Lucene search
K
NcscMost viewed

4190 matches found

NCSC
NCSC
added 2025/02/11 6:53 a.m.23 views

Vulnerabilities fixed in Cisco IOS, IOS XE and IOS XR Software

Cisco has fixed several vulnerabilities in IOS, IOS XE and IOS XR Software. The vulnerabilities are in how the SNMP subsystem on the vulnerable devices handles traffic. Authenticated malicious actors can send specially crafted SNMP requests, which can lead to denial-of-service DoS conditions on t...

7.7CVSS7.1AI score0.00755EPSS
Exploits0References2
NCSC
NCSC
added 2025/01/22 1:30 p.m.23 views

Vulnerabilities fixed in Oracle Database products

Oracle has fixed vulnerabilities in several database products and subsystems, including the Core Database, Grail, Application Express, GoldenGate and REST data. The vulnerabilities are in several components of the Oracle Database, including the Data Mining component and the Java VM. These...

10CVSS7AI score0.9378EPSS
Exploits53References1
NCSC
NCSC
added 2024/06/26 8:58 a.m.23 views

Vulnerabilities fixed in Progress MOVEit

Progress has fixed vulnerabilities in MOVEit Transfer and MOVEit Gateway. During the vulnerability investigation, a vulnerability was also discovered in an unnamed Third-Party component in use by MOVEit Transfer. The vulnerabilities are located in the SFTP module of the affected applications and...

9.8CVSS7.5AI score0.75812EPSS
Exploits3References2
NCSC
NCSC
added 2023/06/30 12:0 a.m.23 views

Vulnerability fixed in Schneider Electric EcoStruxture Operator Terminal Expert

Schneider Electric has fixed a vulnerability in the EcoStruxture Operator Terminal Expert. A malicious party could exploit the vulnerability to execute arbitrary code on the vulnerable system and gain access to sensitive data. To do this, the malicious party must have local access to the vulnerab...

7.8CVSS7.3AI score0.00597EPSS
Exploits0
NCSC
NCSC
added 2021/12/14 12:0 a.m.23 views

Vulnerabilities fixed in Cisco Small Business 220 Series Switches

Cisco has fixed vulnerabilities in Small Business 220 Series Switches. An unauthenticated malicious person on the local network of the switch could potentially exploit the vulnerabilities to execute arbitrary code or cause a denial-of-service DoS. Only switches on which Link Layer Discovery...

8.8CVSS7.4AI score0.00504EPSS
Exploits0
NCSC
NCSC
added 2021/11/02 12:0 a.m.23 views

Vulnerabilities fixed in HP LaserJet printers

Vulnerabilities have been fixed in several HP printers. The vulnerability with the reference CVE-2021-39238 describes a possible buffer overflow. A malicious party could potentially exploit this vulnerability to execute arbitrary code or cause a denial-of-service. The vulnerability with the...

9.8CVSS8AI score0.12135EPSS
Exploits0
NCSC
NCSC
added 2021/10/12 12:0 a.m.23 views

Vulnerability fixed in Microsoft System Center Operations Manager

Microsoft has fixed a vulnerability in System Center Operations Manager SCOM. The vulnerability allows a malicious remotely able to view files. The vulnerability is only exploitable on SCOM systems that have the web console installed. System Center:...

7.5CVSS6AI score0.02786EPSS
Exploits0
NCSC
NCSC
added 2021/09/20 12:0 a.m.23 views

Vulnerabilities fixed in McAfee Endpoint Security and McAfee Data Loss Prevention

Vulnerabilities have been fixed in McAfee Endpoint Security and McAfee Data Loss Prevention. The vulnerabilities allow a malicious party to conduct attacks that result in the following categories of damage: Denial-of-Service DoS. Remote code execution Administrator/Root privileges Access to syste...

8.4CVSS7.6AI score0.01082EPSS
Exploits0
NCSC
NCSC
added 2021/08/12 12:0 a.m.23 views

Vulnerabilities fixed in Microsoft Windows

Microsoft has fixed vulnerabilities in several components of Windows. The vulnerabilities potentially enable a malicious person to able to perform attacks that result in the following categories of damage: Obtaining elevated privileges Execution of arbitrary code Accessing sensitive data The...

9.9CVSS6.5AI score0.66023EPSS
Exploits7
NCSC
NCSC
added 2021/03/09 12:0 a.m.23 views

Vulnerabilities fixed in Siemens Ruggedcom

Siemens has fixed multiple vulnerabilities in Ruggedcom products. A malicious party could potentially exploit them to cause a denial-of-service. To do so requires sending malicious network traffic to the vulnerable device. sent. In addition, the vulnerabilities can be exploited by a malicious be...

8.8CVSS7.3AI score0.02181EPSS
Exploits2
NCSC
NCSC
added 2020/10/22 12:0 a.m.23 views

Vulnerabilities fixed in Oracle Fusion Middleware

Oracle has fixed vulnerabilities in the following Oracle Fusion Middleware products: JDeveloper HTTP Server Identity Manager Connector Business Intelligence Enterprise Edition WebLogic Server The vulnerabilities allow an unauthenticated malicious person with network access to the vulnerable syste...

10CVSS7.4AI score0.99997EPSS
Exploits109
NCSC
NCSC
added 2026/05/30 10:52 a.m.22 views

Vulnerability handling in Palo Alto Networks PAN-OS and Prisma Access

Palo Alto Networks has identified a vulnerability in the PAN-OS’ GlobalProtect portal and gateway components. An unauthorized malicious actor can exploit this vulnerability to establish a VPN connection. As a result, the malicious actor gains access to internal systems that are accessible via the...

9.1CVSS6.1AI score0.86678EPSS
Exploits9References2
NCSC
NCSC
added 2026/03/27 6:9 p.m.22 views

Vulnerabilities fixed in F5 Networks BIG-IP, F5OS and NGINX App Protect WAF

F5 Networks has fixed vulnerabilities in the BIG-IP and F5OS product lines and NGINX App Protect WAF. The vulnerabilities include several configuration issues and exploit vectors. A malicious party can exploit the vulnerabilities to launch attacks that can lead to the following categories of...

9.8CVSS7.5AI score0.02246EPSS
Exploits0References3
NCSC
NCSC
added 2025/12/09 1:15 p.m.22 views

Vulnerabilities fixed in Siemens products

Siemens has fixed vulnerabilities in various products such as Building X, COMOS, Energy Services, Gridscale X, NX, RUGGEDCOM, SICAM, SIMATIC, SINEC, SINEMA, SIPLUS and Solid Edge. The vulnerabilities potentially enable a malicious person to launch attacks that could result in the following...

10CVSS7.7AI score0.88106EPSS
Exploits158References14
NCSC
NCSC
added 2025/10/24 11:9 a.m.22 views

Vulnerabilities fixed in Microsoft Windows

Microsoft has fixed vulnerabilities in Windows. A malicious party can exploit the vulnerabilities to carry out attacks that can lead to the following categories of damage: - Denial-of-Service - Circumvention of a security measure - Manipulation of data - Execution of arbitrary code user privilege...

9.9CVSS7.2AI score0.99962EPSS
Exploits32References1
NCSC
NCSC
added 2025/01/14 11:50 a.m.22 views

Vulnerabilities fixed in SAP products

SAP has fixed vulnerabilities in SAP, NetWeaver and ABAP. The vulnerabilities in SAP NetWeaver Application Server for ABAP and ABAP Platform include incorrect authentication controls and weak access controls, which can be exploited by authenticated attackers to escalate their privileges and gain...

9.9CVSS8.3AI score0.00718EPSS
Exploits0References1
NCSC
NCSC
added 2023/03/16 12:0 a.m.22 views

Vulnerabilities fixed in Adobe Illustrator

Adobe has fixed vulnerabilities in Illustrator 2023. A malicious party could exploit the vulnerabilities to gain access to sensitive data, or to execute arbitrary code with privileges of the victim. To do so, the malicious party must trick the victim into opening a malicious file to open. Adobe h...

7.8CVSS7.9AI score0.00353EPSS
Exploits0
NCSC
NCSC
added 2023/01/11 12:0 a.m.22 views

Vulnerabilities fixed in Microsoft Developer Tools

Microsoft has fixed vulnerabilities in Visual Studio Code and .NET Core. The vulnerabilities allow a malicious party to perform attacks that result in the following categories of damage: Denial-of-Service DoS. Remote code execution User Rights Visual Studio Code:...

7.8CVSS7.8AI score0.0274EPSS
Exploits0
NCSC
NCSC
added 2022/07/25 12:0 a.m.22 views

Vulnerabilities fixed in Foxit PDF Reader and Foxit PDF Editor

Vulnerabilities have been fixed in the PDF Reader and PDF Editor from Foxit. The vulnerabilities allow a malicious party to perform attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution User rights Access to system data This...

7.8CVSS7.8AI score0.01816EPSS
Exploits1
NCSC
NCSC
added 2022/02/02 12:0 a.m.22 views

Vulnerabilities fixed in Fortinet FortiWeb

Vulnerabilities have been fixed in Fortinet FortiWeb. The vulnerabilities marked CVE-2021-36193, CVE-2021-41018 and CVE-2021-43073 allow an authenticated remote malicious person able to execute arbitrary code or commands. The vulnerability with attribute CVE-2021-42753 enables an authenticated...

9CVSS7.5AI score0.03323EPSS
Exploits0
NCSC
NCSC
added 2022/01/11 12:0 a.m.22 views

Vulnerabilities fixed in Microsoft Dynamics

Microsoft has fixed vulnerabilities in Microsoft Dynamics. The vulnerabilities allow a malicious party to launch a Cross-Site Scripting attack and the malicious party can then impersonate then impersonate another user. Microsoft Dynamics:...

7.6CVSS6.3AI score0.01506EPSS
Exploits0
NCSC
NCSC
added 2021/11/11 12:0 a.m.22 views

Vulnerabilities fixed in Kibana

Vulnerabilities have been fixed in Kibana. The vulnerabilities allow a malicious person the opportunity to gain access to system data. Updates have been released to fix the vulnerabilities in Kibana 7.15.2 For more information, see: https://discuss.elastic.co/t/kibana-7-15-2-security-update/28892...

4.3CVSS7.2AI score0.00697EPSS
Exploits0
NCSC
NCSC
added 2021/10/06 12:0 a.m.22 views

Vulnerability fixed in Fortinet FortiSandbox

Fortinet has fixed a vulnerability in FortiSandbox. A authenticated malicious party could potentially abuse the vulnerability to execute arbitrary code. To do so, a rogue HTTP request must be sent to the FortiSandbox appliance. sent. Fortinet has released updates to fix the vulnerability in...

8.8CVSS7.4AI score0.0047EPSS
Exploits0
NCSC
NCSC
added 2021/06/29 12:0 a.m.22 views

Vulnerabilities fixed in RabbitMQ

Vulnerabilities have been fixed in RabbitMQ. The vulnerabilities allow a malicious person to execute arbitrary code under the user's privileges. RabbitMQ categorizes these vulnerabilities according to the CVSSv3 method with a highest score of 3.1. RabbitMQ has released updates to address the...

5.4CVSS7.2AI score0.01437EPSS
Exploits2
NCSC
NCSC
added 2020/09/10 12:0 a.m.22 views

Vulnerabilities fixed in Adobe InDesign

Adobe has fixed vulnerabilities in InDesign. The vulnerabilities allow a malicious person to execute arbitrary code execute arbitrary code. Adobe designates these vulnerabilities as critical. Adobe has made updates available to address the vulnerabilities. fix. More information can be found on th...

7.8CVSS7.2AI score0.11294EPSS
Exploits0
NCSC
NCSC
added 2026/01/28 3:46 p.m.21 views

Vulnerabilities fixed in Fortinet products

Fortinet has fixed vulnerabilities in FortiOS, FortiProxy, FortiWeb and FortiSwitchManager. The vulnerabilities allow unauthenticated attackers to gain access to systems by using various techniques, including bypassing FortiCloud SSO login authentication via specially crafted SAML messages,...

9.8CVSS7.6AI score0.65825EPSS
Exploits1References9
NCSC
NCSC
added 2026/01/21 10:8 a.m.21 views

Vulnerabilities fixed in Oracle Fusion Middleware

Oracle has fixed vulnerabilities in several products, including Oracle HTTP Server, Oracle WebLogic Server, and Oracle Fusion Middleware. The vulnerabilities in the Oracle products allow unauthenticated attackers to access sensitive data, conduct denial-of-service DoS attacks, and compromise the...

10CVSS6.8AI score0.99999EPSS
Exploits38References1
NCSC
NCSC
added 2026/01/13 12:5 p.m.21 views

Vulnerabilities fixed in Siemens products

Siemens has fixed vulnerabilities in several products such as Industrial Edge Devices, SCALANCE, SIMATIC, SIPLUS and Telecontrol Server. The vulnerabilities potentially enable a malicious person to carry out attacks that could result in the following categories of damage: - Denial-of-Service DoS ...

10CVSS7.6AI score0.00601EPSS
Exploits0References5
NCSC
NCSC
added 2025/09/09 11:12 a.m.21 views

Vulnerabilities fixed in SAP products

SAP has fixed vulnerabilities in several products, including in SAP NetWeaver, SAP NetWeaver Application Server Java and SAP Landscape Transformation. The vulnerabilities are in the RMI-P4 module and the SAP NetWeaver AS Java platform, among others. The vulnerability with reference CVE-2025-42944...

10CVSS8.7AI score0.02882EPSS
Exploits2References1
NCSC
NCSC
added 2024/06/11 6:20 p.m.21 views

Vulnerabilities fixed in Microsoft Office

Microsoft has fixed vulnerabilities in several Office products. A malicious party could exploit the vulnerabilities to execute arbitrary code with the victim's privileges, potentially gaining access to sensitive data in the victim's context. Successful exploitation requires the malicious party to...

8.8CVSS7.3AI score0.03446EPSS
Exploits1
NCSC
NCSC
added 2024/02/08 12:0 a.m.21 views

Vulnerabilities fixed in Cisco Expressway

Cisco has fixed vulnerabilities in Expressway. A malicious party could exploit the vulnerabilities to perform a Cross-Site-Request-forgery to execute on the Web-based management interface. Such an attack can lead to execution of arbitrary commands in the victim's context. Because cannot be ruled...

9.6CVSS7.5AI score0.00846EPSS
Exploits0
NCSC
NCSC
added 2023/02/27 12:0 a.m.21 views

Vulnerabilities fixed in Solarwinds Platform

Solarwinds has fixed vulnerabilities in the Network Performance Monitoring tools of Solarwinds Platform. A malicious person with prior authentication can exploit the vulnerabilities to execute arbitrary code at the system level of the vulnerable system. Solarwinds has released updates to address...

7.8CVSS7.8AI score0.84803EPSS
Exploits0
NCSC
NCSC
added 2023/02/02 12:0 a.m.21 views

Vulnerabilities fixed in Cisco Identity Services Engine (ISE).

Cisco has fixed vulnerabilities in Identity Services Engine ISE. A malicious person with access to the Web-based management environment could exploit the vulnerabilities to gain access to sensitive data via a Same Server Request Forgery to gain access to sensitive data. It is good practice not to...

6.7CVSS7AI score0.0075EPSS
Exploits0
NCSC
NCSC
added 2022/09/13 12:0 a.m.21 views

Vulnerabilities fixed in Microsoft Windows

Microsoft has fixed vulnerabilities in several components of Windows. The vulnerabilities allow a malicious party to perform attacks that result in the following categories of damage: Denial-of-Service DoS Bypassing authentication Bypassing security measure Remote code execution Administrator/Roo...

9.8CVSS6.3AI score0.85762EPSS
Exploits13
NCSC
NCSC
added 2022/04/19 12:0 a.m.22 views

Vulnerability fixed in Moxa MGate

A vulnerability has been fixed in Moxa MGate. The vulnerability allows a malicious party to gain a man-in-the-middle MITM position on the vulnerable system. Moxa has released updates to fix the vulnerability. More information can be found on the page below:...

7.4CVSS6.8AI score0.00769EPSS
Exploits0
NCSC
NCSC
added 2022/04/04 12:0 a.m.21 views

Vulnerabilities fixed in Dell Wyse Device Agent

Vulnerabilities have been fixed in Dell Wyse Device Agent. A local malicious party could exploit the vulnerabilities to gain access to the WMS server and/or gain access to sensitive information from the WMS server. Dell has released updates to fix the vulnerability in Wyse Device Agent. For more...

6.7CVSS6.9AI score0.00685EPSS
Exploits0
NCSC
NCSC
added 2022/03/03 12:0 a.m.21 views

Vulnerabilities fixed in Cisco products

Vulnerabilities have been fixed in several Cisco products. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS. Remote code execution Administrator/Root privileges Increased user privileges The...

9CVSS8AI score0.03177EPSS
Exploits0
NCSC
NCSC
added 2022/02/24 12:0 a.m.21 views

Bug fixes in Cisco NX-OS

Cisco has fixed several vulnerabilities in NX-OS for various platforms. A malicious party could exploit the vulnerabilities to cause a denial-of-service or, in specific configurations, execute arbitrary code with root privileges. No prior authentication is necessary. The vulnerable services, Cisc...

9CVSS7.8AI score0.1455EPSS
Exploits0
NCSC
NCSC
added 2021/06/29 12:0 a.m.21 views

Vulnerabilities fixed in Nessus

Vulnerabilities have been fixed in Nessus. The vulnerabilities allow a locally authenticated malicious person with administrator privileges to obtain elevated privileges. The malicious party can use these privileges to execute specific Windows commands execute as the Nessus Agent host. Tenable ha...

6.7CVSS6.8AI score0.00348EPSS
Exploits0
NCSC
NCSC
added 2021/05/19 12:0 a.m.21 views

Vulnerability fixed in Keycloak

A vulnerability has been fixed in Keycloak. The vulnerability allows a malicious party to obtain sensitive data and potentially gain elevated privileges as well. Keycloak's developers have released updates to fix the vulnerability. More information can be found at the page below:...

7.3CVSS6.6AI score0.00299EPSS
Exploits0
NCSC
NCSC
added 2021/01/21 12:0 a.m.21 views

Vulnerabilities fixed in Oracle Virtualization

Vulnerabilities have been fixed in Oracle Virtualization/Virtualbox. The vulnerabilities allow a malicious person to perform attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution User rights Access to sensitive data...

8.2CVSS7.5AI score0.00999EPSS
Exploits0
NCSC
NCSC
added 2020/08/12 12:0 a.m.21 views

Vulnerabilities fixed in Adobe Acrobat and Reader

Adobe has fixed vulnerabilities in Acrobat and Reader. The vulnerabilities allow a malicious person to carry out attacks execute attacks that lead to the following categories of damage: Denial-of-Service DoS Circumvention of security measure Remote code execution User rights Access to sensitive...

9.3CVSS7.3AI score0.48441EPSS
Exploits3
NCSC
NCSC
added 2026/05/12 12:21 p.m.20 views

Vulnerabilities found in various SAP products

SAP has identified vulnerabilities in the following SAP products: SAP S/4HANA, SAP Commerce Cloud, SAP Forecasting & Replenishment, SAP NetWeaver Application Server for ABAP, SAP Business Server Pages, SAP BusinessObjects Business Intelligence Platform, SAP Strategic Enterprise Management Scoreca...

9.6CVSS6.9AI score0.01398EPSS
Exploits1References1
NCSC
NCSC
added 2026/02/20 2:47 p.m.20 views

ZeroDay vulnerabilities fixed in Ivanti Endpoint Manager Mobile

Ivanti has fixed two vulnerabilities in Endpoint Manager Mobile EPMM, ok known as MobileIron. The vulnerabilities allow an unauthenticated malicious person to execute arbitrary code on the vulnerable system. Of the vulnerability marked CVE-2026-1281, Ivanti reports that it has been actively...

9.8CVSS6.2AI score0.8404EPSS
Exploits6References2
NCSC
NCSC
added 2026/01/16 10:7 a.m.20 views

Vulnerabilities fixed in Juniper Networks JunOS

Juniper has fixed vulnerabilities in Junos OS Specifically for SRX and MX Series devices. The vulnerabilities in Junos OS include several issues, including clickjacking, denial-of-service DoS by malformed packets, and vulnerabilities that can be exploited by unauthenticated attackers. These...

8.7CVSS7.9AI score0.00809EPSS
Exploits0References20
NCSC
NCSC
added 2024/07/30 9:32 a.m.20 views

Vulnerabilities fixed in VMware ESXi and vCenter Server

VMware has fixed vulnerabilities in ESXi and vCenter Server. A malicious party can exploit the vulnerabilities to cause a denial-of-service on the host, or to grant itself elevated privileges to perform actions that the malicious party is not initially authorized to perform. This does require the...

7.2CVSS7.1AI score0.2677EPSS
Exploits0References2
NCSC
NCSC
added 2022/04/19 12:0 a.m.20 views

Vulnerabilities fixed in Lenovo notebook BIOS

Vulnerabilities have been found in several Lenovo laptop models by researchers from security firm ESET. These vulnerabilities are Lenovo-specific, a full list of affected Lenovo laptops can be found under "Possible fixes." Two of these vulnerabilities, with attributes CVE-2021-3970 and...

7.2CVSS7AI score0.02999EPSS
Exploits1
NCSC
NCSC
added 2021/11/16 12:0 a.m.20 views

Vulnerability fixed in Fortinet Fortimanager

Fortinet has fixed a vulnerability in Fortimanager. A authenticated malicious party could potentially abuse it to manipulate VPN tunnels without having the necessary permissions to do so. Fortinet has released updates to fix the vulnerability in Fortimanager 6.4.6 & 7.0.0. For more information,...

6.3CVSS6.8AI score0.00496EPSS
Exploits0
NCSC
NCSC
added 2021/09/09 12:0 a.m.20 views

Vulnerabilities fixed in PAN-OS

Palo Alto Networks has fixed vulnerabilities in PAN-OS. The vulnerabilities potentially enable a malicious person to launch attacks execute attacks that result in the following categories of damage: Cross-Site Scripting XSS. Denial-of-Service DoS. Remote code execution Administrator/Root rights...

10CVSS7AI score0.74513EPSS
Exploits2
NCSC
NCSC
added 2021/02/15 12:0 a.m.20 views

Vulnerabilities fixed in Jira

Vulnerabilities have been fixed in JIRA. The vulnerabilities allow a malicious person to perform a Cross-Site Scripting attack and to obtain system data. Atlassian categorizes these vulnerabilities according to the CVSSv3 method with a highest score of 8.2. Atlassian has released updates to addre...

6.1CVSS6.2AI score0.02001EPSS
Exploits0
Total number of security vulnerabilities4190