4190 matches found
Vulnerabilities fixed in Microsoft Windows
Microsoft fixes multiple vulnerabilities in Windows. A malicious party could potentially exploit the vulnerabilities to execute arbitrary code, to obtain elevated privileges, gain access to sensitive data, launch a denial-of-service attack, or to bypass a security measure. The vulnerability with...
Vulnerability fixed in Microsoft Exchange Server
Microsoft has fixed a vulnerability that could allow an authenticated malicious party potentially able to gain access to sensitive systems. Microsoft Exchange Server: |---------------|------|-------------------------------------| | CVE ID | CVSS | Impact |...
Vulnerabilities fixed in Microsoft Dynamics
Microsoft fixes multiple vulnerabilities in Microsoft Dynamics products. The vulnerability in Microsoft Dynamics with the attribute CVE-2020-16943 allows a malicious person to access sensitive data. The vulnerabilities with the attributes CVE-2020-16956 and CVE-2020-16978 enable a remote maliciou...
Vulnerabilities fixed in Microsoft Developer Tools
Microsoft has fixed several vulnerabilities. A malicious remote user could potentially exploit the vulnerabilities to execute arbitrary execute arbitrary code, bypass security measures or access gain access to sensitive data. Information about the vulnerability with reference CVE-2020-16937 is...
Vulnerability fixed in IBM Informix
IBM has fixed a vulnerability in Informix. A local malicious party could potentially exploit the vulnerability to execute arbitrary code under the privileges of the informix user. IBM has released updates to fix the vulnerability in Informix Dynamic Server. For more information, see:...
Vulnerabilities fixed in Cisco Identity Services Engine
Cisco has fixed multiple vulnerabilities in Identity Services Engine ISE. The vulnerabilities allow a malicious person with limited administrator privileges be able to modify ISE configurations modify ISE configurations without having the required privileges or a Cross-Site Scripting XSS attack...
Vulnerabilities fixed in Arista EOS
Arista has fixed several vulnerabilities in EOS. The vulnerabilities allow a malicious party to perform a Denial-of-Service DoS exploit. To do this, malicious network traffic to the device. Arista has released updates to fix the vulnerabilities. For more information, see: CVE-2020-15897:...
Vulnerabilities fixed in Samsung Mobile
Samsung has fixed several vulnerabilities in its Android distribution. The vulnerabilities allow a malicious person whether remote or otherwise may be able to launch attacks that lead to the following categories of damage: Denial-of-server DoS. Remote code execution User rights Access to sensitiv...
Vulnerability fixed in IBM Security Access Manager
IBM has fixed a vulnerability in IBM Security Access Manager. A malicious party could exploit the vulnerability to execute a Cross-Site Scripting XSS attack. Such an attack can result in the execution of arbitrary script code in the browser used to visit the application. IBM has released updates ...
Vulnerabilities fixed in PowerDNS
Vulnerabilities have been fixed in PowerDNS. The vulnerabilities enable an unauthenticated remote malicious agent to cause a denial-of-service and to potentially execute arbitrary code to execute under the user's privileges. This applies only to installations compiled with...
Vulnerabilities fixed in Foxit Reader and Foxit PhantomPDF
Vulnerabilities have been fixed in Foxit Reader and Foxit PhantomPDF. The vulnerabilities allow a malicious party to perform attacks that result in the following categories of damage: Denial-of-Service DoS Remote code execution User Rights Access to system data Increased user privileges Foxit has...
Vulnerabilities fixed in Trend Micro products
A vulnerability has been fixed in Trend Micro products. The vulnerability allows a locally authenticated malicious person to able to delete arbitrary files under SYSTEM privileges. delete. Trend Micro has released updates to fix the vulnerability. fix. More information can be found on the page...
Vulnerabilities fixed in Trend Micro products
Trend Micro has fixed vulnerabilities in several products. The vulnerabilities allow a remote malicious person to able to install a rogue update. This is made possible by an SSL server-certification-validation vulnerability combined with another vulnerability. Trend Micro makes little information...
Vulnerability fixed in Ruby on Rails
A vulnerability has been fixed in Ruby on Rails. The vulnerability allows an unauthenticated malicious person to execute arbitrary code on the victim's browser. To do this, the malicious party must trick the victim into following a rogue hyper-link to follow. Rails developers have released update...
Vulnerabilities fixed in Citrix Application Delivery Controller, Gateway and SD-WAN WANOP appliance
Citrix has fixed several vulnerabilities in Netscaler products. The vulnerabilities allow a malicious party to perform attacks that result in the following categories of damage: Denial-of-Service DoS Circumvention of security measure Increased user privileges To perform the denial-of-service atta...
Vulnerability fixed in MISP
A vulnerability has been fixed in MISP. The vulnerability allows an authenticated remote malicious person to be able to delete MISP events delete. CIRCL has released updates to fix the vulnerability. More information can be found on the page below:...
Vulnerability fixed in FortiManager and FortiAnalyzer
Fortinet has fixed a vulnerability in FortiManager and FortiAnalyzer. The vulnerability allows a malicious party to perform perform a Cross Site Scripting attack. Fortinet has released updates to fix the vulnerability. More information can be found on the page below:...
Vulnerabilities fixed in Apple iOS and iPadOS
Vulnerabilities have been fixed in Apple iOS and iPadOS. The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Circumvention of security measure. Remote code execution Us...
Vulnerabilities fixed in IBM Spectrum Protect
Vulnerabilities have been fixed in IBM Spectrum Protect. The vulnerabilities allow a malicious party to execute arbitrary code execute arbitrary code and gain access to system data. IBM has released updates to fix the vulnerabilities. More information can be found on the page below:...
Vulnerability fixed in Red Hat JBoss Enterprise Application Platform
A vulnerability has been fixed in JBoss Enterprise Application Platform. The vulnerability allows a malicious party to launch a Denial-of-Service DoS attack. -= Red Hat =- Red Hat has made updates available. You can install these updates install using the command 'yum'. More information about the...
Vulnerabilities fixed in McAfee Agent
Vulnerabilities have been fixed in McAfee Agent. The vulnerabilities allow a malicious party to launch attacks that result in the following categories of damage: Remote code execution Administrator/Root rights Remote code execution User rights Increased user privileges McAfee has released updates...
Vulnerabilities fixed in Adobe Framemaker
Adobe has fixed vulnerabilities in Framemaker. The vulnerabilities allow a malicious person to execute arbitrary code execute arbitrary code under user privileges. Adobe designates these vulnerabilities as critical. Adobe has made updates available to address the vulnerabilities. fix. More...
Vulnerabilities fixed in McAfee Endpoint Security
McAfee has fixed vulnerabilities in End Point Security. A local malicious party could exploit the vulnerabilities to gain access gain access to sensitive data, or by obtaining elevated permissions to stop the anti-virus process and thereby deploy undetected implement malware. McAfee has released...
Serious vulnerability fixed in Microsoft Exchange
There is a serious vulnerability in Microsoft Exchange Server. The vulnerability occurs due to improper handling of objects in memory. Upon successful exploitation of this vulnerability, it allows an unauthenticated remote malicious agent to remote user to execute arbitrary code with SYSTEM...
WIBU CodeMeter vulnerabilities discovered in several Sieens products
WIBU systems has published a number of vulnerabilities, which would allow an unauthenticated remote malicious person is able to Manipulate license files, execute arbitrary code with application privileges or to cause a Denial-of-Service cause. WIBU gives the vulnerability with attribute...
Vulnerabilities fixed in Siemens Spectrum Power
Siemens has fixed two vulnerabilities in Spectrum Power 4. An unauthenticated malicious person could exploit the vulnerabilities to gain access to system data and sensitive data. Siemens has updates and mitigations available to address the vulnerabilities in Spectrum Power. However, these have no...
Vulnerability fixed in Bitdefender Endpoint Security
Bitdefender has fixed an update in Bitdefender Endpoint Security Tools and the Endpoint Security SDK. The vulnerability could potentially be exploited by a malicious party to obtain elevated user privileges and manipulate data. Bitdefender categorizes this vulnerability according to the CVSSv3...
Vulnerability fixed in IBM Aspera Connect
IBM has fixed a vulnerability in Aspera Connect. The vulnerability allows an unauthenticated remote malicious person able to execute arbitrary code under privileges of the application. To do so, the malicious party must induce the victim to execute load a rogue dynamic-link library. IBM has...
Vulnerability fixed in Red Hat OpenShift Container Platform
Red Hat has fixed a vulnerability in the OpenShift Container Platform. A local user or application with elevated privileges can write a large amount of data within a pod to the /etc/hosts file. A malicious party could potentially exploit this vulnerability to cause a denial-of-service on the node...
Vulnerability fixed in libvirt and QEMU
Red Hat has fixed vulnerabilities in QEMU and libvirt. The vulnerabilities allow a locally authenticated malicious party to able to obtain elevated privileges and system data. -= Red Hat =- Red Hat has made updates available for Red Hat Enterprise Linux 6, 7 and 8. You can install these updates...
Vulnerabilities fixed in Firefox and Firefox ESR
Vulnerabilities have been fixed in Firefox and Firefox ESR. The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Circumvention of security measure. Remote code execution User rights Access to...
Vulnerability fixed in Icinga Web 2
Icinga has fixed a potential path-traversal vulnerability in Icinga Web 2. The vulnerability allows a malicious party to read sensitive files that can be read by the process on which Icinga Web 2 is running. This is often a Web server or an FPM process. Although the vulnerability itself is in the...
Vulnerabilities fixed in Cisco Data Center Network Manager
Cisco has fixed several vulnerabilities in the Data Center Network Manager. The vulnerabilities allow a local authenticated malicious party to conduct attacks that can lead to the following types of damage: Cross-Site Scripting XSS. Manipulation of data Access to system data Increased user...
Vulnerabilities fixed in Jenkins
Vulnerabilities have been fixed in Jenkins. The vulnerabilities can be exploited by a malicious person to perform of a Cross-Site-Scripting XSS attack. The vulnerability allows a malicious party to execute arbitrary code under the privileges of the browser. Jenkins has released updates to fix the...
Vulnerabilities fixed in Dovecot
Vulnerabilities have been fixed in Dovecot. The vulnerabilities allow a malicious person to cause a denial-of-service cause. Dovecot has released updates to fix the vulnerabilities. For more information, see the following pages: CVE-2020-12100:...
Vulnerability fixed in Fedora kernel
A vulnerability has been fixed in the Fedora kernel. The vulnerability allows a local malicious person to access gain access to system data. Fedora has made updates available for Fedora 32. You can install these updates by using the 'dnf' or 'yum' command. More information about these updates and...
Vulnerabilities fixed in Ubuntu
Ubuntu has fixed vulnerabilities in the apport component. Apport collects data about stuck processes and compiles reports automatically that can be shared with developers shared. For the stable-version of Ubuntu, apport is disabled. The vulnerabilities allow a malicious person to perform attacks...
Vulnerabilities fixed in Google Chrome
Google has fixed several vulnerabilities in Chrome. Little little substantive information made publicly available. The most vulnerabilities allow a malicious party to launch a denial-of-service attack. Google has released updates to fix the vulnerabilities in Chrome. For more information, see:...
Vulnerabilities fixed in openSUSE kernel
Vulnerabilities have been fixed in the kernel of openSUSE Leap 15.1. The vulnerabilities allow a malicious person to launch attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS. Circumvention of security measure Access to system data Increased user...
Multiple vulnerabilities fixed in Squid
The developers of Squid have fixed several vulnerabilities in Squid proxy. An unauthenticated malicious person can exploit the remote vulnerabilities to exploit them to cause a denial-of-service cause, access sensitive data or execute arbitrary code with application privileges. For the...
Vulnerabilities fixed in libvirt
Suse has made updates available to fix vulnerabilities fixes in libvirt. The vulnerabilities allow a remote malicious person remotely capable of causing a denial-of-service DoS. -= SUSE =- SUSE has made updates available to fix the vulnerability fix the vulnerability in SUSE 15. You can install...
Vulnerabilities fixed in RoundCube
A vulnerability has been fixed in Roundcube Webmail. The vulnerabilities allow a malicious party to conduct attacks execute attacks that result in the following categories of damage: Cross-Site Request Forgery XSRF. Cross-Site Scripting XSS. Circumvention of security measure. Remote code executio...
Vulnerabilities fixed in Oracle MySQL products
Oracle has fixed vulnerabilities in its MySQL products: - MySQL Server - MySQL Workbench - MySQL Enterprise Monitor - MySQL Cluster - MySQL Client - MySQL Connectors One of these vulnerabilities CVE-2019-5482 concerns an erng serious vulnerability in MySQL Server. This vulnerability allows an...
Vulnerabilities fixed in GitLab Community and Enterprise Edition
GitLab has fixed a number of vulnerabilities in GitLab Community Edition and Enterprise Edition. A malicious party could exploit the vulnerabilities to cause a Denial-of-Service, execute a cross-site scripting attack, or gain access to sensitive information and/or manipulate it. GitLab has releas...
Vulnerabilities fixed in SpamAssasin
Vulnerabilities have been fixed in SpamAssasin. The vulnerabilities allow an unauthenticated remote malicious person to execute arbitrary code under application privileges. The remote attack is significantly more difficult to execute than a local attack. The attack takes place by adding to a...
Multiple vulnerabilities fixed in MySQL
Oracle has fixed several vulnerabilities in the MySQL connector, MySQL server and MySQL client. By exploiting the vulnerabilities, a malicious person with access to the the network read or manipulate data in the database or cause a denial-of-service. Oracle released updates to fix the...
Vulnerabilities fixed in SpamAssassin
Apache Foundation has fixed two vulnerabilities in SpamAssassin. An unauthenticated malicious person can remotely exploit these vulnerabilities to cause a denial-of-service cause, or by offering a rogue file potentially execute code under application privileges. Apache Foundation has released...
Vulnerabilities fixed in Python
SUSE has fixed vulnerabilities in Python. The vulnerabilities allow a malicious person to perform attacks that lead to the following categories of damage: Cross-Site Scripting XSS. Manipulation of data Bypassing authentication -= SUSE =- SUSE has made updates available to fix the vulnerabilities ...
Vulnerabilities fixed in Python
Vulnerabilities have been fixed in Python. The vulnerabilities allow a malicious person to perform attacks execute attacks that lead to the following categories of damage: Denial-of-Service Manipulation of data Circumvention of security measure Access to sensitive data Accessing system data -= Re...
Vulnerability fixed in Libxslt
There is a vulnerability in libxslt. Libxslt is a C library for implementing XSLT 1.0. It is a widely used library for transforming files from XML to any other arbitrary format. A remote malicious person could potentially exploit the vulnerability to obtain sensitive information. The vulnerabilit...