Lucene search
K
NcscMost viewed

4197 matches found

NCSC
NCSC
•added 2020/10/29 12:0 a.m.•6 views

Vulnerability fixed in Red Hat JBoss

Vulnerabilities have been fixed in JBoss. The vulnerabilities allow a malicious person to perform attacks that result in the following categories of damage: Denial-of-Service DoS. Circumvention of security measure Accessing system data Red Hat categorizes these vulnerabilities as "moderate. -= Re...

6.8AI score
Exploits0
NCSC
NCSC
•added 2020/10/28 12:0 a.m.•6 views

Vulnerabilities fixed in SonicWall

Vulnerabilities have been fixed in SonicWall Global VPN Client. The vulnerabilities allow a local malicious person to gain elevated rights and to execute arbitrary code under the user's privileges. SonicWall has released updates to address the vulnerabilities. fixes. More information can be found...

8.6CVSS7.5AI score0.01191EPSS
Exploits0
NCSC
NCSC
•added 2020/10/28 12:0 a.m.•6 views

Vulnerability fixed in FortiClient

A vulnerability has been fixed in FortiClient for Linux. The vulnerability enables a local malicious person who has the ability has the ability to run scripts or programs on the system is able to able to obtain elevated privileges. FortiNet has released updates to fix the vulnerability. More...

8.8CVSS6.3AI score0.00227EPSS
Exploits0
NCSC
NCSC
•added 2020/10/28 12:0 a.m.•6 views

Vulnerability fixed in FortiOS

A vulnerability has been fixed in FortiOS. The vulnerability allows an authenticated attacker to obtain sensitive data, for example, passwords stored in cleartext. Fortinet has released updates to fix the vulnerability. More information can be found on the page below:...

6.5CVSS6.3AI score0.00569EPSS
Exploits0
NCSC
NCSC
•added 2020/10/28 12:0 a.m.•6 views

Vulnerabilities fixed in Red Hat OpenShift

Vulnerabilities have been fixed in Red Hat OpenShift. The vulnerabilities allow a malicious party to carry out attacks that lead to the following categories of damage: Denial-of-Service DoS Circumvention of security measure Accessing sensitive data Accessing system data -= Red Hat =- Red Hat has...

9.9CVSS9.1AI score0.0473EPSS
Exploits0
NCSC
NCSC
•added 2020/10/28 12:0 a.m.•6 views

Vulnerabilities fixed in MariaDB

Vulnerabilities have been fixed in MariaDB. The vulnerabilities allow a malicious person to perform a denial-of-service execution. In the case of the vulnerability with attribute CVE-2020-13249, it also involves an attack from the network. -= Ubuntu =- Canonical has made updates available for...

9CVSS9AI score0.05539EPSS
Exploits0
NCSC
NCSC
•added 2020/10/28 12:0 a.m.•6 views

Vulnerabilities fixed in Pulse Secure products for Windows, Linux and Mac

Vulnerabilities have been fixed in Pulse Secure products. The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Cross-Site Request Forgery XSRF. Cross-Site Scripting XSS Denial-of-Service DoS. Circumvention of security...

9.8CVSS6.5AI score0.9648EPSS
Exploits12
NCSC
NCSC
•added 2020/10/23 12:0 a.m.•6 views

Vulnerabilities fixed in Oracle Communications-producton

Oracle has fixed vulnerabilities in Communications Messaging Server. The vulnerabilities allow an unauthenticated malicious person with network access to the vulnerable system may be able to launch attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS...

5.5CVSS7.2AI score0.0255EPSS
Exploits0
NCSC
NCSC
•added 2020/10/23 12:0 a.m.•6 views

Vulnerabilities fixed in Oracle Hyperion

Oracle has fixed vulnerabilities in the following Oracle Hyperion products: Hyperion Analytic Provider Services Hyperion BI+ Hyperion Essbase Hyperion Infrastructure Technology Hyperion Planning Hyperion Lifecycle Management The vulnerabilities allow an unauthenticated malicious person with netwo...

9.8CVSS7.4AI score0.17939EPSS
Exploits0
NCSC
NCSC
•added 2020/10/23 12:0 a.m.•6 views

Vulnerabilities fixed in Oracle Financial Services Software

Oracle has fixed vulnerabilities in several Oracle Financial Services products. The vulnerabilities enable an unauthenticated malicious person with network access to a vulnerable system potentially able to launch attacks that result in the following categories of damage: Denial-of-Service DoS...

9.8CVSS7.7AI score0.99019EPSS
Exploits15
NCSC
NCSC
•added 2020/10/21 12:0 a.m.•6 views

Vulnerabilities fixed in Adobe Illustrator

Adobe has fixed vulnerabilities in Illustrator. The vulnerabilities allow a malicious party to execute arbitrary code execute arbitrary code under user privileges. Adobe has released updates to fix the vulnerabilities. More information can be found on the page below:...

7.8CVSS7.6AI score0.04715EPSS
Exploits0
NCSC
NCSC
•added 2020/10/21 12:0 a.m.•6 views

Vulnerabilities fixed in Nagios XI

Vulnerabilities have been fixed in Nagios XI. The vulnerabilities allow a malicious person to perform attacks that lead to the following categories of damage: Cross-Site Request Forgery XSRF. Cross-Site Scripting XSS. Remote code execution User Rights SQL Injection Access to sensitive data Nagios...

9CVSS7.3AI score0.78632EPSS
Exploits11
NCSC
NCSC
•added 2020/10/21 12:0 a.m.•6 views

Vulnerability fixed in Adobe InDesign

Adobe has fixed a vulnerability in InDesign. The vulnerability allows a malicious party to execute arbitrary code execute arbitrary code under user privileges. Adobe has released updates to fix the vulnerability. More information can be found on the page below:...

5.5CVSS7.5AI score0.01799EPSS
Exploits0
NCSC
NCSC
•added 2020/10/21 12:0 a.m.•6 views

Vulnerability fixed in Adobe Creative Cloud

Adobe has fixed a vulnerability in Creative Cloud. The vulnerability allows a malicious party to execute arbitrary code execute arbitrary code under user privileges. Adobe has released updates to fix the vulnerability. More information can be found on the page below:...

7.8CVSS7.5AI score0.02951EPSS
Exploits0
NCSC
NCSC
•added 2020/10/19 12:0 a.m.•6 views

Vulnerability fixed in XWiki

A vulnerability has been fixed in XWiki. The vulnerability allows an authenticated malicious person to execute arbitrary code execute arbitrary code under the user's privileges. XWiki has released updates to fix the vulnerability. More information can be found on the page below:...

9CVSS7.4AI score0.03358EPSS
Exploits1
NCSC
NCSC
•added 2020/10/15 12:0 a.m.•6 views

Vulnerabilities fixed in Juniper Junos OS

Juniper Networks has fixed several vulnerabilities in Junos OS. A malicious person, whether remotely authenticated or not, could potentially exploit these vulnerabilities to carry out attacks leading to the following categories of damage: Cross-Site Scripting XSS. Denial-of-Service DoS...

10CVSS7.9AI score0.98745EPSS
Exploits13
NCSC
NCSC
•added 2020/10/14 12:0 a.m.•6 views

Vulnerability fixed in IBM Security Access Manager

IBM has fixed a vulnerability in IBM Security Access Manager in which sessions are not deleted after a user is logged out. A malicious party could potentially reuse the session of a logged out user thereby potentially reuse it and thus gain elevated rights to the vulnerable system. IBM has releas...

6.3CVSS6.7AI score0.00562EPSS
Exploits0
NCSC
NCSC
•added 2020/10/08 12:0 a.m.•6 views

Vulnerability fixed in Cisco Webex Teams for Windows

Cisco has fixed a vulnerability in the Windows client of Cisco Webex Teams. The vulnerability allows a local, authenticated malicious person to execute arbitrary code execute under privileges of other local users. This requires a malicious DLL file must be placed in a specific location of the fil...

8.4CVSS7.2AI score0.00593EPSS
Exploits0
NCSC
NCSC
•added 2020/10/07 12:0 a.m.•6 views

Vulnerabilities fixed in Samsung Mobile

Samsung has fixed several vulnerabilities in its Android distribution. The vulnerabilities allow a malicious person whether remote or otherwise may be able to launch attacks that lead to the following categories of damage: Denial-of-server DoS. Remote code execution User rights Access to sensitiv...

9.8CVSS6.1AI score0.01891EPSS
Exploits0
NCSC
NCSC
•added 2020/10/01 12:0 a.m.•6 views

Vulnerability fixed in FortiOS

A vulnerability has been fixed in FortiOS. The vulnerability allows an authenticated malicious party the ability to cause a denial-of-service denial-of-service. Fortinet has released updates to fix the vulnerability. More information can be found on the page below:...

6.5CVSS6.5AI score0.01566EPSS
Exploits0
NCSC
NCSC
•added 2020/09/25 12:0 a.m.•6 views

Vulnerability fixed in F5 BIG-IP and BIG-IQ

A vulnerability has been fixed in F5 BIG-IP and BIG-IQ products. The vulnerability allows a malicious party to launch attacks execute attacks that lead to a denial-of-service DoS. F5 has released updates to fix the vulnerability. More information can be found on the page below:...

7.5CVSS6.7AI score0.01092EPSS
Exploits0
NCSC
NCSC
•added 2020/09/25 12:0 a.m.•6 views

Vulnerabilities fixed in Cisco Aironet

Vulnerabilities have been fixed in Cisco Aironet. The vulnerabilities allow a malicious party to launch attacks that lead to a denial-of-service DoS. After a successful attack, the affected device recover itself. Cisco has released updates to fix the vulnerabilities. More information can be found...

8.6CVSS6.7AI score0.01415EPSS
Exploits0
NCSC
NCSC
•added 2020/09/22 12:0 a.m.•6 views

Vulnerabilities fixed in FortiAnalyzer

Fortinet has fixed vulnerabilities in FortiAnalyzer. The vulnerability allows a remote attacker to execute arbitrary code under user privileges. Fortinet has released updates to address the vulnerabilities. fix. More information can be found on the page below:...

8.8CVSS7.4AI score0.02276EPSS
Exploits0
NCSC
NCSC
•added 2020/09/21 12:0 a.m.•6 views

Vulnerability fixed in FortiManager and FortiAnalyzer

Fortinet has fixed a vulnerability in FortiManager and FortiAnalyzer. The vulnerability allows a malicious party to perform perform a Cross Site Scripting attack. Fortinet has released updates to fix the vulnerability. More information can be found on the page below:...

6.1CVSS6.2AI score0.00801EPSS
Exploits0
NCSC
NCSC
•added 2020/09/17 12:0 a.m.•6 views

Vulnerability fixed in FortiOS

Fortinet has fixed a vulnerability in FortiOS. The vulnerability allows a malicious party to perform a Cross-Site Scripting XSS attack. The vulnerability arises from incorrect input validation when generating a Web page in the SSL VPN portal. Fortinet has released updates to fix the vulnerability...

5.4CVSS6.6AI score0.00403EPSS
Exploits0
NCSC
NCSC
•added 2020/09/16 12:0 a.m.•6 views

Vulnerabilities fixed in VMware Workstation, Fusion and Horizon

Vulnerabilities have been fixed in VMware Workstation, Fusion and Horizon. The vulnerability with reference CVE-2020-3980 relates to VMware Fusion and allows a malicious party to obtain elevated user privileges. The remaining CVE characteristics enable a malicious person to cause a...

6.7CVSS6.8AI score0.00324EPSS
Exploits0
NCSC
NCSC
•added 2020/09/14 12:0 a.m.•6 views

Vulnerabilities fixed in Samsung Mobile

Samsung has fixed several vulnerabilities in its Android distribution. The vulnerabilities allow a malicious person to able to perform attacks that result in the following categories of damage: Denial-of-Service DoS Remote code execution User Rights Access to sensitive data Access to system data...

10CVSS8.2AI score0.02821EPSS
Exploits3
NCSC
NCSC
•added 2020/09/14 12:0 a.m.•6 views

Vulnerabilities fixed in Oracle Unbreakable Enterprise Kernel

Oracle has fixed several vulnerabilities in the Unbreakable Enterprise Kernel. The vulnerabilities allow a malicious potentially able to launch attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Access to sensitive data Access to system data...

9.8CVSS6.8AI score0.12651EPSS
Exploits13
NCSC
NCSC
•added 2020/09/08 12:0 a.m.•6 views

Vulnerabilities discovered in HMI Panels

Because SIMATIC HMI panels do not properly handle repeated login attempts correctly, they are susceptible to Brute-force attacks. A malicious party can use them to retrieve user names and passwords find out and thus issue random commands with permissions from the affected user account. To exploit...

9.8CVSS7.2AI score0.01477EPSS
Exploits0
NCSC
NCSC
•added 2020/09/08 12:0 a.m.•6 views

Multiple vulnerabilities fixed in Microsoft browsers

There are multiple vulnerabilities in the Scripting Engine, Microsoft Edge and Microsoft Internet Explorer. The vulnerabilities allow a malicious party to execute arbitrary code execute arbitrary code or to obtain elevated privileges. The vulnerability with the highest rating has the attribute...

9.3CVSS7.1AI score0.03741EPSS
Exploits0
NCSC
NCSC
•added 2020/09/07 12:0 a.m.•6 views

Vulnerability fixed in IBM Aspera Connect

IBM has fixed a vulnerability in Aspera Connect. The vulnerability allows an unauthenticated remote malicious person able to execute arbitrary code under privileges of the application. To do so, the malicious party must induce the victim to execute load a rogue dynamic-link library. IBM has...

9.3CVSS7.8AI score0.02996EPSS
Exploits0
NCSC
NCSC
•added 2020/09/03 12:0 a.m.•6 views

Vulnerability fixed in Ansible

A vulnerability has been fixed in Ansible. The vulnerability allows a malicious person to bypass a security measure. To exploit the vulnerability, the malicious party must get a system administrator to get a rogue installation package to install. Ansible has released updates to fix the...

7.1CVSS6.5AI score0.00233EPSS
Exploits0
NCSC
NCSC
•added 2020/09/02 12:0 a.m.•6 views

Vulnerability fixed in libvirt and QEMU

Red Hat has fixed vulnerabilities in QEMU and libvirt. The vulnerabilities allow a locally authenticated malicious party to able to obtain elevated privileges and system data. -= Red Hat =- Red Hat has made updates available for Red Hat Enterprise Linux 6, 7 and 8. You can install these updates...

8.8CVSS6.5AI score0.0051EPSS
Exploits0
NCSC
NCSC
•added 2020/08/31 12:0 a.m.•6 views

Vulnerability fixed in Cisco IOS XR

Cisco has fixed a vulnerability in the Distance Vector Multicast Routing Protocol DVMRP functionality in IOS XR. The vulnerability allows an unauthenticated remote malicious person able to cause a Denial-of-Service on the vulnerable device. To do so, the malicious party needs to send rogue IGMP...

8.6CVSS6.8AI score0.03631EPSS
Exploits0
NCSC
NCSC
•added 2020/08/24 12:0 a.m.•6 views

Vulnerability fixed in Apache SOLR

SOLR's developers have fixed a vulnerability. The vulnerability allows a malicious party to gain access to sensitive data because the API of the Replication Handler accepts any location as the target location of the backup, restore and deletebackup commands. This allows a malicious party can...

8.8CVSS7AI score0.03805EPSS
Exploits0
NCSC
NCSC
•added 2020/08/11 12:0 a.m.•6 views

Vulnerability fixed in TeamViewer

A vulnerability has been fixed in TeamViewer. The vulnerability allows an unauthenticated remote malicious party to opportunity to cause TeamViewer to send out an NTLM request. The malicious party to do this must induce the victim to visit a rogue website. The NTLM request can be captured by the...

8.8CVSS6.9AI score0.25895EPSS
Exploits2
NCSC
NCSC
•added 2020/08/07 12:0 a.m.•6 views

Vulnerabilities fixed in openSUSE kernel

Vulnerabilities have been fixed in the kernel of openSUSE Leap 15.1. The vulnerabilities allow a malicious person to launch attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS. Circumvention of security measure Access to system data Increased user...

9.8CVSS7.2AI score0.12651EPSS
Exploits6
NCSC
NCSC
•added 2020/07/16 12:0 a.m.•6 views

Vulnerabilities fixed in Jenkins

Several vulnerabilities have been fixed in Jenkins. A malicious user could potentially exploit the vulnerabilities to perform a Cross-Site Scripting XSS attack. A such an attack can lead to the execution of arbitrary script code in the browser used to visit the application. Jenkins developers hav...

8.8CVSS6.5AI score0.01433EPSS
Exploits0
NCSC
NCSC
•added 2020/07/16 12:0 a.m.•6 views

Vulnerabilities fixed in Apple macOS

Apple has fixed several vulnerabilities in Mac OS. A malicious party can exploit the vulnerabilities to launch attacks that lead to the following categories of damage: Denial-of-Service DoS. Remote code execution Administrator/Root privileges Access to sensitive data -= Apple =- Apple has made...

10CVSS7.4AI score0.08036EPSS
Exploits3
NCSC
NCSC
•added 2020/07/16 12:0 a.m.•6 views

Multiple vulnerabilities fixed in Apple Safari

Apple has fixed several vulnerabilities in Safari. A malicious party can exploit the vulnerabilities to perform attacks that can lead to the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Circumvention of security measure. Remote code execution User Rights -= Appl...

9.8CVSS6.8AI score0.04316EPSS
Exploits1
NCSC
NCSC
•added 2020/07/07 12:0 a.m.•6 views

Vulnerabilities fixed in MobileIron

MobileIron has fixed multiple vulnerabilities in MobileIron Core and Sentry. The vulnerabilities allow a malicious party to execute attacks that result in the following categories of damage: Bypassing authentication Remote code execution Accessing sensitive data MobileIron has made little...

9.8CVSS7AI score0.99737EPSS
Exploits4
NCSC
NCSC
•added 2020/06/18 12:0 a.m.•6 views

Vulnerability fixed in Pulse Secure Client for Windows

A vulnerability has been fixed in Pulse Secure Client for Windows. The vulnerability allows a locally authenticated malicious party the ability to obtain elevated SYSTEM privileges. obtain. Security researcher Red Timmy Security has published a write-up regarding the vulnerability published at:...

7CVSS6.5AI score0.00793EPSS
Exploits3
NCSC
NCSC
•added 2020/06/17 12:0 a.m.•6 views

Vulnerabilities fixed in libexif

Several vulnerabilities have been fixed in libexif. A local malicious party could potentially exploit the vulnerabilities to gain access to sensitive information or obtain of elevated privileges on the vulnerable system. In addition, a remote malicious party could potentially exploit the...

9.1CVSS6.8AI score0.04262EPSS
Exploits0
NCSC
NCSC
•added 2020/05/09 12:0 a.m.•6 views

Vulnerabilities fixed in VMware vRealize Operations Manager

There are two vulnerabilities in VMware vRealize Operations Manager. These vulnerabilities, if exploited, can lead to the execute arbitrary code with administrator privileges on the Application Remote Collector ARC and all virtual systems on which an ARC Telegraph agent is installed. VMWare has...

9.8CVSS9.9AI score0.96405EPSS
Exploits25
NCSC
NCSC
•added 2020/03/11 12:0 a.m.•6 views

Vulnerabilities fixed in Siemens products

Vulnerabilities have been fixed in Siemens products. The vulnerabilities allow a malicious party to perform Cross-Site Scripting and cause a Denial-of-Service. To exploit the vulnerabilities, the malicious party must have access to the production network. It is good practice the production networ...

7.8CVSS6.7AI score0.01448EPSS
Exploits1
NCSC
NCSC
•added 2019/11/14 12:0 a.m.•6 views

Vulnerability discovered in F5 BIG-IP and BIG-IQ

F5 has discovered a vulnerability in BIG-IP and BIG-IQ products. The vulnerability is located in lodash version 4.17.12, a javascript programming library. A malicious person with access to the Traffic Management User Interface TMUI or the iControl REST API could exploit the vulnerability to execu...

9.1CVSS7.2AI score0.05006EPSS
Exploits2
NCSC
NCSC
•added 2019/11/13 12:0 a.m.•6 views

Vulnerability fixed in TNEF

A new patch of TNEF has been released, in which a vulnerability has been fixed. The vulnerability allows a malicious person able to execute arbitrary code under the privileges of the user. TNEF has made available a patch that fixes the vulnerability. fix. More information can be found on the...

5.5CVSS7.5AI score0.01203EPSS
Exploits1
NCSC
NCSC
•added 2019/06/11 12:0 a.m.•6 views

Vulnerability fixed in glib

A vulnerability has been fixed for Glib in Ubuntu. The vulnerabilities allow a malicious person to perform attacks that lead to the following categoriesn of damage: - Denial-of-Service DoS; - Manipulation of data; - Circumvention of security measure; - Access to sensitive data; - Access to system...

9.8CVSS6.5AI score0.02602EPSS
Exploits0
NCSC
NCSC
•added 2019/01/24 12:0 a.m.•6 views

Vulnerabilities fixed in Apache HTTP Server

Several vulnerabilities have been fixed in Apache HTTP Server. A remote malicious party could potentially exploit the vulnerabilities to cause a denial-of-service or to reuse an expired session cookie to be reused. Apache Software Foundation has made updates available for Apache HTTP Server to...

7.5CVSS7.8AI score0.59942EPSS
Exploits0
NCSC
NCSC
•added 3 days ago•5 views

Vulnerabilities found in BeyondTrust Remote Support and Privileged Remote Access

BeyondTrust has identified vulnerabilities in the products Remote Support and Privileged Remote Access. These vulnerabilities involve multiple aspects of these products. There is a pre-authentication vulnerability that allows a network-based attacker to bypass authentication checks without prior...

9.9CVSS6.2AI score0.00653EPSS
Exploits0References1
Total number of security vulnerabilities4197