Lucene search
K
NcscMost viewed

4190 matches found

NCSC
NCSC
•added 2020/08/13 12:0 a.m.•3 views

Vulnerability fixed in Red Hat OpenShift Container Platform

A vulnerability has been fixed in Red Hat OpenShift Container Platform. The vulnerability allows a malicious party to cause a Denial-of-Service by offering specially prepared ed25519 SSH keys. Red Hat has made updates available for Red Hat OpenShift Container Platform . You can install these...

7.5CVSS6.7AI score0.21052EPSS
Exploits6
NCSC
NCSC
•added 2020/08/13 12:0 a.m.•3 views

Vulnerability fixed in IBM WebSphere Application Server

A vulnerability has been fixed in IBM WebSphere Application Server. The vulnerability allows an unauthenticated malicious person remotely capable of executing arbitrary code on the system. IBM indicates that to exploit this vulnerability, an undocumented change must be made by the administrator o...

10CVSS7.4AI score0.08465EPSS
Exploits0
NCSC
NCSC
•added 2020/08/10 12:0 a.m.•3 views

Vulnerability fixed in Avaya IP Office Manager

A vulnerability has been fixed in Avaya IP Office Manager. The vulnerability allows an unauthenticated malicious person with access to the network to obtain sensitive data. Avaya has released updates to fix the vulnerability. More information can be found on the page below:...

7.5CVSS6.5AI score0.01195EPSS
Exploits0
NCSC
NCSC
•added 2020/08/10 12:0 a.m.•3 views

Vulnerability fixed in PostgreSQL jdbc driver

A vulnerability has been fixed in the PostgreSQL jdbc driver for Java. The so-called XML external-entity vulnerability XXE allows a locally authenticated malicious person to execute arbitrary code execute arbitrary code under database privileges. -= Red Hat =- Red Hat has made updates available f...

7.7CVSS7.5AI score0.04094EPSS
Exploits0
NCSC
NCSC
•added 2020/07/28 12:0 a.m.•3 views

Vulnerabilities fixed in Google Chrome

Google has fixed several vulnerabilities in Chrome. Little little substantive information made publicly available. It is possible that a malicious party could exploit the vulnerabilities to execute arbitrary code with user privileges or for causing a denial-of-service on the Web browser. Google h...

8.8CVSS7.3AI score0.22868EPSS
Exploits0
NCSC
NCSC
•added 2020/07/21 12:0 a.m.•3 views

Vulnerabilities fixed in ClamAV

Vulnerabilities have been fixed in ClamAV. The vulnerabilities allow a malicious person to cause a denial-of-service cause. ClamAV has released updates to fix the vulnerabilities. More information can be found on the pages below: https://blog.clamav.net/2020/07...

7.5CVSS6.6AI score0.05063EPSS
Exploits0
NCSC
NCSC
•added 2020/06/29 12:0 a.m.•3 views

Vulnerability fixed in Squid

A vulnerability has been fixed in Squid. The vulnerability allows a malicious party to bypass a security measure. Incomplete input validation makes it possible for a malicious person to possible to perform a Request Smuggling or Poisoning attack on the HTTP cache execute. The vulnerability with...

9.9CVSS6.6AI score0.05706EPSS
Exploits0
NCSC
NCSC
•added 2020/06/24 12:0 a.m.•3 views

Vulnerability fixed in ntpd

A vulnerability has been fixed in the ntp client daemon. The vulnerability allows an unauthenticated remote malicious person able to perform a denial-of-service attack. The developers of ntpd have released updates to fix the vulnerability. More information can be found on the pages below:...

7.5CVSS6.8AI score0.04071EPSS
Exploits0
NCSC
NCSC
•added 2020/05/19 12:0 a.m.•3 views

Vulnerabilities fixed in DPDK

Vulnerabilities have been fixed in the Dataplane Development Kit DPDK. The vulnerabilities allow a local malicious party to cause a denial-of-service, possibly resulting in the execution of arbitrary code under user privileges as a result. DPDK is a technology that handles the transport of data...

7.7CVSS6.9AI score0.02213EPSS
Exploits0
NCSC
NCSC
•added 2020/04/29 12:0 a.m.•3 views

Vulnerabilities fixed in Samba

Vulnerabilities have been fixed in Samba. A malicious party can exploit the exploit the vulnerabilities to cause a denial-of-service or to execute arbitrary code with the permissions of the user under which the Samba server is running. More information about the vulnerabilities can be found on th...

7.5CVSS7.8AI score0.03455EPSS
Exploits0
NCSC
NCSC
•added 2020/04/28 12:0 a.m.•3 views

Vulnerability fixed in Mailman

A vulnerability has been fixed in Debian for Mailman. The vulnerability allows a remote malicious person to perform a Cross-Site Scripting XSS attack. Such an attack can result in the execution of arbitrary script code in the browser used to visit the application. -= Debian =- Debian has made...

6.1CVSS6.5AI score0.02288EPSS
Exploits0
NCSC
NCSC
•added 2020/04/23 12:0 a.m.•3 views

Vulnerability fixed in Linux kernel

SUSE has fixed a vulnerability in SUSE Kernel. The vulnerability causes in certain cases IPv6 traffic to be is not encrypted over an IPsec tunnel. A malicious party could potentially be able to retrieve sensitive data as a result. -= SUSE =- SUSE has made updates available to fix the vulnerabilit...

7.5CVSS8.5AI score0.0124EPSS
Exploits0
NCSC
NCSC
•added 2020/04/23 12:0 a.m.•3 views

Vulnerabilities fixed in binutils

Vulnerabilities have been fixed in binutils. The vulnerabilities allow a malicious person to carry out attacks that lead to the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution User rights Access to system data Ubuntu classifies all vulnerabilities...

9.8CVSS7.6AI score0.0669EPSS
Exploits35
NCSC
NCSC
•added 2020/04/20 12:0 a.m.•3 views

Vulnerability fixed in Libssh

Fedora has fixed a vulnerability in Libssh. The vulnerability allows a remote malicious party to perform a Denial-of-Service DoS exploit. -= Fedora =- Fedora has made updates available for Fedora 31. You can install these updates by using the command 'dnf' or 'yum'. More information about these...

5.3CVSS7.1AI score0.03065EPSS
Exploits0
NCSC
NCSC
•added 2020/03/20 12:0 a.m.•3 views

Vulnerability fixed in Ruby JSON gem

A vulnerability has been fixed in the JSON gem that is provided by default included in the Ruby installation. The vulnerability allows a malicious party to perform attacks that can lead to the following categories of damage: Manipulation of data. Remote code execution User rights Ruby has release...

7.5CVSS7.7AI score0.13911EPSS
Exploits0
NCSC
NCSC
•added 2020/02/11 12:0 a.m.•3 views

Vulnerabilities in Qt 5 libraries

Vulnerabilities have been fixed in the Qt 5 software library. The vulnerabilities allow a locally authenticated malicious agent to able to establish a denial-of-service and execute arbitrary code execute arbitrary code under user privileges. -= Ubuntu =- Canonical has made updates available for...

7.3CVSS7.6AI score0.0205EPSS
Exploits2
NCSC
NCSC
•added 2020/01/23 12:0 a.m.•3 views

Vulnerabilities fixed in Samba

Samba's developers have fixed three vulnerabilities. The vulnerabilities allow a malicious party to access gain access to system data, potentially gain elevated privileges or cause a denial-of-service. Samba has released updates to fix the vulnerabilities in Samba server v4.0 and 4.9. For more...

6.5CVSS7AI score0.03151EPSS
Exploits0
NCSC
NCSC
•added 2019/12/11 12:0 a.m.•3 views

Vulnerability fixed in libssh

A vulnerability has been fixed in libssh. The vulnerability allows a remote malicious person to execute arbitrary code execute arbitrary code under the user's privileges. libssh has made updates available to fix the vulnerability. fix. More information can be found on the page below:...

9.3CVSS7.6AI score0.0316EPSS
Exploits0
NCSC
NCSC
•added 2019/12/09 12:0 a.m.•3 views

Vulnerability fixed in Grafana

Grafana Labs has fixed a vulnerability in Grafana. The vulnerability allows an unauthenticated remote malicious person capable of causing a denial-of-service. The vulnerability is located in the HTTP API. Grafana Labs has made updates available to fix the vulnerability fix. More information can b...

7.5CVSS7.7AI score0.63388EPSS
Exploits1
NCSC
NCSC
•added 2019/11/11 12:0 a.m.•3 views

Vulnerability fixed in libSSH2

A vulnerability has been fixed in libSSH2. The vulnerability can lead to the release of sensitive information or a denial-of-service. -= SUSE =- SUSE has made updates available to fix the vulnerability fix in SUSE 12. You can install these custom packages using 'YaST'. You can also download the...

8.1CVSS6.7AI score0.03793EPSS
Exploits1
NCSC
NCSC
•added 2024/04/17 12:0 a.m.•2 views

Vulnerabilities fixed in IBM Websphere Application Server

Vulnerabilities have been fixed in IBM WebSphere Application Server and IBM WebSphere Application Server Liberty.The vulnerabilities allow a malicious party to launch attacks that lead to the following categories of damage: Server Side Request Forgery SSRF. Access to sensitive data IBM has releas...

7CVSS8AI score0.00649EPSS
Exploits0
NCSC
NCSC
•added 2024/03/05 12:0 a.m.•2 views

Vulnerability fixed in Mozilla Thunderbird

Mozilla has fixed a vulnerability in Thunderbird. Due to an flaw in the processing of email messages in the local cache, the encrypted data, such as the subject line, from email messages could be included in other email messages. When the user replies to such such an infected email message, for...

7.5CVSS6.3AI score0.00682EPSS
Exploits1
NCSC
NCSC
•added 2024/01/25 12:0 a.m.•2 views

Vulnerabilities fixed in Mozilla Firefox and Thunderbird

Mozilla has fixed vulnerabilities in Firefox, Firefox ESR and Thunderbird. A malicious party could exploit the vulnerabilities to perform attacks that can lead to the following categories of damage: Denial-of-Service DoS Circumvention of security measure Remote code execution User rights Spoofing...

8.8CVSS7.5AI score0.02155EPSS
Exploits0
NCSC
NCSC
•added 2024/01/16 12:0 a.m.•2 views

Vulnerabilities fixed in Citrix Netscaler ADC and Netscaler Gateway

Citrix has fixed vulnerabilities in Netscaler ADC and Netscaler Gateway. A malicious party could exploit the vulnerabilities to cause a denial-of-service, or to execute arbitrary code execute arbitrary code on the vulnerable system. The vulnerability with attribute CVE-2023-6548 is located in the...

8.8CVSS7.9AI score0.57633EPSS
Exploits0
NCSC
NCSC
•added 2024/01/11 12:0 a.m.•2 views

Vulnerabilities fixed in Cacti

The developers of Cacti have fixed several vulnerabilities in Cacti. A malicious party can exploit the vulnerabilities to execute attacks that can result in the following categories of damage: SQL Injection Cross-Site Scripting XSS Remote code execution User rights Remote code execution...

8.8CVSS7.7AI score0.84628EPSS
Exploits9
NCSC
NCSC
•added 2023/12/29 12:0 a.m.•2 views

Vulnerability fixed in ProFTPd

A vulnerability has been fixed in ProFTPd. The vulnerability allows an authenticated remote malicious person to perform a denial-of-service DoS via a specially prepared command to cause a denial-of-service DoS cause. The developers of ProFTP have released updates to fix the vulnerability. For mor...

7.5CVSS8.9AI score0.04249EPSS
Exploits1
NCSC
NCSC
•added 2023/12/19 12:0 a.m.•2 views

Vulnerability fixed in OpenSSH

A vulnerability has been fixed in OpenSSH. A malicious party could potentially use a Man-in-the-Middle attack to weaken the connection between a client and server and thus gain access to the data transmitted over this connection. This Man-in-the-Middle attack has been given the name "Terrapin...

6.8CVSS6.6AI score0.9378EPSS
Exploits4
NCSC
NCSC
•added 2023/11/23 12:0 a.m.•2 views

Vulnerabilities fixed in Foxit PDF Reader and PDF Editor

Foxit has fixed vulnerabilities in PDF Reader and PDF Editor formerly PhantomPDF. A malicious party could exploit them to cause a denial-of-service, execute arbitrary execute arbitrary code with the victim's privileges or to access gain access to sensitive data in the victim's context. Successful...

8.8CVSS7.7AI score0.02673EPSS
Exploits4
NCSC
NCSC
•added 2023/11/16 12:0 a.m.•2 views

Vulnerabilities fixed in GIMP

Vulnerabilities have been fixed in GIMP. A malicious person could vulnerabilities to execute arbitrary code with victim's privileges, potentially gaining access to sensitive data. Successful exploitation requires the malicious party to trick the victim into opening a rogue file. The developers of...

7.8CVSS7.8AI score0.93639EPSS
Exploits0
NCSC
NCSC
•added 2023/11/10 12:0 a.m.•2 views

Vulnerabilities fixed in PostgreSQL

Vulnerabilities have been fixed in PostgreSQL. A malicious person could exploit the vulnerabilities to gain access to system data, cause a denial-of-service, or to execute arbitrary code with application privileges. The vulnerabilities have also been fixed in PostgreSQL 11 11.22. This are, howeve...

8.8CVSS9.6AI score0.04322EPSS
Exploits0
NCSC
NCSC
•added 2023/11/02 12:0 a.m.•2 views

Vulnerabilities fixed in Google Chrome

Google has fixed vulnerabilities in Chrome. A malicious person can exploit the vulnerabilities to carry out attacks that can lead to the following categories of damage: Denial-of-Service DoS Circumvention of security measure Remote code execution User rights Access to sensitive data Successful...

8.8CVSS7.6AI score0.07094EPSS
Exploits0
NCSC
NCSC
•added 2023/10/26 12:0 a.m.•2 views

Vulnerabilities fixed in Mozilla Firefox and Thunderbird

Mozilla has fixed vulnerabilities in Firefox and Thunderbird. A malicious party can exploit the vulnerabilities to launch attacks execute attacks that can lead to the following categories of damage: Denial-of-Service DoS. Circumvention of security measure. Remote code execution User rights Spoofi...

9.8CVSS9.3AI score0.01585EPSS
Exploits0
NCSC
NCSC
•added 2023/10/20 12:0 a.m.•2 views

Vulnerabilities in Best Practical RT fixed

Vulnerabilities have been fixed in Best Practical Request Tracker RT. The vulnerabilities allow an unauthenticated malicious person able to impersonate an RT user and to download specific email attachments to download. Best Practical has released updates to fix the vulnerabilities fixes in RT. Fo...

7.5CVSS7.2AI score0.00717EPSS
Exploits0
NCSC
NCSC
•added 2023/10/19 12:0 a.m.•2 views

Vulnerabilities fixed in Apache HTTP Server

Apache has fixed vulnerabilities in Apache HTTP Server. The vulnerabilities potentially allow a malicious party to launch an attack that could result in a denial-of-service DoS attack. Apache has released updates to fix the vulnerabilities in Apache HTTP Server 2.4.x. For more information, see:...

7.5CVSS8.6AI score0.70595EPSS
Exploits1
NCSC
NCSC
•added 2023/10/19 12:0 a.m.•2 views

Vulnerabilities fixed in Oracle Siebel CRM

Vulnerabilities have been fixed in Oracle Siebel CRM. A malicious party can exploit the vulnerabilities to launch attacks execute attacks that can result in the following categories of damage: Denial-of-Service DoS. Access to sensitive data...

7.5CVSS6.6AI score0.01858EPSS
Exploits1
NCSC
NCSC
•added 2023/10/09 12:0 a.m.•2 views

Vulnerabilities fixed in IBM DB2

IBM has fixed vulnerabilities in DB2. A malicious party can exploit the exploit the vulnerabilities to execute arbitrary code with application privileges, perform a denial-of-service DoS or to gain access to sensitive data. IBM has released updates to fix the vulnerabilities in DB2. For more...

9.8CVSS8.1AI score0.00984EPSS
Exploits0
NCSC
NCSC
•added 2023/09/22 12:0 a.m.•2 views

Vulnerabilities fixed in Apple macOS

Apple has fixed vulnerabilities in macOS. A malicious party could exploit the vulnerabilities to circumvent a security measure circumvention or to grant himself elevated privileges and possibly execute code execute code with higher privileges than the user. Successful exploitation requires the...

7.8CVSS7.3AI score0.04547EPSS
Exploits0
NCSC
NCSC
•added 2023/09/14 12:0 a.m.•2 views

Vulnerability fixed in Adobe Acrobat and Acrobat Reader

Adobe has fixed a vulnerability in Acrobat and Acrobat Reader. A malicious party could exploit the vulnerability to execute arbitrary code with user privileges. It is possible that by executing code, access can be gained to sensitive data in the victim's context. Successful exploitation requires...

7.8CVSS7.2AI score0.07036EPSS
Exploits0
NCSC
NCSC
•added 2023/09/14 12:0 a.m.•2 views

Vulnerabilities fixed in Google Chrome

Google has fixed vulnerabilities in Chrome. A malicious person can exploit the vulnerabilities to circumvent security measures bypass security measures, execute arbitrary code in the context of the browser, or to gain access to sensitive data in the context of the browser. Google reports having...

8.8CVSS7.6AI score0.99735EPSS
Exploits9
NCSC
NCSC
•added 2023/09/12 12:0 a.m.•2 views

Zeroday vulnerability fixed in Google Chrome

Google has fixed a Zeroday vulnerability in Chrome. A malicious party can exploit the vulnerability to execute arbitrary code execute arbitrary code on the underlying operating system with permissions from the victim. If the victim's privileges are high enough are high enough, this allows the...

8.8CVSS7.7AI score0.99735EPSS
Exploits9
NCSC
NCSC
•added 2023/09/07 12:0 a.m.•2 views

Vulnerabilities fixed in Cacti

The developers of Cacti have fixed vulnerabilities in several modules of Cacti. A malicious person could exploit them to carry out attacks that can lead to the following categories of damage: Cross-Site Scripting XSS. Remote code execution Administrator/Root rights Remote code execution User righ...

9.8CVSS7.6AI score0.87575EPSS
Exploits23
NCSC
NCSC
•added 2023/08/31 12:0 a.m.•2 views

Vulnerabilities fixed in Mozilla firefox and Thunderbird

Mozilla has fixed vulnerabilities in Firefox, Firefox ESR and Thunderbird. A malicious party could exploit the vulnerabilities to perform attacks that can lead to the following categories of damage: Denial-of-Service DoS Circumvention of security measure Remote code execution User rights Spoofing...

8.8CVSS7.4AI score0.00756EPSS
Exploits0
NCSC
NCSC
•added 2023/08/09 12:0 a.m.•2 views

Vulnerability fixed in Intel processors

A vulnerability has been fixed in the microcode of several Intel processors1. The vulnerability has been named "Downfall" and allows a local, authenticated malicious person to manipulate the operation of memory optimization. This allows the malicious party to gain access to memory locations...

6.5CVSS6.4AI score0.03882EPSS
Exploits1
NCSC
NCSC
•added 2023/08/09 12:0 a.m.•2 views

Vulnerability fixed in AMD processors

A vulnerability has been fixed in the microcode of AMD processors. The vulnerability has been named "Inception" and enables a local, authenticated malicious person to manipulate the operation of the Predictive Algorithms, which could circumvent measures in place to prevent unauthorized instructio...

4.7CVSS6.7AI score0.0616EPSS
Exploits1
NCSC
NCSC
•added 2023/08/04 12:0 a.m.•2 views

Vulnerabilities fixed in Google Chrome

Google has fixed vulnerabilities in Chrome. A malicious person can exploit the vulnerabilities to carry out attacks that can lead to the following categories of damage: Denial-of-Service DoS Circumvention of security measure Remote code execution User rights Access to sensitive data Successful...

8.8CVSS7.6AI score0.24116EPSS
Exploits0
NCSC
NCSC
•added 2023/08/03 12:0 a.m.•2 views

Vulnerabilities fixed in Mozilla Firefox and Thunderbird

Mozilla has fixed vulnerabilities in Firefox and Thunderbird. A malicious party can exploit the vulnerabilities to launch attacks execute attacks that can lead to the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Circumvention of security measure Remote code...

9.8CVSS8.6AI score0.13694EPSS
Exploits1
NCSC
NCSC
•added 2023/07/27 12:0 a.m.•2 views

Vulnerabilities fixed in Paessler PRTG

Paessler has fixed vulnerabilities in PRTG Network Monitoring. An authenticated malicious party could exploit the vulnerabilities to bypass a security measure, or perform a Cross-Site-Request-Forgery CSRF, and thereby potentially execute arbitrary execute arbitrary code and gain access to sensiti...

7.6AI score
Exploits0
NCSC
NCSC
•added 2023/07/19 12:0 a.m.•2 views

Vulnerabilities fixed in Google Chrome

Google has fixed vulnerabilities in Chrome. A malicious person could exploit the vulnerabilities to circumvent a security measure circumvention, execute code with user privileges or access gain access to sensitive data in the context of the browser. To do this, the malicious party must trick the...

8.8CVSS7.3AI score0.01002EPSS
Exploits9
NCSC
NCSC
•added 2023/07/17 12:0 a.m.•2 views

Vulnerability fixed in Adobe ColdFusion

Adobe has fixed a vulnerability in ColdFusion. A malicious party can exploit the vulnerability to execute arbitrary code execute arbitrary code with permissions from the application using ColdFusion. Due to the nature of such applications, it cannot be be ruled out that this would allow the...

9.8CVSS7.9AI score0.97003EPSS
Exploits0
NCSC
NCSC
•added 2023/07/13 12:0 a.m.•2 views

Vulnerability fixed in Asterisk

Asterisk developers have fixed a vulnerability in Asterisk VOIP. An unauthenticated malicious person could exploit the exploit the vulnerability to cause a denial-of-service. Asterisk has released updates to fix the vulnerability in all supported versions of Asterisk. For more information, see:...

9.8CVSS6.8AI score0.01026EPSS
Exploits0
Total number of security vulnerabilities4190