Lucene search
K
NcscMost viewed

4190 matches found

NCSC
NCSC
•added 2021/02/05 12:0 a.m.•2 views

Vulnerability fixed in IBM Integration Bus

IBM has fixed a vulnerability in the node.js component of Integration Bus. An unauthenticated malicious person could exploit the exploit the vulnerability to cause a denial-of-service. IBM has released updates to fix the vulnerability in Integration Bus V10.0.0.23. For more information, see:...

7.5CVSS6.7AI score0.0344EPSS
Exploits1
NCSC
NCSC
•added 2021/02/03 12:0 a.m.•2 views

Vulnerabilities fixed in Google Chrome

Vulnerabilities have been fixed in Google Chrome. The vulnerabilities allow a malicious person to launch attacks that lead to the following categories of damage: Denial-of-Service DoS Circumvention of security measure Remote code execution User rights As usual, Google reveals little information...

9.6CVSS7.3AI score0.01116EPSS
Exploits0
NCSC
NCSC
•added 2021/01/27 12:0 a.m.•2 views

Vulnerability fixed in Jenkins

A vulnerability has been fixed in Jenkins. A malicious party can exploit the vulnerability to obtain information from the system, potentially bypassing existing security measures. bypassing existing security measures. This vulnerability arose in the most recent version of Jenkins when the...

6.5CVSS6.7AI score0.02226EPSS
Exploits0
NCSC
NCSC
•added 2021/01/06 12:0 a.m.•2 views

Serious vulnerability fixed in Mozilla Firefox

A serious vulnerability has been fixed in Mozilla Firefox. A malicious party, by modifying a COOKIE-ECHO chunk in an SCTP package potentially cause a use-after-free. Mozilla indicates that it is likely, with enough effort, that this vulnerability could lead to the execution of arbitrary code...

8.8CVSS6.8AI score0.01304EPSS
Exploits0
NCSC
NCSC
•added 2020/12/29 12:0 a.m.•2 views

Vulnerability fixed in Grafana Enterprise

Several vulnerabilities have been fixed in Grafana. A malicious party could potentially exploit the vulnerabilities to bypassing authentication when Security Assertion Markup Language SAML is used as the authentication method. In addition the vulnerabilities could potentially be exploited for oth...

10CVSS7.2AI score0.04872EPSS
Exploits1
NCSC
NCSC
•added 2020/12/15 12:0 a.m.•2 views

Vulnerabilities fixed in X11 server

Vulnerabilities have been fixed in X11 server. The vulnerabilities potentially allow a malicious party to access system data and to gain elevated privileges gain. -= Oracle =- Oracle has made updates available for Oracle Linux 7. You can install these updates using the command 'yum'. More...

7.8CVSS7AI score0.00393EPSS
Exploits0
NCSC
NCSC
•added 2020/12/10 12:0 a.m.•2 views

Vulnerabilities fixed in cURL

Vulnerabilities have been fixed in cURL. The vulnerabilities allow a malicious person to perform attacks that result in the following categories of damage: Denial-of-Service DoS Circumvention of security measure Accessing system data GNU has released updates to fix the vulnerabilities. More...

7.5CVSS8.7AI score0.09917EPSS
Exploits3
NCSC
NCSC
•added 2020/12/08 12:0 a.m.•2 views

Vulnerabilities fixed in Xerox AltaLink

Vulnerabilities have been fixed in Xerox AltaLink. The vulnerabilities allow a malicious party to perform a Denial-of-Service DoS exploit. Xerox has released updates to fix the vulnerabilities in Xerox AltaLink products and has released installation and update instructions released. For more...

7.5CVSS8.7AI score0.04666EPSS
Exploits0
NCSC
NCSC
•added 2020/12/08 12:0 a.m.•2 views

Vulnerability in CakePHP fixed

The makers of CakePHP have fixed a vulnerability with version 4.0.10 fixed. The security fixes fix a vulnerability in the CsrfProtectionMiddleware that allowed parameters for overwrite method CSRF checks without additional POST data bypassed. CakePHP developers have issued updates to fix the...

6.6AI score
Exploits0
NCSC
NCSC
•added 2020/12/08 12:0 a.m.•2 views

Vulnerabilities fixed in Microsoft Exchange Server

Microsoft has fixed several vulnerabilities in Microsoft Exchange Server. An authenticated remote malicious person could potentially exploit the vulnerabilities to execute arbitrary code execute arbitrary code or to obtain sensitive information. For each of the vulnerabilities included in this...

9.1CVSS7.2AI score0.8979EPSS
Exploits9
NCSC
NCSC
•added 2020/11/26 12:0 a.m.•2 views

Vulnerabilities fixed in Zimbra

Vulnerabilities have been fixed in JQuery as used by Zimbra. A malicious party could exploit the vulnerabilities to execute a Cross-Site Scripting XSS attack. Such an attack can result in the execution of arbitrary script code in the browser used to visit the application. Few substantive details...

6.9CVSS6.8AI score0.99019EPSS
Exploits11
NCSC
NCSC
•added 2020/11/25 12:0 a.m.•2 views

Vulnerabilities fixed in Joomla!

Vulnerabilities have been fixed in Joomla! The vulnerabilities allow a malicious person to launch attacks that lead to the following categories of damage: Cross-Site Request Forgery XSRF. Security measure circumvention SQL Injection Accessing sensitive data Accessing system data Joomla! provides...

7.3AI score
Exploits0
NCSC
NCSC
•added 2020/11/19 12:0 a.m.•2 views

Vulnerability fixed in Node.js

A vulnerability has been fixed in Node.js. The vulnerability allows a malicious party potentially capable of causing a denial-of-service cause. To do this, the malicious party must be able to send a DNS request for a rogue domain. Only applications that allow a malicious party to send DNS request...

7.5CVSS8.3AI score0.54164EPSS
Exploits0
NCSC
NCSC
•added 2020/11/09 12:0 a.m.•2 views

Vulnerability fixed in Kerberos

A vulnerability has been fixed in MIT Kerberos. A malicious person can exploit the vulnerability to cause a denial-of-service cause. The vulnerability is in the way ASN.1 data is is processed, which can create an infinite loop that causes a crash in the Kerberos process. -= Debian =- Debian has...

7.5CVSS8.4AI score0.04365EPSS
Exploits0
NCSC
NCSC
•added 2020/11/05 12:0 a.m.•2 views

Vulnerabilities fixed in Red Hat kernel

Red Hat has fixed vulnerabilities in its kernel. The vulnerabilities allow a locally authenticated malicious agent to the opportunity to cause a denial-of-service and obtain obtain system data. The vulnerability with attribute CVE-2020-12351 is a regression vulnerability of the vulnerability with...

8.8CVSS8.1AI score0.07693EPSS
Exploits6
NCSC
NCSC
•added 2020/10/21 12:0 a.m.•2 views

Vulnerability fixed in FreeType

A vulnerability has been fixed in FreeType. The vulnerability allows a remote malicious person to execute arbitrary code execute under the user's privileges. FreeType has released an update to fix the vulnerability. fix. More information can be found on the pages below:...

9.6CVSS7.1AI score0.5063EPSS
Exploits2
NCSC
NCSC
•added 2020/10/21 12:0 a.m.•2 views

Vulnerabilities fixed in Xen

Vulnerabilities have been fixed in Xen. The vulnerabilities allow a malicious party the ability to cause a denial-of-service or to obtain elevated privileges. Xen has released updates to fix the vulnerabilities. More information can be found on the pages below: x86 PV guest INVLPG-like flushes ma...

6.7AI score
Exploits0
NCSC
NCSC
•added 2020/10/21 12:0 a.m.•2 views

Vulnerabilities fixed in Google Chrome

Google has fixed several vulnerabilities in Chrome. The vulnerabilities potentially allow a remote malicious person to able to perform a denial-of-service attack or to execute arbitrary execute arbitrary code under the user's privileges. As usual, Google has made little substantive information...

9.6CVSS7.6AI score0.5063EPSS
Exploits5
NCSC
NCSC
•added 2020/10/20 12:0 a.m.•2 views

Vulnerabilities fixed in Red Hat kernel

Vulnerabilities have been fixed in the Red Hat kernel. The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS. Access to system data Increased user privileges -= Red Hat =- Red Hat has made updates...

8.8CVSS8.2AI score0.07693EPSS
Exploits8
NCSC
NCSC
•added 2020/10/14 12:0 a.m.•2 views

Vulnerability fixed in Adobe Flash Player

Adobe has fixed a vulnerability in Adobe Flash Player. A malicious party could potentially exploit the vulnerability to execute arbitrary code under user privileges. There few substantive details about the vulnerability have been made publicly made available. Adobe has released updates to fix the...

9.3CVSS7.5AI score0.04244EPSS
Exploits0
NCSC
NCSC
•added 2020/10/14 12:0 a.m.•2 views

Vulnerabilities fixed in BIND

Several vulnerabilities have been fixed in BIND. A unauthenticated remote malicious person could potentially exploit them to cause a denial-of-service of the DNS service. cause. To do this, rogue network traffic should be sent to the BIND server. -= SUSE =- SUSE has made updates available to fix...

8.6CVSS7.1AI score0.93422EPSS
Exploits6
NCSC
NCSC
•added 2020/09/25 12:0 a.m.•2 views

Vulnerabilities fixed in Thunderbird

Vulnerabilities have been fixed in Thunderbird. The vulnerabilities allow a remote malicious person to execute arbitrary code execute with user privileges and spoof the origin of downloads. spoofing. Mozilla has released updates to fix the vulnerabilities. More information can be found on the pag...

8.8CVSS7.1AI score0.01961EPSS
Exploits0
NCSC
NCSC
•added 2020/09/23 12:0 a.m.•2 views

Vulnerabilities fixed in libxml2

Vulnerabilities have been fixed in libxml2. The vulnerabilities allow a malicious party to perform a denial-of-service DoS execution. The developers of libxml12 categorize these vulnerabilities according to the CVSSv3 method with a highest score of 7.5. FreeBSD has released updates to fix the...

7.5CVSS8.6AI score0.07836EPSS
Exploits1
NCSC
NCSC
•added 2020/09/22 12:0 a.m.•2 views

Vulnerability fixed in Websphere Application Server

A vulnerability has been fixed in Websphere Application Server. The vulnerability allows a remote malicious person using a so-called XML-External-Entity-Injection attack to obtain obtain system data. IBM has released updates to fix the vulnerability. More information can be found on the page belo...

7.5CVSS6.8AI score0.02839EPSS
Exploits0
NCSC
NCSC
•added 2020/09/22 12:0 a.m.•2 views

Vulnerabilities fixed in Google Chrome

Vulnerabilities have been fixed in Google Chrome. The vulnerabilities allow a malicious person to launch attacks that lead to the following categories of damage: Denial-of-Service DoS Circumvention of security measure Possible Code execution User rights Access to system data Google has made littl...

9.6CVSS6.9AI score0.02948EPSS
Exploits6
NCSC
NCSC
•added 2020/09/17 12:0 a.m.•2 views

Vulnerabilities fixed in Drupal

Vulnerabilities have been fixed in Drupal. The vulnerabilities allow a malicious person to perform attacks execute attacks that result in the following categories of damage: Cross-Site Scripting XSS. Bypassing authentication Accessing sensitive data The vulnerability with attribute CVE-2020-13668...

7.5CVSS6.4AI score0.02925EPSS
Exploits0
NCSC
NCSC
•added 2020/09/10 12:0 a.m.•2 views

Vulnerabilities fixed in Ansible

Vulnerabilities have been fixed in Ansible. The vulnerabilities allow a malicious party to gain access to sensitive and system data. Ansible has released updates to fix the vulnerabilities. More information can be found on the pages below: CVE-2020-1736:...

5.5CVSS7AI score0.00568EPSS
Exploits2
NCSC
NCSC
•added 2020/08/19 12:0 a.m.•2 views

Vulnerability fixed in Chrome

Google has released a new version of Chrome. At this time not all details are known and Google only names one specific vulnerability which they themselves rate as "High. This concerns a Heap buffer overflow vulnerability, which could potentially be be exploited by a malicious party to execute...

9.3CVSS8AI score0.03291EPSS
Exploits0
NCSC
NCSC
•added 2020/08/17 12:0 a.m.•2 views

Vulnerabilities fixed in SNMP

Debian has fixed vulnerabilities in SNMP. The vulnerabilities allow a locally authenticated malicious person to obtain elevated privileges. -= Debian =- Debian has made updates to net-snmp available for Debian 10.0 Buster to address the vulnerabilities. You can install the custom packages install...

7.8CVSS6.7AI score0.00459EPSS
Exploits0
NCSC
NCSC
•added 2020/08/06 12:0 a.m.•2 views

Vulnerabilities fixed in Python

Vulnerabilities have been fixed in Python. The vulnerabilities among other things allow an unauthenticated remote malicious person to remotely capable of causing a denial of service. Python has released updates to fix the vulnerabilities. More information can be found on the pages below:...

7.5CVSS6AI score0.12826EPSS
Exploits1
NCSC
NCSC
•added 2020/07/17 12:0 a.m.•2 views

Vulnerabilities fixed in IBM Spectrum Protect

Vulnerabilities have been fixed in IBM Spectrum Protect. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS. Remote code execution Administrator/Root privileges IBM has released updates to fix t...

8.6CVSS8.4AI score0.0399EPSS
Exploits2
NCSC
NCSC
•added 2020/06/24 12:0 a.m.•2 views

Vulnerabilities fixed in cURL

GNU has fixed vulnerabilities in cURL. The vulnerabilities allow a remote malicious person to obtain sensitive to obtain data and to potentially corrupt a file. GNU has released updates to fix the vulnerabilities. More information can be found on the pages below: CVE-2020-8169:...

7.8CVSS6.9AI score0.03427EPSS
Exploits2
NCSC
NCSC
•added 2020/06/18 12:0 a.m.•2 views

Vulnerability fixed in Drupal

Drupal has fixed a vulnerability in the Form API of the Drupal Core. The vulnerability allows a remote malicious party to able to perform a Cross-Site Request Forgery attack XSRF. A successful attack could thereby lead to consequential damage such as the obtaining sensitive data from a domain to...

8.8CVSS6.8AI score0.00695EPSS
Exploits0
NCSC
NCSC
•added 2020/05/26 12:0 a.m.•2 views

Vulnerability fixed in Grafana

A vulnerability has been fixed in Grafana. The vulnerability allows a remote malicious person the ability to execute arbitrary code execute arbitrary code in the victim's browser. The malicious party must entice the victim to follow a rogue hyper-link to do so. Grafana has released updates to fix...

6.1CVSS7.8AI score0.0182EPSS
Exploits0
NCSC
NCSC
•added 2020/05/22 12:0 a.m.•2 views

Vulnerabilities fixed in qemu

Vulnerabilities have been fixed in QEMU. The vulnerabilities allow a malicious party the ability to cause a denial-of-service and potentially execute arbitrary code under privileges of the application. -= Ubuntu =- Canonical has made updates available for Ubuntu 16.04 LTS, 18.04 LTS, 19.10 and...

7.5CVSS7.7AI score0.02293EPSS
Exploits1
NCSC
NCSC
•added 2020/05/20 12:0 a.m.•2 views

Vulnerabilities fixed in BIND

BIND has fixed several vulnerabilities that could allow a malicious potentially capable of causing a denial-of-service DoS cause. A DoS attack exploiting the vulnerability with attribute CVE-2020-8617, targets DNS clients. The vulnerability with attribute CVE-2020-8616 involves a new method for...

8.6CVSS6.7AI score0.93422EPSS
Exploits6
NCSC
NCSC
•added 2023/11/03 12:0 a.m.•1 views

Vulnerabilities fixed in Nagios XI

Nagios has fixed vulnerabilities in Nagios XI. A malicious party could exploit the vulnerabilities to circumvent a circumvention of a security measure, to perform an SQL injection execute or for a cross-site scripting attack. Such attacks can lead to execution of arbitrary code and access to syst...

7AI score
Exploits0
NCSC
NCSC
•added 2023/04/24 12:0 a.m.•1 views

Vulnerability fixed in dmidump

A vulnerability has been fixed in dmidump. A malicious party can exploit the vulnerability to overwrite arbitrary files and overwrite and thus grant himself elevated privileges, or execute arbitrary code with root privileges. A researcher has published a writeup with working Proof-of-Concept code...

7.1CVSS6.7AI score0.00523EPSS
Exploits1
NCSC
NCSC
•added 2022/09/27 12:0 a.m.•1 views

Vulnerabilities fixed in Squid

Vulnerabilities have been fixed in Squid. The vulnerabilities allow a malicious party the ability to access sensitive data obtain or cause a denial-of-service. The developers of Squid have released an update to fix the vulnerability with reference CVE-2022-41317. For more information, see:...

8.6CVSS7.2AI score0.0282EPSS
Exploits0
NCSC
NCSC
•added 2022/04/01 12:0 a.m.•1 views

Vulnerabilities fixed in Apple products

Two different vulnerabilities have been fixed by Apple. The vulnerability with CVE attribute CVE-2022-22675 allows a malicious person able to execute arbitrary code with kernel privileges. This vulnerability has been fixed in macOS, iOS and iPadOS. The second vulnerability, CVE-2022-22674, allows...

9.3CVSS7.7AI score0.12642EPSS
Exploits0
Total number of security vulnerabilities4190