Lucene search
K
NcscMost viewed

4190 matches found

NCSC
NCSC
added 2023/09/07 12:0 a.m.2 views

Vulnerabilities fixed in Cacti

The developers of Cacti have fixed vulnerabilities in several modules of Cacti. A malicious person could exploit them to carry out attacks that can lead to the following categories of damage: Cross-Site Scripting XSS. Remote code execution Administrator/Root rights Remote code execution User righ...

9.8CVSS7.6AI score0.87575EPSS
Exploits23
NCSC
NCSC
added 2023/08/31 12:0 a.m.2 views

Vulnerabilities fixed in Mozilla firefox and Thunderbird

Mozilla has fixed vulnerabilities in Firefox, Firefox ESR and Thunderbird. A malicious party could exploit the vulnerabilities to perform attacks that can lead to the following categories of damage: Denial-of-Service DoS Circumvention of security measure Remote code execution User rights Spoofing...

8.8CVSS7.4AI score0.00756EPSS
Exploits0
NCSC
NCSC
added 2023/08/09 12:0 a.m.2 views

Vulnerability fixed in Intel processors

A vulnerability has been fixed in the microcode of several Intel processors1. The vulnerability has been named "Downfall" and allows a local, authenticated malicious person to manipulate the operation of memory optimization. This allows the malicious party to gain access to memory locations...

6.5CVSS6.4AI score0.03882EPSS
Exploits1
NCSC
NCSC
added 2023/08/04 12:0 a.m.2 views

Vulnerabilities fixed in Google Chrome

Google has fixed vulnerabilities in Chrome. A malicious person can exploit the vulnerabilities to carry out attacks that can lead to the following categories of damage: Denial-of-Service DoS Circumvention of security measure Remote code execution User rights Access to sensitive data Successful...

8.8CVSS7.6AI score0.24116EPSS
Exploits0
NCSC
NCSC
added 2023/08/03 12:0 a.m.2 views

Vulnerabilities fixed in Mozilla Firefox and Thunderbird

Mozilla has fixed vulnerabilities in Firefox and Thunderbird. A malicious party can exploit the vulnerabilities to launch attacks execute attacks that can lead to the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Circumvention of security measure Remote code...

9.8CVSS8.6AI score0.13694EPSS
Exploits1
NCSC
NCSC
added 2023/07/19 12:0 a.m.2 views

Vulnerabilities fixed in Google Chrome

Google has fixed vulnerabilities in Chrome. A malicious person could exploit the vulnerabilities to circumvent a security measure circumvention, execute code with user privileges or access gain access to sensitive data in the context of the browser. To do this, the malicious party must trick the...

8.8CVSS7.3AI score0.01002EPSS
Exploits9
NCSC
NCSC
added 2023/07/13 12:0 a.m.2 views

Vulnerability fixed in Asterisk

Asterisk developers have fixed a vulnerability in Asterisk VOIP. An unauthenticated malicious person could exploit the exploit the vulnerability to cause a denial-of-service. Asterisk has released updates to fix the vulnerability in all supported versions of Asterisk. For more information, see:...

9.8CVSS6.8AI score0.01026EPSS
Exploits0
NCSC
NCSC
added 2023/07/06 12:0 a.m.2 views

Vulnerabilities fixed in Mozilla Firefox and Thunderbird

Mozilla has fixed vulnerabilities in Firefox, Firefox ESR and Thunderbird. A malicious party could exploit the vulnerabilities to perform attacks that can lead to the following categories of damage: Denial-of-Service DoS Data manipulation. Remote code execution User Rights Spoofing This requires...

8.8CVSS7.5AI score0.00755EPSS
Exploits1
NCSC
NCSC
added 2023/06/27 12:0 a.m.2 views

Vulnerabilities fixed in Synology Mail Station

Synology has fixed vulnerabilities in MailStation. A malicious party can exploit the vulnerabilities to use SQL injection to execute arbitrary code, or gain access to sensitive data. No CVE identifiers have been disclosed for the vulnerabilities yet. Synology gives the vulnerabilities the status...

7.4AI score
Exploits0
NCSC
NCSC
added 2023/06/27 12:0 a.m.2 views

Vulnerabilities fixed in Google Chrome

Google has fixed vulnerabilities in Google Chrome. A malicious party can exploit the vulnerabilities to execute arbitrary code execute arbitrary code in the context of the browser, or potentially access gain access to sensitive data in the context of the browser. The malicious party must trick th...

8.8CVSS9.4AI score0.56192EPSS
Exploits0
NCSC
NCSC
added 2023/06/22 12:0 a.m.2 views

Vulnerabilities fixed in Node.js

Vulnerabilities have been fixed in Node.js. A malicious party can exploit the vulnerabilities to launch attacks that can lead to the following categories of damage: Denial-of-Service DoS. Manipulation of data Circumvention of security measure Increased user privileges Node.js has released updates...

7.7CVSS7.7AI score0.03906EPSS
Exploits1
NCSC
NCSC
added 2023/06/06 12:0 a.m.2 views

Vulnerabilities fixed in Google Chrome

Google has fixed two vulnerabilities in Chrome. Of one vulnerability no substantive information or CVE attribute has been disclosed stated. The vulnerability with attribute CVE-2023-3079 allows a malicious person to remotely capable of executing arbitrary code in the scope of the browser,...

8.8CVSS7.3AI score0.32724EPSS
Exploits2
NCSC
NCSC
added 2023/05/25 12:0 a.m.2 views

ZeroDay vulnerability fixed in Barracuda Email Security Gateway

Barracuda Networks has fixed a vulnerability in its Email Security Gateway appliance ESG. The vulnerability allows an unauthenticated malicious person to gain access gain access to the vulnerable system and execute arbitrary code. execute. Barracuda Networks indicates that this vulnerability has...

9.8CVSS7.3AI score0.86956EPSS
Exploits3
NCSC
NCSC
added 2023/05/17 12:0 a.m.2 views

Vulnerabilities fixed in Google Chrome

Google has fixed vulnerabilities in Chrome. A malicious person could exploit the vulnerabilities to cause a denial-of-service cause, execute arbitrary code in the scope of the browser, or to gain access to sensitive data in the scope of the browser. This requires the malicious party to trick the...

8.8CVSS7.8AI score0.29136EPSS
Exploits1
NCSC
NCSC
added 2023/05/11 12:0 a.m.2 views

Vulnerability fixed in IBM Websphere

IBM has fixed a vulnerability in Websphere Application Server. A malicious party could exploit the vulnerability to launch an XML External Entity attack. By serving a rogue XML file, the malicious party can cause a denial-of-service cause, or potentially gain access to sensitive information. IBM...

9.1CVSS6.7AI score0.00859EPSS
Exploits0
NCSC
NCSC
added 2023/05/11 12:0 a.m.2 views

Vulnerability fixed in the Linux Kernel

A vulnerability has been fixed in the linux kernel. The vulnerability is in the netfilter module. This module is used by the kernel to process network traffic, routing and filtering. This module is only in use when the affected system is actually actively manipulating network traffic, because, fo...

7.8CVSS6.8AI score0.12966EPSS
Exploits7
NCSC
NCSC
added 2023/05/09 12:0 a.m.2 views

Vulnerabilities fixed in Mozilla Firefox and Firefox ESR

Mozilla has fixed vulnerabilities in Firefox and Firefox ESR. A malicious party could potentially exploit the vulnerabilities to perform attacks that could lead to the following categories of damage: Denial-of-Service DoS. Circumvention of security measure Remote code execution User rights Spoofi...

9.8CVSS7.5AI score0.00918EPSS
Exploits0
NCSC
NCSC
added 2023/05/09 12:0 a.m.2 views

Vulnerabilities fixed in Google Chrome

Google has fixed vulnerabilities in Google Chrome and Chromium. A malicious party can exploit the vulnerabilities to launch attacks execute attacks that can lead to the following categories of damage: Denial-of-Service DoS Data manipulation. Remote code execution User rights Access to sensitive...

8.8CVSS7.6AI score0.00968EPSS
Exploits0
NCSC
NCSC
added 2023/04/28 12:0 a.m.2 views

Vulnerability fixed in IBM Websphere Application Server

IBM has fixed a vulnerability in the management interface of Websphere Application Server. A malicious person with access to this interface could exploit the vulnerability to launch a Cross-Site Scripting XSS attack. Such an attack can lead to execution of arbitrary code in the context of the...

6.1CVSS6.6AI score0.00399EPSS
Exploits0
NCSC
NCSC
added 2023/04/25 12:0 a.m.2 views

Vulnerabilities fixed in IBM DB2

IBM has fixed vulnerabilities in DB2. A malicious party could exploit the exploit the vulnerabilities to cause a denial-of-service. The vulnerability with reference CVE-2023-29257 allows a malicious person with management privileges on a database to execute arbitrary code execute arbitrary code, ...

7.5CVSS7.3AI score0.01513EPSS
Exploits0
NCSC
NCSC
added 2023/04/20 12:0 a.m.2 views

Vulnerabilities fixed in Google Chrome

Google has fixed vulnerabilities in Chrome. A malicious person could exploit the vulnerabilities to cause a denial-of-service, to gain access to system data, or to execute arbitrary code in the context of the browser of the victim. To do this, the malicious party must trick the victim into openin...

9.6CVSS9.4AI score0.05786EPSS
Exploits0
NCSC
NCSC
added 2023/04/17 12:0 a.m.2 views

Vulnerabilities fixed in Google Chrome

Google has fixed two vulnerabilities in Chrome. No CVE ID has been disclosed of one of the vulnerabilities. The vulnerability with attribute CVE-2023-2033 allows a malicious person remotely able to cause a denial-of-service, or to execute arbitrary code in the context of the browser of the victim...

8.8CVSS7AI score0.40798EPSS
Exploits1
NCSC
NCSC
added 2023/04/06 12:0 a.m.2 views

Vulnerabilities fixed in Google Chrome and Chromium

Google has fixed several vulnerabilities in Chrome. A remote malicious can exploit the vulnerabilities to perform execute attacks that can lead to the following categories of damage: Denial-of-Service DoS Circumvention of security measure Remote code execution User rights Access to sensitive data...

8.8CVSS9.7AI score0.01077EPSS
Exploits0
NCSC
NCSC
added 2023/03/09 12:0 a.m.2 views

Vulnerability fixed in Veeam Backup & Replication

A vulnerability has been fixed in Veaam Backup & Replication. A unauthenticated malicious person with access to the network port of the Backup Server, could exploit the vulnerability to retrieve encrypted credentials from the configuration. Using these credentials, the malicious party can then ga...

7.5CVSS6.9AI score0.7761EPSS
Exploits4
NCSC
NCSC
added 2023/03/02 12:0 a.m.2 views

Vulnerabilities fixed in Mattermost

Mattermost has fixed several vulnerabilities in Mattermost. The vulnerabilities were made through Responsible Disclosure and Mattermost is not making any substantive information available until March 30. No CVE IDs have been published. The most serious vulnerability has been rated HIGH by...

7AI score
Exploits0
NCSC
NCSC
added 2023/03/02 12:0 a.m.2 views

Vulnerability fixed in IBM Websphere

IBM has fixed a vulnerability in the HTTP server which is used in Websphere Application Server. An unauthenticated remote attacker could exploit the vulnerability to cause a Denial-of-Service by offering a prepared, malformed URL. IBM has released updates to fix the vulnerability in HTTP Server f...

7.5CVSS6.7AI score0.01116EPSS
Exploits0
NCSC
NCSC
added 2023/02/16 12:0 a.m.2 views

Vulnerabilities fixed in Mozilla Firefox and Thunderbird

Mozilla has fixed several vulnerabilities in Firefox, Firefox ESR th Thunderbird. A malicious person could exploit them to carry out attacks that can lead to the following categories of damage: Denial-of-Service DoS. Remote code execution User Rights Spoofing Access to sensitive data Access to...

9.8CVSS7.5AI score0.00817EPSS
Exploits2
NCSC
NCSC
added 2023/02/16 12:0 a.m.2 views

Fixed vulnerabilities in several Atlassian products

Atlassian has fixed vulnerabilities in several products that use git. The vulnerability is located in the included git implementation and allows a malicious person to to execute arbitrary code. For these vulnerabilities in git, security advisory NCSC-2023-0024 released. Atlassian has released...

9.8CVSS7.8AI score0.56334EPSS
Exploits0
NCSC
NCSC
added 2023/02/10 12:0 a.m.2 views

Vulnerability fixed in Red Hat OpenShift

Red Hat has fixed a vulnerability in the OpenShift Container Platform. The vulnerability is located in the Maven subsystem and allows an unauthenticated malicious person to apply command injections and execute shell commands with permissions from the underlying application. Red Hat has released...

9.8CVSS7.3AI score0.04031EPSS
Exploits0
NCSC
NCSC
added 2023/02/09 12:0 a.m.2 views

Vulnerability fixed in phpMyAdmin

A vulnerability has been fixed in phpMyAdmin. A authenticated malicious party can exploit the vulnerability for a cross-site scripting attack via uploading a rogue .sql file. Such an attack may result in the execution of arbitrary code under the scope of the browser of the victim. In this...

6.3AI score
Exploits0
NCSC
NCSC
added 2023/02/03 12:0 a.m.2 views

Vulnerability fixed in Trend Micro Apex One

A vulnerability has been fixed in Trend Micro Apex One. A unauthenticated remote malicious person can exploit the vulnerability exploit it to cause a denial-of-service DoS. Trend Micro has released updates to fix the vulnerability. fix. For more information, see:...

9.1CVSS6.8AI score0.59585EPSS
Exploits0
NCSC
NCSC
added 2023/02/02 12:0 a.m.2 views

Vulnerability fixed in IBM Websphere Application Server

IBM has fixed a vulnerability in Websphere Application Server. A malicious party could exploit the vulnerability to execute arbitrary code on the system. Abuse is not simple and requires specially prepared data. IBM has released updates to fix the vulnerability in Websphere Application Server. Fo...

9.8CVSS7.3AI score0.01949EPSS
Exploits0
NCSC
NCSC
added 2023/01/24 12:0 a.m.2 views

Vulnerabilities fixed in Apple iOS and iPadOS

Apple has fixed several vulnerabilities in iOS and iPadOS. A malicious party can exploit the vulnerabilities to obtain sensitive data, cause a Denial of Service or for executing arbitrary code, including in specific cases with system privileges. For the most serious damage, being code execution...

8.8CVSS7.9AI score0.08523EPSS
Exploits0
NCSC
NCSC
added 2023/01/18 12:0 a.m.2 views

Vulnerabilities fixed in Apache web server

Apache has fixed vulnerabilities in Apache HTTP Server. The vulnerabilities potentially allow a malicious party to launch attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Circumvention of security measure Apache has released updates to fix the...

9CVSS7AI score0.57941EPSS
Exploits0
NCSC
NCSC
added 2023/01/18 12:0 a.m.2 views

Vulnerabilities fixed in Mozilla Firefox and Firefox ESR

Mozilla has fixed several vulnerabilities in Firefox and Firefox ESR. A malicious party could potentially exploit the vulnerabilities to collect system data and/or execute code under the user's privileges. Mozilla has released Firefox 109 and Firefox ESR 102.7 to address the vulnerabilities. You...

8.8CVSS6.9AI score0.00892EPSS
Exploits0
NCSC
NCSC
added 2023/01/11 12:0 a.m.2 views

Vulnerabilities fixed in Microsoft Exchange Server

Microsoft has fixed vulnerabilities in Exchange Server. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Accessing sensitive data. Impersonating another user spoofing Obtaining elevated privileges The vulnerability...

8CVSS6.2AI score0.01595EPSS
Exploits0
NCSC
NCSC
added 2023/01/02 12:0 a.m.2 views

Vulnerability found in SugarCRM

A new vulnerability may have been found in SugarCRM. The vulnerability allows an unauthenticated remote malicious person able to bypass authentication and execute arbitrary code execute arbitrary code on the Web server. The described vulnerability is said to be located in the AttachFiles action o...

8AI score
Exploits0
NCSC
NCSC
added 2022/12/28 12:0 a.m.2 views

Vulnerability fixed in XStream

A vulnerability has been fixed in XStream. A malicious party can inject recursive functions into the application to cause a Denial-of-Service DoS attack. The developers have made an update available for XStream versions lower than 1.4.20 to fix the vulnerability. For more information, see:...

8.2CVSS6.8AI score0.08689EPSS
Exploits1
NCSC
NCSC
added 2022/12/15 12:0 a.m.2 views

Vulnerabilities fixed in Mozilla Firefox, Firefox ESR and Thunderbird

Vulnerabilities have been fixed in Mozilla Firefox, Firefox ESR and Thunderbird. The vulnerabilities allow a malicious person to perform attacks that result in the following categories of damage: Denial-of-Service DoS Circumvention of security measure Remote code execution User rights Access to...

9.8CVSS7.3AI score0.00921EPSS
Exploits0
NCSC
NCSC
added 2022/12/13 12:0 a.m.2 views

Vulnerability fixed in Microsoft Dynamics

A vulnerability has been fixed in Microsoft Dynamics Business Central. The vulnerability allows an authenticated malicious person remotely able to execute arbitrary code on the host OS of the system on which Microsoft Dynamics Business Central is is installed on. To properly exploit this...

8.5CVSS7.2AI score0.0157EPSS
Exploits0
NCSC
NCSC
added 2022/12/13 12:0 a.m.2 views

Vulnerabilities fixed in Microsoft Edge

Vulnerabilities have been fixed in Microsoft Edge. The vulnerabilities allow a malicious person to impersonate as another user or obtain elevated privileges. Microsoft Edge Chromium-based: |----------------|------|-------------------------------------| | CVE ID | CVSS | Impact |...

8.3CVSS6.2AI score0.01887EPSS
Exploits0
NCSC
NCSC
added 2022/12/05 12:0 a.m.2 views

Vulnerability fixed in Google Chrome

A vulnerability has been fixed in Google Chrome. A malicious party could potentially exploit the vulnerability to execute arbitrary code under a user's privileges. To do this, the malicious party must induce the victim to visit a malicious web page to visit. As usual, Google has published few...

8.8CVSS7.3AI score0.16109EPSS
Exploits2
NCSC
NCSC
added 2022/12/02 12:0 a.m.2 views

Vulnerabilities fixed in WordPress

Vulnerabilities have been fixed in WordPress. The vulnerabilities allow a malicious person to launch attacks that lead to the following categories of damage: Cross-Site Request Forgery XSRF Cross-Site Scripting XSS SQL Injection Access to sensitive data No CVE features have been made available at...

6.9AI score
Exploits0
NCSC
NCSC
added 2022/12/02 12:0 a.m.2 views

Vulnerability fixed in Grafana

Grafana Labs has fixed a vulnerability in Grafana. The vulnerability allows an authenticated remote malicious person to able to execute arbitrary code in the browser on a victim's victim's system. To do this, the malicious party must trick the entice the victim to click on a rogue link. Grafana...

8.7CVSS9.5AI score0.68603EPSS
Exploits0
NCSC
NCSC
added 2022/11/17 12:0 a.m.2 views

Vulnerabilities fixed in F5 products

Vulnerabilities have been fixed in F5 products. The vulnerability with reference CVE-2022-41622 allows a remote malicious person to remote user to perform a cross-site request forgery attack. execute. A malicious party could use this vulnerability to cause a user with elevated privileges to perfo...

8.8CVSS7AI score0.87987EPSS
Exploits9
NCSC
NCSC
added 2022/11/17 12:0 a.m.2 views

Vulnerability fixed in Bitbucket Server and Data Center

A vulnerability has been fixed in Bitbucket Server and Data Center. The vulnerability allows a malicious person to execute arbitrary code by manipulating environment variables manipulating environment variables within the application. This requires the malicious person to be able to modify his...

9.8CVSS7.3AI score0.98035EPSS
Exploits3
NCSC
NCSC
added 2022/11/10 12:0 a.m.2 views

Vulnerabilities fixed in Grafana

Grafana Labs has fixed vulnerabilities in Grafana. A malicious party could potentially exploit the vulnerabilities to retrieve discover user accounts, use password resets to appropriate an account, or in specific cases where an environment is heavily loaded, to cause a race condition and thus gai...

9.8CVSS9.6AI score0.00922EPSS
Exploits0
NCSC
NCSC
added 2022/11/09 12:0 a.m.2 views

Vulnerabilities fixed in Google Chrome

Vulnerabilities have been fixed in Google Chrome. The vulnerabilities allow a malicious party to cause a denial-of-service DoS cause or execute arbitrary code under the privileges of the user. To do this, the malicious party must induce the victim to visit a malicious web page to visit. As usual,...

9.6CVSS9.6AI score0.00706EPSS
Exploits0
NCSC
NCSC
added 2022/11/08 12:0 a.m.2 views

Vulnerability fixed in Microsoft Dynamics

Microsoft has fixed a vulnerability in Microsoft Dynamics. An authenticated malicious party could exploit the vulnerability to gain access to sensitive data. The table below lists the vulnerability fixed by Microsoft with the corresponding CVSSv3 score. Microsoft Dynamics:...

4.4CVSS6AI score0.01066EPSS
Exploits0
NCSC
NCSC
added 2022/10/28 12:0 a.m.2 views

Vulnerabilities fixed in Microsoft Edge

Vulnerabilities have been fixed in Microsoft Edge. A remote malicious party could potentially exploit the vulnerabilities to execute arbitrary code and/or cause a denial-of-service DoS Microsoft has made updates for Edge available to address the vulnerabilities. For more information, see:...

8.8CVSS7.7AI score0.23798EPSS
Exploits2
Total number of security vulnerabilities4190