Lucene search
K

4199 matches found

NCSC
NCSC
•added 2024/01/18 12:0 a.m.•56 views

Vulnerabilities fixed in Oracle Financial Services Applications

Oracle has fixed vulnerabilities in several Financial Services applications. A malicious party could exploit the vulnerabilities to execute attacks that could result in the following categories of damage: Denial-of-Service DoS Manipulation of data Circumvention of security measure Accessing...

10CVSS6.5AI score0.99654EPSS
Exploits50
NCSC
NCSC
•added 2024/01/18 12:0 a.m.•5 views

Vulnerabilities fixed in Oracle E-Business Suite

Oracle has fixed vulnerabilities in E-Business suite and components. A malicious party could exploit the vulnerabilities to perform attacks that could result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Manipulation of data Access to sensitive data Oracle...

6.5CVSS6.3AI score0.00493EPSS
Exploits0
NCSC
NCSC
•added 2024/01/18 12:0 a.m.•5 views

Vulnerabilities fixed in Oracle Systems

Oracle has fixed vulnerabilities in components of System Software. A malicious person with physical access to the hardware, or local access to the infrastructure, can exploit the vulnerabilities to exploit attacks that could result in the following categories of damage: Denial-of-Service DoS...

9.8CVSS7.4AI score0.69899EPSS
Exploits1
NCSC
NCSC
•added 2024/01/18 12:0 a.m.•35 views

Vulnerabilities fixed in Oracle Enterprise Manager

Oracle has fixed vulnerabilities in Enterprise Manager components. A malicious party could exploit the vulnerabilities to perform attacks that could result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Access to sensitive data Access to system data Oracle...

8.3CVSS7.2AI score0.02706EPSS
Exploits3
NCSC
NCSC
•added 2024/01/18 12:0 a.m.•10 views

Vulnerabilities fixed in Oracle PeopleSoft

Oracle has fixed vulnerabilities in PeopleSoft Enterprise PeopleTools. A malicious party could exploit the vulnerabilities to cause a denial-of-service, or to gain access to sensitive data. Causing a Denial-of-Service does not require prior authentication is required. Successful access to sensiti...

7.5CVSS7.2AI score0.99999EPSS
Exploits20
NCSC
NCSC
•added 2024/01/18 12:0 a.m.•39 views

Vulnerabilities fixed in Oracle Supply Chain products

Oracle has fixed vulnerabilities in several Supply Chain products. A malicious party could exploit the vulnerabilities to perform attacks that could result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Access to sensitive data The vulnerabilities have been...

8.8CVSS6.7AI score0.99999EPSS
Exploits20
NCSC
NCSC
•added 2024/01/18 12:0 a.m.•10 views

Vulnerabilities fixed in Oracle MySQL

Oracle has fixed vulnerabilities in several MySQL products. A malicious party can exploit the vulnerabilities to launch attacks execute attacks that can lead to the following categories of damage: Denial-of-Service DoS. Manipulation of data Remote code execution User rights Access to sensitive da...

9.8CVSS7.4AI score0.80819EPSS
Exploits25
NCSC
NCSC
•added 2024/01/18 12:0 a.m.•9 views

Vulnerabilities fixed in Oracle Database products

Oracle has fixed vulnerabilities in several Database Server products. A malicious party can exploit the vulnerabilities to perform attacks that could result in the following categories of damage: Denial-of-Service DoS. Remote code execution User rights Access to sensitive data Access to system da...

9.8CVSS8.2AI score0.9077EPSS
Exploits14
NCSC
NCSC
•added 2024/01/18 12:0 a.m.•11 views

Vulnerabilities fixed in Oracle Analytics

Oracle has fixed vulnerabilities in several Analytics products. A malicious party could exploit the vulnerabilities to execute attacks that could result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Manipulation of data Access to sensitive data Oracle has...

8.2CVSS6.8AI score0.19442EPSS
Exploits5
NCSC
NCSC
•added 2024/01/18 12:0 a.m.•8 views

Vulnerabilities fixed iin Oracle JD Edwards

Oracle has fixed vulnerabilities in JD Edwards. A malicious party can exploit the vulnerabilities to launch attacks execute attacks that can result in the following categories of damage: Denial-of-Service DoS. Remote code execution User rights Access to sensitive data Oracle has fixed the...

9.8CVSS7.6AI score0.75116EPSS
Exploits2
NCSC
NCSC
•added 2024/01/18 12:0 a.m.•17 views

Vulnerabilities fixed in Oracle Communications products

Oracle has fixed vulnerabilities in Communications products and applications. A malicious party can exploit the vulnerabilities to execute attacks that could result in the following categories of damage: Denial-of-Service DoS Manipulation of data Circumvention of security measure Remote code...

10CVSS7.3AI score0.99999EPSS
Exploits131
NCSC
NCSC
•added 2024/01/18 12:0 a.m.•19 views

Vulnerabilities fixed in Oracle Hyperion

Oracle has fixed vulnerabilities in several Hyperion products. A malicious party can exploit the vulnerabilities to launch attacks execute attacks that can result in the following categories of damage: Denial-of-Service DoS. Data manipulation. Remote code execution User rights Access to sensitive...

9.8CVSS8.2AI score0.80819EPSS
Exploits20
NCSC
NCSC
•added 2024/01/17 12:0 a.m.•29 views

Vulnerability fixed in VMware Aria Automation

VMWare has fixed a vulnerability in Aria Automation, formerly known as vRealize Automation. An authenticated malicious party could exploit the vulnerability to gain access gain access to the Aria Automation instance, and possibly to systems of third parties. The malicious party can thus perform...

9.9CVSS6.9AI score0.00949EPSS
Exploits0
NCSC
NCSC
•added 2024/01/17 12:0 a.m.•6 views

Vulnerabilities fixed in Google Chrome

Google has fixed vulnerabilities in Chrome. A malicious person could exploit the vulnerabilities to execute arbitrary code with privileges of the browser, or to gain access to sensitive data in the context of the browser. Successful exploitation requires the malicious party to trick the victim in...

8.8CVSS9.7AI score0.21697EPSS
Exploits1
NCSC
NCSC
•added 2024/01/16 12:0 a.m.•2 views

Vulnerabilities fixed in Citrix Netscaler ADC and Netscaler Gateway

Citrix has fixed vulnerabilities in Netscaler ADC and Netscaler Gateway. A malicious party could exploit the vulnerabilities to cause a denial-of-service, or to execute arbitrary code execute arbitrary code on the vulnerable system. The vulnerability with attribute CVE-2023-6548 is located in the...

8.8CVSS7.9AI score0.57633EPSS
Exploits0
NCSC
NCSC
•added 2024/01/16 12:0 a.m.•11 views

Vulnerabilities fixed in Atlassian products

Atlassian has fixed vulnerabilities in several products, including Confluence and Jira. A malicious party could exploit vulnerabilities to launch attacks that can lead to the following categories of damage: Cross-Site Request Forgery XSRF. Denial-of-Service DoS. Circumvention of security measure...

9.3CVSS8.4AI score0.85001EPSS
Exploits16
NCSC
NCSC
•added 2024/01/12 12:0 a.m.•14 views

Vulnerabilities fixed in GitLab Enterprise Edition and Community Edition

GitLab has fixed vulnerabilities in GitLab Community Edition CE and Enterprise Edition EE. A malicious party could vulnerabilities to exploit attacks that can result in the following categories of damage: Manipulation of data. Circumvention of security measure Remote code execution User rights...

10CVSS7.6AI score0.94955EPSS
Exploits16
NCSC
NCSC
•added 2024/01/12 12:0 a.m.•6 views

Vulnerabilities fixed in Juniper Junos OS and Junos OS Evolved

Vulnerabilities have been fixed in Juniper Junos OS and Junos OS Evolved. The vulnerabilities allow a malicious party to execute attacks that result in the following categories of damage: Denial-of-Service DoS Circumvention of security measure Remote code execution Administrator/Root rights...

9.8CVSS7.8AI score0.17668EPSS
Exploits1
NCSC
NCSC
•added 2024/01/11 12:0 a.m.•4 views

Vulnerability fixed in Fortinet FortiOS and FortiProxy

Fortinet has fixed a vulnerability in FortiOS and FortiProxy. An authenticated malicious party can exploit the vulnerability to execute commands on the system that it is initially is not authorized to do. Fortinet has released an update to fix the vulnerability fix in FortiOS and FortiProxy. For...

8.8CVSS7.1AI score0.00899EPSS
Exploits0
NCSC
NCSC
•added 2024/01/11 12:0 a.m.•51 views

Vulnerabilities fixed in Cisco products

Vulnerabilities have been fixed in several Cisco products. The vulnerabilities allow a malicious party to carry out attacks execute attacks that potentially result in the following categories of damage: Cross-Site Scripting XSS. Remote code execution Administrator/Root rights SQL Injection Access...

9.8CVSS7.3AI score0.01604EPSS
Exploits0
NCSC
NCSC
•added 2024/01/11 12:0 a.m.•3 views

Vulnerabilities fixed in Cacti

The developers of Cacti have fixed several vulnerabilities in Cacti. A malicious party can exploit the vulnerabilities to execute attacks that can result in the following categories of damage: SQL Injection Cross-Site Scripting XSS Remote code execution User rights Remote code execution...

8.8CVSS7.7AI score0.84628EPSS
Exploits10
NCSC
NCSC
•added 2024/01/11 12:0 a.m.•9 views

Vulnerabilities fixed in Trend Micro Apex One

Trend Micro has fixed vulnerabilities in Apex One. A local, authenticated malicious person could exploit the vulnerabilities to grant themselves elevated privileges and execute arbitrary code execute arbitrary code, possibly as SYSTEM. Trend Micro has released updates to fix the vulnerabilities...

7.8CVSS7.5AI score0.00311EPSS
Exploits0
NCSC
NCSC
•added 2024/01/10 12:0 a.m.•3 views

Vulnerabilities in Ivanti Connect Secure and Policy Secure Gateways

Mitigation measures are available for two vulnerabilities in Ivanti Connect Secure and Ivanti Policy Secure Gateways that are being are being actively exploited. The vulnerability with attribute CVE-2023-46805 enables an unauthenticated remote malicious person to bypass authentication. The...

9.1CVSS9.5AI score0.99999EPSS
Exploits23
NCSC
NCSC
•added 2024/01/09 12:0 a.m.•6 views

Vulnerabilities fixed in Microsoft Azure

Microsoft has fixed vulnerabilities in several Azure Products. A malicious party could exploit the vulnerabilities to cause a denial-of-service, or to execute arbitrary code execute arbitrary code on the vulnerable system, with permissions from the process. Due to the nature of the process, the...

8CVSS8.5AI score0.02868EPSS
Exploits0
NCSC
NCSC
•added 2024/01/09 12:0 a.m.•3 views

Vulnerability fixed in Microsoft SQL Server

Microsoft has fixed a vulnerability in SQL Server. A malicious party can exploit the vulnerability to use a Man-in-the-Middle attack to intercept and decrypt, potentially gaining access to the sensitive data in that traffic. Abuse is not easily accomplished and requires the malicious party is in...

8.7CVSS8.2AI score0.0118EPSS
Exploits0
NCSC
NCSC
•added 2024/01/09 12:0 a.m.•5 views

Vulnerabilities fixed in Microsoft Office and Sharepoint

Microsoft has fixed vulnerabilities in Office and Sharepoint. A malicious party could exploit the vulnerabilities to execute arbitrary execute arbitrary code. Successful exploitation of the vulnerability with reference CVE-2024-20677 requires the malicious party to trick the victim into opening a...

8.8CVSS9AI score0.30801EPSS
Exploits0
NCSC
NCSC
•added 2024/01/09 12:0 a.m.•95 views

Vulnerabilities fixed in Siemens products

Siemens has fixed vulnerabilities in several products including. SIMATIC, SICAM, Solid Edge, Spectrum Power and Teamcenter. The vulnerabilities potentially enable a malicious party to launch attacks execute attacks that could result in the following categories of damage: Denial-of-Service DoS...

10CVSS7.6AI score0.00646EPSS
Exploits0
NCSC
NCSC
•added 2024/01/09 12:0 a.m.•6 views

Vulnerabilities fixed in Microsoft Windows

Microsoft has fixed vulnerabilities in Windows. A malicious party can exploit the vulnerabilities to launch attacks execute attacks that can lead to the following categories of damage: Denial-of-Service DoS. Circumvention of security measure Remote code execution Administrator/Root rights Remote...

8.8CVSS9.5AI score0.72163EPSS
Exploits9
NCSC
NCSC
•added 2024/01/09 12:0 a.m.•17 views

Vulnerabilities fixed in SAP products

SAP has fixed vulnerabilities in several products, including SAP, Netweaver, SAP GUI and HANA. A malicious person could exploit them to carry out attacks that can lead to the following categories of damage: Cross-Site Scripting XSS. Denial-of-Service DoS. Circumvention of security measure. Remote...

9.1CVSS7.3AI score0.99999EPSS
Exploits19
NCSC
NCSC
•added 2024/01/09 12:0 a.m.•7 views

Vulnerabilities fixed in Microsoft Developer Tools

Microsoft has fixed vulnerabilities in several Developer Tools. A malicious party could exploit the vulnerabilities to cause a denial-of-service, or to bypass a security measure, gain bypass, gain elevated privileges and thus potentially execute arbitrary code with SYSTEM privileges. Obtaining...

9.8CVSS7.8AI score0.03913EPSS
Exploits1
NCSC
NCSC
•added 2024/01/08 12:0 a.m.•13 views

Vulnerabilities fixed in IBM DB2

IBM has fixed vulnerabilities in several DB2 products such as DB2, DB2 for Cloud Pak and Web Query for i. A malicious party could exploit the exploit the vulnerabilities to grant himself locally elevated privileges assigned arbitrary code and thus execute arbitrary code with potentially privilege...

9.8CVSS7.8AI score0.52063EPSS
Exploits9
NCSC
NCSC
•added 2024/01/05 12:0 a.m.•5 views

Vulnerabilities fixed in Rockwell Automation FactoryTalk Activation Manager

Rockwell Automation has fixed vulnerabilities in the FactoryTalk Activation Manager. A malicious party could exploit them to cause a denial-of-service, or potentially execute arbitrary code on the vulnerable system and thereby take over the system and thus access and manipulate the system data an...

9.8CVSS7.8AI score0.78483EPSS
Exploits6
NCSC
NCSC
•added 2024/01/04 12:0 a.m.•84 views

Vulnerabilities fixed in Google Android and Samsung Mobile

Google has fixed vulnerabilities in Android. A malicious person can exploit the vulnerabilities to launch attacks that can lead to the following categories of damage: Remote code execution Administrator/Root rights Remote code execution User rights Access to sensitive data Increased user rights...

9.8CVSS7.5AI score0.01026EPSS
Exploits3
NCSC
NCSC
•added 2023/12/29 12:0 a.m.•10 views

Vulnerability fixed in NetApp Active IQ Unified Manager

NetApp has fixed a vulnerability in the Spring Web Services component of Active IQ Unified Manager for Windows, Linux, and VMware vSphere. The vulnerability allows a malicious party to gain access to sensitive data, potentially to manipulate it, or to cause a denial-of-service. NetApp has release...

9.8CVSS6.6AI score0.0411EPSS
Exploits0
NCSC
NCSC
•added 2023/12/29 12:0 a.m.•3 views

Vulnerability fixed in ProFTPd

A vulnerability has been fixed in ProFTPd. The vulnerability allows an authenticated remote malicious person to perform a denial-of-service DoS via a specially prepared command to cause a denial-of-service DoS cause. The developers of ProFTP have released updates to fix the vulnerability. For mor...

7.5CVSS8.9AI score0.04249EPSS
Exploits1
NCSC
NCSC
•added 2023/12/29 12:0 a.m.•8 views

Vulnerabilities fixed in Apache OpenOffice

Apache has fixed vulnerabilities in OpenOffice. A malicious party can exploit the vulnerabilities to execute arbitrary code execute arbitrary code in the context of the application, with permissions from the victim, or to bypass a security measure. Apache has released updates to fix the...

8.8CVSS8.3AI score0.64635EPSS
Exploits1
NCSC
NCSC
•added 2023/12/22 12:0 a.m.•7 views

Vulnerability fixed in IBM Informix

IBM has fixed a vulnerability in the JDBC driver of Informix. A malicious person with rights to use the API could can exploit the vulnerability to execute arbitrary code execute code with permissions from the application using the JDBC driver. Because it cannot be estimated with what permissions...

9.8CVSS7.8AI score0.00863EPSS
Exploits0
NCSC
NCSC
•added 2023/12/21 12:0 a.m.•3 views

Vulnerability fixed in Google Chrome

Google has fixed a vulnerability in Chrome. The vulnerability is located in WebRTC, and a malicious person could exploit it to execute arbitrary code in the context of the browser. Google reports being aware that exploit code is being shared in limited shared. This exploit code is not yet publicl...

8.8CVSS7.7AI score0.07356EPSS
Exploits2
NCSC
NCSC
•added 2023/12/21 12:0 a.m.•10 views

Vulnerabilities fixed in Tenable Nessus Network Monitor

Tenable has fixed vulnerabilities in Nessus Network Monitor and underlying software. An unauthenticated malicious person could potentially exploit the vulnerability with reference CVE-2023-5363 potentially exploit it to cause a denial-of-service DoS or to gain access to sensitive system data. In...

9.8CVSS7.3AI score0.97107EPSS
Exploits18
NCSC
NCSC
•added 2023/12/21 12:0 a.m.•5 views

Vulnerabilities fixed in Mozilla Firefox and Thunderbird

Mozilla has fixed vulnerabilities in Firefox and Thunderbird. A malicious party can exploit the vulnerabilities to launch attacks execute attacks that can lead to the following categories of damage: Denial-of-Service DoS; Circumvention of security measure; Remote code execution User Rights;...

8.8CVSS8.2AI score0.20472EPSS
Exploits1
NCSC
NCSC
•added 2023/12/19 12:0 a.m.•3 views

Vulnerability fixed in OpenSSH

A vulnerability has been fixed in OpenSSH. A malicious party could potentially use a Man-in-the-Middle attack to weaken the connection between a client and server and thus gain access to the data transmitted over this connection. This Man-in-the-Middle attack has been given the name "Terrapin...

6.8CVSS6.6AI score0.93305EPSS
Exploits4
NCSC
NCSC
•added 2023/12/19 12:0 a.m.•14 views

Vulnerabilities fixed in Zabbix

Vulnerabilities have been fixed in Zabbix. A malicious party can exploit the exploit the vulnerabilities to cause a Denial-of-Service, potentially execute arbitrary code with the privileges of the application, or use session hijacking to gain access to the data of a logged-in user. The developers...

9.8CVSS8AI score0.00873EPSS
Exploits0
NCSC
NCSC
•added 2023/12/15 12:0 a.m.•4 views

Vulnerability fixed in IBM MQ

IBM has fixed a vulnerability in MQ. An unauthenticated malicious party could exploit the vulnerability to cause a denial-of-service attack. IBM has released updates to fix the vulnerability in the supported versions of MQ. For more information, see: https://www.ibm.com/support/pages/node/7096710...

7.5CVSS8.4AI score0.01449EPSS
Exploits1
NCSC
NCSC
•added 2023/12/15 12:0 a.m.•48 views

Vulnerabilities fixed in GitLab Enterprise Edition and Community Edition

GitLab has fixed vulnerabilities in GitLab Community Edition CE and Enterprise Edition EE. A malicious party could vulnerabilities to exploit attacks that can result in the following categories of damage: Manipulation of data. Circumvention of security measure Spoofing Access to sensitive data...

8.8CVSS6.9AI score0.00733EPSS
Exploits0
NCSC
NCSC
•added 2023/12/14 12:0 a.m.•4 views

Vulnerabilities fixed in Nagios XI

Nagios has fixed vulnerabilities in Nagios XI. A malicious party can exploit the vulnerabilities to launch attacks execute attacks that can result in the following categories of damage: Cross-Site Scripting XSS. Manipulation of data Circumvention of security measure Remote code execution...

6.7AI score
Exploits0
NCSC
NCSC
•added 2023/12/14 12:0 a.m.•7 views

Vulnerabilities fixed in Fortinet FortiSandbox

Fortinet has fixed vulnerabilities in FortiSandbox. A malicious party could exploit the vulnerabilities to launch a Cross-Site-Scripting XSS attack. Such an attack can lead to execution of arbitrary code in the browser of the victim, or access sensitive data in the context of the victim's browser...

5.4CVSS7.2AI score0.00434EPSS
Exploits0
NCSC
NCSC
•added 2023/12/14 12:0 a.m.•8 views

Vulnerabilities fixed in Fortinet FortiOS

Fortinet has fixed vulnerabilities in FortiOS, as used in FortiProxy and FortiPAM. An unauthenticated malicious person could exploit the vulnerability with reference CVE-2023-47536 to exploit a security measure to bypass and route traffic through the system that should not be allowed should be...

8.8CVSS7.2AI score0.01068EPSS
Exploits0
NCSC
NCSC
•added 2023/12/14 12:0 a.m.•4 views

Vulnerabilities fixed in Fortinet FortiMail

Fortinet has fixed vulnerabilities in FortiMail. The vulnerability with reference CVE-2022-47538 allows an unauthenticated malicious party to use a specially prepared request, authentication on the management interface to bypassing authentication on the management interface. The malicious party c...

8.8CVSS7.5AI score0.00491EPSS
Exploits0
NCSC
NCSC
•added 2023/12/14 12:0 a.m.•6 views

Vulnerabilities fixed in Adobe Illustrator

Adobe has fixed vulnerabilities in Illustrator. A malicious party could exploit the vulnerabilities to execute arbitrary code execute arbitrary code. It is possible that code execution could occur with privileges higher than user level. For successful exploitation, the malicious party must trick...

7.8CVSS8.1AI score0.00462EPSS
Exploits0
NCSC
NCSC
•added 2023/12/14 12:0 a.m.•26 views

Vulnerabilities fixed in Zoom

Zoom has fixed vulnerabilities in Zoom clients for Android, iOS, macOS, Linux and Windows. An authenticated malicious party can exploit the vulnerabilities to gain access to sensitive data, grant themselves elevated privileges or cause a denial-of-service attack. Zoom has released updates to fix...

8.8CVSS7.2AI score0.00991EPSS
Exploits0
Total number of security vulnerabilities4199