Lucene search
K
NcscMost viewed

4190 matches found

NCSC
NCSC
•added 2022/05/03 12:0 a.m.•6 views

Vulnerabilities fixed in GitLab Community Edition and Enterprise Edition

Vulnerabilities have been fixed in GitLab. The vulnerabilities allow a malicious person to perform attacks that lead to the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Bypassing authentication Circumvention of security measure Remote code execution User rights...

8.8CVSS6.8AI score0.82003EPSS
Exploits4
NCSC
NCSC
•added 2022/04/21 12:0 a.m.•6 views

Vulnerabilities fixed in Cisco products

Vulnerabilities have been fixed in several Cisco products. The vulnerabilities allow a malicious party to carry out attacks execute attacks that potentially result in the following categories of damage: Cross-Site Request Forgery XSRF. Cross-Site Scripting XSS Denial-of-Service DoS. Manipulation ...

8.5CVSS6.8AI score0.01995EPSS
Exploits0
NCSC
NCSC
•added 2022/04/20 12:0 a.m.•6 views

Vulnerabilities fixed in Oracle Database Server

Oracle has fixed vulnerabilities in the following products: Database - Enterprise Edition Database Configuration Assistant Spatial and Graph Application Express APEX The vulnerabilities potentially enable a malicious party to execute attacks that result in the following categories of damage:...

8.2CVSS7.5AI score0.01655EPSS
Exploits1
NCSC
NCSC
•added 2022/04/19 12:0 a.m.•6 views

Vulnerabilities fixed in Autodesk products

Autodesk has fixed vulnerabilities in several products including AutoCAD and Design Review. The vulnerabilities allow a malicious party to execute arbitrary code under rights of the application. To do this, the malicious party needs to victim to open a rogue file. Autodesk has released updates to...

7.8CVSS7.8AI score0.07734EPSS
Exploits0
NCSC
NCSC
•added 2022/04/15 12:0 a.m.•6 views

Vulnerabilities fixed in Asterisk

Vulnerabilities have been fixed in Asterisk and Certified Asterisk. These vulnerabilities potentially allow a malicious party to perform an SQL injection attack, issue arbitrary requests or download send arbitrary requests or download larger than allowed files. Asterisk has made updates available...

9.8CVSS7.5AI score0.16406EPSS
Exploits0
NCSC
NCSC
•added 2022/04/13 12:0 a.m.•6 views

Vulnerabilities fixed in Apache Subversion (SVN)

Apache has fixed vulnerabilities in Subversion SVN. The vulnerabilities allow an unauthenticated remote malicious agent to remotely capable of causing a denial-of-service or obtain system information. -= SUSE =- SUSE has made updates available to fix the vulnerability in SUSE 15. fix in SUSE 15...

7.5CVSS7AI score0.09254EPSS
Exploits1
NCSC
NCSC
•added 2022/04/12 12:0 a.m.•6 views

Vulnerabilities fixed in Microsoft Office

Vulnerabilities have been fixed in Microsoft Office products. The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Remote code execution User rights. Spoofing Access to sensitive data The tables below provide an...

8CVSS7AI score0.03301EPSS
Exploits0
NCSC
NCSC
•added 2022/04/07 12:0 a.m.•6 views

Vulnerabilities fixed in VMware products

Vulnerabilities have been fixed in several VMware products. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Cross-Site Request Forgery XSRF. Bypassing authentication Circumvention of security measure Remote code...

10CVSS7.9AI score0.99997EPSS
Exploits39
NCSC
NCSC
•added 2022/04/06 12:0 a.m.•6 views

Vulnerabilities fixed in MediaWiki

There are vulnerabilities in MediaWiki. A malicious party could vulnerabilities potentially exploit them to cause a denial-of-service cause. To exploit, the malicious party must be able to modify page titles or only be able to modify a specially prepared URI to visit. A malicious party can exploi...

7.5CVSS6.9AI score0.01152EPSS
Exploits3
NCSC
NCSC
•added 2022/04/04 12:0 a.m.•6 views

Vulnerability fixed in ABB 800xA for AC. 800MCompact

ABB has fixed a vulnerability in 800xA, Control Software for AC 800MCompact. The vulnerability allows an authenticated malicious person with network access to the vulnerable system able to perform a denial-of-service. ABB has released updates to fix the vulnerability. Mitigating measures have als...

7.8CVSS6.9AI score0.0091EPSS
Exploits1
NCSC
NCSC
•added 2022/03/30 12:0 a.m.•6 views

Vulnerabilities fixed in Salt

Several vulnerabilities have been fixed in Salt. The vulnerabilities allow a malicious person to perform the following attacks execute: - altering piller data sent by the master to the minion - denial-of-service on a minion process by impersonating a rogue master - resending file server...

8.8CVSS7AI score0.01586EPSS
Exploits0
NCSC
NCSC
•added 2022/03/25 12:0 a.m.•6 views

Vulnerability found in Atlassian Confluence Datacenter

A vulnerability has been found in Atlassian Confluence Datacenter. An unauthenticated malicious party could potentially exploit the vulnerability potentially exploit it to execute arbitrary code. Confluence Datacenter systems are only vulnerable when using the cluster functionality. Confluence...

8.1CVSS6.9AI score0.03711EPSS
Exploits1
NCSC
NCSC
•added 2022/03/17 12:0 a.m.•6 views

Vulnerabilities fixed in BIND

The Internet Systems Consortium ISC has fixed vulnerabilities in BIND. An unauthenticated remote malicious person can exploit the exploit the vulnerabilities to perform a cache-poisoning attack or cause a denial-of-service. One of the fixed vulnerabilities has been given the attribute CVE-2022-06...

7.5CVSS7.4AI score0.0325EPSS
Exploits0
NCSC
NCSC
•added 2022/03/10 12:0 a.m.•6 views

Vulnerability fixed in PAN-OS

A vulnerability has been fixed in PAN-OS. The vulnerability with reference CVE-2022-0022 allows a malicious person with access to the system's password hashes, to crack the hashes to crack and thus gain access to the passwords. This vulnerability arose because PAN-OS uses a weak cryptographic...

4.6CVSS6.8AI score0.00122EPSS
Exploits0
NCSC
NCSC
•added 2022/03/09 12:0 a.m.•6 views

Vulnerabilities fixed in Adobe products

Adobe has fixed vulnerabilities in Photoshop, Illustrator and After Effects. The vulnerabilities allow a malicious person to to execute arbitrary code within the context of the user, or gain access to sensitive data. To exploit the vulnerabilities, an attacker must entice a user to open a rogue...

9.3CVSS7.8AI score0.04306EPSS
Exploits0
NCSC
NCSC
•added 2022/03/09 12:0 a.m.•6 views

Vulnerabilities fixed in Intel processors

Intel has fixed vulnerabilities in processors from the Atom, Core, Celeron and Atom families. A malicious person with physical access to the system could exploit the vulnerability to, among other things access sensitive data and potentially gain elevated privileges, among other things. obtain...

6.8CVSS5.5AI score0.00508EPSS
Exploits0
NCSC
NCSC
•added 2022/03/07 12:0 a.m.•6 views

Vulnerabilities fixed in Bitdefender products

Vulnerabilities have been fixed in Bitdefender products. The vulnerabilities allow a local malicious agent to cause a denial-of-service or to obtain elevated privileges. obtained. Bitdefender has released updates to address the vulnerabilities. fixes. More information can be found on the pages...

7.8CVSS6.4AI score0.00758EPSS
Exploits0
NCSC
NCSC
•added 2022/02/24 12:0 a.m.•6 views

Vulnerabilities fixed in Juniper JunOS

Juniper has fixed two vulnerabilities in JunOS for the MX and SRX series systems. An unauthenticated remote malicious person could exploit the vulnerabilities to cause a denial-of-service on the systems that have SIP Application Layer Gateway SIP ALG active. This gateway is active when the system...

7.5CVSS7.2AI score0.00945EPSS
Exploits0
NCSC
NCSC
•added 2022/02/09 12:0 a.m.•6 views

Vulnerability fixed in Adobe After Effects

Adobe has fixed a vulnerability in After Effects. A malicious party could exploit the vulnerability to execute arbitrary code execute arbitrary code with the victim's privileges. The malicious party must entice the victim to open a rogue file to do so. Adobe has released updates to fix the...

7.8CVSS7.7AI score0.02804EPSS
Exploits0
NCSC
NCSC
•added 2022/02/08 12:0 a.m.•6 views

Vulnerabilities fixed in Siemens products

Several vulnerabilities have been fixed in Siemens products. The vulnerabilities potentially allow a malicious party to gain access to sensitive data or cause a denial-of-service cause. To exploit the vulnerabilities, the malicious party must have access to the production environment. It is good...

8.8CVSS8.3AI score0.50445EPSS
Exploits0
NCSC
NCSC
•added 2022/02/07 12:0 a.m.•6 views

Vulnerability fixed in F5 BIG-IP

F5 has fixed a vulnerability in BIG-IP. A malicious person with rights to execute regular expressions could exploit the exploit the vulnerability to cause a denial-of-service, or potentially execute arbitrary code on the system. F5 has released updates to fix the vulnerability in BIG-IP 16.1.2,...

8.6CVSS7.8AI score0.04879EPSS
Exploits0
NCSC
NCSC
•added 2022/02/07 12:0 a.m.•6 views

Vulnerability fixed in XWiki

A vulnerability has been fixed in XWiki. A malicious party can exploit the exploit the vulnerability to perform a stored Cross-Site Scripting XSS attack. Such an attack can lead to the execution of arbitrary script code in the browser used to visit the application is visited. For the vulnerabilit...

5.4CVSS6.6AI score0.0087EPSS
Exploits1
NCSC
NCSC
•added 2022/02/03 12:0 a.m.•6 views

Vulnerability fixed in Zoho ManageEngine Desktop Central

A vulnerability has been fixed in Zoho ManageEngine Desktop Central. The vulnerability allows a logged-in user to change passwords of other users, including users with elevated privileges. Zoho has released updates to fix the vulnerability. More information can be found on the page below:...

6.5CVSS6.6AI score0.0192EPSS
Exploits1
NCSC
NCSC
•added 2022/02/03 12:0 a.m.•6 views

Vulnerabilities fixed in Cisco Small Business RV routers

Cisco has fixed vulnerabilities in Small Business RV routers. The vulnerabilities potentially enable a malicious party to execute attacks that result in the following categories of damage: Denial-of-Service DoS. Remote code execution Administrator/Root rights Remote code execution User rights...

10CVSS8.3AI score0.80031EPSS
Exploits10
NCSC
NCSC
•added 2022/02/03 12:0 a.m.•6 views

Vulnerability fixed in Arista EOS

A vulnerability has been fixed in Arista EOS. Arista EOS is a Linux-based operating system installed on network equipment from Arista. With eAPI it is possible to remotely manage and configure Arista's network equipment. When authentication is based on certificates, it is possible that eAPI...

9.8CVSS7AI score0.00735EPSS
Exploits0
NCSC
NCSC
•added 2022/01/31 12:0 a.m.•6 views

Vulnerabilities fixed in Samba

Vulnerabilities have been fixed in Samba. The vulnerabilities allow a malicious person to perform attacks leading to the following categories of damage: Denial-of-Service DoS. Remote code execution Administrator/Root privileges Spoofing Access to system data The vulnerability with attribute...

9CVSS7.8AI score0.74042EPSS
Exploits1
NCSC
NCSC
•added 2022/01/28 12:0 a.m.•6 views

Vulnerabilities fixed in Foxit PDF Reader and Foxit PDF Editor

Vulnerabilities have been fixed in the PDF Reader and PDF Editor from Foxit. The vulnerabilities allow a malicious party to perform attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution User rights Access to system data This...

9.8CVSS7.8AI score0.49839EPSS
Exploits2
NCSC
NCSC
•added 2022/01/25 12:0 a.m.•6 views

Vulnerabilities fixed in Trend Micro Deep Security

Two vulnerabilities have been fixed in Trend Micro Deep Security Agent for Linux. The vulnerability with attribute CVE-2022-23119 can be exploited if access is gained to the Deep Security Manager or on devices on which the agent is not yet not yet activated or configured. The vulnerability with...

7.8CVSS7.6AI score0.2225EPSS
Exploits2
NCSC
NCSC
•added 2022/01/19 12:0 a.m.•6 views

Vulnerabilities fixed in Oracle Virtualization

Oracle has fixed vulnerabilities in VM VirtualBox. A malicious party needs local access rights to exploit the vulnerabilities. ------------------.------.------------------------------------- | CVE ID | CVSS | Vector |. |------------------|------|-------------------------------------| |...

6.5CVSS6.4AI score0.0066EPSS
Exploits0
NCSC
NCSC
•added 2022/01/19 12:0 a.m.•6 views

Vulnerabilities fixed in Oracle E-Business Suite

Oracle has fixed vulnerabilities in the following Oracle E-Business Suite products: Configurator Time and Labor iStore Trade Management Partner Management Installed Base Sourcing Project Costing The vulnerabilities enable a malicious person to carry out attacks execute attacks that result in the...

8.1CVSS6.5AI score0.28839EPSS
Exploits1
NCSC
NCSC
•added 2022/01/18 12:0 a.m.•6 views

Vulnerabilities fixed in Expat

Developers have fixed vulnerabilities in Expat. The vulnerabilities allow a remote malicious person to perform a Denial-of-Service. To do this, the malicious party must send an XML tag with an overflow of attributes to the vulnerable XML server send or trigger an integer overflow on various...

9.8CVSS9.5AI score0.04829EPSS
Exploits2
NCSC
NCSC
•added 2022/01/13 12:0 a.m.•6 views

Vulnerabilities fixed in Cisco products

Vulnerabilities have been fixed in Cisco products. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Cross-Site Scripting XSS. Access to sensitive data Increased user privileges Cisco has released updates to fix the...

9.6CVSS6.1AI score0.01649EPSS
Exploits1
NCSC
NCSC
•added 2022/01/11 12:0 a.m.•6 views

Vulnerability fixed in Microsoft Developer Tools

Microsoft has fixed a vulnerability in the .NET Framework. A malicious person with access to the network can exploit the vulnerability potentially exploit it to launch a denial-of-service attack. .NET Framework: |----------------|------|-------------------------------------| | CVE ID | CVSS |...

7.5CVSS6.2AI score0.03052EPSS
Exploits0
NCSC
NCSC
•added 2022/01/06 12:0 a.m.•6 views

Vulnerabilities fixed in SonicOS

SonicWall has fixed two vulnerabilities in SonicOS. A remote malicious party could potentially exploit the vulnerabilities to cause a denial-of-service or execute arbitrary code execute arbitrary code on the underlying system with the privileges of the logged-in user. To accomplish this, the...

8.8CVSS7.9AI score0.01939EPSS
Exploits0
NCSC
NCSC
•added 2022/01/05 12:0 a.m.•6 views

Vulnerabilities fixed in Google Android

Vulnerabilities have been fixed in Google Android. The vulnerabilities allow a malicious person to carry out attacks execute attacks that can lead to the following categories of damage: Denial-of-Service DoS Access to sensitive data Increased user privileges This update also fixes vulnerabilities...

10CVSS8.6AI score0.0215EPSS
Exploits1
NCSC
NCSC
•added 2022/01/04 12:0 a.m.•6 views

Vulnerabilities fixed in HCL Technologies Digital Experience

A Server Side Request Forgery SSRF vulnerability has been fixed in HCL Technologies Digital Experience formerly known as IBM WebSphere Portal. The vulnerability potentially allows a malicious person able to gain access to systems that they initially should not have access to. The researchers who...

7.5CVSS8.8AI score0.01666EPSS
Exploits1
NCSC
NCSC
•added 2021/12/27 12:0 a.m.•6 views

Vulnerabilities fixed in NetBSD

Vulnerabilities have been fixed in NetBSD's IP stack. Because the randomizer for IP packet ID is not turned on by default, and the randomizer is not random enough when it is enabled, a malicious party can analyze the IP traffic and possibly gain access to sensitive data via a man-in-the-middle...

7.5CVSS6.9AI score0.00964EPSS
Exploits0
NCSC
NCSC
•added 2021/12/14 12:0 a.m.•6 views

Vulnerabilities fixed in IBM MQ for HPE NonStop Server

Vulnerabilities have been fixed in IBM MQ used in the HPE NonStop Server. The vulnerabilities allow a malicious person to able to perform attacks that result in the following categories of damage: Denial-of-Service DoS. Access to system data Increased user privileges IBM has released updates to f...

7.8CVSS7.4AI score0.50445EPSS
Exploits0
NCSC
NCSC
•added 2021/12/09 12:0 a.m.•6 views

Vulnerabilities fixed in Bentley View and Microstation

Bentley Systems has fixed several vulnerabilities in Bentley View and Microstation. A malicious party could potentially exploit them to cause a denial-of-service, or to execute arbitrary code with the victim's privileges. The malicious party does not need prior authentication, but must entice the...

7.8CVSS7.5AI score0.0205EPSS
Exploits0
NCSC
NCSC
•added 2021/11/29 12:0 a.m.•6 views

Vulnerabilities fixed in Dell EMC CloudLink

Vulnerabilities have been fixed in Dell EMC CloudLink. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Bypassing authentication Remote code execution application rights...

9.8CVSS7.5AI score0.02076EPSS
Exploits0
NCSC
NCSC
•added 2021/11/29 12:0 a.m.•6 views

Vulnerability fixed in Trend Micro Antivirus for Mac

Trend Micro has released updated versions of the Trend Micro Antivirus for macOS. Abuse of this vulnerability may result in increased user privileges as a result. Trend Micro has released updates to address the vulnerabilities. fix. More information can be found on the page below:...

7.8CVSS6.6AI score0.00322EPSS
Exploits0
NCSC
NCSC
•added 2021/11/29 12:0 a.m.•6 views

Vulnerability fixed in Sophos SG UTM

A SQL injection vulnerability has been fixed in the user portal of Sophos SG UTM. An authenticated user could potentially execute arbitrary code. Sophos has released updates to fix the vulnerabilities. For more information, see: https://www.sophos.com/en-us/security-advisories...

8.8CVSS8.2AI score0.0145EPSS
Exploits0
NCSC
NCSC
•added 2021/11/22 12:0 a.m.•6 views

Vulnerabilities fixed in Dell Wyse Management Suite

Dell has fixed two vulnerabilities in Wyse Management Suite. An unauthenticated malicious person could exploit them to execute arbitrary code on the vulnerable system. Also, through a man-in-the-middle attack to gain access to sensitive data. This update also includes previously fixed...

9.8CVSS8.9AI score0.87816EPSS
Exploits2
NCSC
NCSC
•added 2021/11/16 12:0 a.m.•6 views

Vulnerabilities fixed in IBM MQ

IBM has fixed vulnerabilities in MQ. The vulnerabilities allow a malicious person potentially able to launch attacks that lead to the following categories of damage: Denial-of-Service DoS Remote code execution User Rights Access to sensitive data The vulnerability with attribute CVE-2021-28165 ha...

7.8CVSS7.6AI score0.53861EPSS
Exploits2
NCSC
NCSC
•added 2021/11/16 12:0 a.m.•6 views

Vulnerabilities found in Veritas Enterprise Vault

Vulnerabilities have been found in Veritas Enterprise Vault. A malicious party could potentially exploit the vulnerabilities to run execute arbitrary code on an Enterprise Vault server. To do this, the malicious party must send malicious network traffic to the vulnerable server. To successfully...

7.5AI score
Exploits0
NCSC
NCSC
•added 2021/11/11 12:0 a.m.•6 views

Vulnerabilities fixed in Palo Alto PAN-OS and GlobalProtect

Palo Alto Networks has fixed vulnerabilities in PAN-OS. The vulnerabilities potentially enable a malicious person to launch attacks execute attacks that result in the following categories of damage: Circumvention of security measure. Remote code execution Administrator/Root privileges...

10CVSS8AI score0.33875EPSS
Exploits2
NCSC
NCSC
•added 2021/11/09 12:0 a.m.•6 views

Vulnerabilities fixed in Microsoft Office

Microsoft has fixed vulnerabilities in Microsoft Office. The vulnerabilities allow a malicious party to execute arbitrary execute arbitrary code under user privileges or circumvent a security measure to bypass Excel. The vulnerability with reference CVE-2021-42292 has been actively exploited...

7.8CVSS7.4AI score0.31949EPSS
Exploits1
NCSC
NCSC
•added 2021/11/09 12:0 a.m.•6 views

Vulnerabilities fixed in Citrix ADC, Gateway and SD-WAN WANOP Edition

Citrix has fixed two vulnerabilities in Citrix Application Delivery Controller ADC, Citrix Gateway and Citrix SD-WAN WANOP Edition. The vulnerabilities allow a remote malicious party to able to cause a denial-of-service DoS. The vulnerability with reference CVE-2021-22955 is located in Citrix ADC...

7.5CVSS9.2AI score0.00894EPSS
Exploits0
NCSC
NCSC
•added 2021/11/08 12:0 a.m.•6 views

Vulnerability fixed in IBM MQ

A vulnerability has been fixed in IBM MQ. The vulnerability allows a remote malicious person to perform a denial-of-service DoS execution. IBM has released updates to fix the vulnerability. More information can be found on the page below: https://www.ibm.com/support/pages/node/6513681...

6.5CVSS6.7AI score0.00909EPSS
Exploits0
NCSC
NCSC
•added 2021/11/05 12:0 a.m.•6 views

Vulnerability fixed in FortiWeb

A vulnerability has been fixed in FortiWeb. The vulnerability allows an unauthenticated malicious person who is in the network of the victim is able to execute arbitrary code by sending a rogue HTTP request. Fortinet made few substantive details available. Fortinet has released updates to fix the...

9.8CVSS7.1AI score0.01561EPSS
Exploits0
Total number of security vulnerabilities4190