Lucene search
K
NcscMost viewed

4189 matches found

NCSC
NCSC
•added 2022/04/01 12:0 a.m.•31 views

Vulnerabilities fixed in GitLab

Vulnerabilities have been fixed in GitLab Community Edition CE and Enterprise Edition EE. The vulnerabilities allow a malicious party to conduct attacks that result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Bypassing authentication Accessing sensitive...

9.8CVSS6.6AI score0.87369EPSS
Exploits4
NCSC
NCSC
•added 2021/11/12 12:0 a.m.•31 views

Vulnerabilities fixed in Siemens Mendix

Siemens fixed vulnerabilities in Mendix. Successful misuse of these vulnerabilities could allow a malicious person to manipulate the manipulate the contents of specific objects. Siemens has released updates to fix the vulnerabilities. More information can be found on the pages below:...

6.8CVSS6.6AI score0.00565EPSS
Exploits0
NCSC
NCSC
•added 2021/10/14 12:0 a.m.•31 views

Vulnerabilities fixed in Foxit products

Vulnerabilities have been fixed in Foxit products. The vulnerabilities allow a malicious person to carry out attacks that lead to the following categories of damage: Denial-of-Service DoS. Remote code execution User Rights Access to system data Foxit has released updates to fix the vulnerabilitie...

7.8CVSS7.4AI score0.01253EPSS
Exploits6
NCSC
NCSC
•added 2021/06/04 12:0 a.m.•31 views

Vulnerability fixed in Huawei S5700 devices

Huawei has fixed a vulnerability in S5700 devices. A authenticated remote malicious person can exploit the vulnerability potentially exploit it to inject system commands. There are few substantive details about the vulnerability disclosed. Huawei has released updates to fix the vulnerability. The...

7.2CVSS6.8AI score0.00917EPSS
Exploits0
NCSC
NCSC
•added 2021/06/03 12:0 a.m.•31 views

Vulnerabilities fixed in Cisco Webex Player and Webex Network Recording Player

Cisco has fixed vulnerabilities in Webex Player and Webex Network Recording Player. The vulnerabilities allow an unauthenticated remote malicious party potentially capable of perform attacks that result in the following categories of damage: Denial-of-Service DoS Remote code execution User Rights...

7.8CVSS7.8AI score0.01081EPSS
Exploits0
NCSC
NCSC
•added 2021/01/19 12:0 a.m.•31 views

Vulnerabilities fixed in Red Hat OpenShift Container Platform

Vulnerabilities have been fixed in Red Hat OpenShift Container Platform. The vulnerabilities allow a malicious party to perform attacks that result in the following categories of damage: Server-side Request Forgery SSRF Denial-of-Service DoS. Access to sensitive data Access to system data Red Hat...

7.5CVSS6.8AI score0.03813EPSS
Exploits0
NCSC
NCSC
•added 2020/09/10 12:0 a.m.•31 views

Vulnerabilities fixed in PAN-OS

Vulnerabilities have been fixed in PAN-OS. The vulnerabilities allow a malicious person to perform attacks that lead to the following categories of damage: Cross-Site Scripting XSS. Denial-of-Service DoS. Remote code execution Administrator/Root rights Remote code execution User rights Access to...

10CVSS7AI score0.86086EPSS
Exploits7
NCSC
NCSC
•added 2024/05/02 12:0 a.m.•30 views

Vulnerabilities fixed in ArubaOS

Aruba Networks has fixed vulnerabilities in ArubaOS. A malicious party could exploit the vulnerabilities to cause a denial-of-service, or execute arbitrary code on the vulnerable system. For successful exploitation, the malicious party must have access to too PAPI port, the management interface o...

9.8CVSS7.4AI score0.43998EPSS
Exploits0
NCSC
NCSC
•added 2024/02/13 12:0 a.m.•30 views

Vulnerabilities fixed in Microsoft Office

Microsoft has fixed vulnerabilities in several Office products. A malicious party could exploit the vulnerabilities to execute attacks that can lead to the following categories of damage: Remote code execution User rights. Access to sensitive data Increased user privileges For successful...

9.8CVSS6.8AI score0.9466EPSS
Exploits24
NCSC
NCSC
•added 2023/07/31 12:0 a.m.•30 views

Vulnerability fixed in Ivanti Endpoint Manager

Ivanti has fixed a vulnerability in Endpoint Manager. A malicious person with administrator privileges can exploit the vulnerability exploit to execute arbitrary OS commands with, among other among other things, permissions from the tomcat process. This vulnerability is different from the...

10CVSS7.5AI score0.99999EPSS
Exploits16
NCSC
NCSC
•added 2023/01/11 12:0 a.m.•30 views

Vulnerabilities fixed in Adobe products

Vulnerabilities have been fixed in Adobe products. The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Remote code execution User rights Access to system data Increased user privileges Adobe has...

7.8CVSS7.6AI score0.61475EPSS
Exploits2
NCSC
NCSC
•added 2022/06/14 12:0 a.m.•30 views

Vulnerabilities fixed in Microsoft Windows

Microsoft has fixed vulnerabilities in Windows. The vulnerabilities potentially enable a malicious person to launch attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS. Remote code execution Administrator/Root rights Remote code execution User rights...

10CVSS6.7AI score0.74677EPSS
Exploits3
NCSC
NCSC
•added 2021/02/09 12:0 a.m.•30 views

Large number of vulnerabilities fixed in Xerox FreeFlow Print Server

Xerox has fixed a large number of vulnerabilities in Xerox FreeFlow Print Server. The vulnerabilities are in the following underlying components: Microsoft Windows 10 Java 8 Firefox Xerox has released updates to fix the vulnerabilities in Freeflow print server. For more information, see the...

9.8CVSS8.6AI score0.5063EPSS
Exploits14
NCSC
NCSC
•added 2021/01/28 12:0 a.m.•30 views

Vulnerability fixed in WinSCP

A vulnerability has been fixed in WinSCP. A malicious party could potentially exploit the vulnerability to execute arbitrary code execute arbitrary code under a user's privileges. To do so, the user to visit a rogue URI that will open in WinSCP. WinSCP has released updates to fix the vulnerabilit...

10CVSS7.7AI score0.07408EPSS
Exploits0
NCSC
NCSC
•added 2020/12/16 12:0 a.m.•30 views

Vulnerability fixed in Cloudforms

RedHat has fixed a vulnerability in CloudForms Management Engine. Due to a flaw in Role Based authorizations, an authorized malicious person is able to execute commands with administrator privileges, or gain access to sensitive data. This vulnerability was previously reported as the vulnerability...

8.3CVSS7AI score0.01EPSS
Exploits0
NCSC
NCSC
•added 2020/12/08 12:0 a.m.•30 views

Vulnerabilities fixed in Microsoft Dynamics

Microsoft fixes multiple vulnerabilities in Microsoft Dynamics products. A malicious party could exploit the vulnerabilities to perform Cross-Site Scripting XSS or Remote Code Execution RCE. Such an attack can only be performed by an authenticated user or administrator. Microsoft Dynamics:...

8.8CVSS5.7AI score0.03658EPSS
Exploits0
NCSC
NCSC
•added 2020/10/20 12:0 a.m.•30 views

Vulnerabilities fixed in VMware products

Vulnerabilities have been fixed in VMware ESXi, Workstation, Fusion , NSX-T and vCenter. The vulnerabilities allow a malicious party to able to perform attacks that result in the following categories of damage: Denial-of-Service DoS. Circumvention of security measure Remote code execution User...

10CVSS7.6AI score0.83015EPSS
Exploits2
NCSC
NCSC
•added 2025/11/11 6:35 p.m.•29 views

Vulnerabilities fixed in Microsoft Visual Studio

Microsoft has fixed vulnerabilities in Visual Studio and Code Copilot for Visual Studio. A malicious party could exploit the vulnerabilities to bypass security measures and execute arbitrary code in the victim's context. For successful exploitation, the malicious party must trick the victim into...

8.8CVSS6.2AI score0.00978EPSS
Exploits0
NCSC
NCSC
•added 2025/07/17 12:35 p.m.•29 views

Vulnerabilities fixed in XWiki

XWiki has fixed vulnerabilities in the rendering system and the default macro content parser. The vulnerabilities in the XWiki rendering system allowed attackers to perform XSS attacks due to the dependency on the xdom+xml/current syntax. This vulnerability has been fixed in version 14.10. In...

9.9CVSS8.3AI score0.00525EPSS
Exploits1References2
NCSC
NCSC
•added 2024/10/04 10:11 a.m.•29 views

Vulnerabilities fixed in Apple iOS and iPadOS

Apple has fixed vulnerabilities in iOS and iPadOS. VoieOver does not appear to handle sensitive data correctly, making it possible to use VoiceOver to have recently stored passwords read aloud. Apple has released updates to fix the vulnerabilities. See attached references for more information...

5.5CVSS6.6AI score0.09232EPSS
Exploits0References1
NCSC
NCSC
•added 2024/04/12 12:0 a.m.•29 views

Vulnerabilities fixed in GitLab Enterprise Edition and Community Edition

GitLab has fixed vulnerabilities in GitLab Enterprise Edition EE and Community Edition CE. A malicious party could exploit the vulnerabilities to cause a Denial-of-Service, or to execute a Cross-Site Scripting attack. Such an attack could result in execution of arbitrary code in the victim's...

8.7CVSS6.8AI score0.00601EPSS
Exploits2
NCSC
NCSC
•added 2024/01/17 12:0 a.m.•29 views

Vulnerability fixed in VMware Aria Automation

VMWare has fixed a vulnerability in Aria Automation, formerly known as vRealize Automation. An authenticated malicious party could exploit the vulnerability to gain access gain access to the Aria Automation instance, and possibly to systems of third parties. The malicious party can thus perform...

9.9CVSS6.9AI score0.00949EPSS
Exploits0
NCSC
NCSC
•added 2023/11/30 12:0 a.m.•29 views

Vulnerabilities fixed in MOVEit Transfer

Progress has fixed vulnerabilities in MOVEit Transfer. A malicious party could exploit the vulnerability with attribute CVE-2023-6217 exploit for a Cross-Site Scripting ace trap. Such an attack can lead to execution of arbitrary code in the browser of the victim, or potentially access sensitive...

7.2CVSS6.7AI score0.00696EPSS
Exploits0
NCSC
NCSC
•added 2023/07/03 12:0 a.m.•30 views

Vulnerability fixed in Xwiki

The developers of Xwiki have fixed a vulnerability in the CKEditor of Xwiki. An authenticated malicious person with editing privileges in the CKeditor could exploit the vulnerability to modify arbitrary files in Xwiki, including those for which it is not authorized. This allows the malicious pers...

9CVSS6.7AI score0.00903EPSS
Exploits1
NCSC
NCSC
•added 2022/07/13 12:0 a.m.•29 views

Vulnerabilities fixed in VMWare products

Vulnerabilities have been fixed in several VMware products. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Cross-Site Request Forgery XSRF. Access to system data A malicious person with administrator access to a...

7.5CVSS6AI score0.04947EPSS
Exploits0
NCSC
NCSC
•added 2022/06/15 12:0 a.m.•29 views

Vulnerabilities fixed in Adobe Bridge

Adobe has fixed several vulnerabilities in Bridge. A malicious party could exploit the vulnerabilities to execute arbitrary code in the context of the application, or to access gain access to sensitive data in the context of the application. To do this, the malicious party must trick the victim...

9.3CVSS7.1AI score0.02857EPSS
Exploits0
NCSC
NCSC
•added 2021/03/22 12:0 a.m.•29 views

Vulnerabilities fixed in Grafana Enterprise

Several vulnerabilities have been fixed in Grafana Enterprise. A malicious party could potentially exploit the vulnerabilities to cause a denial-of-service or to obtain elevated privileges obtain elevated privileges within the application. Grafana Labs has released updates to address the...

7.5CVSS7.1AI score0.83042EPSS
Exploits0
NCSC
NCSC
•added 2020/10/07 12:0 a.m.•29 views

Vulnerabilities fixed in GitLab

Several vulnerabilities have been fixed in GitLab. The vulnerabilities potentially allow a malicious person to launch attacks execute attacks that result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Remote code execution User Rights Access to sensitive da...

8.8CVSS7.2AI score0.02112EPSS
Exploits3
NCSC
NCSC
•added 2024/12/02 12:51 p.m.•28 views

Vulnerabilities fixed in Zabbix

Zabbix has fixed vulnerabilities in the Zabbix server and frontend. The vulnerabilities include a stack buffer overflow in the zbxsnmpcachehandleengineid function, which can lead to execution of arbitrary code or a denial of service. In addition, there is an SQL injection vulnerability that allow...

9.9CVSS9AI score0.78831EPSS
Exploits13References8
NCSC
NCSC
•added 2023/11/23 12:0 a.m.•28 views

Vulnerabilities fixed in Atlassian products

Atlassian has fixed vulnerabilities in several products such as Jira, Confluence and Bitbucket. A malicious party can exploit the exploit vulnerabilities to launch attacks that can lead to the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Data manipulation. Remot...

8.8CVSS7.7AI score0.99999EPSS
Exploits25
NCSC
NCSC
•added 2023/03/30 12:0 a.m.•28 views

Vulnerabilities fixed in QNAP QTS and QuTS hero

QNAP has fixed vulnerabilities in QTS and QuTS hero, the operating system for QNAP NAS devices. An authenticated malicious person could exploit the vulnerabilities to cause a denial-of-service, or grant themselves elevated privileges and thus gain access to sensitive data or execute arbitrary cod...

8.8CVSS7.6AI score0.59501EPSS
Exploits21
NCSC
NCSC
•added 2023/03/23 12:0 a.m.•28 views

Vulnerabilities fixed in Cisco Access Points

Cisco has fixed vulnerabilities in several access points. A malicious party could exploit the vulnerabilities to cause a denial-of-service on the vulnerable system, or to execute arbitrary code as root. To execute arbitrary code, the malicious party needs need prior authentication on the command...

7.4CVSS8AI score0.00303EPSS
Exploits0
NCSC
NCSC
•added 2022/11/04 12:0 a.m.•28 views

Vulnerabilities fixed in VMware Spring

VMware has fixed vulnerabilities in Spring Security and spring-security-oauth2-client. A malicious party could vulnerabilities potentially exploit them to obtain elevated privileges or to bypass authentication. Only Spring environments using specific configurations are vulnerable. VMware has...

9.8CVSS7AI score0.03425EPSS
Exploits3
NCSC
NCSC
•added 2022/08/03 12:0 a.m.•28 views

Vulnerabilities fixed in Synology products

Synology has fixed vulnerabilities in multiple products. The vulnerabilities allow a malicious party to launch attacks the following categories of damage: Manipulation of data Remote code execution Application rights Access to sensitive data Synology rated the vulnerability with attribute...

7.2CVSS8AI score0.01572EPSS
Exploits0
NCSC
NCSC
•added 2022/07/06 12:0 a.m.•28 views

Vulnerabilities fixed in Fortinet products

Fortinet has fixed vulnerabilities in several products. The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Remote code execution Administrator/Root rights Increased us...

7.8CVSS6.8AI score0.02116EPSS
Exploits0
NCSC
NCSC
•added 2022/06/03 12:0 a.m.•28 views

Vulnerabilities fixed in GitLab

Vulnerabilities have been fixed in GitLab. The vulnerabilities potentially enable a malicious person to launch attacks that lead to the following categories of damage: Cross-Site Scripting XSS. Bypassing authentication Bypassing security measure Accessing system data GitLab has released updates t...

9.9CVSS6.3AI score0.15471EPSS
Exploits1
NCSC
NCSC
•added 2021/09/15 12:0 a.m.•28 views

Vulnerabilities fixed in Adobe products

Vulnerabilities have been fixed in several Adobe products. The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Circumvention of security measure Remote code execution User...

9.3CVSS7.5AI score0.76055EPSS
Exploits1
NCSC
NCSC
•added 2021/09/14 12:0 a.m.•28 views

Vulnerability fixed in Nitro Pro PDF

A vulnerability has been fixed in Nitro Pro PDF. The vulnerability allows a remote malicious person to execute arbitrary execute arbitrary code under the victim's privileges. The malicious party to do this must induce the victim to open a rogue document to be opened. Nitro has released updates to...

8.8CVSS7.5AI score0.15613EPSS
Exploits1
NCSC
NCSC
•added 2021/06/08 12:0 a.m.•28 views

Vulnerabilities fixed in Microsoft Office products

Microsoft has fixed vulnerabilities in several Office products. The vulnerabilities allow a malicious party to execute attacks that result in the following categories of damage: Executing arbitrary code User privileges. Impersonating another user Accessing sensitive data Below is a summary of the...

8.8CVSS7AI score0.13337EPSS
Exploits5
NCSC
NCSC
•added 2021/04/16 12:0 a.m.•28 views

Vulnerabilities fixed in Juniper JunOS

A Race Condition vulnerability in the firewall process dfwd of Juniper Networks Junos OS allows an attacker to bypass the firewall rulesets to bypass CVE-2021-0247. A vulnerability in the forwarding of TCPv6 transit packets received on the Ethernet management interface of Juniper Networks Junos O...

7.1CVSS6.6AI score0.00647EPSS
Exploits0
NCSC
NCSC
•added 2021/02/04 12:0 a.m.•28 views

Vulnerabilities fixed in Cisco IOS XR

Cisco has fixed several vulnerabilities in IOS XR. A unauthenticated malicious person could remotely exploit them to cause a denial-of-service, circumvent bypassing security measures or obtaining system information. The vulnerabilities marked CVE-2021-1288 and CVE-2021-1313 involve a...

8.6CVSS6.9AI score0.01952EPSS
Exploits0
NCSC
NCSC
•added 2021/01/06 12:0 a.m.•28 views

Vulnerabilities found in Schneider Electric Modicon products

Schneider Electric has identified vulnerabilities in Modicon products. The vulnerabilities allow an authenticated remote malicious party the ability to cause a denial-of-service cause. Schneider Electric has proposed mitigation measures and indicates it will be coming out with updates in the near...

8.8CVSS6.9AI score0.01087EPSS
Exploits0
NCSC
NCSC
•added 2020/12/08 12:0 a.m.•28 views

Vulnerabilities fixed in GitLab

Multiple vulnerabilities have been identified in GitLab; an remote attacker could exploit some of these vulnerabilities exploit them to enable cross-site scripting, denial of service condition trigger and release sensitive information about the targeted system. disclosure. The developers have...

6.5CVSS6.7AI score0.01244EPSS
Exploits0
NCSC
NCSC
•added 2020/08/11 12:0 a.m.•28 views

Vulnerabilities fixed in SAP Netweaver

SAP has fixed several vulnerabilities in SAP Netweaver. These vulnerabilities allow malicious actors to remotely bypass authentication, execute arbitrary code, conduct a cross-site scripting attack, upload files and view sensitive information. SAP has released updates to address these...

9CVSS7AI score0.018EPSS
Exploits0
NCSC
NCSC
•added 2026/05/13 7:14 a.m.•27 views

Vulnerabilities in Microsoft Edge (Chromium)

Microsoft has identified a number of vulnerabilities in the Edge browser Chromium. These vulnerabilities are located in the code base of Chrome and were previously disclosed by Google. Microsoft incorporates these vulnerabilities into the Edge browser and distributes the updates automatically...

9.6CVSS6AI score0.01135EPSS
Exploits0
NCSC
NCSC
•added 2024/02/22 12:0 a.m.•27 views

Vulnerabilities fixed in GitLab Enterprise Edition and Community Edition

GitLab has fixed vulnerabilities in GitLab Enterprise Edition EE and Community Edition CE. A malicious party could exploit vulnerabilities to launch attacks that can result in the following categories of damage: Cross-Site Scripting XSS. Denial-of-Service DoS. Manipulation of data Circumvention o...

8.7CVSS6.5AI score0.51467EPSS
Exploits0
NCSC
NCSC
•added 2023/03/15 12:0 a.m.•27 views

Vulnerabilities fixed in Microsoft Dynamics

Microsoft has fixed vulnerabilities in the Dynamics 365 platform. An authenticated malicious party can exploit the vulnerabilities exploit them to perform a cross-site scripting attack and thus impersonate another user and gain access to their data. Microsoft Dynamics:...

6.5CVSS5.8AI score0.01461EPSS
Exploits2
NCSC
NCSC
•added 2021/05/12 12:0 a.m.•27 views

BlackBerry UEM

Vulnerabilities have been fixed in BlackBerry UEM. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Remote code execution User Rights Access to system data BlackBerry categorizes these...

7.3CVSS7.5AI score0.00964EPSS
Exploits0
NCSC
NCSC
•added 2021/01/15 12:0 a.m.•27 views

Vulnerabilities fixed in openSUSE kernel

Vulnerabilities have been fixed in openSUSE. The vulnerabilities allow a malicious person to launch attacks that lead to the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution User Rights Access to sensitive data Increased user rights -= openSUSE =- T...

9.8CVSS6.9AI score0.06563EPSS
Exploits9
NCSC
NCSC
•added 2020/11/03 12:0 a.m.•27 views

Multiple vulnerabilities fixed in NetApp products

NetApp developers have fixed several vulnerabilities that could lead to a denial-of-service DoS attack and the obtaining sensitive information. NetApp developers have released updates to fix the vulnerabilities. More information can be found on the pages below:...

9CVSS7.8AI score0.1786EPSS
Exploits2
Total number of security vulnerabilities4189