Lucene search
K
NcscMost viewed

4190 matches found

NCSC
NCSC
•added 2021/02/09 12:0 a.m.•38 views

Fixed vulnerabilities in Windows Defender and System Center Operations Manager

Microsoft has fixed vulnerabilities in Windows Defender and Microsoft System Center Operations Manager. A malicious party could vulnerabilities potentially exploit them to gain higher privileges. Windows Defender: |----------------|------|-------------------------------------| | CVE ID | CVSS |...

8.8CVSS6.6AI score0.01825EPSS
Exploits0
NCSC
NCSC
•added 2024/05/23 10:56 a.m.•36 views

Vulnerabilities fixed in Cisco products

Cisco has fixed vulnerabilities in ASA, Firepower and Snort. A malicious party can exploit the vulnerabilities to launch attacks that can lead to the following categories of damage: - Denial-of-Service DoS - Circumvention of security measure - Remote code execution User rights - Increased user...

8.8CVSS7.7AI score0.00919EPSS
Exploits0References7
NCSC
NCSC
•added 2024/04/12 12:0 a.m.•36 views

Vulnerabilities fixed in Palo Alto PAN OS

Palo Alto has fixed vulnerabilities in PAN-OS. A malicious party could exploit the vulnerabilities to cause a denial-of-service, gain access to sensitive data or bypass security measures, allowing traffic to pass through pass traffic that was not initially authorized. Palo Alto has released updat...

9.1CVSS7.1AI score0.00922EPSS
Exploits0
NCSC
NCSC
•added 2023/09/12 12:0 a.m.•36 views

Vulnerabilities fixed in Microsoft Developer Tools

Microsoft has fixed vulnerabilities in several Developer Tools. A malicious party could exploit the vulnerabilities to cause a denial-of-service, grant himself elevated privileges granted privileges or execute arbitrary code with privileges from the developer. Successful exploitation requires the...

9.8CVSS7.8AI score0.04661EPSS
Exploits0
NCSC
NCSC
•added 2021/12/20 12:0 a.m.•36 views

Vulnerability fixed in Apache Solr for Windows

Apache has fixed vulnerabilities in Solr for Windows. The vulnerability allows a malicious party to access sensitive data, impersonate another user or potentially execute arbitrary code. Apache has released updates to fix the vulnerability in Solr 8.11.1. For more information, see:...

9.8CVSS7.4AI score0.05087EPSS
Exploits0
NCSC
NCSC
•added 2021/12/14 12:0 a.m.•36 views

Vulnerabilities fixed in Microsoft Office

Microsoft has fixed vulnerabilities in several Office products. A malicious party could exploit the vulnerabilities to execute attacks that could result in the following categories of damage: Remote code execution User rights Spoofing Access to sensitive data Increased user privileges The tables...

9.6CVSS7.2AI score0.05056EPSS
Exploits0
NCSC
NCSC
•added 2021/12/09 12:0 a.m.•36 views

Vulnerabilities fixed in Fortinet FortiClient EMS and FortiClient Windows

Several vulnerabilities have been fixed in Fortinet products. These include Fortinet FortiClient EMS and FortiClient Windows. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS. Circumvention of...

9.1CVSS7.5AI score0.00955EPSS
Exploits0
NCSC
NCSC
•added 2021/12/07 12:0 a.m.•36 views

Vulnerabilities fixed in GitLab

Vulnerabilities have been fixed in GitLab CE/EE. The vulnerabilities allow a malicious person to perform attacks that lead to the following categories of damage: Denial-of-Service DoS. Access to sensitive data Increased user privileges Gitlab has made updates available to address the...

8.8CVSS6.7AI score0.35649EPSS
Exploits0
NCSC
NCSC
•added 2021/10/21 12:0 a.m.•36 views

Vulnerability fixed in Cisco IOS XR

A vulnerability has been found in Cisco IOS XR. The vulnerability is located specifically in the DHCP functionality. It allows an unauthenticated remote malicious person able to stop the DHCP daemon process. While this process is running it is temporarily not possible to obtain a new DHCP lease...

7.8CVSS6.8AI score0.00771EPSS
Exploits0
NCSC
NCSC
•added 2020/11/10 12:0 a.m.•36 views

Vulnerabilities fixed in Microsoft Developer Tools

Microsoft has fixed multiple vulnerabilities in several developer tools. A malicious party could potentially exploit them to execute arbitrary code with both user privileges as well as elevated privileges or manipulate data. Vulnerabilities related to Visual Studio can only be be exploited by...

9.3CVSS7.4AI score0.03551EPSS
Exploits0
NCSC
NCSC
•added 2025/07/30 8:4 a.m.•35 views

Vulnerabilities fixed in Autodesk AutoCAD

Autodesk has fixed vulnerabilities in AutoCAD. The vulnerabilities are in the way certain Autodesk products handle specially crafted files. These vulnerabilities can lead to memory corruption, Out-of-Bounds write and read conditions, and Use-After-Free errors. This can result in consequences such...

7.8CVSS7.4AI score0.00163EPSS
Exploits0References1
NCSC
NCSC
•added 2025/05/14 1:19 p.m.•35 views

Vulnerabilities fixed in Zoho ManageEngine

Zoho has fixed vulnerabilities in ManageEngine ADSelfService Plus versions 6513 and earlier and ManageEngine ADAudit Plus versions 8510 and earlier. The vulnerabilities are in the way the applications process SQL queries. In the case of ADSelfService Plus, authenticated users can execute arbitrar...

8.1CVSS7.5AI score0.27766EPSS
Exploits0References2
NCSC
NCSC
•added 2024/06/14 9:59 a.m.•35 views

Vulnerability fixed in Fortinet FortiOS

Fortinet has fixed vulnerabilities in FortiOS. A malicious party can exploit the vulnerabilities to execute arbitrary code on the vulnerable system through a Cross-Site-Scripting attack, or through SQL-Injection. Also, a malicious party can bypass security measures and thus allow traffic to pass...

7.8CVSS8AI score0.03469EPSS
Exploits1References6
NCSC
NCSC
•added 2024/05/01 12:0 a.m.•35 views

Vulnerabilities fixed in ArubaOS and Aruba SD-WAN

Aruba Networks has fixed vulnerabilities in ArubaOS and SD-WAN as used by Aruba Mobility Conductor former Mobility Master, Mobility Controllers, WLAN Gateways and SD-WAN Gateways. A malicious party can exploit the vulnerabilities to launch a denial-of-service DoS, gain access to sensitive data or...

9.8CVSS7.9AI score0.43998EPSS
Exploits0
NCSC
NCSC
•added 2024/01/18 12:0 a.m.•35 views

Vulnerabilities fixed in Oracle Enterprise Manager

Oracle has fixed vulnerabilities in Enterprise Manager components. A malicious party could exploit the vulnerabilities to perform attacks that could result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Access to sensitive data Access to system data Oracle...

8.3CVSS7.2AI score0.02824EPSS
Exploits3
NCSC
NCSC
•added 2023/05/30 12:0 a.m.•35 views

Vulnerabilities fixed in Zimbra Collaboration Suite

Zimbra has fixed vulnerabilities in the Zimbra Collaboration Suite ZCS. A malicious party can exploit the vulnerabilities to perform attacks that could result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Bypassing authentication Bypassing security measure...

9.8CVSS7AI score0.8377EPSS
Exploits11
NCSC
NCSC
•added 2023/05/02 12:0 a.m.•35 views

Vulnerabilities fixed in IBM MQ

IBM has fixed vulnerabilities in MQ. A malicious party could exploit the exploit the vulnerabilities to cause a Denial-of-Service, or to gain access to sensitive data. To access sensitive data, the malicious party must have access to a client where the Trace feature is enabled. IBM has released...

7.5CVSS6.9AI score0.00945EPSS
Exploits0
NCSC
NCSC
•added 2023/01/11 12:0 a.m.•35 views

Vulnerabilities fixed in Microsoft Office

Vulnerabilities have been fixed in Microsoft Office. The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Circumvention of security measure. Remote code execution User rights Access to sensitive data Microsoft Office:...

8.8CVSS6.9AI score0.55786EPSS
Exploits1
NCSC
NCSC
•added 2022/08/03 12:0 a.m.•35 views

Vulnerabilities fixed in VMware products

VMware has fixed several vulnerabilities in VMware Workspace ONE Access, Identity Manager, vRealize Automation and underlying tools. An unauthenticated malicious person could potentially exploit them to cause the following categories of damage: Cross-Site Scripting XSS. Circumvention of...

9.8CVSS7.3AI score0.18285EPSS
Exploits6
NCSC
NCSC
•added 2022/03/04 12:0 a.m.•35 views

Vulnerabilities fixed in Autodesk products

Vulnerabilities have been fixed in several Autodesk products. The vulnerabilities allow a malicious person to execute arbitrary code with the application's permissions. To exploit the vulnerabilities, a malicious party must trick a user into entice a user to open a rogue file. Autodesk has made...

7.8CVSS6.9AI score0.02743EPSS
Exploits0
NCSC
NCSC
•added 2021/03/09 12:0 a.m.•35 views

Vulnerabilities fixed in Siemens Scalance

Siemens has fixed several vulnerabilities in Scalance products. The vulnerabilities allow an unauthenticated remote malicious person may be able to launch attacks leading to the following categories of damage: Denial-of-Service DoS DNS cache poisoning Remote code execution possibly under elevated...

8.8CVSS7.6AI score0.04873EPSS
Exploits3
NCSC
NCSC
•added 2026/05/13 9:31 a.m.•34 views

vulnerabilities handled in Adobe After Effects

Adobe has identified several vulnerabilities in Adobe After Effects, particularly in versions 26.0, 25.6.4, and earlier versions. These vulnerabilities reside in the way Adobe After Effects processes certain files. There are issues with stack-based buffer overflows, heap-based buffer overflows,...

7.8CVSS6.4AI score0.00299EPSS
Exploits0References1
NCSC
NCSC
•added 2025/02/11 7:40 p.m.•34 views

Vulnerabilities fixed in Siemens products

Siemens has fixed vulnerabilities in several products such as APOGEE, Opcenter, RUGGEDCOM, SCALANCE, SIMATIC, SIPROTEC and Teamcenter. The vulnerabilities potentially enable a malicious person to carry out attacks that could lead to the following categories of damage: - Denial-of-Service DoS -...

10CVSS7.5AI score0.99654EPSS
Exploits64References14
NCSC
NCSC
•added 2025/01/22 1:36 p.m.•35 views

Vulnerabilities fixed in Oracle Analytics

Oracle has fixed vulnerabilities in Oracle Analytics products, such as Business Intelligence, Analytics Desktop and BI Publisher. A malicious party could exploit the vulnerabilities to cause a denial-of-service, or gain access to sensitive data. Oracle has released updates to fix the...

9.8CVSS7.2AI score0.99999EPSS
Exploits33References1
NCSC
NCSC
•added 2024/06/14 6:28 a.m.•34 views

Vulnerabilities fixed in GitLab Enterprise Edition and Community Edition

GitLab has fixed vulnerabilities in GitLab Enterprise Edition EE and Community Edition CE. A malicious party can exploit the vulnerabilities to cause a Denial-of-Service, or perform a Cross-Site-Scripting attack. Such an attack could result in execution of arbitrary code in the victim's browser, ...

6.5CVSS7.6AI score0.00575EPSS
Exploits0References1
NCSC
NCSC
•added 2022/07/13 12:0 a.m.•34 views

Vulnerabilities fixed in Adobe products

Adobe has fixed vulnerabilities in Acrobat, Acrobat Reader, Photoshop and RoboHelp. The vulnerabilities allow a malicious able to execute arbitrary code within the context of the user, or gain access to sensitive data. Adobe has released updates to fix the vulnerabilities. For more information,...

9.3CVSS7.9AI score0.12561EPSS
Exploits0
NCSC
NCSC
•added 2021/10/27 12:0 a.m.•34 views

Vulnerabilities fixed in Apple iOS and iPadOS

Apple has fixed vulnerabilities in iOS and iPadOS. The vulnerabilities potentially allow a malicious person to launch attacks execute attacks that result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Circumvention of security measure. Remote code execution...

9.3CVSS6.8AI score0.14721EPSS
Exploits0
NCSC
NCSC
•added 2021/07/19 12:0 a.m.•34 views

Vulnerabilities fixed in Citrix ADC, Gateway and SDWAN WAN-OP

Citrix has fixed vulnerabilities in Citrix ADC formerly NetScaler ADC, Gateway formerly NetScaler Gateway and SDWAN WAN-OP. A malicious party could exploit the vulnerabilities to cause a denial-of-service, or gain access to sensitive data by taking over sessions. To cause a Denial-of-Service, the...

8.1CVSS7AI score0.0094EPSS
Exploits0
NCSC
NCSC
•added 2021/01/21 12:0 a.m.•34 views

Vulnerabilities fixed in Oracle Financial Services

Vulnerabilities have been fixed in Oracle Financial Services Applications. The vulnerabilities allow a malicious party to perform attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Circumvention of security measure Remote code execution User righ...

9.8CVSS8.9AI score0.97399EPSS
Exploits25
NCSC
NCSC
•added 2026/05/13 6:33 a.m.•33 views

Vulnerabilities present in Siemens products

Siemens has identified vulnerabilities in various OT-products. These include products from the Siemens RUGGEDCOM, SCALANCE, SIMATIC, SIMIT, SINAMICS, SIPROTEC, SENTRON, and Solid Edge product families. The vulnerabilities enable malicious actors to carry out attacks that can cause the following...

9.8CVSS7.2AI score0.72648EPSS
Exploits40References17
NCSC
NCSC
•added 2025/11/14 12:55 p.m.•33 views

Vulnerabilities fixed in Cisco Catalyst Center

Cisco has fixed vulnerabilities in Cisco Catalyst Center. This vulnerability with reference CVE-2025-20341, arises from insufficient validation of user input. A malicious party could exploit this, by sending a specially crafted HTTP request, enabling unauthorized system changes, such as creating...

8.8CVSS6.9AI score0.00515EPSS
Exploits0References4
NCSC
NCSC
•added 2025/02/04 9:10 a.m.•33 views

Vulnerabilities fixed in Zimbra Collaboration

Zimbra has fixed several vulnerabilities in Zimbra Collaboration. The vulnerabilities included an SQL injection in the ZimbraSyncService SOAP endpoint and an SSRF vulnerability in the RSS feed parser that allowed unauthorized access and manipulation of the database, as well as unauthorized...

8.8CVSS7.9AI score0.34508EPSS
Exploits0References4
NCSC
NCSC
•added 2024/10/08 7:55 p.m.•33 views

Vulnerabilities fixed in Microsoft Windows

Microsoft has fixed vulnerabilities in Windows. A malicious party can exploit the vulnerabilities to carry out attacks that can lead to the categories of damage listed below. The most serious vulnerability has been assigned attribute CVE-2024-38124 and is located in the NETLOGON functionality...

9CVSS8.9AI score0.60954EPSS
Exploits4
NCSC
NCSC
•added 2024/08/27 7:59 a.m.•33 views

Vulnerabilities fixed in Microsoft Windows

Microsoft has fixed vulnerabilities in Windows. Microsoft has fixed vulnerabilities in Windows. A malicious party can exploit the vulnerabilities to carry out attacks that can lead to the following categories of damage: - Denial-of-Service - Circumvention of security measure - Manipulating data -...

9.8CVSS8.9AI score0.70564EPSS
Exploits29References3
NCSC
NCSC
•added 2024/06/11 6:18 p.m.•33 views

Vulnerabilities fixed in Microsoft Visual Studio

Microsoft has fixed vulnerabilities in Visual Studio. A malicious person could exploit the vulnerabilities to grant themselves elevated privileges, potentially executing arbitrary code with the victim's privileges. For successful exploitation, the malicious party must trick the victim into...

7.3CVSS7.3AI score0.01354EPSS
Exploits1
NCSC
NCSC
•added 2023/03/16 12:0 a.m.•33 views

Vulnerabilities fixed in Aveva products

Aveva has fixed vulnerabilities in inTouch, PlantScada and Telemery Server. A malicious party could exploit the vulnerabilities to carry out attacks that could result in the following categories of damage: Denial-of-Service DoS Data manipulation. Remote code execution User rights Access to system...

9.8CVSS8.5AI score0.99019EPSS
Exploits13
NCSC
NCSC
•added 2021/04/08 12:0 a.m.•33 views

Vulnerabilities fixed in Jenkins

Vulnerabilities have been fixed in Jenkins. The vulnerabilities allow a malicious person to perform attacks that lead to the following categories of damage: Cross-Site Request Forgery XSRF. Cross-Site Scripting XSS Denial-of-Service DoS. Manipulation of data Access to system data Software in the...

6.5CVSS6.2AI score0.04977EPSS
Exploits0
NCSC
NCSC
•added 2021/02/25 12:0 a.m.•33 views

Vulnerabilities fixed in Cisco NX-OS

Vulnerabilities have been fixed in NX-OS. The vulnerabilities allow a malicious person to perform attacks that result in the following categories of damage: Cross-Site Request Forgery XSRF. Denial-of-Service DoS. Manipulation of data Cisco categorizes these vulnerabilities according to the CVSSv3...

9.8CVSS6.8AI score0.01574EPSS
Exploits0
NCSC
NCSC
•added 2026/01/27 7:27 a.m.•32 views

ZeroDay vulnerability fixed in Microsoft Office

Microsoft has fixed a ZeroDay vulnerability in Microsoft Office. The vulnerability is in the way Microsoft Office handles untrusted input, which allows attackers to bypass security features locally. This can affect the integrity of security decisions made by the software. The reliance on untruste...

7.8CVSS6.1AI score0.72152EPSS
Exploits12References1
NCSC
NCSC
•added 2025/08/13 10:13 a.m.•32 views

Vulnerabilities fixed in Adobe InCopy

Adobe has fixed vulnerabilities in InCopy Versions 20.4, 19.5.4 and earlier. The vulnerabilities include an out-of-bounds write, heap-based buffer overflow and use after free, all of which can lead to arbitrarily code execution when a user opens a maliciously crafted file. These vulnerabilities...

7.8CVSS8.3AI score0.00289EPSS
Exploits0References1
NCSC
NCSC
•added 2024/05/22 11:13 a.m.•32 views

Vulnerabilities fixed in Atlassian products

Atlassian has fixed vulnerabilities in several products, including Jira, Confluence and Bitbucket. A malicious party can exploit the vulnerabilities to launch attacks that can lead to the following categories of damage: - Cross-Site Request Forgery XSRF - Denial-of-Service DoS. - Circumvention of...

10CVSS8.4AI score0.88267EPSS
Exploits24References1
NCSC
NCSC
•added 2023/03/17 12:0 a.m.•32 views

Vulnerabilities discovered in mobile devices with Samsung Exynos Modem

Google Project Zero has discovered fourteen vulnerabilities in Samsung Exynos Modems. These modems are used in at least the following mobile devices: Samsung: S22, M33, M13, M12, A71, A53, A33, A21s, A13, A12 and A04 Vivo: S16, S15, S6, X70, X60 and X30 Google: Pixel 6 and Pixel 7 It is possible...

9.8CVSS6.7AI score0.34546EPSS
Exploits0
NCSC
NCSC
•added 2023/01/04 12:0 a.m.•32 views

Vulnerabilities fixed in Fortinet products

Vulnerabilities have been fixed in several products from Fortinet. These vulnerabilities allow an authenticated malicious party to conduct attacks that result in the following categories of damage: Cross-Site Scripting XSS in FortiPortal Bypassing authentication in FortiManager Circumvention of...

8.8CVSS6.9AI score0.02891EPSS
Exploits0
NCSC
NCSC
•added 2022/12/13 12:0 a.m.•32 views

Vulnerabilities fixed in Microsoft Office

Vulnerabilities have been fixed in Microsoft Office. The vulnerabilities allow a malicious person to impersonate as another user, to execute arbitrary code under the user's privileges or obtain elevated privileges. To exploit the vulnerabilities marked CVE-2022-44690 and CVE-2022-44693 CVSS 8.8,...

8.8CVSS7.4AI score0.82081EPSS
Exploits0
NCSC
NCSC
•added 2022/12/07 12:0 a.m.•32 views

Vulnerabilities fixed in Fortinet products

Vulnerabilities have been fixed in Fortinet products. The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Cross-Site Scripting XSS. Bypassing authentication SQL Injection Accessing system data The vulnerability with...

9.8CVSS6.9AI score0.00889EPSS
Exploits0
NCSC
NCSC
•added 2022/08/11 12:0 a.m.•32 views

Vulnerabilities fixed in Cisco Adaptive Security Appliance

Vulnerabilities have been fixed in Cisco ASA. The vulnerabilities allow a malicious party to launch attacks that lead to the following categories of damage: Cross-Site Scripting XSS. Denial-of-Service DoS. Remote code execution User Rights Access to sensitive data Cisco has released updates to...

9.3CVSS6.8AI score0.19958EPSS
Exploits3
NCSC
NCSC
•added 2022/07/20 12:0 a.m.•33 views

Vulnerabilities fixed in Oracle Communications

Oracle has fixed vulnerabilities in the following products: Communications Cloud Native Core Binding Support Function Communications Cloud Native Core Console Communications Cloud Native Core Network Exposure Function Communications Cloud Native Core Network Function Cloud Native Environment...

10CVSS7.2AI score0.99939EPSS
Exploits224
NCSC
NCSC
•added 2022/04/20 12:0 a.m.•32 views

Vulnerabilities fixed in Oracle Financial Services Applications

Oracle has fixed vulnerabilities in the following Financial Services applications: - Oracle Banking Deposits and Lines of Credit Servicing - Oracle Banking Enterprise Default Management - Oracle Banking Loans Servicing - Oracle Banking Party Management - Oracle Banking Payments - Oracle Banking...

9.8CVSS9.3AI score0.99677EPSS
Exploits116
NCSC
NCSC
•added 2022/01/19 12:0 a.m.•32 views

Vulnerabilities fixed in Oracle Systems

Oracle has fixed vulnerabilities in the following products: Solaris Operating System Sun ZFS Storage Appliance Kit AK Software Sun ZFS Storage Application Integration Engineering Software Fujitsu SPARC Servers Firmware The vulnerability with CVE attribute CVE-2021-2351 allows for an unauthorized...

8.6CVSS8.3AI score0.50732EPSS
Exploits7
NCSC
NCSC
•added 2021/11/09 12:0 a.m.•32 views

Vulnerabilities fixed in Mirosoft Windows

Microsoft has fixed vulnerabilities in Windows. The vulnerabilities potentially enable a malicious person to launch attacks execute attacks that result in the following categories of damage: Increased user privileges. Remote code execution User Rights Denial-of-Service DoS. Circumvention of...

9CVSS7.2AI score0.74265EPSS
Exploits10
Total number of security vulnerabilities4190