Lucene search
K
NcscMost viewed

4189 matches found

NCSC
NCSC
added 2026/05/20 6:21 a.m.42 views

Vulnerabilities found in Microsoft Windows

Microsoft has published measures to address a vulnerability in Windows operating systems that could allow malicious individuals to access data encrypted via BitLocker. The vulnerability involves bypassing a security feature in Windows, known as “YellowKey”. A proof of concept is available that...

6.8CVSS6AI score0.01249EPSS
Exploits2References1
NCSC
NCSC
added 2022/08/15 12:0 a.m.42 views

Vulnerabilities fixed in NVIDIA GPU Display Drivers

NVidia has fixed vulnerabilities in the GPU Display Driver, and supporting software. The vulnerabilities allow a local malicious party to carry out attacks resulting in the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution Administrator/Root rights...

7.8CVSS7.6AI score0.00378EPSS
Exploits0
NCSC
NCSC
added 2022/04/13 12:0 a.m.42 views

Vulnerabilities fixed in Adobe products

Adobe has fixed vulnerabilities in Acrobat, After Effects, Photoshop and Reader. The vulnerabilities allow a malicious person to able to execute arbitrary code within the context of the user. The vulnerabilities in Acrobat and Reader additionally allow a malicious party the ability to view...

9.3CVSS7.6AI score0.17804EPSS
Exploits0
NCSC
NCSC
added 2022/03/09 12:0 a.m.42 views

Vulnerabilities fixed in SAP products

Vulnerabilities have been fixed in several SAP products. The vulnerabilities potentially enable a malicious person to launch attacks execute attacks that result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Bypassing authentication. Remote code execution...

10CVSS8.4AI score0.99999EPSS
Exploits372
NCSC
NCSC
added 2021/10/27 12:0 a.m.42 views

Vulnerabilities fixed in Adobe Premiere Elements

Adobe has fixed vulnerabilities in Adobe Premiere Elements. A remote malicious party could potentially exploit the vulnerabilities to cause a denial-of-service DoS, or execute arbitrary code execute arbitrary code on the system under the application's privileges. The malicious party to do this mu...

9.3CVSS7.8AI score0.01603EPSS
Exploits0
NCSC
NCSC
added 2021/02/09 12:0 a.m.42 views

Vulnerabilities fixed in Siemens Scalance products

Siemens has fixed several vulnerabilities in SCALANCE switches. A malicious party could exploit the vulnerabilities to cause a denial-of-service, for obtaining sensitive data or to perform management actions under the privileges of the affected user. To cause a denial-of-service, or perform...

8.6CVSS7AI score0.01361EPSS
Exploits0
NCSC
NCSC
added 2026/01/16 10:11 a.m.41 views

Vulnerabilities fixed in TYPO3 CMS

TYPO3 has fixed vulnerabilities in TYPO3 CMS Specific to certain versions. The vulnerabilities in TYPO3 CMS allow attackers to bypass field-level access controls, insert unauthorized data into restricted database fields, and manipulate redirect records without any restrictions. In addition,...

8.1CVSS7.4AI score0.0038EPSS
Exploits0References4
NCSC
NCSC
added 2022/12/14 12:0 a.m.41 views

Vulnerabilities fixed in several VMware products

VMWare has fixed several vulnerabilities in its products: VMware Workspace ONE Access and Identity Manager, VMware ESXi, VMware Workstation Pro / Player, VMware Fusion Pro / Fusion, VMware Cloud Foundation and VMware vRealize Impact A malicious party could potentially exploit the vulnerabilities ...

9.8CVSS8AI score0.01792EPSS
Exploits1
NCSC
NCSC
added 2022/06/30 12:0 a.m.41 views

Vulnerabilities fixed in IBM Spectrum Protect

IBM has fixed vulnerabilities in several components of Spectrum Protect. The vulnerabilities allow a malicious potentially able to launch attacks that result in the following categories of damage: Denial-of-Service DoS Circumvention of security measure Remote code execution User rights Access to...

9.8CVSS7.5AI score0.88106EPSS
Exploits134
NCSC
NCSC
added 2025/09/09 3:16 p.m.40 views

Vulnerabilities fixed in Schneider Electric Saitel

Schneider Electric has fixed vulnerabilities in Saitel components. The vulnerabilities are in how the BLMon Console handles special elements in operating system commands during SSH sessions. A malicious party could exploit these vulnerabilities to execute unauthorized shell commands, which could...

5.8CVSS7.5AI score0.00537EPSS
Exploits0References1
NCSC
NCSC
added 2024/04/05 12:0 a.m.40 views

Vulnerabilities fixed in Esri Arcgis Portal

Esri has fixed vulnerabilities in Arcgis Portal. A malicious party could exploit the vulnerabilities to launch a Cross-Site Scripting attack, or perform a Cross-Site-Request-Forgery execution. Such attacks can lead to execution of arbitrary code in the victim's browser, or access to sensitive dat...

9.9CVSS7AI score0.01265EPSS
Exploits0
NCSC
NCSC
added 2023/10/12 12:0 a.m.40 views

Vulnerabilities fixed in FortiOS

FortiNet has fixed vulnerabilities in FortiOS. The vulnerabilities are located in the management environment and allow an unauthenticated malicious person, with access to that management interface, be able to perform a denial-of-service on the management interface, execute arbitrary code on the...

8.8CVSS7.9AI score0.0102EPSS
Exploits0
NCSC
NCSC
added 2023/03/31 12:0 a.m.40 views

Vulnerabilities fixed in IBM QRadar SIEM and User Behavior Analytics

IBM fixed vulnerabilities in QRadar SIEM and User Behavior Analytics. A malicious party could exploit the vulnerabilities to perform attacks that could result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Manipulation of data Circumvention of security...

9.8CVSS7.5AI score0.55367EPSS
Exploits71
NCSC
NCSC
added 2022/11/03 12:0 a.m.40 views

Vulnerabilities fixed in Splunk Enterprise

Several vulnerabilities have been fixed in Splunk Enterprise. The vulnerabilities can be exploited by a malicious person to perform attacks that result in the following categories of damage: Cross-Site Scripting XSS. Denial-of-Service DoS. Remote code execution Administrator/Root rights Remote co...

8.8CVSS7.3AI score0.42801EPSS
Exploits10
NCSC
NCSC
added 2022/07/21 12:0 a.m.40 views

Vulnerabilities fixed in Apple macOS

Apple has fixed multiple vulnerabilities in macOS Monterey, Big Sur and Catalina. The vulnerabilities allow a malicious person to able to perform attacks that result in the following categories of damage: Denial-of-Service DoS. Circumvention of security measure Remote code execution Kernel/Root...

10CVSS8.9AI score0.70461EPSS
Exploits16
NCSC
NCSC
added 2021/07/13 12:0 a.m.40 views

Vulnerabilities fixed in SAP products

Vulnerabilities have been fixed in several SAP products. The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Bypassing authentication Remote code execution User rights Acces...

9.8CVSS7.3AI score0.03158EPSS
Exploits2
NCSC
NCSC
added 2021/01/12 12:0 a.m.41 views

Vulnerabilities found in Microsoft Windows

Microsoft fixes multiple vulnerabilities in Windows. A malicious party could potentially exploit the vulnerabilities to: - cause a denial-of-service, - bypass security measures, - execute arbitrary code, - obtain elevated privileges, - gain access to sensitive data. Below is a summary of the...

9.8CVSS7.3AI score0.0938EPSS
Exploits3
NCSC
NCSC
added 2026/05/26 7:50 a.m.39 views

Kwetsbaarheid verholpen in Cisco Secure Workload

Cisco has identified a vulnerability in Cisco Secure Workload. This vulnerability resides within the internal REST APIs of Cisco Secure Workload. Unauthorized malicious actors with access to the internal infrastructure can obtain Site Admin privileges through inadequate validation and...

10CVSS5.9AI score0.00835EPSS
Exploits1References1
NCSC
NCSC
added 2025/03/11 6:45 p.m.39 views

Vulnerabilities fixed in Microsoft Azure

Microsoft has fixed vulnerabilities in several Azure products. A malicious person could exploit the vulnerabilities to grant themselves elevated privileges or execute arbitrary code with the privileges of the vulnerable application. Azure PromptFlow:...

8.4CVSS7.4AI score0.00813EPSS
Exploits0
NCSC
NCSC
added 2024/04/18 12:0 a.m.40 views

Vulnerabilities fixed in Oracle Financial Services Applications

Oracle has fixed vulnerabilities in several Financial Services applications. A malicious party could exploit the vulnerabilities to execute attacks that could result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Manipulation of data Remote code execution...

10CVSS7.3AI score0.99999EPSS
Exploits55
NCSC
NCSC
added 2024/02/14 12:0 a.m.39 views

Vulnerabilities fixed in Zoom products

Zoom has fixed vulnerabilities in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows. A malicious party could exploit the vulnerabilities to gain access to sensitive data, grant themselves elevated permissions, or to cause a denial-of-service. To cause ...

9.8CVSS7AI score0.01689EPSS
Exploits0
NCSC
NCSC
added 2023/09/14 12:0 a.m.39 views

Vulnerabilities fixed in Cisco IOS XR

Cisco has fixed vulnerabilities in IOS XR. A unauthenticated malicious party could exploit the vulnerabilities to cause a denial-of-service, or to bypass existing ACLs bypassing them by sending specially prepared network traffic. Cisco has also fixed vulnerabilities that allow a local,...

7.8CVSS7.8AI score0.00545EPSS
Exploits1
NCSC
NCSC
added 2023/04/20 12:0 a.m.39 views

Vulnerabilities fixed in SolarWinds Platform

Solarwinds has fixed vulnerabilities in Solarwinds Platform and the Database Performance Analyzer DPA. A pre-authenticated malicious person can exploit the vulnerabilities exploit them for attacks that can result in the following categories of damage: Cross-Site Scripting XSS. Remote code executi...

7.8CVSS7.1AI score0.0839EPSS
Exploits0
NCSC
NCSC
added 2022/10/19 12:0 a.m.39 views

Vulnerabilities fixed in Oracle Supply Chain Products Suite

Vulnerabilities have been fixed in Oracle Supply Chain Products Suite. The vulnerabilities allow a malicious party to perform attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution User rights Access to sensitive data Access to...

9.8CVSS7.5AI score0.71653EPSS
Exploits7
NCSC
NCSC
added 2022/01/19 12:0 a.m.39 views

Vulnerabilities fixed in Oracle MySQL

Oracle has fixed vulnerabilities in the following products: MySQL Workbench MySQL Server MySQL Cluster MySQL Connectors The vulnerabilities potentially enable a malicious party to execute attacks that result in the following categories of damage: Denial-of-Service DoS Remote code execution...

7.5CVSS7.1AI score0.78951EPSS
Exploits1
NCSC
NCSC
added 2022/01/12 12:0 a.m.39 views

Vulnerabilities fixed in Adobe products

Adobe has fixed vulnerabilities in several of its products. The vulnerabilities potentially enable a malicious person to execute attacks that result in the following categories of damage: Denial-of-Service DoS Circumvention of security measure Remote code execution User rights Increased user...

9.3CVSS8.9AI score0.57304EPSS
Exploits3
NCSC
NCSC
added 2021/12/24 12:0 a.m.39 views

Vulnerability found in Moxa MGate

A vulnerability has been found in Moxa MGate. The vulnerability allows an unauthenticated remote malicious person to obtain obtain sensitive data. The vulnerable Moxa MGate series have vulnerable firmware that makes it possible for an attacker to intercept the traffic and then decrypt the login...

9CVSS6.6AI score0.01666EPSS
Exploits0
NCSC
NCSC
added 2021/05/25 12:0 a.m.40 views

Vulnerabilities found in Bluetooth specifications

Researchers have discovered seven vulnerabilities in two components of the Bluetooth standard. Specifically, these are the Bluetooth Core Specification and Bluetooth Mesh Specification 1.0 and 1.0.1. The vulnerabilities allow a malicious person to spoof Bluetooth devices during the pairing proces...

8.8CVSS8.1AI score0.00907EPSS
Exploits1
NCSC
NCSC
added 2026/02/10 7:7 p.m.39 views

Vulnerabilities fixed in Microsoft Developer Tools

Microsoft has fixed vulnerabilities in several Visual Studio and .NET components. A malicious party could exploit the vulnerabilities to bypass security measures, grant themselves elevated privileges and potentially execute arbitrary code with the victim's privileges. For successful abuse, the...

8.8CVSS6.5AI score0.01357EPSS
Exploits0
NCSC
NCSC
added 2025/11/28 9:53 a.m.38 views

Vulnerabilities fixed in Mattermost

Mattermost has fixed vulnerabilities in versions 11.0.x through 11.0.3, 10.12.x through 10.12.1, 10.11.x through 10.11.4 and 10.5.x through 10.5.12. The vulnerabilities allow an authenticated attacker to take over an account via a carefully crafted email address during the authentication process...

9.9CVSS7AI score0.0031EPSS
Exploits0References1
NCSC
NCSC
added 2023/07/19 12:0 a.m.38 views

Vulnerabilities fixed in Oracle Communications Applications

Vulnerabilities have been fixed in Oracle Communications Applications products. A malicious party could exploit them to carry out attacks that can result in the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution Administrator/Root rights Remote code...

9.8CVSS7.9AI score0.99615EPSS
Exploits33
NCSC
NCSC
added 2023/03/02 12:0 a.m.38 views

Vulnerabilities fixed in Aruba Networks OS

Aruba Networks has fixed several vulnerabilities in Aruba OS, as used in WLAN Gateway, SD-WAN Gateway and Aruba Mobility Conductor & Controller. An unauthenticated malicious person can exploit the exploit vulnerabilities to delete arbitrary files and thereby potentially cause a denial-of-service,...

9.8CVSS8.4AI score0.50445EPSS
Exploits0
NCSC
NCSC
added 2021/12/08 12:0 a.m.38 views

Vulnerabilities fixed in FortiOS

Vulnerabilities have been fixed in FortiOS and FortiGate. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Cross-Site Request Forgery XSRF. Circumvention of security measure. Remote code execution User Rights Acces...

9.8CVSS7.3AI score0.01823EPSS
Exploits0
NCSC
NCSC
added 2021/05/12 12:0 a.m.38 views

Vulnerability fixed in Citrix Workspace

A vulnerability has been fixed in Citrix Workspace that could cause cause a local user to escalate his or her privilege level escalates to SYSTEM on the computer running the Citrix Workspace app for Windows is running. Citrix has made an update available to fix the vulnerability. fix. For more...

7.8CVSS6.9AI score0.00239EPSS
Exploits0
NCSC
NCSC
added 2024/07/11 3:5 p.m.37 views

Vulnerabilities fixed in Citrix Workspace, NetScaler ADC and NetScaler Gateway

Cirtix has fixed a number of vulnerabilities in Workspace, NetScaler ADC and NetScaler Gateway A malicious party can exploit the vulnerabilities to launch attacks that can lead to the following categories of damage: Denial-of-Service DoS Manipulation of data Increased user privileges Citrix has...

8.8CVSS9.4AI score0.00764EPSS
Exploits0References31
NCSC
NCSC
added 2024/01/18 12:0 a.m.37 views

Vulnerabilities fixed in Oracle Supply Chain products

Oracle has fixed vulnerabilities in several Supply Chain products. A malicious party could exploit the vulnerabilities to perform attacks that could result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Access to sensitive data The vulnerabilities have been...

8.8CVSS6.7AI score0.99999EPSS
Exploits20
NCSC
NCSC
added 2023/11/02 12:0 a.m.37 views

Vulnerabilities fixed in GitLab Enterprise Edition and Community Edition

GitLab has fixed vulnerabilities in GitLab Enterprise Edition EE and Community Edition CE. A malicious party could exploit vulnerabilities to bypass command measures, gain access to system data or cause a denial-of-service cause. Also included in this update are updates to several Third-party...

8.5CVSS7.2AI score0.00643EPSS
Exploits1
NCSC
NCSC
added 2023/02/17 12:0 a.m.37 views

Vulnerabilities fixed in FortiNet FortiWeb

FortiNet has fixed vulnerabilities in FortiWeb. A authenticated malicious person could exploit the vulnerabilities to execute arbitrary code up to and including root privileges on the vulnerable system. FortiNet has released updates to fix the vulnerabilities in FortiWeb. For more information, se...

8.8CVSS7.6AI score0.01324EPSS
Exploits0
NCSC
NCSC
added 2022/10/10 12:0 a.m.37 views

Vulnerabilities fixed in Trend Micro Apex One

Vulnerabilities have been fixed in Trend Micro Apex One. The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS. Manipulation of data Increased user privileges To exploit the vulnerabilities, a...

9.1CVSS7.6AI score0.00971EPSS
Exploits0
NCSC
NCSC
added 2022/08/31 12:0 a.m.37 views

Vulnerabilities fixed in GitLab CE and EE

Vulnerabilities have been fixed in GitLab Community Edition and Enterprise Edition. The vulnerabilities allow a malicious person to able to perform attacks that result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Manipulation of data Bypassing...

9.9CVSS7.7AI score0.86194EPSS
Exploits5
NCSC
NCSC
added 2022/07/20 12:0 a.m.37 views

Vulnerabilities fixed in Oracle Database Server

Oracle has fixed vulnerabilities in the following products: Oracle Database Server Oracle Database - Enterprise Edition RDBMS Security. Oracle Spatial and Graph Oracle Universal Installer Oracle Application Express Oracle SQLcl The vulnerabilities potentially enable a malicious party to perform...

9.8CVSS6.3AI score0.44515EPSS
Exploits4
NCSC
NCSC
added 2022/03/15 12:0 a.m.37 views

Vulnerabilities fixed in iOS and iPadOS

Apple has fixed vulnerabilities in iOS and iPadOS. The vulnerabilities potentially allow a malicious person to launch attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS. Bypassing authentication Circumvention of security measure. Remote code execution...

9.8CVSS7.6AI score0.08067EPSS
Exploits0
NCSC
NCSC
added 2021/12/14 12:0 a.m.37 views

Vulnerabilities fixed in Microsoft Windows

Microsoft has fixed vulnerabilities in Windows. The vulnerabilities potentially enable a malicious person to launch attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Remote code execution User Rights Access to sensitive data Access to system data...

9.8CVSS7.4AI score0.11963EPSS
Exploits5
NCSC
NCSC
added 2021/09/14 12:0 a.m.37 views

Vulnerabilities fixed in Microsoft Office products

Microsoft has fixed vulnerabilities in Office products. A malicious party can exploit the vulnerabilities to execute arbitrary code with user privileges and spoofing. Below is a summary of the various vulnerabilities described by component and the impact. Microsoft Office SharePoint:...

7.8CVSS6.7AI score0.04634EPSS
Exploits0
NCSC
NCSC
added 2021/03/09 12:0 a.m.37 views

Vulnerabilities fixed in Microsoft Office

Microsoft has fixed vulnerabilities in Office products. The vulnerabilities allow a malicious person to carry out attacks execute attacks that lead to the following categories of damage: Circumvention of security measure. Accessing sensitive data Executing arbitrary code User privileges...

9.3CVSS6.7AI score0.14387EPSS
Exploits0
NCSC
NCSC
added 2021/02/09 12:0 a.m.38 views

Fixed vulnerabilities in Windows Defender and System Center Operations Manager

Microsoft has fixed vulnerabilities in Windows Defender and Microsoft System Center Operations Manager. A malicious party could vulnerabilities potentially exploit them to gain higher privileges. Windows Defender: |----------------|------|-------------------------------------| | CVE ID | CVSS |...

8.8CVSS6.6AI score0.01825EPSS
Exploits0
NCSC
NCSC
added 2026/06/19 12:42 p.m.36 views

Vulnerabilities in Splunk Enterprise and Splunk Cloud Platform

Splunk has identified several vulnerabilities in Splunk Enterprise and Splunk Cloud Platform. These vulnerabilities concern various components of Splunk Enterprise and Splunk Cloud Platform. Splunk has classified the vulnerability with the identifier CVE-2026-20253 as a critical vulnerability in...

9.8CVSS6.9AI score0.88171EPSS
Exploits6References9
NCSC
NCSC
added 2026/05/18 8:6 a.m.36 views

Kwetsbaarheid verholpen in NGINX ngx_http_rewrite_module

NGINX has identified a vulnerability in the ngxhttprewritemodule, which is part of both the NGINX Plus and open-source versions of the software. The vulnerability involves a heap buffer overflow in the ngxhttprewritemodule, which is responsible for URL rewriting functionality. An attacker can...

9.2CVSS6.5AI score0.61469EPSS
Exploits40References6
NCSC
NCSC
added 2024/05/23 10:56 a.m.36 views

Vulnerabilities fixed in Cisco products

Cisco has fixed vulnerabilities in ASA, Firepower and Snort. A malicious party can exploit the vulnerabilities to launch attacks that can lead to the following categories of damage: - Denial-of-Service DoS - Circumvention of security measure - Remote code execution User rights - Increased user...

8.8CVSS7.7AI score0.00919EPSS
Exploits0References7
NCSC
NCSC
added 2024/04/12 12:0 a.m.36 views

Vulnerabilities fixed in Palo Alto PAN OS

Palo Alto has fixed vulnerabilities in PAN-OS. A malicious party could exploit the vulnerabilities to cause a denial-of-service, gain access to sensitive data or bypass security measures, allowing traffic to pass through pass traffic that was not initially authorized. Palo Alto has released updat...

9.1CVSS7.1AI score0.00922EPSS
Exploits0
Total number of security vulnerabilities4189