Lucene search
K
NcscMost viewed

4190 matches found

NCSC
NCSC
•added 2021/01/12 12:0 a.m.•5 views

Vulnerabilities fixed in Microsoft Office

Microsoft has fixed several vulnerabilities in Microsoft Office and Microsoft SharePoint. The vulnerabilities allow a malicious potentially able to launch attacks that result in the following categories of damage: Denial-of-Service DoS Remote code execution User Rights Increased user privileges...

9.3CVSS7.1AI score0.03614EPSS
Exploits1
NCSC
NCSC
•added 2021/01/08 12:0 a.m.•5 views

Vulnerabilities fixed in IBM MQ

An unspecified vulnerability in Java SE related to the JSSE component could allow an unauthenticated malicious agent to obtain sensitive information and cause the initiation of a denial-of-service DoS IBM has released updates to fix the vulnerability. More information can be found on the page...

4.3CVSS6.5AI score0.04044EPSS
Exploits0
NCSC
NCSC
•added 2021/01/07 12:0 a.m.•5 views

Vulnerabilities fixed in Node.js

Vulnerabilities have been fixed in Node.js. The vulnerabilities allow a malicious person to perform attacks that lead to the following categories of damage: Denial-of-Service DoS. Circumvention of security measure The vulnerability with attribute CVE-2020-1971 can only be exploited be exploited...

8.1CVSS8.5AI score0.16296EPSS
Exploits6
NCSC
NCSC
•added 2021/01/05 12:0 a.m.•5 views

Vulnerabilities fixed in Dovecot

A malicious party could exploit the vulnerabilities to cause a denial-of-service and to read e-mail from other users. Dovecot has released updates to fix the vulnerabilities. For more information, see the following pages: CVE-2020-24386:...

7.5CVSS6.9AI score0.0466EPSS
Exploits1
NCSC
NCSC
•added 2020/12/29 12:0 a.m.•5 views

Vulnerabilities fixed in Huawei CloudEngine switches

Huawei has fixed multiple vulnerabilities in several CloudEngine switches. A remote malicious party could potentially exploit these vulnerabilities potentially exploit them to cause a denial-of-service DoS. In addition, a local malicious party that already in possession of elevated privileges can...

7.5CVSS6.9AI score0.00736EPSS
Exploits0
NCSC
NCSC
•added 2020/12/28 12:0 a.m.•5 views

Vulnerability fixed in Zyxel products

Due to the lack of input string cleanup in the CGI program "chgexppwd", a malicious party can inject commands inject. Zyxel has released updates to fix the vulnerability. For more information see: https://www.zyxel.com/support /Zyxel-security-advisory-for-command-injection-vulnerability-of-f...

9CVSS6.7AI score0.02344EPSS
Exploits0
NCSC
NCSC
•added 2020/12/21 12:0 a.m.•5 views

Vulnerabilities fixed in Treck TCP/IP

Vulnerabilities have been fixed in the low-level TCP/IP stack of fabriant Treck Inc. The vulnerabilities allow a malicious person to able to perform attacks that potentially lead to the following categories of damage: Denial-of-Service DoS Remote code execution Administrator/Root privileges Acces...

10CVSS7.5AI score0.03348EPSS
Exploits0
NCSC
NCSC
•added 2020/12/21 12:0 a.m.•5 views

Vulnerabilities fixed in WebKitGTK

Vulnerabilities have been fixed in WebKitGTK. The vulnerabilities allow a malicious person to execute arbitrary code execute under the user's privileges. The malicious party must victim to open a rogue page to exploit these vulnerabilities to be exploited. The developers of WebKitGTK have release...

8.8CVSS7.2AI score0.04446EPSS
Exploits2
NCSC
NCSC
•added 2020/12/21 12:0 a.m.•5 views

Vulnerability fixed in Atlassian Crucible

A vulnerability has been fixed in Atlassian Crucible. The vulnerability allows a malicious party to perform a denial-of-service attack. Atlassian has released updates to fix the vulnerability. fix. More information can be found on the page below: https://jira.atlassian.com/browse...

4.3CVSS6.6AI score0.00991EPSS
Exploits0
NCSC
NCSC
•added 2020/12/18 12:0 a.m.•5 views

Vulnerabilities fixed in MediaWiki

The developers of MediaWiki have fixed a number of vulnerabilities fixed in the latest software update. A malicious party could potentially exploit the vulnerabilities potentially exploit them to gain access to sensitive data, because in certain circumstances user data may end up in accessible...

7.5CVSS7AI score0.01573EPSS
Exploits4
NCSC
NCSC
•added 2020/12/16 12:0 a.m.•5 views

Vulnerabilities fixed in Red Hat OpenShift Container Platform

Vulnerabilities have been fixed in Red Hat Openshift Container Platform. The vulnerabilities allow a malicious party to perform attacks that result in the following categories of damage: Denial-of-Service Manipulation of data Access to sensitive data Red Hat has released updates to address the...

9.8CVSS6.4AI score0.06304EPSS
Exploits1
NCSC
NCSC
•added 2020/12/16 12:0 a.m.•5 views

Vulnerabilities fixed in Mozilla Firefox

Mozilla has fixed several vulnerabilities in Firefox. A malicious party can exploit the vulnerabilities to launch attacks that lead to the following categories of damage: Denial-of-Service DoS. Circumvention of security measure Remote code execution User rights Spoofing Accessing sensitive data T...

9.8CVSS8.9AI score0.01876EPSS
Exploits2
NCSC
NCSC
•added 2020/12/11 12:0 a.m.•5 views

Vulnerabilities fixed in Cisco Jabber Desktop and Mobile Client

Vulnerabilities have been fixed in Cisco Jabber Desktop and Mobile Client. The vulnerabilities allow a remote malicious person to able to perform attacks that result in the following categories of damage: Circumvention of security measure. Remote code execution User rights Access to sensitive dat...

9.9CVSS7.5AI score0.02517EPSS
Exploits0
NCSC
NCSC
•added 2020/12/11 12:0 a.m.•5 views

Vulnerability fixed in NetApp

Netapp Snap Creator Framework includes Apache Tomcat. Apache Tomcat versions 8.5.1 through 8.5.59, 9.0.0.M5 through 9.0.39, and 10.0.0-M1 through 10.0.0-M9 are susceptible to a vulnerability that, when successfully exploited, can lead to the disclosure of sensitive information. Netapp has release...

7.5CVSS8.4AI score0.24622EPSS
Exploits0
NCSC
NCSC
•added 2020/12/10 12:0 a.m.•5 views

Vulnerability fixed in OpenSSL

A vulnerability has been fixed in OpenSSL. When a remote malicious party manages to provide a rogue certificate and a rogue certificate-revocation-list manages to offer them to an ssl server or ssl client, a denial-of-service can be caused by doing so. OpenSSL has released updates to fix the...

5.9CVSS8.5AI score0.06968EPSS
Exploits3
NCSC
NCSC
•added 2020/12/10 12:0 a.m.•5 views

Vulnerabilities fixed in Schneider Electric equipment

Vulnerabilities have been fixed in Schneider Electric devices. The vulnerabilities allow an unauthorized malicious person at remotely capable of causing a denial-of-service and obtaining obtain sensitive data. Schneider Electric has released updates to fix the vulnerability. fix. More information...

7.5CVSS6.6AI score0.01181EPSS
Exploits0
NCSC
NCSC
•added 2020/12/10 12:0 a.m.•5 views

Multiple vulnerabilities fixed in IBM Aspera

IBM has fixed several vulnerabilities in the Aspera Suite. The vulnerabilities are in the underlying OpenSSL, cURL libcurl and FasterXML jackson databind software. A malicious party could potentially exploit the vulnerabilities to bypassing security measures, accessing sensitive data and from bei...

10CVSS9.2AI score0.14298EPSS
Exploits4
NCSC
NCSC
•added 2020/12/04 12:0 a.m.•5 views

WIBU CodeMeter vulnerabilities fixed

Wibu-Systems has fixed vulnerabilities in CodeMeter. Successful exploitation of these vulnerabilities could allow a malicious person to modify and forge a license file, create a denial-of-service condition, potentially execute remote code execute, read heap data, and disrupt the normal operation ...

9.8CVSS7.2AI score0.02031EPSS
Exploits0
NCSC
NCSC
•added 2020/11/27 12:0 a.m.•5 views

Vulnerability fixed in DNS implementations

Researchers have discovered a vulnerability in a number of DNS implementations. The researchers have named the vulnerability SAD DNS, an acronymmm for Side-channel AttackeD DNS. This vulnerability has since been given CVE attribute CVE-2020-25705. The vulnerability allows a malicious party to rou...

7.4CVSS8.2AI score0.06692EPSS
Exploits1
NCSC
NCSC
•added 2020/11/25 12:0 a.m.•5 views

Vulnerability fixed in JBoss Wildfly

A vulnerability has been fixed in Wildfly. The vulnerability allows a malicious person with access to the log data of the Wildfly instance to be able to obtain clear-text stored passwords. obtain. Red Hat has released updates to fix the vulnerability in Wildfly. More information can be found on t...

5.3CVSS6.4AI score0.01331EPSS
Exploits0
NCSC
NCSC
•added 2020/11/20 12:0 a.m.•5 views

Vulnerabilities fixed in Trend Micro products

Vulnerabilities have been fixed in Trend Micro Internet Security and Anti-Virus+ Security. The vulnerabilities allow a local malicious party potentially able to obtain elevated privileges by inserting rogue DLL files. Trend Micro has released updates to address the vulnerabilities. fixes. More...

7.8CVSS6.8AI score0.00565EPSS
Exploits0
NCSC
NCSC
•added 2020/11/20 12:0 a.m.•5 views

Vulnerability fixed in IBM Db2

IBM has fixed a vulnerability in Db2, Db2 Connect Server and Db2 Accessories Suite. An authenticated malicious person with access to the system could potentially exploit the vulnerability to execute arbitrary code under a user's privileges. IBM has released updates to fix the vulnerability. For...

7.8CVSS7.2AI score0.0045EPSS
Exploits0
NCSC
NCSC
•added 2020/11/19 12:0 a.m.•5 views

Vulnerability fixed in tcpdump

A vulnerability has been fixed in tcpdump. The vulnerability allows a remote malicious person to cause a denial-of-service cause. -= SUSE =- SUSE has made updates available to fix the vulnerability fix in SUSE Linux Enterprise Module for Basesystem 15-SP1 & 15-SP2. You can install these custom...

7.5CVSS6.8AI score0.03071EPSS
Exploits0
NCSC
NCSC
•added 2020/11/19 12:0 a.m.•5 views

Vulnerability fixed in F5 BIG-IP

F5 Networks has fixed a vulnerability in a limited number of BIG-IP platforms. The vulnerability allows a malicious party with network access to the vulnerable system may be able to retrieve TCP sequence numbers used in previous, independent TCP connections. These sequence numbers can be used by...

4.3CVSS6.7AI score0.00688EPSS
Exploits0
NCSC
NCSC
•added 2020/11/19 12:0 a.m.•5 views

Vulnerabilities fixed in Cisco Webex and Cisco Webex Server

Vulnerabilities have been fixed in Cisco Webex Meetings and Cisco Webex Meetings Server. The vulnerabilities allow a malicious able to launch attacks that result in the following categories of damage: Cross-Site Scripting XSS. Circumvention of security measure Remote code execution User Rights...

9.1CVSS6.9AI score0.01744EPSS
Exploits0
NCSC
NCSC
•added 2020/11/18 12:0 a.m.•5 views

Vulnerabilities fixed in Cisco Security Manager

Cisco has fixed multiple vulnerabilities in Cisco Security Manager. An unauthenticated remote malicious person could potentially exploit the vulnerabilities potentially exploit them to execute arbitrary code execute under SYSTEM privileges or to gain access to certain user credentials. For the...

10CVSS7.8AI score0.87719EPSS
Exploits0
NCSC
NCSC
•added 2020/11/17 12:0 a.m.•5 views

Vulnerabilities fixed in Micro Focus ArcSight Logger

Vulnerabilities have been fixed in Micro Focus ArcSight Logger. The vulnerabilities allow a remote malicious person to execute arbitrary code under the user's privileges. Micro Focus has released updates to address the vulnerabilities. fixes. More information can be found on the page below:...

9.8CVSS7.3AI score0.02825EPSS
Exploits1
NCSC
NCSC
•added 2020/11/16 12:0 a.m.•5 views

Vulnerabilities fixed in SUSE kernel

Vulnerabilities have been fixed in the SUSE kernel. The vulnerabilities allow a malicious person to carry out attacks execute attacks that lead to the following categories of damage: Denial-of-Service DoS. Circumvention of security measure Spoofing Accessing sensitive data Accessing system data...

7.8CVSS6.9AI score0.06692EPSS
Exploits2
NCSC
NCSC
•added 2020/11/12 12:0 a.m.•5 views

Vulnerabilities in processors fixed

Researchers have found vulnerabilities in several processors. The vulnerabilities marked CVE-2020-8694 and CVE-2020-8695 have been named Platypus, an acronym for Power Leakage Attacks: Targeting Your Protected User Secrets. The vulnerabilities allow a local malicious person to obtain obtain...

5.5CVSS7.4AI score0.00446EPSS
Exploits0
NCSC
NCSC
•added 2020/11/12 12:0 a.m.•5 views

Vulnerabilities fixed in Chrome

Google has released a new version of Chrome that fixes two vulnerabilities are fixed. A malicious party could vulnerabilities potentially exploit them to execute arbitrary code with the victim's privileges. Google reports being aware that the vulnerabilities are in limited extent being exploited ...

9.6CVSS7.1AI score0.02826EPSS
Exploits0
NCSC
NCSC
•added 2020/11/12 12:0 a.m.•5 views

Vulnerabilities fixed in PAN OS

Palo Alto has fixed several vulnerabilities in PAN OS. The most serious vulnerability, with attribute CVE-2020-2050, is rated by Palo Alto rated with a CVSS score of 8.2 and is located in the GlobalProtect SSL VPN component. An unauthenticated malicious party can remotely exploit this vulnerabili...

9CVSS7.5AI score0.03226EPSS
Exploits0
NCSC
NCSC
•added 2020/11/11 12:0 a.m.•5 views

Vulnerability fixed in Cisco IOS XR

Due to a vulnerability in Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers, an unauthenticated remote malicious agent to cause a denial-of-service DoS on an affected device. Cisco has released updates to fix the vulnerability in Cisco IOS XR. For more information, see:...

8.6CVSS6.8AI score0.01878EPSS
Exploits0
NCSC
NCSC
•added 2020/11/11 12:0 a.m.•5 views

Vulnerabilities fixed in OSIsoft PI Vision

OSIsoft has fixed two vulnerabilities in PI Vision. The vulnerabilities can be exploited by a malicious party to perform a Cross-Site-Scripting XSS attack or to obtain system information. The XSS attack requires the malicious party to have write permissions in PI ProcessBook files. OSIsoft has...

7.7CVSS6.3AI score0.0091EPSS
Exploits0
NCSC
NCSC
•added 2020/11/10 12:0 a.m.•5 views

Vulnerabilities identified in Siemens S7 products

Vulnerabilities have been identified in Siemens S7 products. The vulnerabilities enable a remote malicious person to to cause a denial-of-service and to circumvent a security measure circumvention. Siemens categorizes these vulnerabilities according to the CVSSv3 method with a highest score of 5....

7AI score
Exploits0
NCSC
NCSC
•added 2020/11/05 12:0 a.m.•5 views

Vulnerability fixed in Cisco IP phone

Due to a vulnerability in the TCP packet processing functionality of Cisco IP Phones allows an unauthenticated remote malicious agent to remotely cause the phone to stop responding to incoming calls, disconnects connected calls, or unexpectedly reloads. Cisco has made an update available to fix t...

7.8CVSS6.8AI score0.07935EPSS
Exploits0
NCSC
NCSC
•added 2020/11/05 12:0 a.m.•5 views

Vulnerabilities fixed in Cisco AnyConnect Secure Mobility Client

Cisco has fixed vulnerabilities in AnyConnect Secure Mobility Client. The vulnerabilities allow a locally authenticated malicious party to execute arbitrary code under the victim's privileges and to obtain sensitive information obtain. For the vulnerability with attribute CVE-2020-5336, Cisco...

7.3CVSS7.2AI score0.00705EPSS
Exploits0
NCSC
NCSC
•added 2020/11/05 12:0 a.m.•5 views

Multiple vulnerabilities in Cisco Webex products

Cisco has fixed vulnerabilities. The vulnerabilities allow a malicious party to carry out attacks that result in the following categories of damage: Cross-Site Scripting XSS. Remote code execution User Rights Cisco has made updates available to address the vulnerabilities. fixes. More information...

9.3CVSS7AI score0.02634EPSS
Exploits0
NCSC
NCSC
•added 2020/11/03 12:0 a.m.•5 views

Vulnerability fixed in Fortimail

A vulnerability has been fixed in Fortimail. An unauthenticated remote malicious party could potentially obtain sensitive software version information by reading a JavaScript file to be read. Fortinet has made updates available to fix the vulnerability fix in FortiMail. For more information see:...

5.3CVSS6.7AI score0.00768EPSS
Exploits0
NCSC
NCSC
•added 2020/11/03 12:0 a.m.•5 views

Several vulnerabilities fixed in Google Chrome

Google has released a new version of Chrome. This new version fixes a number of vulnerabilities that allow a malicious can launch attacks that result in the following categories of damage: Denial-of-Service DoS Circumvention of security measure Increased user privileges Google mentions having...

9.6CVSS6.6AI score0.5063EPSS
Exploits6
NCSC
NCSC
•added 2020/10/30 12:0 a.m.•5 views

Vulnerabilities fixed in QNAP QTS

Vulnerabilities have been fixed in QNAP-QTS, Music-Station and Photo-Station. The vulnerabilities allow a malicious person to perform attacks that result in the following categories of damage: Cross-Site Scripting XSS. Remote code execution User Rights SQL Injection Access to system data QNAP has...

9.8CVSS7.5AI score0.02038EPSS
Exploits0
NCSC
NCSC
•added 2020/10/28 12:0 a.m.•5 views

Vulnerabilities fixed in MariaDB

Vulnerabilities have been fixed in MariaDB. The vulnerabilities allow a malicious person to perform a denial-of-service execution. In the case of the vulnerability with attribute CVE-2020-13249, it also involves an attack from the network. -= Ubuntu =- Canonical has made updates available for...

9CVSS9AI score0.05539EPSS
Exploits0
NCSC
NCSC
•added 2020/10/27 12:0 a.m.•5 views

Vulnerability fixed in Red Hat OpenShift

Red Hat has fixed a vulnerability in OpenShift. The vulnerability allows a malicious owner of a pod to possible to bypass a security measure in the restricted Context Constraints Object to bypass. This enables the malicious person to enabled to send custom network packets. Red Hat scales this...

6.5CVSS6.6AI score0.0093EPSS
Exploits0
NCSC
NCSC
•added 2020/10/23 12:0 a.m.•5 views

Vulnerabilities fixed in Oracle Solaris

Oracle has fixed several vulnerabilities in Solaris. By exploiting the vulnerabilities, an unauthorized malicious person can gain remote access to the system. It also allows local users bypass security measures or cause a denial-of-service. Oracle has released updates to fix the vulnerabilities...

10CVSS7.1AI score0.80291EPSS
Exploits13
NCSC
NCSC
•added 2020/10/23 12:0 a.m.•5 views

Vulnerabilities fixed in Oracle Hyperion

Oracle has fixed vulnerabilities in the following Oracle Hyperion products: Hyperion Analytic Provider Services Hyperion BI+ Hyperion Essbase Hyperion Infrastructure Technology Hyperion Planning Hyperion Lifecycle Management The vulnerabilities allow an unauthenticated malicious person with netwo...

9.8CVSS7.4AI score0.17939EPSS
Exploits0
NCSC
NCSC
•added 2020/10/21 12:0 a.m.•5 views

Vulnerability fixed in Adobe Premiere

Adobe has fixed a vulnerability in Premiere. The vulnerability allows a malicious party to execute arbitrary code execute arbitrary code under user privileges. Adobe has released updates to fix the vulnerability. More information can be found on the page below:...

7.8CVSS7.5AI score0.0111EPSS
Exploits0
NCSC
NCSC
•added 2020/10/21 12:0 a.m.•5 views

Vulnerabilities fixed in Adobe After Effects

Adobe has fixed vulnerabilities in After Effects. The vulnerabilities allow a malicious party to execute arbitrary code execute arbitrary code under user privileges. Adobe has released updates to fix the vulnerabilities. More information can be found on the page below:...

9.3CVSS7.6AI score0.02971EPSS
Exploits0
NCSC
NCSC
•added 2020/10/21 12:0 a.m.•5 views

Vulnerabilities fixed in libvirt

Vulnerabilities have been fixed in libvirt. The vulnerabilities allow a local malicious person to obtain elevated privileges obtain or perform a denial-of-service attack. -= SUSE =- SUSE has made updates available to fix the vulnerability in SUSE 15. fix the vulnerability in SUSE 15. You can...

9.3CVSS6.7AI score0.00529EPSS
Exploits0
NCSC
NCSC
•added 2020/10/16 12:0 a.m.•5 views

Vulnerability fixed in Juniper Junos OS for PTX and QFX

Juniper Networks has fixed a vulnerability in Junos OS for the PTX and QTX platforms. An unauthenticated malicious person at remote user could potentially exploit the vulnerability to cause a Denial-of-Service attack. To do this, rogue network traffic should be sent to the vulnerable device. Only...

7.5CVSS6.9AI score0.01225EPSS
Exploits0
NCSC
NCSC
•added 2020/10/15 12:0 a.m.•5 views

Vulnerability fixed in Rapid7 Nexpose

Rapid7 has fixed a vulnerability in Nexpose. The vulnerability potentially allows a local malicious person to perform a SQL injection attack that could access gain access to sensitive data or manipulate data. Rapid7 has released updates to fix the vulnerability in Nexpose 6.6.49. For more...

8.1CVSS6.9AI score0.01123EPSS
Exploits0
NCSC
NCSC
•added 2020/10/14 12:0 a.m.•5 views

Vulnerability fixed in IBM MQ

IBM has fixed a vulnerability in IBM MQ. A local, authenticated malicious party could potentially exploit it to gain access to log files containing information about the system. IBM has released updates to fix the vulnerability. For more information, see:...

5.9CVSS6.8AI score0.00286EPSS
Exploits0
Total number of security vulnerabilities4190