4190 matches found
Vulnerabilities fixed in Google Chrome
Vulnerabilities have been fixed in Google Chrome. The vulnerabilities potentially allow a remote malicious person to execute arbitrary code to execute under the application's permissions. Google typically does not release details about the vulnerabilities but marks the vulnerability with attribut...
Vulnerability fixed in ClamAV
A vulnerability has been fixed in ClamAV. A malicious party could potentially exploit the vulnerability to cause a denial-of-service cause by having a rogue file opened by the parser in the application. The clamscan --gen-json function must be enabled. -= ClamAV =- Cisco has released updates to f...
Vulnerability fixed in Oracle Health Sciences Applications
Oracle has fixed a vulnerability in the following products: Thesaurus Management System Clinical Health Sciences Clinical Development Analytics Argus Safety Argus Insight Argus Analytics Health Sciences InForm CRF Submit Argus Mart ------------------.------.------------------------------------- |...
Vulnerabilities fixed in WordPress
WordPress developers have fixed several vulnerabilities fixed. A remote malicious party could remotely exploit these vulnerabilities potentially exploit them to perform a Cross-Site Scripting XSS attack and perform SQL Injection. WordPress developers have released updates to fix the...
Vulnerability fixed in Atlassian Jira
A vulnerability has been fixed in Atlassian Jira Server and Jira Data Center. A malicious party could exploit the vulnerability to performing a Cross-Site Scripting XSS attack. A such attack can result in the execution of arbitrary script code in the browser used to visit the application. To do...
Vulnerabilities fixed in X.Org X Server
Vulnerabilities have been fixed in X.Org X Server. A local malicious party could potentially exploit the vulnerabilities to cause a denial-of-service, execute arbitrary code or obtain elevated privileges. When using X Forwarding over SSH, the vulnerabilities may also be remotely exploitable. -=...
Vulnerabilities fixed in Google Chrome
Vulnerabilities have been fixed in Google Chrome. The vulnerabilities potentially allow a malicious person to execute arbitrary code execute under the user's privileges. Google has made few substantive details available about these vulnerabilities. Google has indicated that for the vulnerability...
Vulnerabilities fixed in IBM DB2
Vulnerabilities have been fixed in IBM DB2. The vulnerabilities allow a malicious person to perform attacks that lead to the following categories of damage: Denial-of-Service DoS Manipulation of data Access to sensitive data Increased user privileges IBM has released updates to fix the...
Vulnerability fixed in Huawei CloudEngine
Huawei has fixed a vulnerability in their CloudEngine series of switches. An unauthenticated malicious person on the same network can exploit the vulnerability to cause a denial-of-service cause. Huawei has released updates to fix the vulnerability in CloudEngine. For more information, see:...
Vulnerability fixed in Zoho ManageEngine Desktop Central
Zoho has fixed a vulnerability in ManageEngine Desktop Central. Desktop Central is a solution used by administrators to remotely manage devices within an organization. manage. The vulnerability makes it possible for a malicious person to bypass authentication and execute arbitrary code. It is goo...
Vulnerability fixed in Zoho ManageEngine ADSelfService Plus
Zoho ManageEngine has fixed a vulnerability in ADSelfService Plus. ADSelfService Plus is a self-service password management and single-sign-on solution. The vulnerability allows a malicious remote user the ability to execute arbitrary code. The FBI, CISA and CGCYBER, have issued a joint security...
Vulnerabilities fixed in IBM Integration Bus
IBM has fixed vulnerabilities in Integration Bus. The vulnerabilities potentially allow a malicious person to launch attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Remote code execution User Rights IBM has released updates to fix the...
Vulnerabilities fixed in Drupal
Drupal developers have fixed two vulnerabilities in Drupal core. The vulnerabilities are in CKEditor, a library used by Drupal to provide the WYSIWYG editor. An unauthenticated malicious person can exploit the exploit the vulnerabilities to perform a Cross-Site Scripting XSS attack. Such an attac...
Vulnerabilities fixed in Google Chrome
Google has fixed vulnerabilities in Google Chrome. The vulnerabilities potentially allow a malicious person to launch attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Circumvention of security measure Remote code execution User rights Google has mad...
Vulnerability Fixed in Intel Processors
Intel has fixed a vulnerability in processors from the Pentium, Celeron and Atom families. A malicious person with physical access to the system could exploit the vulnerability to gain access under elevated privileges to gain access to potentially sensitive data and to execute arbitrary code. The...
Vulnerabilities fixed in GNU Mailman
The developers of GNU Mailman have fixed two vulnerabilities fixed in GNU Mailman. The vulnerabilities could be exploited by a malicious person to gain access to the administrator password, or to use a cross-site scripting attack to execute code in the scope of the affected browser. To gain acces...
Vulnerability fixed in Draytek VigorConnect
Draytek has fixed a vulnerability in VigorConnect, the management software for Draytek networking equipment. A unauthenticated malicious person could exploit the vulnerability to download arbitrary files from the vulnerable system and thus gather information about the underlying system. The...
Vulnerability fixed in Microsoft Dynamics
Microsoft has fixed a vulnerability in Microsoft Dynamics. The vulnerability allows a malicious person to execute arbitrary execute arbitrary code under the application's permissions. The following table summarizes the vulnerability. |----------------|------|-------------------------------------|...
Vulnerability fixed in systemd
A vulnerability has been fixed in systemd. The vulnerability allows a malicious party the opportunity to cause a denial-of-service cause. -= SUSE =- SUSE has made updates available to fix the vulnerability fix in SUSE 12. You can install these custom packages using 'YaST'. You can also download t...
Vulnerabilities hide in Java
Vulnerabilities have been fixed in Java. The vulnerabilities allow a malicious person to perform attacks that result in the following categories of damage: Denial-of-Service DoS Circumvention of security measure Remote code execution User rights Access to sensitive data Access to system data -=...
Vulnerabilities fixed in Fedora kernel
Vulnerabilities have been fixed in Fedora kernel. The vulnerabilities allow a malicious person to cause a denial-of-service cause. -= Fedora =- Fedora has made updates available for Fedora 34 and 35. You can install these updates using the command 'dnf' or 'yum'. More information about these...
Vulnerability fixed in Cisco AnyConnect Secure Mobility Client
A vulnerability has been fixed in Cisco AnyConnect Secure Mobility Client. The vulnerability allows a locally authenticated malicious party to obtain elevated privileges. Cisco has released updates to fix the vulnerabilities. More information can be found on the page below:...
Vulnerability fixed in php
A vulnerability has been fixed in php. The vulnerability allows a local malicious party to obtain elevated privileges. PHP developers have released updates to fix the vulnerability. More information can be found at the page below: https://www.php.net/ChangeLog-8.php8.0.12 -= Fedora =- Fedora has...
Vulnerability fixed in Red Hat flatpak
Red Hat has fixed a vulnerability in flatpak. The vulnerability allows a malicious person to escape from the flatpak sandbox to escape. -= Red Hat =- Red Hat has made updates available for Red Hat Enterprise Linux 8. You can install these updates using the command 'yum'. More information about...
Vulnerability fixed in Linux kernel
A vulnerability has been fixed in Linux kernel. The vulnerability allows a remote malicious person to obtain system data obtain. Updates have been released to fix the vulnerability. More information can be found on the page below: https://github.com/torvalds/linux/commit...
Vulnerability fixed in HPE Proliant
Vulnerabilities have been fixed in several HPE Proliant systems. The vulnerabilities allow a malicious party to execute attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Access to sensitive data HPE has released updates to fix the vulnerability...
Vulnerability fixed in Atlassian Jira
Atlassian has fixed a vulnerability in Jira. The vulnerability allows an authenticated remote malicious person to opportunity to bypass a security measure. Atlassian categorizes this vulnerability according to the CVSSv3 method with a score of 4.3. Atlassian has released updates to address the...
Vulnerabilities fixed in Google Chrome
Google has fixed vulnerabilities in Google Chrome. A unauthenticated remote malicious person could exploit the vulnerabilities potentially exploit the vulnerabilities to cause a denial-of-service or execute arbitrary code with the application's permissions. Google has not published substantive...
Vulnerability fixed in BIND
ISC has fixed a vulnerability in BIND. A unauthenticated remote malicious person could exploit it to significantly affect the performance of a BIND DNS server. impact. Abuse results in it taking longer before a client receives a response from the DNS server and also increases additionally increas...
Vulnerability fixed in Adobe Lightroom
Adobe has fixed a vulnerability in Adobe Lightroom. A malicious person with access to the file system could exploit the exploit the vulnerability to obtain elevated privileges. To do so, the malicious party must entice a user with elevated privileges coax a rogue file to open. Adobe did not relea...
Vulnerability fixed in Apple iOS and iPadOS
Apple has fixed a vulnerability in iOS and iPadOS. A malicious party can exploit the vulnerability to execute arbitrary code execute arbitrary code with kernel privileges and thus access gain access to sensitive information or possibly install more malware install. Apple reports receiving reports...
Vulnerabilities fixed in Google Chrome
Google has released version 94.0.4606.81 of Chrome for Windows, MacoOS and Linux. In this version, four vulnerabilities are fixed. A malicious party could potentially exploit them to cause a denial-of-service, or to executing arbitrary code in the context of the browser. Google has released updat...
Vulnerability fixed in Cisco Email Security Appliance
Cisco has fixed a vulnerability in the Email Security Appliance. An unauthenticated malicious person could exploit the vulnerability to use a specially prepared URL to still bypass the URL Reputation filters and, in effect, the entire filtering system. The integrity or continuity of the Appliance...
Vulnerabilities fixed in Google Chrome
Vulnerabilities have been fixed in Google Chrome. The vulnerabilities potentially allow a malicious person to execute arbitrary code under application privileges to execute arbitrary code, cause a denial-of-service and to gain access to sensitive data. Google indicates that for the vulnerabilitie...
Vulnerabilities fixed in MediaWiki
Vulnerabilities have been fixed in MediaWiki. The vulnerabilities allow a malicious person to launch attacks that lead to the following categories of damage: Cross-Site Scripting XSS. Circumvention of security measure Accessing system data MediaWiki has released updates to address the...
Vulnerabilities fixed in Ubuntu
Vulnerabilities have been fixed in Ubuntu. The vulnerabilities allow a malicious person to carry out attacks that lead to the following categories of damage: Denial-of-Service DoS Circumvention of security measure Accessing sensitive data Increased user privileges -= Ubuntu =- Canonical has made...
Vulnerability fixed in Chromium-based browsers
A vulnerability has been fixed in Google Chrome. The vulnerability potentially allows a remote malicious person to execute arbitrary code to execute under the user's privileges. Google has disclosed little information about the vulnerability. The vulnerability is in the "Portals" component, which...
Vulnerabilities fixed in Apple macOS & iOS
Vulnerabilities have been fixed in macOS Catalina. The vulnerability with reference CVE-2021-30869 allows a malicious person to execute execute arbitrary code with root privileges. The malicious person must install a rogue application to exploit the vulnerability. exploit. Apple indicates that...
Vulnerabilities fixed in sqlite3
Vulnerabilities have been fixed in sqlite. The vulnerabilities allow a malicious person to perform attacks that lead to the following categories of damage: Denial-of-Service DoS Remote code execution User Rights Access to sensitive data -= SUSE =- SUSE has made updates available to address the...
Vulnerability fixed in LibTIFF
A vulnerability has been fixed in LibTIFF. The vulnerability allows a remote malicious party the ability to cause a denial-of-service to cause a denial-of-service, possibly resulting in the execution of arbitrary code. result. The developers of LibTIFF have made available a new version made...
Vulnerability found in Apple macOS
A researcher has found a vulnerability in Apple MacOS. The vulnerability allows a remote malicious person to execute arbitrary code under the user's privileges. The malicious party must induce the victim to open a rogue file to open. The researcher who found the vulnerability indicates that Apple...
Vulnerabilities fixed in Oracle MySQL
Vulnerabilities have been fixed in MySQL. The vulnerabilities allow a malicious person to perform attacks that result in the following categories of damage: Denial-of-Service DoS SQL Injection Access to sensitive data Access to system data Increased user privileges MySQL categorizes these...
Vulnerabilities fixed in Kubernetes
Vulnerabilities have been found and fixed in Kubernetes. The vulnerabilities allow a malicious party to circumvent a security measure to bypass and to obtain system data obtain. Kubernetes has released updates to fix a vulnerability fix and to mitigate a vulnerability. More information can you ca...
Vulnerabilities fixed in curl
Vulnerabilities have been fixed in curl. The vulnerabilities allow a malicious person to perform attacks that lead to the following categories of damage: Denial-of-Service DoS Circumvention of security measure Accessing sensitive data Updates have been released to fix the vulnerabilities. More...
Vulnerabilities fixed in Apple iOS, iPadOS and macOS
Vulnerabilities have been fixed in iOS, iPadOS and macOS. A malicious party could potentially exploit the vulnerability to execute arbitrary code. To exploit the vulnerabilities a user must open a rogue PDF document or visit Web page visit. Apple indicates that these vulnerabilities may be active...
Vulnerability fixed in Citrix ShareFile Storage Zones
A security issue has been fixed in the Citrix ShareFile storage area controller that, if exploited, would allow an unauthenticated malicious person would be able to remotely compromise the storage zone controller. All currently supported versions of the Citrix ShareFile storage zone controller...
Vulnerabilities fixed in Google Chrome
Vulnerabilities have been fixed in Google Chrome. The vulnerabilities allow a malicious person to launch attacks that lead to the following categories of damage: Denial-of-Service DoS Remote code execution User Rights Access to system data Google, as usual, is releasing few technical details abou...
Vulnerabilities fixed in IBM Connections
Multiple vulnerabilities have been fixed in IBM SDK Java Technology Edition that is used by Content Collector for IBM Connections. IBM has released updates that fix the vulnerability. For more information see: https://www.ibm.com/support/pages/node/6487171...
Vulnerabilities fixed in Mozilla Firefox
Mozilla has fixed vulnerabilities in Firefox and Firefox Extended Support Release ESR. The vulnerabilities allow an unauthenticated remote malicious agent potentially able to perform attacks that result in the following categories of damage: Denial-of-Service DoS Circumvention of security measure...
Vulnerability fixed in libssh
A vulnerability has been fixed in libssh. A malicious party could potentially exploit the vulnerability to cause a denial-of-service cause or execute arbitrary code with the privileges of application that uses libssh. It is good practice to apply the principle of "privilege separation" to this ty...