Lucene search
K
NcscMost viewed

4190 matches found

NCSC
NCSC
•added 2021/07/26 12:0 a.m.•4 views

Vulnerabilities fixed in IBM i2 Analyst's Notebook

Vulnerabilities have been fixed in the IBM i2 Analyst's Notebook. A malicious party could exploit the vulnerabilities to obtain system data and sensitive information. IBM has released updates to fix the vulnerabilities. For more information, see: https://www.ibm.com/support/pages/node/6474861...

6.5CVSS6.8AI score0.01275EPSS
Exploits0
NCSC
NCSC
•added 2021/07/23 12:0 a.m.•4 views

Vulnerabilities fixed in Dell OpenManage Enterprise

Vulnerabilities have been fixed in Dell OpenManage Enterprise. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Remote code execution Administrator/Root privileges. Spoofing Access to sensitive data Access to syste...

9.8CVSS7.5AI score0.02091EPSS
Exploits1
NCSC
NCSC
•added 2021/07/22 12:0 a.m.•4 views

Vulnerabilities fixed in NVIDIA GPU Display Driver

Vulnerabilities have been fixed in NVIDIA GPU Display Driver. The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS. Manipulation of data Access to system data Increased user privileges NVIDIA has...

7.8CVSS6.7AI score0.00414EPSS
Exploits0
NCSC
NCSC
•added 2021/07/21 12:0 a.m.•4 views

Vulnerabilities fixed in Oracle Java SE and GraalVM

Oracle has fixed vulnerabilities in Java SE and GraalVM Enterprise Edition. The vulnerabilities allow a malicious potentially be able to launch attacks that result in the following categories of damage: Denial-of-Service DoS. Circumvention of security measure Remote code execution User rights...

9.8CVSS7.9AI score0.06827EPSS
Exploits1
NCSC
NCSC
•added 2021/07/20 12:0 a.m.•4 views

Vulnerabilities fixed in Aruba AOS-CX switches

Vulnerabilities have been fixed in Aruba AOS-CX switches. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Manipulation of data. Bypassing authentication Remote code execution Administrator/Root privileges The...

9CVSS8.8AI score0.06692EPSS
Exploits1
NCSC
NCSC
•added 2021/07/15 12:0 a.m.•4 views

Vulnerability fixed in NetBSD

The developers of NetBSD have fixed a vulnerability in kernfs. The vulnerability allows an authenticated malicious person to able to read any files on the file system, including files both system and userspace for which the malicious party is not originally authorized. No CVE ID has been disclose...

6.3AI score
Exploits0
NCSC
NCSC
•added 2021/07/14 12:0 a.m.•4 views

Vulnerabilities fixed in Adobe Bridge

Adobe has fixed vulnerabilities in Bridge. A malicious person could potentially exploit the vulnerabilities to execute arbitrary code under a user's privileges or to gain access to files on the vulnerable system. Adobe has released updates to fix the vulnerabilities in Bridge 11.1. For more...

9.3CVSS7.3AI score0.05343EPSS
Exploits0
NCSC
NCSC
•added 2021/07/14 12:0 a.m.•4 views

Vulnerabilities fixed in QEMU

Vulnerabilities have been fixed in QEMU. The vulnerabilities allow a malicious party potentially capable of carrying out attacks that lead to the following categories of damage: Denial-of-Service DoS. Remote code execution with privileges of the QEMU process Access to sensitive data Access to...

8.2CVSS7.7AI score0.05447EPSS
Exploits3
NCSC
NCSC
•added 2021/07/13 12:0 a.m.•4 views

Vulnerability fixed in Siemens SIMIT

Siemens has fixed a vulnerability in SIMIT. A malicious party could potentially exploit the vulnerability to cause a denial-of-service or to gain access to data stored in system memory. For this vulnerability, Proof-of-Concept code is publicly available. Siemens has released updates to fix the...

9.1CVSS7.1AI score0.33304EPSS
Exploits1
NCSC
NCSC
•added 2021/07/13 12:0 a.m.•4 views

Vulnerabilities fixed in Mozilla Firefox

Mozilla has fixed vulnerabilities in Firefox. The vulnerabilities potentially allow an unauthenticated remote malicious person to able to launch attacks that result in the following categories of damage: Denial-of-Service DoS Circumvention of security measure Remote code execution Mozilla has...

9.8CVSS7.2AI score0.03582EPSS
Exploits3
NCSC
NCSC
•added 2021/07/13 12:0 a.m.•4 views

Vulnerabilities fixed in Microsoft Exchange

Vulnerabilities have been fixed in Microsoft Exchange. Microsoft indicates that the vulnerabilities with reference CVE-2021-34523 and CVE-2021-34473 were already fixed in the April updates but this has been now being administered. Below is a summary of the various vulnerabilities described for ea...

10CVSS6.6AI score0.99999EPSS
Exploits20
NCSC
NCSC
•added 2021/07/13 12:0 a.m.•4 views

Vulnerability fixed in Microsoft Dynamics

Microsoft has fixed a vulnerability in Dynamics Business Central Control. A malicious party could potentially exploit it to execute arbitrary code under the privileges of the application on the underlying operating system. Microsoft has made updates available that fix the described vulnerability...

8CVSS7.4AI score0.01858EPSS
Exploits0
NCSC
NCSC
•added 2021/07/13 12:0 a.m.•4 views

Vulnerabilities fixed in Siemens Scalance and Ruggedcom

Siemens has fixed vulnerabilities in Scalance and Ruggedcom products. The vulnerabilities allow a malicious potentially able to launch attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution Access to sensitive data Siemens has...

7.5CVSS7.4AI score0.9166EPSS
Exploits3
NCSC
NCSC
•added 2021/07/12 12:0 a.m.•4 views

Vulnerabilities fixed in IBM Tivoli Netcool/OMNIbus

IBM has fixed vulnerabilities in the web interface of Tivoli Netcool/OMNIbus. An authenticated malicious person can exploit the exploit the vulnerabilities to perform a Cross-Site Scripting XSS attack. Such an attack can result in the execution of arbitrary script code in the browser used to visi...

6.4CVSS6.7AI score0.00495EPSS
Exploits0
NCSC
NCSC
•added 2021/07/12 12:0 a.m.•4 views

Vulnerability fixed in OpenVPN

A vulnerability has been fixed in OpenVPN. The vulnerability allows a malicious party in a Man-in-the-Middle position to be able to bypass certificate-based authentication. To do so the malicious party must generate its own server certificate containing containing the hostname as it appears in th...

7.4CVSS6.9AI score0.00972EPSS
Exploits0
NCSC
NCSC
•added 2021/07/05 12:0 a.m.•4 views

Vulnerability discovered in TLS implementations

Researchers have discovered a vulnerability in the way TLS traffic is processed. The vulnerability has been named ALPACA and is caused by the fact that IP addresses and port numbers are not authenticated by TLS. A malicious party with a Man-in-the-Middle position can therefore encrypt network...

7.4CVSS6AI score0.02037EPSS
Exploits0
NCSC
NCSC
•added 2021/07/02 12:0 a.m.•4 views

Vulnerabilities fixed in GitLab

Vulnerabilities have been fixed in GitLab. The vulnerabilities allow a malicious person to perform attacks that lead to the following categories of damage: Cross-Site Request Forgery XSRF. Cross-Site Scripting XSS Denial-of-Service DoS. Circumvention of security measure. Remote code execution Use...

6.1CVSS7AI score0.00949EPSS
Exploits0
NCSC
NCSC
•added 2021/07/01 12:0 a.m.•4 views

Vulnerabilities fixed in Red Hat OpenShift Container Platform

Vulnerabilities have been fixed in OpenShift Container Platform. The vulnerabilities allow a malicious party to perform attacks that lead to the following categories of damage: Cross-Site Request Forgery XSRF. Denial-of-Service DoS. Circumvention of security measure. Remote code execution User...

8.1CVSS8.7AI score0.7795EPSS
Exploits1
NCSC
NCSC
•added 2021/06/29 12:0 a.m.•4 views

Vulnerabilities fixed in IBM Tivoli Netcool/OMNIbus

Vulnerabilities have been fixed in IBM Tivoli Netcool/OMNIbus. The vulnerabilities allow a malicious person to conduct attacks execute attacks that result in the following categories of damage: Server-Side Request Forgery SSRF. Cross-Site Scripting XSS. Denial-of-Service DoS Remote code execution...

9.8CVSS8.1AI score0.10608EPSS
Exploits4
NCSC
NCSC
•added 2021/06/29 12:0 a.m.•4 views

Vulnerability fixed in Umbraco CMS

A vulnerability has been fixed in Umbraco CMS. The vulnerability allows a malicious person to use an Open Redirect attack to send the visitor with a custom link to a malicious website. send. Umbraco has released updates to fix the vulnerability. More information can be found on the page below:...

6.1CVSS6.5AI score0.0071EPSS
Exploits0
NCSC
NCSC
•added 2021/06/29 12:0 a.m.•4 views

Vulnerability fixed in Infoblox NIOS

A vulnerability has been fixed in Infoblox Network Identity Operating System NIOS. The vulnerability allows a malicious person with elevated privileges to cause a denial-of-service. Infoblox has released updates to fix the vulnerability. More information can be found on the page below:...

6.5CVSS6.6AI score0.00857EPSS
Exploits0
NCSC
NCSC
•added 2021/06/24 12:0 a.m.•4 views

Vulnerability fixed in MediaWiki

A vulnerability has been fixed in MediaWiki. The vulnerability allows an authenticated remote malicious person to delete delete pages while the account is locked. MediaWiki has released new versions to fix the vulnerability. fix. More information can be found on the page below:...

7.5CVSS6.5AI score0.01943EPSS
Exploits1
NCSC
NCSC
•added 2021/06/23 12:0 a.m.•4 views

Vulnerabilities fixed in Broadcom Symantec products

Broadcom has fixed vulnerabilities in Symantec products. The vulnerabilities allow a malicious party to cause a denial-of-service and to obtain sensitive data obtain. Broadcom has been sparse in making information available regarding the vulnerabilities. Broadcom has released updates to address t...

6.6AI score
Exploits0
NCSC
NCSC
•added 2021/06/23 12:0 a.m.•4 views

Vulnerability found in Lexmark drivers

An IBM X-Force researcher has discovered a vulnerability in the LMbdsvc component in the Lexmark printer drivers for Windows. The vulnerability allows a locally authenticated malicious person to able to execute arbitrary code under system privileges. One and all is described in the following...

7.5AI score
Exploits0
NCSC
NCSC
•added 2021/06/21 12:0 a.m.•4 views

Vulnerability fixed in Xterm

The developers of Xterm have fixed a vulnerability. The vulnerability can be exploited by an unauthenticated malicious person at a remote user to cause a Denial-of-Service, or possibly executing arbitrary code with the privileges of the process. -= SUSE =- SUSE has made updates available to fix t...

9.8CVSS7.3AI score0.07541EPSS
Exploits1
NCSC
NCSC
•added 2021/06/18 12:0 a.m.•4 views

Vulnerabilities fixed in Synology DiskStation Manager

Vulnerabilities have been fixed in Synology DiskStation Manager. An authenticated malicious person can exploit the vulnerabilities to obtain sensitive information and system data, as well as to execute arbitrary code under the privileges of the user. Synology has released updates to fix the...

9.9CVSS7.4AI score0.01935EPSS
Exploits0
NCSC
NCSC
•added 2021/06/17 12:0 a.m.•4 views

Vulnerability fixed in Cisco AnyConnect Secure Mobility Client

Cisco has fixed a vulnerability in AnyConnect Secure Mobility Client. A local malicious agent could potentially exploit it to execute arbitrary code under SYSTEM privileges. Only clients on which the VPN Posture HostScan Module is installed are vulnerable. Cisco has released updates to fix the...

7CVSS7.6AI score0.00178EPSS
Exploits0
NCSC
NCSC
•added 2021/06/16 12:0 a.m.•4 views

Vulnerability fixed in VMware Workspace ONE UEM

VMware has fixed a vulnerability in Workspace ONE UEM console. An unauthenticated remote malicious person can exploit the exploit the vulnerability to perform a Cross-Site Scripting XSS attack. Such an attack could result in the execution of arbitrary script code in the browser used to visit the...

6.1CVSS6.8AI score0.00796EPSS
Exploits1
NCSC
NCSC
•added 2021/06/14 12:0 a.m.•4 views

Vulnerability fixed in IBM Integration Bus

A vulnerability has been fixed in IBM Integration Bus. A malicious party could potentially exploit the vulnerability in the Javascript lodash module potentially exploit it to execute arbitrary commands on the underlying system. IBM has released updates to fix the vulnerability. For more...

7.2CVSS7.4AI score0.2241EPSS
Exploits2
NCSC
NCSC
•added 2021/06/11 12:0 a.m.•4 views

Vulnerability fixed in Rockwell Automation FactoryTalk

A vulnerability has been fixed in Rockwell Automation FactoryTalk Services Platform. The vulnerability allows an authenticated remote malicious person able to assume the same rights as a locally logged on user. Rockwell Automation has released updates and mitigating measures released to address t...

8.8CVSS6.8AI score0.02339EPSS
Exploits0
NCSC
NCSC
•added 2021/06/11 12:0 a.m.•4 views

Vulnerability fixed in polkit

A vulnerability has been fixed in polkit, an integral part of several Linux distributions. A local malicious person could gain root privileges by exploiting this vulnerability on the vulnerable system. GitHub has published more information about this vulnerability. For more information see:...

7.8CVSS6.5AI score0.22193EPSS
Exploits37
NCSC
NCSC
•added 2021/06/10 12:0 a.m.•4 views

Vulnerabilities fixed in IBM Spectrum Protect Server

Vulnerabilities have been fixed in IBM DB2 as used in IBM Spectrum Protect. The vulnerabilities allow a malicious person to able to perform attacks that result in the following categories of damage: Denial-of-Service DoS. Remote code execution Administrator/Root privileges Access to system data T...

8.4CVSS7.6AI score0.02019EPSS
Exploits0
NCSC
NCSC
•added 2021/06/09 12:0 a.m.•4 views

Vulnerabilities fixed in SUSE kernel

Vulnerabilities have been fixed in the SUSE kernel. The vulnerabilities allow a malicious person to carry out attacks execute attacks that lead to the following categories of damage: Denial-of-Service DoS Spoofing Increased user privileges -= SUSE =- SUSE has made updates available to address the...

8.8CVSS7.6AI score0.07604EPSS
Exploits6
NCSC
NCSC
•added 2021/06/08 12:0 a.m.•4 views

Vulnerabilities fixed in Microsoft applications

Microsoft has fixed vulnerabilities in 3D Viewer, Paint 3D and Intune Management Extension. A malicious party could potentially exploit the vulnerabilities in 3D Viewer and Paint 3D potentially exploit them to gain access to sensitive data or to execute arbitrary code. To do this, the malicious...

9.8CVSS7AI score0.02938EPSS
Exploits0
NCSC
NCSC
•added 2021/06/04 12:0 a.m.•4 views

Vulnerability fixed in Red Hat Enterprise Linux

Red Hat has fixed a vulnerability in the Public Key Infrastructure PKI Core package. A component of this package writes out the administrator password during installation to a log file that is unjustifiably readable by any local user. A local malicious person with knowledge of the location of thi...

7.8CVSS6.4AI score0.00183EPSS
Exploits0
NCSC
NCSC
•added 2021/06/03 12:0 a.m.•4 views

Vulnerabilities fixed in GitLab

Vulnerabilities have been fixed in GitLab Community Edition and GitLab Enterprise Edition. The vulnerabilities allow a remote malicious party potentially capable of performing attacks that lead to the following categories of damage: Cross-Site Request Forgery XSRF. Cross-Site Scripting XSS...

7.7CVSS6.5AI score0.01058EPSS
Exploits0
NCSC
NCSC
•added 2021/06/02 12:0 a.m.•4 views

Vulnerability fixed in Cisco products

Cisco has fixed a vulnerability in the following products: Cisco Adaptive Security Appliance ASA Cisco Content Security Management Appliance SMA Cisco Email Security Appliance ESA Cisco Firepower Threat Defense FTD. Cisco FXOS Cisco Web Security Appliance WSA The vulnerability potentially allows ...

7.5CVSS6.7AI score0.01325EPSS
Exploits0
NCSC
NCSC
•added 2021/06/01 12:0 a.m.•4 views

Vulnerability fixed in NetApp Clustered Data ONTAP

NetApp has fixed a vulnerability in Clustered Data ONTAP. A remote malicious party could potentially exploit it to cause a denial-of-service. Few substantive details about the vulnerability publicly available made available. NetApp has released updates to fix the vulnerability in Clustered Data...

6.5CVSS6.9AI score0.00832EPSS
Exploits0
NCSC
NCSC
•added 2021/05/28 12:0 a.m.•4 views

Vulnerability fixed in DHCP

A vulnerability has been fixed in DHCP. The vulnerability allows a remote malicious party to cause a denial-of-service. cause. ISC has released updates to fix the vulnerability. More information can be found on the page below: https://kb.isc.org/docs/cve-2021-25217 -= Ubuntu =- Canonical has made...

7.4CVSS6.7AI score0.06118EPSS
Exploits1
NCSC
NCSC
•added 2021/05/25 12:0 a.m.•4 views

Vulnerabilities fixed in Apple iOS and iPadOS

Apple has fixed several vulnerabilities in iOS and iPadOS. The vulnerabilities allow a malicious person possibly unauthenticated and remote to launch attacks that result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Manipulation of data Circumvention of...

9.3CVSS8.5AI score0.07471EPSS
Exploits2
NCSC
NCSC
•added 2021/05/21 12:0 a.m.•4 views

Vulnerability fixed in Apache Cassandra

A vulnerability has been found in Apache Cassandra. The vulnerability allows a local malicious person to obtain to obtain sensitive information. Apache categorizes this vulnerability according to the CVSSv3 method with a score of 5.9. Apache has released updates to fix the vulnerability. More...

5.9CVSS6.2AI score0.02951EPSS
Exploits0
NCSC
NCSC
•added 2021/05/21 12:0 a.m.•4 views

Vulnerability found in Mozilla Firefox

Researchers have found a vulnerability in Mozilla Firefox. The vulnerability allows a remote malicious person to execute arbitrary JavaScript code in the context of the web browser. To exploit this vulnerability, a malicious person to induce the victim to visit a rogue server. visit. Then, the...

7AI score
Exploits0
NCSC
NCSC
•added 2021/05/20 12:0 a.m.•4 views

Vulnerability fixed in Redis

A vulnerability in Redis has been fixed. The vulnerability allows a local malicious agent to cause a denial-of-service cause, potentially executing arbitrary code under rights of the application as a result. Redis developers categorize this vulnerability according to the CVSSv3 method with a scor...

8.8CVSS7AI score0.04028EPSS
Exploits0
NCSC
NCSC
•added 2021/05/19 12:0 a.m.•4 views

Vulnerability fixed in Huawei S5700 switch series

Huawei has fixed a vulnerability in its S5700 switch series. The vulnerability allows an unauthenticated remote malicious person to remotely capable of causing a Denial-of-Service. Huawei has released updates to fix the vulnerability. More information can be found on the page below:...

7.8CVSS6.7AI score0.00689EPSS
Exploits0
NCSC
NCSC
•added 2021/05/14 12:0 a.m.•4 views

Legal vulnerabilities fixed in RedHat AMQ Streams

Red Hat has fixed vulnerabilities in AMQ Stream 1.6.4. A malicious party could exploit the vulnerabilities to cause a denial-of-service, or gain access via path-traversal to potentially sensitive data. -= Red Hat =- Red Hat has made updates available for Red Hat AMQ Stream. U can install these...

7.8CVSS6.9AI score0.82371EPSS
Exploits9
NCSC
NCSC
•added 2021/05/14 12:0 a.m.•4 views

Vulnerability fixed in Graphviz

Graphviz developers have fixed a vulnerability. A malicious party could exploit the vulnerability to execute arbitrary code with the rights of the calling process. The malicious party needs to submit a rogue file to Graphviz to do this. to Graphviz. If Graphviz is used in a web environment, this...

7.8CVSS7AI score0.02618EPSS
Exploits1
NCSC
NCSC
•added 2021/05/12 12:0 a.m.•4 views

Vulnerabilities fixed in Adobe products

Adobe has released security updates for Adobe Acrobat Reader and Adobe Acrobat DC for Windows and macOS. These updates fix multiple critical and important vulnerabilities. Successful misuse can lead to execution of arbitrary code in the context of the current user, obtaining elevated privileges...

9.6CVSS7.6AI score0.66918EPSS
Exploits1
NCSC
NCSC
•added 2021/05/11 12:0 a.m.•4 views

Vulnerabilities fixed in Google Chrome for desktop

Vulnerabilities have been fixed in Google Chrome for desktop. The vulnerabilities allow a malicious party to carry out attacks execute attacks that lead to the following categories of damage: Denial-of-Service DoS Circumvention of security measure Access to system data As usual, Google makes few...

8.8CVSS6.5AI score0.02517EPSS
Exploits14
NCSC
NCSC
•added 2021/05/10 12:0 a.m.•4 views

Vulnerability fixed in Foxit products

A vulnerability has been fixed in Foxit products. The vulnerability allows an unauthenticated remote malicious person able to cause a denial-of-service with potentially the execution of arbitrary code under user privileges. The malicious party to do this must induce the victim to open a rogue fil...

8.8CVSS7.4AI score0.01765EPSS
Exploits1
NCSC
NCSC
•added 2021/05/06 12:0 a.m.•4 views

Vulnerabilities fixed in Mozilla Firefox, Firefox ESR and Thunderbird

Vulnerabilities have been fixed in Mozilla Firefox, Firefox ESR and Thunderbird. A malicious party could potentially exploit them to cause a denial-of-service or execute arbitrary execute arbitrary code with the privileges of the logged-in user. The vulnerability with CVE attribute CVE-2021-29951...

7.5CVSS7.4AI score0.01852EPSS
Exploits0
Total number of security vulnerabilities4190