Lucene search
K
NcscMost viewed

4190 matches found

NCSC
NCSC
•added 2022/02/15 12:0 a.m.•2 views

Vulnerabilities fixed in AVEVA System Platform

Vulnerabilities have been fixed in AVEVA System Platform. A malicious party could exploit the vulnerabilities to obtain sensitive information, namely the plaintext password of the Network User Account. With this information, the malicious party could gain further access to systems. No CVE feature...

7AI score
Exploits0
NCSC
NCSC
•added 2022/02/11 12:0 a.m.•2 views

Vulnerability fixed in Apple macOS, iOS, iPadOS and Safari

Apple has fixed a vulnerability in macOS, iOS, iPadOS and Safari. An unauthenticated remote malicious person could exploit the exploit the vulnerability to execute arbitrary code under the rights of the application. To do this, the malicious party must entice the victim to open a rogue Web page...

8.8CVSS7.7AI score0.16342EPSS
Exploits0
NCSC
NCSC
•added 2022/02/10 12:0 a.m.•2 views

Vulnerabilities fixed in Grafana

Vulnerabilities have been fixed in Grafana. A malicious party could potentially exploit the vulnerabilities to perform a cross-site scripting attack, gain access to information about the system or perform a cross-site request-forgery attack. Through the latter, the malicious take over user accoun...

8.8CVSS8.5AI score0.02359EPSS
Exploits1
NCSC
NCSC
•added 2022/02/09 12:0 a.m.•2 views

Vulnerabilities fixed in Mozilla Firefox

Mozilla has fixed vulnerabilities in Firefox and Firefox Extended Support Release ESR. The vulnerabilities allow a malicious party potentially able to launch attacks that lead to the following categories of damage: Denial-of-Service DoS. Circumvention of security measure Remote code execution...

9.6CVSS7.8AI score0.00926EPSS
Exploits2
NCSC
NCSC
•added 2022/01/27 12:0 a.m.•2 views

Vulnerability fixed in QEMU

A vulnerability has been fixed in QEMU. The vulnerability allows a local malicious person to obtain elevated privileges. The developers of QEMU have released updates to fix the vulnerability. More information can be found at the page below:...

7.8CVSS6.2AI score0.00332EPSS
Exploits0
NCSC
NCSC
•added 2022/01/27 12:0 a.m.•2 views

Vulnerabilities fixed in Apple iOS and iPad OS

Vulnerabilities have been fixed in the operating systems iOS and iPadOS. The vulnerabilities allow a malicious person to perform attacks that result in the following categories of damage: Denial-of-Service DoS Circumvention of security measure Remote code execution Administrator/Root rights Remot...

10CVSS7AI score0.11638EPSS
Exploits0
NCSC
NCSC
•added 2022/01/27 12:0 a.m.•2 views

Vulnerabilities fixed in Apple Safari

Vulnerabilities have been fixed in Apple Safari. The vulnerabilities potentially allow a malicious person to execute arbitrary code execute arbitrary code or gain access to sensitive information. Apple has made updates available to fix the vulnerabilities fixes in Safari. For more information, se...

8.8CVSS7.5AI score0.01973EPSS
Exploits0
NCSC
NCSC
•added 2022/01/25 12:0 a.m.•2 views

Vulnerabilities fixed in Xen

Vulnerabilities have been fixed in Xen. The vulnerabilities allow a malicious person to perform attacks that could potentially lead to the following categories of damage: Denial-of-Service DoS. Access to system data Increased user privileges Xen has released updates to address the vulnerabilities...

7.8CVSS6.8AI score0.00352EPSS
Exploits0
NCSC
NCSC
•added 2022/01/19 12:0 a.m.•2 views

Vulnerability fixed in Oracle Health Sciences Applications

Oracle has fixed a vulnerability in the following products: Thesaurus Management System Clinical Health Sciences Clinical Development Analytics Argus Safety Argus Insight Argus Analytics Health Sciences InForm CRF Submit Argus Mart ------------------.------.------------------------------------- |...

8.3CVSS7.3AI score0.025EPSS
Exploits5
NCSC
NCSC
•added 2022/01/12 12:0 a.m.•2 views

Vulnerabilities fixed in Mozilla Firefox, Firefox ESR and Thunderbird

Vulnerabilities have been fixed in Mozilla Firefox, Firefox ESR and Thunderbird. The vulnerabilities allow a malicious person to perform attacks that result in the following categories of damage: Denial-of-Service DoS Circumvention of security measure Remote code execution User Rights Spoofing...

10CVSS7.6AI score0.01344EPSS
Exploits9
NCSC
NCSC
•added 2022/01/11 12:0 a.m.•2 views

Vulnerabilities fixed in Microsoft Office

Microsoft has fixed vulnerabilities in Microsoft Office. The vulnerabilities potentially allow a malicious person to launch attacks execute attacks that result in the following categories of damage: Remote code execution User privileges. Access to sensitive data Increased user privileges The...

9.3CVSS7.7AI score0.03115EPSS
Exploits0
NCSC
NCSC
•added 2022/01/10 12:0 a.m.•2 views

Vulnerabilities fixed in WordPress

WordPress developers have fixed several vulnerabilities fixed. A remote malicious party could remotely exploit these vulnerabilities potentially exploit them to perform a Cross-Site Scripting XSS attack and perform SQL Injection. WordPress developers have released updates to fix the...

7.5AI score
Exploits0
NCSC
NCSC
•added 2022/01/06 12:0 a.m.•2 views

Vulnerability fixed in Roundcube Webmail

A vulnerability has been fixed in Roundcube Webmail. A malicious party could exploit the vulnerability to perform a Cross-Site Scripting XSS attack. Such an attack can lead to the execution of arbitrary script code in the browser with which the user opens a rogue e-mail. Roundcube has released...

6.1CVSS6.2AI score0.01045EPSS
Exploits0
NCSC
NCSC
•added 2021/12/23 12:0 a.m.•2 views

Vulnerabilities fixed in PostgreSQL

Vulnerabilities have been fixed in PostgreSQL. An authenticated malicious person could exploit the vulnerabilities to cause a denial-of-service. In addition, an unauthenticated malicious person with a man-in-the-middle position can exploit the vulnerabilities potentially exploit the vulnerabiliti...

8.1CVSS7.8AI score0.01901EPSS
Exploits0
NCSC
NCSC
•added 2021/12/16 12:0 a.m.•2 views

Vulnerabilities fixed in MediaWiki

Vulnerabilities have been fixed in MediaWiki. The vulnerabilities potentially allow a malicious party to view non-public wiki content or modify the content of a wiki. MediaWiki has released updates to address the vulnerabilities. fix. More information can be found on the page below:...

7.5CVSS6.7AI score0.0135EPSS
Exploits0
NCSC
NCSC
•added 2021/12/15 12:0 a.m.•2 views

Vulnerabilities fixed in Apple Safari

Apple has fixed vulnerabilities in Safari. A malicious person at remote user could potentially exploit the vulnerabilities to execute arbitrary execute arbitrary code under application privileges. Apple has few substantive details about the vulnerabilities publicly made available. Apple has...

9.3CVSS7.5AI score0.07617EPSS
Exploits1
NCSC
NCSC
•added 2021/12/09 12:0 a.m.•2 views

Vulnerability fixed in IBM WebSphere Application Server

A vulnerability has been fixed in IBM WebSphere Application Server. An unauthenticated remote malicious agent could cause a Denial-of-Service exploit. IBM has released updates to fix the vulnerability. More information can be found on the page below: https://www.ibm.com/support/pages/node/6524674...

7.5CVSS6.8AI score0.01521EPSS
Exploits0
NCSC
NCSC
•added 2021/12/08 12:0 a.m.•2 views

Vulnerabilities fixed in Google Chrome

Google has fixed vulnerabilities in Google Chrome. The vulnerabilities potentially allow a remote malicious person to able to execute arbitrary code with the privileges of the application. Google has made few technical details about the vulnerabilities made publicly available. Google has released...

8.8CVSS7.8AI score0.02073EPSS
Exploits0
NCSC
NCSC
•added 2021/12/08 12:0 a.m.•2 views

Vulnerabilities fixed in Mozilla Firefox, Firefox ESR and Thunderbird

Vulnerabilities have been fixed in Mozilla Firefox, Firefox ESR and Thunderbird. The vulnerabilities allow a malicious person to perform attacks that result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Circumvention of security measure. Remote code...

8.8CVSS6.8AI score0.0202EPSS
Exploits0
NCSC
NCSC
•added 2021/12/06 12:0 a.m.•2 views

Vulnerability fixed in Zoho ManageEngine Desktop Central

Zoho has fixed a vulnerability in ManageEngine Desktop Central. Desktop Central is a solution used by administrators to remotely manage devices within an organization. manage. The vulnerability makes it possible for a malicious person to bypass authentication and execute arbitrary code. It is goo...

10CVSS7.3AI score0.99867EPSS
Exploits2
NCSC
NCSC
•added 2021/12/03 12:0 a.m.•2 views

Vulnerability fixed in GNU Mailman

The developers of GNU Mailman have fixed a vulnerability in GNU Mailman. The vulnerability could be exploited by a malicious person abused to perform a Cross-Site Request Forgery XSRF on the administrator page. The developers have released updates to fix the vulnerability fix in GNU Mailman 2.1.3...

8.8CVSS6.6AI score0.0073EPSS
Exploits0
NCSC
NCSC
•added 2021/11/26 12:0 a.m.•2 views

Vulnerabilities fixed in OpenBSD

Two vulnerabilities have been fixed in OpenBSD. The vulnerabilities apply to the kernel and libcrypto. The kernel vulnerability allows a local authorized user able to establish a denial of service on the system. This vulnerability is present in OpenBSD 6.9 and 7.0. The second vulnerability is in...

7.2AI score
Exploits0
NCSC
NCSC
•added 2021/11/24 12:0 a.m.•2 views

Vulnerabilities fixed in Roundcube Webmail

Roundcube has fixed vulnerabilities in Webmail and Webmail LTS. The vulnerabilities allow a malicious party to launch a cross-site scripting attack, or to perform an SQL injection execute and thus gain access to the data in the underlying database. Roundcube has released updates to address the...

9.8CVSS7.5AI score0.42751EPSS
Exploits1
NCSC
NCSC
•added 2021/11/17 12:0 a.m.•2 views

Vulnerabilities fixed in Google Chrome

Google has fixed vulnerabilities in Google Chrome. The vulnerabilities potentially allow a malicious person to launch attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Circumvention of security measure Remote code execution User rights Google has mad...

9.6CVSS7.6AI score0.01362EPSS
Exploits2
NCSC
NCSC
•added 2021/11/10 12:0 a.m.•2 views

Vulnerabilities fixed in Samba

Vulnerabilities have been fixed in Samba. A malicious party could vulnerabilities potentially exploit them to cause a limited denial-of-service or to obtain elevated permissions. The latter could result in the malicious party gaining administrator privileges within a domain to obtain administrato...

9CVSS7AI score0.01984EPSS
Exploits0
NCSC
NCSC
•added 2021/11/09 12:0 a.m.•2 views

Vulnerabilities found in RPKI validators

Researchers at the University of Twente have found vulnerabilities found in several RPKI validators. RPKI validators are used to validate that a route propagated via BGP originates from an AS that is authorized to distribute this route. propagation. The vulnerabilities make it possible for an...

6.8AI score
Exploits0
NCSC
NCSC
•added 2021/11/09 12:0 a.m.•2 views

Vulnerabilities fixed in Microsoft Exchange Server

Microsoft has fixed vulnerabilities in Microsoft Exchange Server. The vulnerabilities potentially enable a malicious person to able to launch attacks that result in the following categories of damage: Impersonating another user Executing arbitrary code Administrator/Root privileges Microsoft...

8.8CVSS6.9AI score0.93877EPSS
Exploits12
NCSC
NCSC
•added 2021/11/05 12:0 a.m.•2 views

Vulnerabilities hide in Java

Vulnerabilities have been fixed in Java. The vulnerabilities allow a malicious person to perform attacks that result in the following categories of damage: Denial-of-Service DoS Circumvention of security measure Remote code execution User rights Access to sensitive data Access to system data -=...

7.5CVSS9.8AI score0.14839EPSS
Exploits0
NCSC
NCSC
•added 2021/11/04 12:0 a.m.•2 views

Vulnerability fixed in Ansible

A vulnerability has been fixed in Ansible. The vulnerability allows a malicious party to obtain sensitive data. -= Fedora =- Fedora has made updates available for Fedora 34. You can install these updates by using the command 'dnf' or 'yum'. More information about these updates and about possible...

5.5CVSS9.4AI score0.00384EPSS
Exploits0
NCSC
NCSC
•added 2021/11/03 12:0 a.m.•2 views

Vulnerability fixed in Linux kernel

A vulnerability has been fixed in Linux kernel. The vulnerability allows a remote malicious person to obtain system data obtain. Updates have been released to fix the vulnerability. More information can be found on the page below: https://github.com/torvalds/linux/commit...

9.8CVSS8.7AI score0.57853EPSS
Exploits2
NCSC
NCSC
•added 2021/11/03 12:0 a.m.•2 views

Vulnerabilities verhopen in Mozilla Firefox

Vulnerabilities have been fixed in Firefox and Firefox ESR. The vulnerabilities allow a malicious party to carry out attacks execute attacks that lead to the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Circumvention of security measure Spoofing Accessing...

10CVSS6.1AI score0.0383EPSS
Exploits0
NCSC
NCSC
•added 2021/11/03 12:0 a.m.•2 views

Vulnerability fixed in php

A vulnerability has been fixed in php. The vulnerability allows a local malicious party to obtain elevated privileges. PHP developers have released updates to fix the vulnerability. More information can be found at the page below: https://www.php.net/ChangeLog-8.php8.0.12 -= Fedora =- Fedora has...

7.8CVSS6.8AI score0.01337EPSS
Exploits1
NCSC
NCSC
•added 2021/11/01 12:0 a.m.•3 views

Vulnerability fixed in Atlassian Jira

Atlassian has fixed a vulnerability in Jira. The vulnerability allows an authenticated remote malicious person to opportunity to bypass a security measure. Atlassian categorizes this vulnerability according to the CVSSv3 method with a score of 4.3. Atlassian has released updates to address the...

4.3CVSS6.5AI score0.00842EPSS
Exploits0
NCSC
NCSC
•added 2021/10/28 12:0 a.m.•2 views

Vulnerability fixed in BIND

ISC has fixed a vulnerability in BIND. A unauthenticated remote malicious person could exploit it to significantly affect the performance of a BIND DNS server. impact. Abuse results in it taking longer before a client receives a response from the DNS server and also increases additionally increas...

5.3CVSS6.9AI score0.08001EPSS
Exploits0
NCSC
NCSC
•added 2021/10/25 12:0 a.m.•2 views

Vulnerabilities fixed in Node.js

Vulnerabilities have been fixed in Node.js. The vulnerabilities potentially allow a remote malicious party to launch an HTTP request smuggling attack. Such an attack could lead to unauthorized access to systems. Possible consequential damages may include gaining access to information or performin...

6.5CVSS6.7AI score0.02936EPSS
Exploits2
NCSC
NCSC
•added 2021/10/25 12:0 a.m.•2 views

Vulnerability fixed in Discourse

A vulnerability has been fixed in Discourse. A unauthenticated remote malicious person could potentially potentially exploit it to execute arbitrary code under the rights of the application. To do so, malicious network traffic should be be sent to the /webhooks/aws endpoint. The vulnerability is...

10CVSS7.7AI score0.19812EPSS
Exploits0
NCSC
NCSC
•added 2021/10/22 12:0 a.m.•2 views

Vulnerabilities fixed in Ubuntu kernel

Vulnerabilities have been fixed in the Ubuntu Linux kernel. The vulnerabilities allow a malicious person to carry out attacks execute attacks that lead to the following categories of damage: Denial-of-Service DoS. Remote code execution Administrator/Root rights Access to sensitive data Increased...

7.8CVSS8.9AI score0.01476EPSS
Exploits3
NCSC
NCSC
•added 2021/10/20 12:0 a.m.•2 views

Vulnerabilities fixed in Google Chrome

Google has released version 95.0.4638.54 of Chrome for Windows, MacoOS and Linux. A malicious party could potentially exploit them to cause a Denial-of-Service, or for executing arbitrary code in the context of the browser. Google has released updates to fix the vulnerabilities in Chrome...

9.6CVSS7.3AI score0.01EPSS
Exploits0
NCSC
NCSC
•added 2021/10/12 12:0 a.m.•2 views

Vulnerability fixed in Apple iOS and iPadOS

Apple has fixed a vulnerability in iOS and iPadOS. A malicious party can exploit the vulnerability to execute arbitrary code execute arbitrary code with kernel privileges and thus access gain access to sensitive information or possibly install more malware install. Apple reports receiving reports...

9.3CVSS7.3AI score0.14721EPSS
Exploits0
NCSC
NCSC
•added 2021/10/06 12:0 a.m.•2 views

Vulnerabilities fixed in Mozilla Firefox

Mozilla has fixed vulnerabilities in Firefox and Firefox ESR. The vulnerabilities potentially enable a remote malicious person to able to launch attacks that result in the following categories of damage: Denial-of-Service DoS Circumvention of security measure. Remote code execution User rights On...

9.8CVSS7.6AI score0.01923EPSS
Exploits0
NCSC
NCSC
•added 2021/10/04 12:0 a.m.•2 views

Vulnerability fixed in Fedora

A vulnerability has been fixed in the Linux kernel as used by Fedora. A local, authenticated malicious person can gain by exploiting this vulnerability to gain elevated privileges acquire elevated privileges on the vulnerable system. Fedora has made updates available for Fedora 33 and 34. You can...

7.8CVSS8.4AI score0.01692EPSS
Exploits2
NCSC
NCSC
•added 2021/10/01 12:0 a.m.•2 views

Vulnerabilities fixed in MediaWiki

Vulnerabilities have been fixed in MediaWiki. The vulnerabilities allow a malicious person to launch attacks that lead to the following categories of damage: Cross-Site Scripting XSS. Circumvention of security measure Accessing system data MediaWiki has released updates to address the...

8.8CVSS6.1AI score0.01735EPSS
Exploits1
NCSC
NCSC
•added 2021/10/01 12:0 a.m.•2 views

Vulnerabilities fixed in IBM Tivoli Netcool/OMNIbus

Vulnerabilities have been fixed in IBM Tivoli Netcool/OMNIbus. The vulnerabilities allow a malicious person to execute arbitrary code execute arbitrary code. In addition, IBM reports an unspecified vulnerability that has been fixed. IBM has released updates to fix the vulnerabilities. More...

8.8CVSS9.3AI score0.03653EPSS
Exploits0
NCSC
NCSC
•added 2021/09/29 12:0 a.m.•2 views

Vulnerability fixed in IBM Aspera

A vulnerability has been fixed in IBM Aspera. The vulnerability allows a remote malicious party to perform a Cross-Site Scripting attack and thereby steal authentication cookies. IBM has released updates to fix the vulnerability. More information can be found on the page below:...

6.9AI score
Exploits0
NCSC
NCSC
•added 2021/09/22 12:0 a.m.•2 views

Vulnerabilities fixed in Google Chrome

Google has fixed vulnerabilities in Chrome. The vulnerabilities allow a malicious party to cause a denial-of-service cause and to obtain system data. Potentially, the Denial-of-Service attack could be used to execute arbitrary code. Google has released a new version to address the vulnerabilities...

8.8CVSS6.6AI score0.01662EPSS
Exploits3
NCSC
NCSC
•added 2021/09/20 12:0 a.m.•2 views

Vulnerabilities fixed in Oracle Linux

Oracle has fixed vulnerabilities in its kernel. The vulnerabilities allow a malicious party to cause a denial-of-service exploit. Oracle has released updates to fix the vulnerabilities. More information can be found on the page below: https://linux.oracle.com/errata/ELSA-2021-3447.html...

7.8CVSS7.8AI score0.03365EPSS
Exploits1
NCSC
NCSC
•added 2021/09/17 12:0 a.m.•2 views

Vulnerability fixed in Zoho ManageEngine ADSelfService Plus

Zoho ManageEngine has fixed a vulnerability in ADSelfService Plus. ADSelfService Plus is a self-service password management and single-sign-on solution. The vulnerability allows a malicious remotely able to bypass authentication. Zoho ManageEngine categorizes this vulnerability according to the...

9.8CVSS6.8AI score0.9896EPSS
Exploits8
NCSC
NCSC
•added 2021/09/16 12:0 a.m.•2 views

Vulnerabilities fixed in curl

Vulnerabilities have been fixed in curl. The vulnerabilities allow a malicious person to perform attacks that lead to the following categories of damage: Denial-of-Service DoS Circumvention of security measure Accessing sensitive data Updates have been released to fix the vulnerabilities. More...

9.1CVSS7.1AI score0.06216EPSS
Exploits3
NCSC
NCSC
•added 2021/09/15 12:0 a.m.•2 views

Vulnerability fixed in Fedora kernel

Fedora has fixed a vulnerability in its kernel. The vulnerability allows a malicious party to cause a Denial-of-Service exploit. -= Fedora =- Fedora has made updates available for Fedora 33 and 34. You can install these updates using the command 'dnf' or 'yum'. More information about these update...

7CVSS7AI score0.00303EPSS
Exploits0
NCSC
NCSC
•added 2021/09/14 12:0 a.m.•2 views

Vulnerability fixed in Git

A vulnerability has been fixed in Git. The vulnerability allows a malicious party to bypass a security measure. Git has released updates to fix the vulnerability. More information can be found on the page below: https://github.com/git/git/commit /a02ea577174ab8ed18f847cf1693f213e0b9c473 -= Ubuntu...

7.5CVSS6.6AI score0.03074EPSS
Exploits1
Total number of security vulnerabilities4190