4190 matches found
Vulnerabilities fixed in AVEVA System Platform
Vulnerabilities have been fixed in AVEVA System Platform. A malicious party could exploit the vulnerabilities to obtain sensitive information, namely the plaintext password of the Network User Account. With this information, the malicious party could gain further access to systems. No CVE feature...
Vulnerability fixed in Apple macOS, iOS, iPadOS and Safari
Apple has fixed a vulnerability in macOS, iOS, iPadOS and Safari. An unauthenticated remote malicious person could exploit the exploit the vulnerability to execute arbitrary code under the rights of the application. To do this, the malicious party must entice the victim to open a rogue Web page...
Vulnerabilities fixed in Grafana
Vulnerabilities have been fixed in Grafana. A malicious party could potentially exploit the vulnerabilities to perform a cross-site scripting attack, gain access to information about the system or perform a cross-site request-forgery attack. Through the latter, the malicious take over user accoun...
Vulnerabilities fixed in Mozilla Firefox
Mozilla has fixed vulnerabilities in Firefox and Firefox Extended Support Release ESR. The vulnerabilities allow a malicious party potentially able to launch attacks that lead to the following categories of damage: Denial-of-Service DoS. Circumvention of security measure Remote code execution...
Vulnerability fixed in QEMU
A vulnerability has been fixed in QEMU. The vulnerability allows a local malicious person to obtain elevated privileges. The developers of QEMU have released updates to fix the vulnerability. More information can be found at the page below:...
Vulnerabilities fixed in Apple iOS and iPad OS
Vulnerabilities have been fixed in the operating systems iOS and iPadOS. The vulnerabilities allow a malicious person to perform attacks that result in the following categories of damage: Denial-of-Service DoS Circumvention of security measure Remote code execution Administrator/Root rights Remot...
Vulnerabilities fixed in Apple Safari
Vulnerabilities have been fixed in Apple Safari. The vulnerabilities potentially allow a malicious person to execute arbitrary code execute arbitrary code or gain access to sensitive information. Apple has made updates available to fix the vulnerabilities fixes in Safari. For more information, se...
Vulnerabilities fixed in Xen
Vulnerabilities have been fixed in Xen. The vulnerabilities allow a malicious person to perform attacks that could potentially lead to the following categories of damage: Denial-of-Service DoS. Access to system data Increased user privileges Xen has released updates to address the vulnerabilities...
Vulnerability fixed in Oracle Health Sciences Applications
Oracle has fixed a vulnerability in the following products: Thesaurus Management System Clinical Health Sciences Clinical Development Analytics Argus Safety Argus Insight Argus Analytics Health Sciences InForm CRF Submit Argus Mart ------------------.------.------------------------------------- |...
Vulnerabilities fixed in Mozilla Firefox, Firefox ESR and Thunderbird
Vulnerabilities have been fixed in Mozilla Firefox, Firefox ESR and Thunderbird. The vulnerabilities allow a malicious person to perform attacks that result in the following categories of damage: Denial-of-Service DoS Circumvention of security measure Remote code execution User Rights Spoofing...
Vulnerabilities fixed in Microsoft Office
Microsoft has fixed vulnerabilities in Microsoft Office. The vulnerabilities potentially allow a malicious person to launch attacks execute attacks that result in the following categories of damage: Remote code execution User privileges. Access to sensitive data Increased user privileges The...
Vulnerabilities fixed in WordPress
WordPress developers have fixed several vulnerabilities fixed. A remote malicious party could remotely exploit these vulnerabilities potentially exploit them to perform a Cross-Site Scripting XSS attack and perform SQL Injection. WordPress developers have released updates to fix the...
Vulnerability fixed in Roundcube Webmail
A vulnerability has been fixed in Roundcube Webmail. A malicious party could exploit the vulnerability to perform a Cross-Site Scripting XSS attack. Such an attack can lead to the execution of arbitrary script code in the browser with which the user opens a rogue e-mail. Roundcube has released...
Vulnerabilities fixed in PostgreSQL
Vulnerabilities have been fixed in PostgreSQL. An authenticated malicious person could exploit the vulnerabilities to cause a denial-of-service. In addition, an unauthenticated malicious person with a man-in-the-middle position can exploit the vulnerabilities potentially exploit the vulnerabiliti...
Vulnerabilities fixed in MediaWiki
Vulnerabilities have been fixed in MediaWiki. The vulnerabilities potentially allow a malicious party to view non-public wiki content or modify the content of a wiki. MediaWiki has released updates to address the vulnerabilities. fix. More information can be found on the page below:...
Vulnerabilities fixed in Apple Safari
Apple has fixed vulnerabilities in Safari. A malicious person at remote user could potentially exploit the vulnerabilities to execute arbitrary execute arbitrary code under application privileges. Apple has few substantive details about the vulnerabilities publicly made available. Apple has...
Vulnerability fixed in IBM WebSphere Application Server
A vulnerability has been fixed in IBM WebSphere Application Server. An unauthenticated remote malicious agent could cause a Denial-of-Service exploit. IBM has released updates to fix the vulnerability. More information can be found on the page below: https://www.ibm.com/support/pages/node/6524674...
Vulnerabilities fixed in Google Chrome
Google has fixed vulnerabilities in Google Chrome. The vulnerabilities potentially allow a remote malicious person to able to execute arbitrary code with the privileges of the application. Google has made few technical details about the vulnerabilities made publicly available. Google has released...
Vulnerabilities fixed in Mozilla Firefox, Firefox ESR and Thunderbird
Vulnerabilities have been fixed in Mozilla Firefox, Firefox ESR and Thunderbird. The vulnerabilities allow a malicious person to perform attacks that result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Circumvention of security measure. Remote code...
Vulnerability fixed in Zoho ManageEngine Desktop Central
Zoho has fixed a vulnerability in ManageEngine Desktop Central. Desktop Central is a solution used by administrators to remotely manage devices within an organization. manage. The vulnerability makes it possible for a malicious person to bypass authentication and execute arbitrary code. It is goo...
Vulnerability fixed in GNU Mailman
The developers of GNU Mailman have fixed a vulnerability in GNU Mailman. The vulnerability could be exploited by a malicious person abused to perform a Cross-Site Request Forgery XSRF on the administrator page. The developers have released updates to fix the vulnerability fix in GNU Mailman 2.1.3...
Vulnerabilities fixed in OpenBSD
Two vulnerabilities have been fixed in OpenBSD. The vulnerabilities apply to the kernel and libcrypto. The kernel vulnerability allows a local authorized user able to establish a denial of service on the system. This vulnerability is present in OpenBSD 6.9 and 7.0. The second vulnerability is in...
Vulnerabilities fixed in Roundcube Webmail
Roundcube has fixed vulnerabilities in Webmail and Webmail LTS. The vulnerabilities allow a malicious party to launch a cross-site scripting attack, or to perform an SQL injection execute and thus gain access to the data in the underlying database. Roundcube has released updates to address the...
Vulnerabilities fixed in Google Chrome
Google has fixed vulnerabilities in Google Chrome. The vulnerabilities potentially allow a malicious person to launch attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Circumvention of security measure Remote code execution User rights Google has mad...
Vulnerabilities fixed in Samba
Vulnerabilities have been fixed in Samba. A malicious party could vulnerabilities potentially exploit them to cause a limited denial-of-service or to obtain elevated permissions. The latter could result in the malicious party gaining administrator privileges within a domain to obtain administrato...
Vulnerabilities found in RPKI validators
Researchers at the University of Twente have found vulnerabilities found in several RPKI validators. RPKI validators are used to validate that a route propagated via BGP originates from an AS that is authorized to distribute this route. propagation. The vulnerabilities make it possible for an...
Vulnerabilities fixed in Microsoft Exchange Server
Microsoft has fixed vulnerabilities in Microsoft Exchange Server. The vulnerabilities potentially enable a malicious person to able to launch attacks that result in the following categories of damage: Impersonating another user Executing arbitrary code Administrator/Root privileges Microsoft...
Vulnerabilities hide in Java
Vulnerabilities have been fixed in Java. The vulnerabilities allow a malicious person to perform attacks that result in the following categories of damage: Denial-of-Service DoS Circumvention of security measure Remote code execution User rights Access to sensitive data Access to system data -=...
Vulnerability fixed in Ansible
A vulnerability has been fixed in Ansible. The vulnerability allows a malicious party to obtain sensitive data. -= Fedora =- Fedora has made updates available for Fedora 34. You can install these updates by using the command 'dnf' or 'yum'. More information about these updates and about possible...
Vulnerability fixed in Linux kernel
A vulnerability has been fixed in Linux kernel. The vulnerability allows a remote malicious person to obtain system data obtain. Updates have been released to fix the vulnerability. More information can be found on the page below: https://github.com/torvalds/linux/commit...
Vulnerabilities verhopen in Mozilla Firefox
Vulnerabilities have been fixed in Firefox and Firefox ESR. The vulnerabilities allow a malicious party to carry out attacks execute attacks that lead to the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Circumvention of security measure Spoofing Accessing...
Vulnerability fixed in php
A vulnerability has been fixed in php. The vulnerability allows a local malicious party to obtain elevated privileges. PHP developers have released updates to fix the vulnerability. More information can be found at the page below: https://www.php.net/ChangeLog-8.php8.0.12 -= Fedora =- Fedora has...
Vulnerability fixed in Atlassian Jira
Atlassian has fixed a vulnerability in Jira. The vulnerability allows an authenticated remote malicious person to opportunity to bypass a security measure. Atlassian categorizes this vulnerability according to the CVSSv3 method with a score of 4.3. Atlassian has released updates to address the...
Vulnerability fixed in BIND
ISC has fixed a vulnerability in BIND. A unauthenticated remote malicious person could exploit it to significantly affect the performance of a BIND DNS server. impact. Abuse results in it taking longer before a client receives a response from the DNS server and also increases additionally increas...
Vulnerabilities fixed in Node.js
Vulnerabilities have been fixed in Node.js. The vulnerabilities potentially allow a remote malicious party to launch an HTTP request smuggling attack. Such an attack could lead to unauthorized access to systems. Possible consequential damages may include gaining access to information or performin...
Vulnerability fixed in Discourse
A vulnerability has been fixed in Discourse. A unauthenticated remote malicious person could potentially potentially exploit it to execute arbitrary code under the rights of the application. To do so, malicious network traffic should be be sent to the /webhooks/aws endpoint. The vulnerability is...
Vulnerabilities fixed in Ubuntu kernel
Vulnerabilities have been fixed in the Ubuntu Linux kernel. The vulnerabilities allow a malicious person to carry out attacks execute attacks that lead to the following categories of damage: Denial-of-Service DoS. Remote code execution Administrator/Root rights Access to sensitive data Increased...
Vulnerabilities fixed in Google Chrome
Google has released version 95.0.4638.54 of Chrome for Windows, MacoOS and Linux. A malicious party could potentially exploit them to cause a Denial-of-Service, or for executing arbitrary code in the context of the browser. Google has released updates to fix the vulnerabilities in Chrome...
Vulnerability fixed in Apple iOS and iPadOS
Apple has fixed a vulnerability in iOS and iPadOS. A malicious party can exploit the vulnerability to execute arbitrary code execute arbitrary code with kernel privileges and thus access gain access to sensitive information or possibly install more malware install. Apple reports receiving reports...
Vulnerabilities fixed in Mozilla Firefox
Mozilla has fixed vulnerabilities in Firefox and Firefox ESR. The vulnerabilities potentially enable a remote malicious person to able to launch attacks that result in the following categories of damage: Denial-of-Service DoS Circumvention of security measure. Remote code execution User rights On...
Vulnerability fixed in Fedora
A vulnerability has been fixed in the Linux kernel as used by Fedora. A local, authenticated malicious person can gain by exploiting this vulnerability to gain elevated privileges acquire elevated privileges on the vulnerable system. Fedora has made updates available for Fedora 33 and 34. You can...
Vulnerabilities fixed in MediaWiki
Vulnerabilities have been fixed in MediaWiki. The vulnerabilities allow a malicious person to launch attacks that lead to the following categories of damage: Cross-Site Scripting XSS. Circumvention of security measure Accessing system data MediaWiki has released updates to address the...
Vulnerabilities fixed in IBM Tivoli Netcool/OMNIbus
Vulnerabilities have been fixed in IBM Tivoli Netcool/OMNIbus. The vulnerabilities allow a malicious person to execute arbitrary code execute arbitrary code. In addition, IBM reports an unspecified vulnerability that has been fixed. IBM has released updates to fix the vulnerabilities. More...
Vulnerability fixed in IBM Aspera
A vulnerability has been fixed in IBM Aspera. The vulnerability allows a remote malicious party to perform a Cross-Site Scripting attack and thereby steal authentication cookies. IBM has released updates to fix the vulnerability. More information can be found on the page below:...
Vulnerabilities fixed in Google Chrome
Google has fixed vulnerabilities in Chrome. The vulnerabilities allow a malicious party to cause a denial-of-service cause and to obtain system data. Potentially, the Denial-of-Service attack could be used to execute arbitrary code. Google has released a new version to address the vulnerabilities...
Vulnerabilities fixed in Oracle Linux
Oracle has fixed vulnerabilities in its kernel. The vulnerabilities allow a malicious party to cause a denial-of-service exploit. Oracle has released updates to fix the vulnerabilities. More information can be found on the page below: https://linux.oracle.com/errata/ELSA-2021-3447.html...
Vulnerability fixed in Zoho ManageEngine ADSelfService Plus
Zoho ManageEngine has fixed a vulnerability in ADSelfService Plus. ADSelfService Plus is a self-service password management and single-sign-on solution. The vulnerability allows a malicious remotely able to bypass authentication. Zoho ManageEngine categorizes this vulnerability according to the...
Vulnerabilities fixed in curl
Vulnerabilities have been fixed in curl. The vulnerabilities allow a malicious person to perform attacks that lead to the following categories of damage: Denial-of-Service DoS Circumvention of security measure Accessing sensitive data Updates have been released to fix the vulnerabilities. More...
Vulnerability fixed in Fedora kernel
Fedora has fixed a vulnerability in its kernel. The vulnerability allows a malicious party to cause a Denial-of-Service exploit. -= Fedora =- Fedora has made updates available for Fedora 33 and 34. You can install these updates using the command 'dnf' or 'yum'. More information about these update...
Vulnerability fixed in Git
A vulnerability has been fixed in Git. The vulnerability allows a malicious party to bypass a security measure. Git has released updates to fix the vulnerability. More information can be found on the page below: https://github.com/git/git/commit /a02ea577174ab8ed18f847cf1693f213e0b9c473 -= Ubuntu...