruba Mobility Conductor formerly Mobility Master which are used in various Aruba Networks access points. A malicious party can exploit the vulnerabilities to execute arbitrary code on the vulnerable system. execute arbitrary code on the...

9.8CVSS7.9AI score0.01697EPSS
Exploits0
NCSC
NCSC
•added 2022/10/25 12:0 a.m.•6 views

Vulnerabilities fixed in Apple iOS and iPadOS

Apple has fixed vulnerabilities in iOS and iPadOS. The vulnerabilities potentially allow a malicious person to launch attacks execute attacks that result in the following categories of damage: Manipulation of data Circumvention of security measure Remote code execution Administrator/Root rights...

9.8CVSS7.9AI score0.01996EPSS
Exploits0
NCSC
NCSC
•added 2022/10/24 12:0 a.m.•6 views

Vulnerability found in Cisco Identity Services Engine (ISE)

A vulnerability has been found in Cisco Identity Services Engine ISE. A malicious party could potentially exploit it to access and delete files stored on the vulnerable system. Successful exploitation requires authenticated access to the management interface required. It is good practice to make...

8.1CVSS6.9AI score0.0124EPSS
Exploits0
NCSC
NCSC
•added 2022/10/19 12:0 a.m.•6 views

Vulnerabilities fixed in Oracle PeopleSoft

Vulnerabilities have been fixed in Oracle PeopleSoft. The vulnerabilities allow a malicious party to launch attacks that lead to the following categories of damage: Denial-of-Service DoS Manipulation of data Access to sensitive data Oracle has fixed vulnerabilities in the following products:...

8.1CVSS6.5AI score0.1158EPSS
Exploits1
NCSC
NCSC
•added 2022/10/19 12:0 a.m.•6 views

Vulnerabilities fixed in Oracle MySQL

Vulnerabilities have been fixed in Oracle MySQL. The vulnerabilities allow a malicious party to perform attacks that lead to the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution User Rights Access to sensitive data Oracle has fixed vulnerabilities i...

9.8CVSS8.2AI score0.19193EPSS
Exploits9
NCSC
NCSC
•added 2022/10/19 12:0 a.m.•6 views

Vulnerabilities fixed in Oracle Systems

Vulnerabilities have been fixed in Oracle Systems. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution Administrator/Root privileges Access to sensitive...

8.5CVSS9.1AI score0.97906EPSS
Exploits10
NCSC
NCSC
•added 2022/10/19 12:0 a.m.•6 views

Vulnerability fixed in Oracle Hyperion

Oracle has fixed a vulnerability in Oracle Hyperion Infrastructure Technology. The vulnerability allows an unauthenticated remote malicious person able to execute arbitrary code to execute under the application's permissions. Oracle has fixed vulnerabilities in the following products: - Oracle...

9.8CVSS7.2AI score0.42646EPSS
Exploits3
NCSC
NCSC
•added 2022/10/13 12:0 a.m.•6 views

Vulnerability fixed in Palo Alto PAN-OS

Palo Alto has fixed a vulnerability in PAN-OS. The vulnerability allows a malicious person to remotely bypass authentication and impersonate an existing PAN-OS Administrator. This allows the malicious party with administrator privileges to perform actions and execute arbitrary code. Palo Alto...

8.1CVSS7.4AI score0.0083EPSS
Exploits0
NCSC
NCSC
•added 2022/10/12 12:0 a.m.•6 views

Vulnerabilities fixed in Microsoft Azure

Vulnerabilities have been fixed in Microsoft Azure. The vulnerabilities allow a malicious party to obtain elevated privileges obtain or to impersonate another user. The vulnerability with attribute CVE-2022-37968 has a CVSS of 10.0. If an unauthenticated malicious person uses the randomly generat...

10CVSS6.5AI score0.19762EPSS
Exploits0
NCSC
NCSC
•added 2022/10/03 12:0 a.m.•6 views

Vulnerabilities fixed in IBM Tivoli Monitoring

IBM has fixed vulnerabilities in Tivoli Monitoring. The vulnerabilities are in underlying software, such as Java Runtime, zlib and Eclipse and allow a malicious person to cause a denial-of-service, or to gain access to sensitive data. IBM has released updates to fix the vulnerabilities in Tivoli...

7.5CVSS8.1AI score0.51733EPSS
Exploits1
NCSC
NCSC
•added 2022/09/30 12:0 a.m.•6 views

Vulnerabilities found in Microsoft Exchange Sever

GTSC, a Vietnamese security company has found vulnerabilities in Microsoft Exchange Server 1. The vulnerabilities allow a malicious party able to execute a Server-Side Request Forgery and to execute arbitrary code. The vulnerabilities have similarities to the Exchange vulnerability from 2021 call...

8.8CVSS7.8AI score0.99964EPSS
Exploits16
NCSC
NCSC
•added 2022/09/29 12:0 a.m.•6 views

Vulnerabilities fixed in Autodesk AutoCAD and Design Review

Vulnerabilities have been fixed in Autodesk AutoCAD and Design Review. The vulnerabilities allow a malicious party to execute arbitrary code by having AutoCAD and Design Review process a rogue file to be processed. Autodesk has released updates to address the vulnerabilities. fix. More informatio...

7.8CVSS7.4AI score0.00658EPSS
Exploits0
NCSC
NCSC
•added 2022/09/29 12:0 a.m.•6 views

Vulnerabilities fixed in SolarWinds Orion

Vulnerabilities have been fixed in SolarWinds Orion. The vulnerabilities allow an authenticated malicious person with access to the network is able to launch attacks that lead to the following categories of damage: Cross-Site Scripting XSS. Remote code execution User Rights SQL Injection Access t...

8.8CVSS7.1AI score0.75174EPSS
Exploits0
NCSC
NCSC
•added 2022/09/29 12:0 a.m.•6 views

Vulnerabilities fixed in Matrix SDKs

Matrix has fixed vulnerabilities in the following SDKs; matrix-js-sdk, matrix-ios-sdk and matrix-android-sdk2. These SDKs are used in a number of Matrix-based clients including the popular Element. The vulnerabilities allow a malicious able to perform attacks that result in the following categori...

8.6CVSS7AI score0.01001EPSS
Exploits0
NCSC
NCSC
•added 2022/09/28 12:0 a.m.•6 views

Vulnerabilities fixed in IBM WebSphere Application Server and QRadar

IBM has fixed vulnerabilities in WebSphere Application Server and QRadar User Behavior Analytics. The vulnerabilities allow a malicious party able to gain access to system data or execute a Server-Side Request Forgery. Both vulnerabilities require that a malicious party already has access to the...

6.5CVSS6.8AI score0.00478EPSS
Exploits0
NCSC
NCSC
•added 2022/09/14 12:0 a.m.•6 views

Vulnerabilities fixed in Trend Micro Apex One

Trend Micro has fixed vulnerabilities in Apex One. The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS. Circumvention of authentication Remote code execution Administrator/Root rights Access to...

9.8CVSS7.7AI score0.03054EPSS
Exploits0
NCSC
NCSC
•added 2022/09/13 12:0 a.m.•6 views

Vulnerabilities fixed in Sophos Firewall

Sophos has fixed vulnerabilities in Sophos Firewall. The vulnerabilities potentially enable a malicious party to launch attacks execute attacks leading to the following categories of damage: Cross-Site Scripting XSS. Bypassing authentication Remote code execution Administrator/Root rights Remote...

10CVSS7.5AI score0.99796EPSS
Exploits14
Total number of security vulnerabilities4190