Lucene search
K
NcscMost viewed

4190 matches found

NCSC
NCSC
•added 2020/10/13 12:0 a.m.•5 views

Vulnerabilities fixed in Microsoft Windows

Microsoft fixes multiple vulnerabilities in Windows. A malicious party could potentially exploit the vulnerabilities to execute arbitrary code, to obtain elevated privileges, gain access to sensitive data, launch a denial-of-service attack, or to bypass a security measure. The vulnerability with...

9.3CVSS7.5AI score0.13348EPSS
Exploits12
NCSC
NCSC
•added 2020/10/13 12:0 a.m.•5 views

Vulnerability fixed in Microsoft Exchange Server

Microsoft has fixed a vulnerability that could allow an authenticated malicious party potentially able to gain access to sensitive systems. Microsoft Exchange Server: |---------------|------|-------------------------------------| | CVE ID | CVSS | Impact |...

7.1CVSS6.2AI score0.02528EPSS
Exploits0
NCSC
NCSC
•added 2020/10/13 12:0 a.m.•5 views

Vulnerabilities fixed in Microsoft Dynamics

Microsoft fixes multiple vulnerabilities in Microsoft Dynamics products. The vulnerability in Microsoft Dynamics with the attribute CVE-2020-16943 allows a malicious person to access sensitive data. The vulnerabilities with the attributes CVE-2020-16956 and CVE-2020-16978 enable a remote maliciou...

6.5CVSS6.6AI score0.01326EPSS
Exploits0
NCSC
NCSC
•added 2020/10/13 12:0 a.m.•5 views

Vulnerabilities fixed in Microsoft Developer Tools

Microsoft has fixed several vulnerabilities. A malicious remote user could potentially exploit the vulnerabilities to execute arbitrary execute arbitrary code, bypass security measures or access gain access to sensitive data. Information about the vulnerability with reference CVE-2020-16937 is...

9.3CVSS7AI score0.03104EPSS
Exploits0
NCSC
NCSC
•added 2020/10/09 12:0 a.m.•5 views

Vulnerability fixed in IBM Informix

IBM has fixed a vulnerability in Informix. A local malicious party could potentially exploit the vulnerability to execute arbitrary code under the privileges of the informix user. IBM has released updates to fix the vulnerability in Informix Dynamic Server. For more information, see:...

7.8CVSS7.3AI score0.00366EPSS
Exploits0
NCSC
NCSC
•added 2020/10/08 12:0 a.m.•5 views

Vulnerabilities fixed in Cisco Identity Services Engine

Cisco has fixed multiple vulnerabilities in Identity Services Engine ISE. The vulnerabilities allow a malicious person with limited administrator privileges be able to modify ISE configurations modify ISE configurations without having the required privileges or a Cross-Site Scripting XSS attack...

7.7CVSS6.5AI score0.00881EPSS
Exploits0
NCSC
NCSC
•added 2020/10/08 12:0 a.m.•5 views

Vulnerabilities fixed in Arista EOS

Arista has fixed several vulnerabilities in EOS. The vulnerabilities allow a malicious party to perform a Denial-of-Service DoS exploit. To do this, malicious network traffic to the device. Arista has released updates to fix the vulnerabilities. For more information, see: CVE-2020-15897:...

7.5CVSS7AI score0.01261EPSS
Exploits1
NCSC
NCSC
•added 2020/10/07 12:0 a.m.•5 views

Vulnerabilities fixed in Samsung Mobile

Samsung has fixed several vulnerabilities in its Android distribution. The vulnerabilities allow a malicious person whether remote or otherwise may be able to launch attacks that lead to the following categories of damage: Denial-of-server DoS. Remote code execution User rights Access to sensitiv...

9.8CVSS6.1AI score0.01812EPSS
Exploits0
NCSC
NCSC
•added 2020/10/06 12:0 a.m.•5 views

Vulnerability fixed in IBM Security Access Manager

IBM has fixed a vulnerability in IBM Security Access Manager. A malicious party could exploit the vulnerability to execute a Cross-Site Scripting XSS attack. Such an attack can result in the execution of arbitrary script code in the browser used to visit the application. IBM has released updates ...

6.1CVSS6.2AI score0.0073EPSS
Exploits0
NCSC
NCSC
•added 2020/10/02 12:0 a.m.•5 views

Vulnerabilities fixed in PowerDNS

Vulnerabilities have been fixed in PowerDNS. The vulnerabilities enable an unauthenticated remote malicious agent to cause a denial-of-service and to potentially execute arbitrary code to execute under the user's privileges. This applies only to installations compiled with...

9.8CVSS7.2AI score0.04412EPSS
Exploits0
NCSC
NCSC
•added 2020/09/29 12:0 a.m.•5 views

Vulnerabilities fixed in Foxit Reader and Foxit PhantomPDF

Vulnerabilities have been fixed in Foxit Reader and Foxit PhantomPDF. The vulnerabilities allow a malicious party to perform attacks that result in the following categories of damage: Denial-of-Service DoS Remote code execution User Rights Access to system data Increased user privileges Foxit has...

7.5AI score
Exploits0
NCSC
NCSC
•added 2020/09/29 12:0 a.m.•5 views

Vulnerabilities fixed in Trend Micro products

A vulnerability has been fixed in Trend Micro products. The vulnerability allows a locally authenticated malicious person to able to delete arbitrary files under SYSTEM privileges. delete. Trend Micro has released updates to fix the vulnerability. fix. More information can be found on the page...

6.3CVSS6.5AI score0.00298EPSS
Exploits0
NCSC
NCSC
•added 2020/09/24 12:0 a.m.•5 views

Vulnerabilities fixed in Trend Micro products

Trend Micro has fixed vulnerabilities in several products. The vulnerabilities allow a remote malicious person to able to install a rogue update. This is made possible by an SSL server-certification-validation vulnerability combined with another vulnerability. Trend Micro makes little information...

7.5CVSS6.8AI score0.01772EPSS
Exploits0
NCSC
NCSC
•added 2020/09/23 12:0 a.m.•5 views

Vulnerability fixed in Ruby on Rails

A vulnerability has been fixed in Ruby on Rails. The vulnerability allows an unauthenticated malicious person to execute arbitrary code on the victim's browser. To do this, the malicious party must trick the victim into following a rogue hyper-link to follow. Rails developers have released update...

6.1CVSS7.2AI score0.02372EPSS
Exploits0
NCSC
NCSC
•added 2020/09/21 12:0 a.m.•5 views

Vulnerabilities fixed in Citrix Application Delivery Controller, Gateway and SD-WAN WANOP appliance

Citrix has fixed several vulnerabilities in Netscaler products. The vulnerabilities allow a malicious party to perform attacks that result in the following categories of damage: Denial-of-Service DoS Circumvention of security measure Increased user privileges To perform the denial-of-service atta...

8.8CVSS6.9AI score0.01555EPSS
Exploits0
NCSC
NCSC
•added 2020/09/21 12:0 a.m.•5 views

Vulnerability fixed in MISP

A vulnerability has been fixed in MISP. The vulnerability allows an authenticated remote malicious person to be able to delete MISP events delete. CIRCL has released updates to fix the vulnerability. More information can be found on the page below:...

7.5CVSS6.5AI score0.01221EPSS
Exploits0
NCSC
NCSC
•added 2020/09/21 12:0 a.m.•5 views

Vulnerability fixed in FortiManager and FortiAnalyzer

Fortinet has fixed a vulnerability in FortiManager and FortiAnalyzer. The vulnerability allows a malicious party to perform perform a Cross Site Scripting attack. Fortinet has released updates to fix the vulnerability. More information can be found on the page below:...

6.1CVSS6.2AI score0.00801EPSS
Exploits0
NCSC
NCSC
•added 2020/09/17 12:0 a.m.•5 views

Vulnerabilities fixed in Apple iOS and iPadOS

Vulnerabilities have been fixed in Apple iOS and iPadOS. The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Circumvention of security measure. Remote code execution Us...

9.3CVSS6.7AI score0.02986EPSS
Exploits1
NCSC
NCSC
•added 2020/09/15 12:0 a.m.•5 views

Vulnerabilities fixed in IBM Spectrum Protect

Vulnerabilities have been fixed in IBM Spectrum Protect. The vulnerabilities allow a malicious party to execute arbitrary code execute arbitrary code and gain access to system data. IBM has released updates to fix the vulnerabilities. More information can be found on the page below:...

8CVSS7.6AI score0.02606EPSS
Exploits0
NCSC
NCSC
•added 2020/09/14 12:0 a.m.•5 views

Vulnerability fixed in Red Hat JBoss Enterprise Application Platform

A vulnerability has been fixed in JBoss Enterprise Application Platform. The vulnerability allows a malicious party to launch a Denial-of-Service DoS attack. -= Red Hat =- Red Hat has made updates available. You can install these updates install using the command 'yum'. More information about the...

7.5CVSS6.7AI score0.01356EPSS
Exploits0
NCSC
NCSC
•added 2020/09/11 12:0 a.m.•5 views

Vulnerabilities fixed in McAfee Agent

Vulnerabilities have been fixed in McAfee Agent. The vulnerabilities allow a malicious party to launch attacks that result in the following categories of damage: Remote code execution Administrator/Root rights Remote code execution User rights Increased user privileges McAfee has released updates...

8.2CVSS7.4AI score0.00467EPSS
Exploits0
NCSC
NCSC
•added 2020/09/10 12:0 a.m.•5 views

Vulnerabilities fixed in Adobe Framemaker

Adobe has fixed vulnerabilities in Framemaker. The vulnerabilities allow a malicious person to execute arbitrary code execute arbitrary code under user privileges. Adobe designates these vulnerabilities as critical. Adobe has made updates available to address the vulnerabilities. fix. More...

7.8CVSS7.6AI score0.03728EPSS
Exploits0
NCSC
NCSC
•added 2020/09/10 12:0 a.m.•5 views

Vulnerabilities fixed in McAfee Endpoint Security

McAfee has fixed vulnerabilities in End Point Security. A local malicious party could exploit the vulnerabilities to gain access gain access to sensitive data, or by obtaining elevated permissions to stop the anti-virus process and thereby deploy undetected implement malware. McAfee has released...

8.8CVSS7.1AI score0.0039EPSS
Exploits0
NCSC
NCSC
•added 2020/09/08 12:0 a.m.•5 views

Serious vulnerability fixed in Microsoft Exchange

There is a serious vulnerability in Microsoft Exchange Server. The vulnerability occurs due to improper handling of objects in memory. Upon successful exploitation of this vulnerability, it allows an unauthenticated remote malicious agent to remote user to execute arbitrary code with SYSTEM...

9CVSS7.6AI score0.47145EPSS
Exploits5
NCSC
NCSC
•added 2020/09/08 12:0 a.m.•5 views

WIBU CodeMeter vulnerabilities discovered in several Sieens products

WIBU systems has published a number of vulnerabilities, which would allow an unauthenticated remote malicious person is able to Manipulate license files, execute arbitrary code with application privileges or to cause a Denial-of-Service cause. WIBU gives the vulnerability with attribute...

9.8CVSS7.3AI score0.02031EPSS
Exploits0
NCSC
NCSC
•added 2020/09/08 12:0 a.m.•5 views

Vulnerabilities fixed in Siemens Spectrum Power

Siemens has fixed two vulnerabilities in Spectrum Power 4. An unauthenticated malicious person could exploit the vulnerabilities to gain access to system data and sensitive data. Siemens has updates and mitigations available to address the vulnerabilities in Spectrum Power. However, these have no...

5.3CVSS6.7AI score0.00901EPSS
Exploits0
NCSC
NCSC
•added 2020/09/07 12:0 a.m.•5 views

Vulnerability fixed in Bitdefender Endpoint Security

Bitdefender has fixed an update in Bitdefender Endpoint Security Tools and the Endpoint Security SDK. The vulnerability could potentially be exploited by a malicious party to obtain elevated user privileges and manipulate data. Bitdefender categorizes this vulnerability according to the CVSSv3...

8.1CVSS6.9AI score0.004EPSS
Exploits0
NCSC
NCSC
•added 2020/09/07 12:0 a.m.•5 views

Vulnerability fixed in IBM Aspera Connect

IBM has fixed a vulnerability in Aspera Connect. The vulnerability allows an unauthenticated remote malicious person able to execute arbitrary code under privileges of the application. To do so, the malicious party must induce the victim to execute load a rogue dynamic-link library. IBM has...

9.3CVSS7.8AI score0.02996EPSS
Exploits0
NCSC
NCSC
•added 2020/09/02 12:0 a.m.•5 views

Vulnerability fixed in Red Hat OpenShift Container Platform

Red Hat has fixed a vulnerability in the OpenShift Container Platform. A local user or application with elevated privileges can write a large amount of data within a pod to the /etc/hosts file. A malicious party could potentially exploit this vulnerability to cause a denial-of-service on the node...

5.5CVSS6.4AI score0.00501EPSS
Exploits0
NCSC
NCSC
•added 2020/09/02 12:0 a.m.•5 views

Vulnerability fixed in libvirt and QEMU

Red Hat has fixed vulnerabilities in QEMU and libvirt. The vulnerabilities allow a locally authenticated malicious party to able to obtain elevated privileges and system data. -= Red Hat =- Red Hat has made updates available for Red Hat Enterprise Linux 6, 7 and 8. You can install these updates...

8.8CVSS6.5AI score0.0051EPSS
Exploits0
NCSC
NCSC
•added 2020/08/26 12:0 a.m.•5 views

Vulnerabilities fixed in Firefox and Firefox ESR

Vulnerabilities have been fixed in Firefox and Firefox ESR. The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Circumvention of security measure. Remote code execution User rights Access to...

9.3CVSS7.6AI score0.02716EPSS
Exploits2
NCSC
NCSC
•added 2020/08/20 12:0 a.m.•5 views

Vulnerability fixed in Icinga Web 2

Icinga has fixed a potential path-traversal vulnerability in Icinga Web 2. The vulnerability allows a malicious party to read sensitive files that can be read by the process on which Icinga Web 2 is running. This is often a Web server or an FPM process. Although the vulnerability itself is in the...

7.5CVSS6.5AI score0.0328EPSS
Exploits1
NCSC
NCSC
•added 2020/08/20 12:0 a.m.•5 views

Vulnerabilities fixed in Cisco Data Center Network Manager

Cisco has fixed several vulnerabilities in the Data Center Network Manager. The vulnerabilities allow a local authenticated malicious party to conduct attacks that can lead to the following types of damage: Cross-Site Scripting XSS. Manipulation of data Access to system data Increased user...

8.1CVSS6.4AI score0.01787EPSS
Exploits0
NCSC
NCSC
•added 2020/08/14 12:0 a.m.•5 views

Vulnerabilities fixed in Jenkins

Vulnerabilities have been fixed in Jenkins. The vulnerabilities can be exploited by a malicious person to perform of a Cross-Site-Scripting XSS attack. The vulnerability allows a malicious party to execute arbitrary code under the privileges of the browser. Jenkins has released updates to fix the...

5.4CVSS7.2AI score0.83053EPSS
Exploits8
NCSC
NCSC
•added 2020/08/13 12:0 a.m.•5 views

Vulnerabilities fixed in Dovecot

Vulnerabilities have been fixed in Dovecot. The vulnerabilities allow a malicious person to cause a denial-of-service cause. Dovecot has released updates to fix the vulnerabilities. For more information, see the following pages: CVE-2020-12100:...

7.5CVSS6.8AI score0.06187EPSS
Exploits4
NCSC
NCSC
•added 2020/08/12 12:0 a.m.•5 views

Vulnerability fixed in Fedora kernel

A vulnerability has been fixed in the Fedora kernel. The vulnerability allows a local malicious person to access gain access to system data. Fedora has made updates available for Fedora 32. You can install these updates by using the 'dnf' or 'yum' command. More information about these updates and...

4.3CVSS7.9AI score0.05228EPSS
Exploits0
NCSC
NCSC
•added 2020/08/12 12:0 a.m.•5 views

Vulnerabilities fixed in Ubuntu

Ubuntu has fixed vulnerabilities in the apport component. Apport collects data about stuck processes and compiles reports automatically that can be shared with developers shared. For the stable-version of Ubuntu, apport is disabled. The vulnerabilities allow a malicious person to perform attacks...

7CVSS7.5AI score0.00498EPSS
Exploits2
NCSC
NCSC
•added 2020/08/11 12:0 a.m.•5 views

Vulnerabilities fixed in Google Chrome

Google has fixed several vulnerabilities in Chrome. Little little substantive information made publicly available. The most vulnerabilities allow a malicious party to launch a denial-of-service attack. Google has released updates to fix the vulnerabilities in Chrome. For more information, see:...

9.3CVSS6.8AI score0.29292EPSS
Exploits1
NCSC
NCSC
•added 2020/08/07 12:0 a.m.•5 views

Vulnerabilities fixed in openSUSE kernel

Vulnerabilities have been fixed in the kernel of openSUSE Leap 15.1. The vulnerabilities allow a malicious person to launch attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS. Circumvention of security measure Access to system data Increased user...

9.8CVSS7.2AI score0.12651EPSS
Exploits6
NCSC
NCSC
•added 2020/05/11 12:0 a.m.•5 views

Multiple vulnerabilities fixed in Squid

The developers of Squid have fixed several vulnerabilities in Squid proxy. An unauthenticated malicious person can exploit the remote vulnerabilities to exploit them to cause a denial-of-service cause, access sensitive data or execute arbitrary code with application privileges. For the...

9.8CVSS7.6AI score0.7179EPSS
Exploits0
NCSC
NCSC
•added 2020/05/07 12:0 a.m.•5 views

Vulnerabilities fixed in libvirt

Suse has made updates available to fix vulnerabilities fixes in libvirt. The vulnerabilities allow a remote malicious person remotely capable of causing a denial-of-service DoS. -= SUSE =- SUSE has made updates available to fix the vulnerability fix the vulnerability in SUSE 15. You can install...

6.5CVSS7.1AI score0.02363EPSS
Exploits1
NCSC
NCSC
•added 2020/05/07 12:0 a.m.•5 views

Vulnerabilities fixed in RoundCube

A vulnerability has been fixed in Roundcube Webmail. The vulnerabilities allow a malicious party to conduct attacks execute attacks that result in the following categories of damage: Cross-Site Request Forgery XSRF. Cross-Site Scripting XSS. Circumvention of security measure. Remote code executio...

6.5CVSS7.2AI score0.02782EPSS
Exploits2
NCSC
NCSC
•added 2020/04/15 12:0 a.m.•5 views

Vulnerabilities fixed in Oracle MySQL products

Oracle has fixed vulnerabilities in its MySQL products: - MySQL Server - MySQL Workbench - MySQL Enterprise Monitor - MySQL Cluster - MySQL Client - MySQL Connectors One of these vulnerabilities CVE-2019-5482 concerns an erng serious vulnerability in MySQL Server. This vulnerability allows an...

9.8CVSS8.7AI score0.17939EPSS
Exploits1
NCSC
NCSC
•added 2020/03/27 12:0 a.m.•5 views

Vulnerabilities fixed in GitLab Community and Enterprise Edition

GitLab has fixed a number of vulnerabilities in GitLab Community Edition and Enterprise Edition. A malicious party could exploit the vulnerabilities to cause a Denial-of-Service, execute a cross-site scripting attack, or gain access to sensitive information and/or manipulate it. GitLab has releas...

9.8CVSS6.4AI score0.01561EPSS
Exploits1
NCSC
NCSC
•added 2020/02/03 12:0 a.m.•5 views

Vulnerabilities fixed in SpamAssasin

Vulnerabilities have been fixed in SpamAssasin. The vulnerabilities allow an unauthenticated remote malicious person to execute arbitrary code under application privileges. The remote attack is significantly more difficult to execute than a local attack. The attack takes place by adding to a...

9.3CVSS7.6AI score0.07053EPSS
Exploits0
NCSC
NCSC
•added 2020/01/15 12:0 a.m.•5 views

Multiple vulnerabilities fixed in MySQL

Oracle has fixed several vulnerabilities in the MySQL connector, MySQL server and MySQL client. By exploiting the vulnerabilities, a malicious person with access to the the network read or manipulate data in the database or cause a denial-of-service. Oracle released updates to fix the...

9.8CVSS9.1AI score0.45426EPSS
Exploits0
NCSC
NCSC
•added 2019/12/13 12:0 a.m.•5 views

Vulnerabilities fixed in SpamAssassin

Apache Foundation has fixed two vulnerabilities in SpamAssassin. An unauthenticated malicious person can remotely exploit these vulnerabilities to cause a denial-of-service cause, or by offering a rogue file potentially execute code under application privileges. Apache Foundation has released...

7.5CVSS7.3AI score0.07234EPSS
Exploits0
NCSC
NCSC
•added 2019/10/23 12:0 a.m.•5 views

Vulnerabilities fixed in Python

SUSE has fixed vulnerabilities in Python. The vulnerabilities allow a malicious person to perform attacks that lead to the following categories of damage: Cross-Site Scripting XSS. Manipulation of data Bypassing authentication -= SUSE =- SUSE has made updates available to fix the vulnerabilities ...

7.5CVSS6.3AI score0.05406EPSS
Exploits2
NCSC
NCSC
•added 2019/08/07 12:0 a.m.•5 views

Vulnerabilities fixed in Python

Vulnerabilities have been fixed in Python. The vulnerabilities allow a malicious person to perform attacks execute attacks that lead to the following categories of damage: Denial-of-Service Manipulation of data Circumvention of security measure Access to sensitive data Accessing system data -= Re...

9.1CVSS6.4AI score0.20743EPSS
Exploits4
NCSC
NCSC
•added 2019/04/16 12:0 a.m.•5 views

Vulnerability fixed in Libxslt

There is a vulnerability in libxslt. Libxslt is a C library for implementing XSLT 1.0. It is a widely used library for transforming files from XML to any other arbitrary format. A remote malicious person could potentially exploit the vulnerability to obtain sensitive information. The vulnerabilit...

9.8CVSS6.8AI score0.05089EPSS
Exploits0
Total number of security vulnerabilities4190