Lucene search
K
NcscMost viewed

4190 matches found

NCSC
NCSC
•added 2021/01/11 12:0 a.m.•4 views

Vulnerabilities fixed in Oracle Linux

Vulnerabilities have been fixed in Oracle Linux. The vulnerabilities allow a malicious person to perform attacks that lead to the following categories of damage: Denial-of-Service DoS. Access to system data Increased user privileges Oracle has released updates to fix the vulnerabilities. More...

9.8CVSS7.6AI score0.0776EPSS
Exploits8
NCSC
NCSC
•added 2021/01/08 12:0 a.m.•4 views

Vulnerabilities fixed in Ghostscript

Vulnerabilities have been fixed in Ghostscript. The vulnerabilities allow a malicious party to cause a denial-of-service cause and to execute arbitrary code under the privileges of the user. -= Ubuntu =- Canonical has made updates available for Ubuntu 16.04 LTS and 18.04 LTS to fix the...

8.8CVSS7.7AI score0.04932EPSS
Exploits4
NCSC
NCSC
•added 2021/01/05 12:0 a.m.•4 views

Fixed an issue in Citrix ADC and Citrix Gateway

Citrix has fixed an issue in ADC and Gateway which can lead to denial-of-service attacks. A malicious party could potentially potentially misuse DTLS to cause a Denial-of-Service. Abuse can only occur when DTLS is enabled. Citrix reports that limited scale attacks are currently being reported whi...

6.2AI score
Exploits0
NCSC
NCSC
•added 2020/12/29 12:0 a.m.•4 views

Vulnerability fixed in QNAP QTS

QNAP has fixed a vulnerability in QTS. A malicious party could potentially exploit the vulnerability to inject arbitrary commands into applications. QNAP has released updates to fix the vulnerability in QTS 4.5.1.1495 build 20201123. For more information, see:...

8.8CVSS7AI score0.0255EPSS
Exploits0
NCSC
NCSC
•added 2020/12/17 12:0 a.m.•4 views

Vulnerability fixed in HPE Systems Insight Manager

A vulnerability has been fixed in HPE Systems Insight Manager. A malicious party could potentially exploit the vulnerability to execute arbitrary code under elevated privileges. The vulnerability is located in optional features called "Federated Search" and "Federated CMS Configuration." The...

9.8CVSS7.3AI score0.8189EPSS
Exploits4
NCSC
NCSC
•added 2020/12/15 12:0 a.m.•4 views

Vulnerabilities fixed in Apple iOS and iPadOS

Vulnerabilities have been fixed in Apple iOS and iPadOS. The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS. Bypassing authentication Remote code execution User rights Access to system data App...

8.8CVSS7AI score0.01705EPSS
Exploits0
NCSC
NCSC
•added 2020/12/10 12:0 a.m.•4 views

Vulnerability fixed in Adobe Acrobat and Reader

Adobe has fixed a vulnerability in Adobe Acrobat and Reader. The vulnerability allows a malicious party to obtain sensitive obtain information from the victim's context. Adobe has released updates to fix the vulnerability. More information can be found on the page below:...

7.1CVSS6.4AI score0.07818EPSS
Exploits0
NCSC
NCSC
•added 2020/12/10 12:0 a.m.•4 views

Vulnerabilities fixed in Foxit Reader and Foxit PhantomPDF

Foxit has fixed vulnerabilities in Foxit Reader and Foxit PhantomPDF. The vulnerabilities allow a malicious party to perform attacks that result in the following categories of damage: Denial-of-Service DoS Circumvention of security measure Remote code execution User rights Foxit has released...

8.8CVSS7.5AI score0.71145EPSS
Exploits5
NCSC
NCSC
•added 2020/12/08 12:0 a.m.•4 views

Vulnerabilities fixed in Microsoft Browsers

There are several vulnerabilities in Microsoft Edge. The vulnerabilities allow a malicious person to execute arbitrary execute arbitrary code with user privileges. Also, the malicious impersonate another user. Microsoft Edge: |----------------|------|-------------------------------------| | CVE I...

7.5CVSS7.2AI score0.02059EPSS
Exploits0
NCSC
NCSC
•added 2020/12/07 12:0 a.m.•4 views

Vulnerability fixed in MISP

CIRCL has fixed a vulnerability in MISP. The vulnerability is located in the handling of templates and allows a malicious party to be able to launch a Cross-Site-Scripting attack XSS and thereby potentially execute arbitrary code in the context of the browser. CIRCL has released updates to fix th...

6.1CVSS7.6AI score0.00765EPSS
Exploits0
NCSC
NCSC
•added 2020/11/27 12:0 a.m.•4 views

Vulnerability fixed in DNS implementations

Researchers have discovered a vulnerability in a number of DNS implementations. The researchers have named the vulnerability SAD DNS, an acronymmm for Side-channel AttackeD DNS. This vulnerability has since been given CVE attribute CVE-2020-25705. The vulnerability allows a malicious party to rou...

7.4CVSS8.2AI score0.06692EPSS
Exploits1
NCSC
NCSC
•added 2020/11/25 12:0 a.m.•4 views

Vulnerability fixed in JBoss Wildfly

A vulnerability has been fixed in Wildfly. The vulnerability allows a malicious person with access to the log data of the Wildfly instance to be able to obtain clear-text stored passwords. obtain. Red Hat has released updates to fix the vulnerability in Wildfly. More information can be found on t...

5.3CVSS6.4AI score0.01331EPSS
Exploits0
NCSC
NCSC
•added 2020/11/25 12:0 a.m.•4 views

Vulnerabilities fixed in PHPMyAdmin

Ubuntu has fixed several vulnerabilities in the phpmyadmin package. The vulnerabilities allow an unauthenticated malicious party potentially able to launch attacks that lead to the following categories of damage: Cross-Site Request Forgery XSRF. Cross-Site Scripting XSS SQL Injection Access to...

9.8CVSS6.7AI score0.67081EPSS
Exploits10
NCSC
NCSC
•added 2020/11/23 12:0 a.m.•4 views

Vulnerability fixed in Red Hat JBoss Enterprise Application Platform

A vulnerability has been fixed in Red Hat JBoss Enterprise Application Platform. The vulnerability allows a malicious party to able to execute an SQL injection and thereby obtain sensitive data to obtain sensitive data. Red Hat has released updates to fix the vulnerability. More information can b...

7.4CVSS8.8AI score0.02907EPSS
Exploits0
NCSC
NCSC
•added 2020/11/20 12:0 a.m.•4 views

Vulnerabilities fixed in VMware ESXi, Workstation and Fusion

VMWare has fixed two vulnerabilities in VMWare Workstation, ESXi and Fusion. A malicious person with authorization in a virtual environment could exploit the vulnerabilities to break out of the virtual environment and execute arbitrary code with the permissions of the virtualization process on th...

8.2CVSS7.8AI score0.00392EPSS
Exploits0
NCSC
NCSC
•added 2020/11/19 12:0 a.m.•4 views

Vulnerability fixed in F5 BIG-IP

F5 Networks has fixed a vulnerability in a limited number of BIG-IP platforms. The vulnerability allows a malicious party with network access to the vulnerable system may be able to retrieve TCP sequence numbers used in previous, independent TCP connections. These sequence numbers can be used by...

4.3CVSS6.7AI score0.00688EPSS
Exploits0
NCSC
NCSC
•added 2020/11/19 12:0 a.m.•4 views

Vulnerability fixed in tcpdump

A vulnerability has been fixed in tcpdump. The vulnerability allows a remote malicious person to cause a denial-of-service cause. -= SUSE =- SUSE has made updates available to fix the vulnerability fix in SUSE Linux Enterprise Module for Basesystem 15-SP1 & 15-SP2. You can install these custom...

7.5CVSS6.8AI score0.03071EPSS
Exploits0
NCSC
NCSC
•added 2020/11/19 12:0 a.m.•4 views

Vulnerabilities fixed in Cisco Webex and Cisco Webex Server

Vulnerabilities have been fixed in Cisco Webex Meetings and Cisco Webex Meetings Server. The vulnerabilities allow a malicious able to launch attacks that result in the following categories of damage: Cross-Site Scripting XSS. Circumvention of security measure Remote code execution User Rights...

9.1CVSS6.9AI score0.01744EPSS
Exploits0
NCSC
NCSC
•added 2020/11/12 12:0 a.m.•4 views

Vulnerabilities fixed in PAN OS

Palo Alto has fixed several vulnerabilities in PAN OS. The most serious vulnerability, with attribute CVE-2020-2050, is rated by Palo Alto rated with a CVSS score of 8.2 and is located in the GlobalProtect SSL VPN component. An unauthenticated malicious party can remotely exploit this vulnerabili...

9CVSS7.5AI score0.03226EPSS
Exploits0
NCSC
NCSC
•added 2020/11/10 12:0 a.m.•4 views

Vulnerabilities fixed in Microsoft Dynamics

Microsoft fixes multiple vulnerabilities in Microsoft Dynamics products. A malicious party could exploit the vulnerabilities to perform a Cross-Site Scripting XSS attack. A such attack can lead to the execution of arbitrary script code in the browser used to visit the application. Microsoft...

5.4CVSS5.9AI score0.01326EPSS
Exploits0
NCSC
NCSC
•added 2020/11/10 12:0 a.m.•4 views

Vulnerabilities identified in Siemens S7 products

Vulnerabilities have been identified in Siemens S7 products. The vulnerabilities enable a remote malicious person to to cause a denial-of-service and to circumvent a security measure circumvention. Siemens categorizes these vulnerabilities according to the CVSSv3 method with a highest score of 5....

7AI score
Exploits0
NCSC
NCSC
•added 2020/11/06 12:0 a.m.•4 views

Vulnerabilities fixed in Apple macOS

Apple has fixed three 0-day vulnerabilities in Mac OS. A malicious party can exploit the vulnerabilities to launch attacks that lead to the execution of arbitrary code. Apple reports that on a very limited scale abuse is being observed of these vulnerabilities. No PoC or exploit code publicly...

9.3CVSS7.1AI score0.22178EPSS
Exploits2
NCSC
NCSC
•added 2020/11/03 12:0 a.m.•4 views

Multiple vulnerabilities fixed in F5 BIG-IP products

F5 has fixed several vulnerabilities in BIG-IP. Malicious remotely can exploit the vulnerabilities to cause a Denial-of-Service or perform Cross-Site-Scripting attacks. Authenticated malicious actors can exploit some of the vulnerabilities exploit them to bypass security measures and gain access...

8.5CVSS7AI score0.01311EPSS
Exploits0
NCSC
NCSC
•added 2020/10/30 12:0 a.m.•4 views

Vulnerability fixed in Grafana

The vulnerability is known as a so-called Cross-Site Scripting. The vulnerability allows a remote malicious person to able to execute arbitrary code in the browser of the victim. Grafana Labs has released updates to fix the vulnerability. fix. More information can be found on the pages below:...

6.1CVSS7.5AI score0.01965EPSS
Exploits0
NCSC
NCSC
•added 2020/10/30 12:0 a.m.•4 views

Vulnerabilities fixed in IBM Security Directory Server

Vulnerabilities have been fixed in IBM Security Directory Server. The vulnerabilities allow a malicious party to access system data. IBM has released updates to fix the vulnerabilities. More information can be found on the page below: https://www.ibm.com/support/pages/node/6356607...

5.3CVSS6.7AI score0.01054EPSS
Exploits0
NCSC
NCSC
•added 2020/10/29 12:0 a.m.•4 views

Vulnerabilities fixed in F5 BIG-IP

F5 has fixed vulnerabilities in BIG-IP. The vulnerabilities allow a remote malicious party to cause a denial-of-service and to cause a security measure to be circumvention. F5 has released updates to fix the vulnerabilities. More information can be found on the pages below: CVE-2020-5933:...

7.8CVSS7.2AI score0.0105EPSS
Exploits0
NCSC
NCSC
•added 2020/10/29 12:0 a.m.•4 views

Vulnerabilities fixed in Samba

Vulnerabilities have been fixed in Samba. The vulnerabilities allow a malicious person to gain access to system data and to cause a denial-of-service. Samba has released updates to fix the vulnerabilities. More information can be found on the page below:...

6.5CVSS7AI score0.0218EPSS
Exploits0
NCSC
NCSC
•added 2020/10/27 12:0 a.m.•4 views

Vulnerabilities fixed in Trend Micro Antivirus for Mac

Trend Micro has fixed vulnerabilities in Antivirus for Mac. The vulnerabilities allow a locally authenticated malicious agent to able to cause a denial-of-service or to obtain system data obtain. Trend Micro categorizes these vulnerabilities according to the CVSSv3 method with a highest score of...

6.9CVSS6.6AI score0.00885EPSS
Exploits0
NCSC
NCSC
•added 2020/10/27 12:0 a.m.•4 views

Vulnerability fixed in management console for 3PAR systems

HP has fixed a vulnerability in the StoreServ Management Console SSMC. SSMC is the Web-based management application for 3PAR StoreServ systems but can also be used to manage other storage systems. The vulnerability allows a malicious remotely able to bypass authentication. HP rates this...

9.8CVSS6.6AI score0.02154EPSS
Exploits0
NCSC
NCSC
•added 2020/10/23 12:0 a.m.•4 views

Vulnerabilities fixed in VMware Horizon Server and Client

Vulnerabilities have been fixed in VMware Horizon Server and Client. The vulnerabilities allow a malicious party to access system data and to execute arbitrary code under the user's privileges. VMware has released updates to fix the vulnerabilities. More information can be found on the page below...

6.5CVSS7.3AI score0.01268EPSS
Exploits0
NCSC
NCSC
•added 2020/10/23 12:0 a.m.•4 views

Vulnerability fixed in ElasticSearch

A vulnerability has been fixed in ElasticSearch. The vulnerability allows a malicious person to obtain system data. This is only possible if Document or Field Level security is used. Elastic classifies this vulnerability with a CvSS score of 3.1. Elastic has released updates to fix the...

3.5CVSS6.5AI score0.00999EPSS
Exploits0
NCSC
NCSC
•added 2020/10/21 12:0 a.m.•4 views

Vulnerability fixed in Adobe Premiere

Adobe has fixed a vulnerability in Premiere. The vulnerability allows a malicious party to execute arbitrary code execute arbitrary code under user privileges. Adobe has released updates to fix the vulnerability. More information can be found on the page below:...

7.8CVSS7.5AI score0.0111EPSS
Exploits0
NCSC
NCSC
•added 2020/10/21 12:0 a.m.•4 views

Vulnerability fixed in Adobe Photoshop

Adobe has fixed a vulnerability in Adobe Photoshop. The vulnerability allows a malicious party to execute arbitrary code execute arbitrary code under user privileges. Adobe has released updates to fix the vulnerability. More information can be found on the page below:...

7.8CVSS7.5AI score0.00762EPSS
Exploits0
NCSC
NCSC
•added 2020/10/21 12:0 a.m.•4 views

Vulnerabilities fixed in Oracle Siebel CRM

Oracle has fixed vulnerabilities in the following Oracle Siebel CRM products: Siebel Apps - Marketing Siebel UI Framework The vulnerabilities allow an unauthenticated malicious person with network access to the vulnerable application may be able to execute attacks that result in the following...

9.8CVSS7.5AI score0.99019EPSS
Exploits7
NCSC
NCSC
•added 2020/10/21 12:0 a.m.•4 views

Vulnerabilities fixed in Oracle PeopleSoft

Oracle has fixed vulnerabilities in the following Oracle PeopleSoft products: PeopleSoft Enterprise HCM Global Payroll Core PeopleSoft Enterprise PT PeopleTools PeopleSoft Enterprise SCM eSupplier Connection The vulnerabilities allow an unauthenticated malicious person with network access to the...

9.8CVSS7.9AI score0.99019EPSS
Exploits7
NCSC
NCSC
•added 2020/10/19 12:0 a.m.•4 views

Vulnerability fixed in Windows

Microsoft has fixed a vulnerability in the Windows Codecs Library. Users who had installed the HEVC codec from the Microsoft Store had installed it were vulnerable to the execution of arbitrary code by a remote malicious person. The malicious party to do this must induce the victim to play a rogu...

7.8CVSS7.1AI score0.03593EPSS
Exploits0
NCSC
NCSC
•added 2020/10/19 12:0 a.m.•4 views

Vulnerability fixed in Visual Studio

Microsoft has fixed a vulnerability in Visual Studio. The vulnerability allows a remote malicious person to execute arbitrary code under user privileges. The malicious party must do this by inducing the victim to clone a rogue repository and then open a package.json here. Microsoft has released...

9.3CVSS7.2AI score0.04243EPSS
Exploits0
NCSC
NCSC
•added 2020/10/16 12:0 a.m.•4 views

Vulnerability fixed in containerd

A vulnerability has been fixed in containerd, which is used by Docker and Kubernetes, among others. A malicious party could vulnerability potentially exploit it to gain access to login credentials to an internal or external image registry. To do so the malicious party must induce the user to pull...

6.1CVSS6.8AI score0.02209EPSS
Exploits1
NCSC
NCSC
•added 2020/10/15 12:0 a.m.•4 views

Vulnerability fixed in Rapid7 Nexpose

Rapid7 has fixed a vulnerability in Nexpose. The vulnerability potentially allows a local malicious person to perform a SQL injection attack that could access gain access to sensitive data or manipulate data. Rapid7 has released updates to fix the vulnerability in Nexpose 6.6.49. For more...

8.1CVSS6.9AI score0.01123EPSS
Exploits0
NCSC
NCSC
•added 2020/10/13 12:0 a.m.•4 views

Vulnerabilities fixed in Microsoft Dynamics

Microsoft fixes multiple vulnerabilities in Microsoft Dynamics products. The vulnerability in Microsoft Dynamics with the attribute CVE-2020-16943 allows a malicious person to access sensitive data. The vulnerabilities with the attributes CVE-2020-16956 and CVE-2020-16978 enable a remote maliciou...

6.5CVSS6.6AI score0.01326EPSS
Exploits0
NCSC
NCSC
•added 2020/10/12 12:0 a.m.•4 views

Vulnerability fixed in IBM Db2

IBM has fixed a vulnerability in Db2 and Db2 Connect. A unauthenticated remote malicious party can exploit the vulnerability potentially exploit it to cause a denial-of-service. IBM has released updates to fix the vulnerability. For more information, see:...

7.5CVSS6.8AI score0.0241EPSS
Exploits0
NCSC
NCSC
•added 2020/10/12 12:0 a.m.•4 views

Vulnerability fixed in JIRA

Atlassian has fixed a vulnerability in JIRA. A malicious party could exploit the vulnerability to perform a Cross-Site Scripting XSS attack. Such an attack can lead to the execution of arbitrary script code in the browser with which the application is visited. Atlassian has released updates to fi...

5.4CVSS6.3AI score0.00932EPSS
Exploits0
NCSC
NCSC
•added 2020/10/09 12:0 a.m.•4 views

Vulnerabilities fixed in IBM Security Access Manager

IBM has fixed multiple vulnerabilities in IBM Security Access Manager. A malicious party could potentially exploit the vulnerabilities to obtain information about the system. Little substantive information about the vulnerabilities has been made publicly available. IBM has released updates to fix...

5.3CVSS6.7AI score0.0045EPSS
Exploits0
NCSC
NCSC
•added 2020/10/08 12:0 a.m.•4 views

Vulnerabilities fixed in Cisco StarOS for ASR 5000 Series routers

Cisco has fixed multiple vulnerabilities in StarOS for ASR 5000 Series routers. A local malicious person with limited administrator privileges could potentially exploit the vulnerabilities to execute arbitrary code under root privileges. Cisco has released updates to fix the vulnerabilities in...

7.2CVSS7.5AI score0.00387EPSS
Exploits0
NCSC
NCSC
•added 2020/09/30 12:0 a.m.•4 views

Vulnerabilities fixed in Red Hat ipa

Vulnerabilities have been fixed in Red Hat ipa. The vulnerabilities allow an unauthenticated malicious person to execute arbitrary code on the victim's browser. To do this, the malicious party must trick the victim into following a rogue hyper-link to follow. In addition, the vulnerabilities enab...

6.9CVSS7.5AI score0.99019EPSS
Exploits13
NCSC
NCSC
•added 2020/09/29 12:0 a.m.•4 views

Vulnerabilities fixed in Foxit Reader and Foxit PhantomPDF

Vulnerabilities have been fixed in Foxit Reader and Foxit PhantomPDF. The vulnerabilities allow a malicious party to perform attacks that result in the following categories of damage: Denial-of-Service DoS Remote code execution User Rights Access to system data Increased user privileges Foxit has...

7.5AI score
Exploits0
NCSC
NCSC
•added 2020/09/29 12:0 a.m.•4 views

Vulnerability fixed in Trend Micro OfficeScan

A vulnerability has been fixed in Trend Micro OfficeScan. The vulnerability allows a malicious party to obtain elevated permissions and execute arbitrary code under the user's privileges. Trend Micro has released updates to fix the vulnerability. fix. More information can be found on the page...

7.8CVSS7.5AI score0.00776EPSS
Exploits0
NCSC
NCSC
•added 2020/09/23 12:0 a.m.•4 views

Vulnerabilities fixed in Firefox and Firefox ESR

Vulnerabilities have been fixed in Firefox and Firefox ESR. The vulnerabilities allow a malicious party to carry out attacks execute attacks that lead to the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Remote code execution User Rights Spoofing Mozilla has...

8.8CVSS6.8AI score0.01961EPSS
Exploits0
NCSC
NCSC
•added 2020/09/21 12:0 a.m.•4 views

Vulnerabilities fixed in VirtualBox

Vulnerabilities have been fixed in Oracle VirtualBox. The vulnerabilities allow a malicious party to perform attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Code execution Administrator/Root privileges Access to sensitive data...

8.2CVSS6.8AI score0.00565EPSS
Exploits0
NCSC
NCSC
•added 2020/09/09 12:0 a.m.•4 views

Vulnerabilities fixed in IP stack of various SIEMENS products

Siemens has fixed two vulnerabilities in the Linux IP stack of various industrial products. An unauthenticated malicious person could exploit the vulnerabilities to cause a denial-of-service cause. The malicious party must have access to the production network. It is good practice not to have suc...

7.8CVSS6.8AI score0.7354EPSS
Exploits0
Total number of security vulnerabilities4190