Lucene search
K

4199 matches found

NCSC
NCSC
•added 2023/12/13 12:0 a.m.•5 views

Vulnerabilities fixed in Adobe Illustrator

Adobe has fixed vulnerabilities in Illustrator 2023 and 2024. A malicious person could exploit the vulnerabilities to execute arbitrary execute code with the victim's privileges. The malicious person does not need prior authorizations to do so. Adobe has released updates to fix the vulnerabilitie...

7.8CVSS7.5AI score0.00462EPSS
Exploits0
NCSC
NCSC
•added 2023/12/13 12:0 a.m.•7 views

Vulnerabilities fixed in Adobe After Effects

Adobe has fixed vulnerabilities in After Effects. A malicious party could exploit the vulnerabilities to gain access to system data, or to execute arbitrary code with privileges of the victim. The malicious party does not need any prior authorizations required. Adobe has released updates to fix t...

7.8CVSS8AI score0.00568EPSS
Exploits0
NCSC
NCSC
•added 2023/12/13 12:0 a.m.•5 views

Vulnerabilities fixed in Adobe InDesign

Adobe has fixed vulnerabilities in InDesign. A malicious person could exploit the vulnerabilities to cause a denial-of-service cause or to gain access to sensitive data. The malicious party does not need prior authorizations to do so. Adobe has released updates to fix the vulnerabilities in versi...

5.5CVSS7.1AI score0.00328EPSS
Exploits0
NCSC
NCSC
•added 2023/12/13 12:0 a.m.•4 views

Vulnerabilities fixed in Microsoft Azure

Microsoft has fixed vulnerabilities in several Azure components. A malicious party could exploit the vulnerabilities to grant themselves elevated privileges, gain access to sensitive data, or to impersonate another user via a cross-site scripting attack. Such an attack can lead to execution of...

9.6CVSS6.4AI score0.16221EPSS
Exploits0
NCSC
NCSC
•added 2023/12/13 12:0 a.m.•6 views

Vulnerabilities fixed in Microsoft Office

Microsoft has fixed vulnerabilities in several Office products. A malicious party could exploit the vulnerabilities to impersonate another user or gain access to sensitive data, potentially including full access to the local file system. Successful exploitation requires the malicious party to tri...

6.5CVSS6.4AI score0.17559EPSS
Exploits1
NCSC
NCSC
•added 2023/12/13 12:0 a.m.•16 views

Vulnerabilities fixed in SAP

SAP has fixed vulnerabilities in several products, including. Business Objects, SAP GUI, Master Data Governance, Netweaver and Solution Manager. A malicious party can exploit the vulnerabilities to carry out attacks that can lead to the following categories of damage: Cross-Site Scripting XSS...

9.8CVSS8.9AI score0.03307EPSS
Exploits2
NCSC
NCSC
•added 2023/12/13 12:0 a.m.•5 views

Vulnerabilities fixed in Adobe Dimension

Adobe has fixed vulnerabilities in Dimension. A malicious party could exploit the vulnerabilities to gain access to sensitive data. The malicious party does not need any prior authorizations required. Adobe has released updates to fix the vulnerability in Dimension 3.4.11. For more information,...

5.5CVSS7.1AI score0.00424EPSS
Exploits0
NCSC
NCSC
•added 2023/12/13 12:0 a.m.•5 views

Vulnerabilities fixed in Microsoft Dynamics

Microsoft has fixed vulnerabilities in Dynamics. A malicious party could exploit the vulnerabilities to cause a Denial-of-Service, or to impersonate another user through a Cross-Site-Scripting attack. Such an attack can lead to execution of arbitrary code in the browser of the victim, or access...

9.6CVSS6.9AI score0.16221EPSS
Exploits0
NCSC
NCSC
•added 2023/12/13 12:0 a.m.•5 views

Vulnerabilities fixed in Microsoft Windows

Microsoft has fixed vulnerabilities in Windows. A malicious party can exploit the vulnerabilities to launch attacks execute attacks that can lead to the following categories of damage: Denial-of-Service DoS. Remote code execution User Rights Spoofing Access to system data Increased user privilege...

8.8CVSS7.2AI score0.92817EPSS
Exploits1
NCSC
NCSC
•added 2023/12/12 12:0 a.m.•5 views

Vulnerabilities fixed in Siemens products

Siemens has fixed vulnerabilities in several products including. SIMATIC, SCALANCE, SIPROTEC, TIA and RUGGEDCOM. The vulnerabilities potentially enable a malicious person to carry out attacks that could result in the following categories of damage: Cross-Site Request Forgery XSRF. Denial-of-Servi...

9.8CVSS7.2AI score0.03658EPSS
Exploits1
NCSC
NCSC
•added 2023/12/12 12:0 a.m.•6 views

Vulnerabilities fixed in Apple macOS

Apple has fixed vulnerabilities in macOS. A malicious party could exploit the vulnerabilities to launch attacks that can lead to the following categories of damage: Denial-of-Service DoS Data manipulation. Remote code execution User rights Access to sensitive data Access to system data Successful...

8.8CVSS8.5AI score0.07879EPSS
Exploits16
NCSC
NCSC
•added 2023/12/12 12:0 a.m.•6 views

Vulnerabilities fixed in Apple iOS and iPadOS

Apple has fixed vulnerabilities in iOS and iPadOS. A malicious party can exploit the vulnerabilities to launch attacks execute attacks that can lead to the following categories of damage: Denial-of-Service DoS Manipulation of data Bypassing authentication Remote code execution User rights Access ...

8.8CVSS8.9AI score0.17823EPSS
Exploits9
NCSC
NCSC
•added 2023/12/07 12:0 a.m.•6 views

Vulnerability fixed in Atlassian Jira

Atlassian has fixed a vulnerability in Jira Assets Discovery. A malicious person with access to the connection between the Assets Discovery Agent and the Assets Discovery application, can exploit the exploit the vulnerability to execute arbitrary code on the system where the Assets Discovery Agen...

9.8CVSS7.7AI score0.11147EPSS
Exploits0
NCSC
NCSC
•added 2023/12/07 12:0 a.m.•8 views

Vulnerability fixed in Apache Struts

Apache Foundation has fixed a vulnerability in Struts. A malicious person with rights to upload files can exploit the exploit the vulnerability to upload a rogue file to potentially potentially execute or cause to be executed arbitrary code within the application using Struts. Apache Foundation h...

9.8CVSS9.5AI score0.80819EPSS
Exploits15
NCSC
NCSC
•added 2023/12/06 12:0 a.m.•3 views

Vulnerability fixed in Atlassian Confluence

Atlassian has fixed a vulnerability in Confluence Data Center and Confluence Server. The vulnerability allows an authenticated malicious person able to execute arbitrary execute code with application privileges, potentially gain access to sensitive data. If access is configured as "anonymous...

9CVSS7.2AI score0.12844EPSS
Exploits0
NCSC
NCSC
•added 2023/12/05 12:0 a.m.•12 views

Vulnerabilities fixed in Google Android and Samsung Mobile

Google has fixed vulnerabilities in Android. A malicious person can exploit the vulnerabilities to launch attacks that can lead to the following categories of damage: Denial-of-Service DoS. Remote code execution Administrator/Root rights Remote code execution User rights Access to sensitive data...

9.8CVSS9.2AI score0.08423EPSS
Exploits8
NCSC
NCSC
•added 2023/12/04 12:0 a.m.•5 views

Vulnerabilities fixed in Squid

Vulnerabilities have been fixed in Squid. A malicious party can exploit the exploit the vulnerabilities to cause a denial-of-service. The developers of Squid have released updates to fix the vulnerabilities in Squid 6.5. For more information, see:...

8.6CVSS7AI score0.88818EPSS
Exploits0
NCSC
NCSC
•added 2023/12/04 12:0 a.m.•7 views

Vulnerabilities fixed in GitLab Enterprise Edition and Community Edition

GitLab has fixed vulnerabilities in GitLab Enterprise Edition EE and Community Edition CE. A malicious party could exploit the vulnerabilities to cause a denial-of-service DoS cause, manipulate data, or launch a Cross-Site-Scripting XSS attack. Such an attack can lead to execution of arbitrary co...

8.7CVSS7.2AI score0.00579EPSS
Exploits0
NCSC
NCSC
•added 2023/12/04 12:0 a.m.•5 views

Vulnerabilities fixed in IBM DB2

IBM has fixed vulnerabilities in DB2. A malicious party could exploit the exploit the vulnerabilities to grant himself elevated privileges, or to cause a denial-of-service by executing a specially prepared query. These updates also include several updates to third-party products to include older...

7.5CVSS7.1AI score0.0109EPSS
Exploits0
NCSC
NCSC
•added 2023/12/04 12:0 a.m.•51 views

Vulnerabilities fixed in Zyxel products

Zyxel has fixed vulnerabilities in the firmware of several ATP and USG series firewalls. A malicious party could exploit them to launch attacks that can result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Manipulation of data Access to system data...

7.5CVSS6.5AI score0.00881EPSS
Exploits0
NCSC
NCSC
•added 2023/12/01 12:0 a.m.•8 views

Vulnerabilities fixed in Google Chrome

Google has fixed vulnerabilities in Chrome. A malicious person could exploit the vulnerabilities to execute arbitrary code with privileges of the browser, or to access sensitive data in the context of the browser. Successful exploitation requires the malicious party to trick the victim into openi...

9.6CVSS7.4AI score0.1963EPSS
Exploits0
NCSC
NCSC
•added 2023/12/01 12:0 a.m.•5 views

Vulnerability fixed in IBM AIX

IBM has fixed a vulnerability in AIX. Through an error in the invscout command, a local malicious person can execute arbitrary execute arbitrary commands on the system. IBM has released updates to fix the vulnerability in AIX invscout. For more information, see:...

8.4CVSS7AI score0.0028EPSS
Exploits0
NCSC
NCSC
•added 2023/12/01 12:0 a.m.•6 views

Vulnerabilities fixed in Apple iOS, iPadOS, MacOS and Safari

Apple has fixed vulnerabilities in iOS, iPadOS, MacOS and Safari. A malicious party could exploit the vulnerabilities to execute arbitrary code with user privileges, or to gain access to sensitive data. Successful exploitation requires the malicious party to trick the victim into following a rogu...

8.8CVSS8.7AI score0.17823EPSS
Exploits0
NCSC
NCSC
•added 2023/11/30 12:0 a.m.•30 views

Vulnerabilities fixed in MOVEit Transfer

Progress has fixed vulnerabilities in MOVEit Transfer. A malicious party could exploit the vulnerability with attribute CVE-2023-6217 exploit for a Cross-Site Scripting ace trap. Such an attack can lead to execution of arbitrary code in the browser of the victim, or potentially access sensitive...

7.2CVSS6.7AI score0.00696EPSS
Exploits0
NCSC
NCSC
•added 2023/11/30 12:0 a.m.•3 views

Vulnerabilities fixed in MediaWiki

Vulnerabilities have been fixed in MediaWiki. A malicious party can exploit the vulnerabilities to cause a denial-of-service cause, or to launch a Cross-Site-Scripting attack XSS which may allow the malicious party to grant itself elevated privileges when the administrator of a wiki allows XML...

9CVSS7AI score0.22699EPSS
Exploits3
NCSC
NCSC
•added 2023/11/30 12:0 a.m.•3 views

Vulnerability fixed in Apache ActiveMQ

Apache Foundation has fixed a vulnerability in ActiveMQ. A authenticated malicious person could exploit the vulnerability to execute arbitrary code with application privileges. Apache Foundation has released updates to fix the vulnerability fix in ActiveMQ 5.16.6, 5.17.4, 5.18.0 & 6.0.0. For more...

8.8CVSS7.4AI score0.8581EPSS
Exploits2
NCSC
NCSC
•added 2023/11/30 12:0 a.m.•9 views

Vulnerabilities fixed in QlikTech Qlik Sense Vulnerabilities fixed in QlikTech Qlik Sense

QlikTech has fixed vulnerabilities in Qlik Sense Enterprise. An unauthenticated malicious person could exploit the vulnerabilities to execute arbitrary code on the system where Qlik Sense is installed, potentially taking over that system. take over. Qlik Sense reports having received reports that...

9.9CVSS8AI score0.84967EPSS
Exploits0
NCSC
NCSC
•added 2023/11/28 12:0 a.m.•3 views

Vulnerability fixed in Solarwinds Platform

Solarwinds has fixed a vulnerability in Solarwinds Platform. A malicious party could exploit the vulnerability to use SQL-Injection to gain access to sensitive data, or potentially execute arbitrary code with application privileges. For successful exploitation, the malicious party must be...

8.8CVSS7.5AI score0.00214EPSS
Exploits0
NCSC
NCSC
•added 2023/11/23 12:0 a.m.•3 views

Vulnerabilities fixed in Foxit PDF Reader and PDF Editor

Foxit has fixed vulnerabilities in PDF Reader and PDF Editor formerly PhantomPDF. A malicious party could exploit them to cause a denial-of-service, execute arbitrary execute arbitrary code with the victim's privileges or to access gain access to sensitive data in the victim's context. Successful...

8.8CVSS7.7AI score0.02673EPSS
Exploits4
NCSC
NCSC
•added 2023/11/23 12:0 a.m.•4 views

Vulnerabilities fixed in Mozilla Firefox and Thunderbird

Mozilla has fixed vulnerabilities in Firefox and Thunderbird. A malicious party can exploit the vulnerabilities to launch attacks execute attacks that can lead to the following categories of damage: Denial-of-Service DoS. Remote code execution User Rights Spoofing Access to system data Successful...

8.8CVSS9.3AI score0.01406EPSS
Exploits0
NCSC
NCSC
•added 2023/11/23 12:0 a.m.•8 views

Vulnerabilities discovered in OwnCloud

Vulnerabilities have been discovered in OwnCloud's core software and in the apps oauth2 and graphapi. An unauthenticated malicious person could exploit the vulnerabilities to arbitrarily delete files delete or gain access to sensitive data Because a configuration change is sufficient to remove...

10CVSS7.3AI score0.78428EPSS
Exploits5
NCSC
NCSC
•added 2023/11/23 12:0 a.m.•28 views

Vulnerabilities fixed in Atlassian products

Atlassian has fixed vulnerabilities in several products such as Jira, Confluence and Bitbucket. A malicious party can exploit the exploit vulnerabilities to launch attacks that can lead to the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Data manipulation. Remot...

8.8CVSS7.7AI score0.99999EPSS
Exploits25
NCSC
NCSC
•added 2023/11/23 12:0 a.m.•7 views

Vulnerability fixed in Splunk

A vulnerability has been fixed in Splunk. A malicious person with prior authentication and rights to upload XSLT files, could exploit the vulnerability to execute arbitrary code via the upload of an XSLT file to execute arbitrary code with permissions from the application. Because it is not...

8.8CVSS8.1AI score0.89066EPSS
Exploits4
NCSC
NCSC
•added 2023/11/17 12:0 a.m.•4 views

Vulnerabilities fixed in Nagios XI

Vulnerabilities have been fixed in Nagios XI. A malicious party can exploit the vulnerabilities to launch a cross-site scripting attack. execute. Such an attack could lead to execution of arbitrary code in the victim's browser, or possibly access to sensitive data in the context of the victim's...

6.3AI score
Exploits0
NCSC
NCSC
•added 2023/11/16 12:0 a.m.•20 views

Vulnerabilities fixed in Fortinet FortiOS and FortiProxy

Fortinet has fixed vulnerabilities in FortiOS and FortiProxy. A malicious party could exploit the vulnerability to cause a denial-of-service, or to reboot the system with a rogue image. To reboot, the malicious party needs prior administrator privileges. Fortinet has released updates to fix the...

6.7CVSS7AI score0.01269EPSS
Exploits0
NCSC
NCSC
•added 2023/11/16 12:0 a.m.•5 views

Vulnerabilities fixed in Adobe Dimension

Adobe has fixed a vulnerability in Dimension. A local malicious party could exploit the vulnerability to gain access to sensitive data. The malicious party does not need any prior authorizations required. Adobe has released updates to fix the vulnerability in Dimension 3.4.10. For more informatio...

5.5CVSS6.9AI score0.00367EPSS
Exploits0
NCSC
NCSC
•added 2023/11/16 12:0 a.m.•6 views

Vulnerabilities fixed in Adobe Media Encoder

Adobe has fixed vulnerabilities in Media Encoder. A malicious party could exploit the vulnerabilities to gain access to system data, or to execute arbitrary code with privileges of the victim. Successful exploitation requires the malicious party to trick the victim into opening a rogue file. Adob...

7.8CVSS7.9AI score0.00393EPSS
Exploits0
NCSC
NCSC
•added 2023/11/16 12:0 a.m.•6 views

Vulnerabilities fixed in Cisco Identity Services Engine (ISE).

Cisco has fixed two vulnerabilities in Cisco Identity Services Engine ISE. A malicious party can exploit the vulnerabilities to perform attacks that can lead to the following categories of damage: Cross-Site Scripting XSS; Access to system data; To carry out the attacks, the malicious party needs...

8.8CVSS6.4AI score0.00888EPSS
Exploits0
NCSC
NCSC
•added 2023/11/16 12:0 a.m.•4 views

Vulnerability fixed in Adobe InCopy

Adobe has fixed a vulnerability in InCopy. A malicious person could exploit the vulnerability to execute arbitrary code with privileges of the victim. For successful abuse, the malicious party must trick the victim into opening a rogue file. Adobe has released updates to fix the vulnerability in...

7.8CVSS7.3AI score0.00341EPSS
Exploits0
NCSC
NCSC
•added 2023/11/16 12:0 a.m.•8 views

Vulnerabilities fixed in Adobe Photoshop

Adobe has fixed vulnerabilities in Photoshop. A malicious person can exploit the vulnerabilities to execute arbitrary code with privileges of the victim and to gain access to sensitive data in the victim's context. Successful exploitation requires the malicious party to trick the victim into...

7.8CVSS7.6AI score0.00328EPSS
Exploits0
NCSC
NCSC
•added 2023/11/16 12:0 a.m.•6 views

Vulnerabilities fixed in Adobe Coldfusion

Adobe has fixed vulnerabilities in Coldfusion. A unauthenticated remote malicious person could exploit them to bypass a security measure and execute arbitrary execute arbitrary code with permissions from the application that uses Coldfusion uses and thus potentially gain access to sensitive data...

9.8CVSS7.9AI score0.84811EPSS
Exploits0
NCSC
NCSC
•added 2023/11/16 12:0 a.m.•7 views

Vulnerabilities fixed in Adobe Premiere Pro

Adobe has fixed vulnerabilities in Premiere Pro. A malicious party could exploit the vulnerabilities to gain access to system data, or to execute arbitrary code with privileges of the victim. Successful exploitation requires the malicious party to trick the victim into opening a rogue file. Adobe...

7.8CVSS7.9AI score0.00389EPSS
Exploits0
NCSC
NCSC
•added 2023/11/16 12:0 a.m.•7 views

Vulnerability fixed in VMware Cloud Director Appliance

VMware has discovered a vulnerability in Cloud Director Appliance. A workaround for this has been published. The vulnerability occurs only when Cloud Director Appliance has received an upgrade to 10.5.0 from a lower version. Newly installed systems running on 10.5.0, or systems running on older...

9.8CVSS6.5AI score0.01345EPSS
Exploits4
NCSC
NCSC
•added 2023/11/16 12:0 a.m.•3 views

Vulnerabilities fixed in GIMP

Vulnerabilities have been fixed in GIMP. A malicious person could vulnerabilities to execute arbitrary code with victim's privileges, potentially gaining access to sensitive data. Successful exploitation requires the malicious party to trick the victim into opening a rogue file. The developers of...

7.8CVSS7.8AI score0.93639EPSS
Exploits0
NCSC
NCSC
•added 2023/11/16 12:0 a.m.•5 views

Vulnerabilities fixed in Fortinet FortiMail

Fortinet has fixed vulnerabilities in FortiMail. A malicious party can exploit the vulnerability with reference CVE-2023-45582 exploited to gain brute-force access to the mail environment. The vulnerability with reference CVE-2023-36633 allows an authenticated malicious person to gain access to...

7.3CVSS7AI score0.00522EPSS
Exploits0
NCSC
NCSC
•added 2023/11/16 12:0 a.m.•9 views

Vulnerabilities fixed in Adobe Audition

Adobe has fixed vulnerabilities in Audition. A malicious person could exploit the vulnerabilities to gain access to system data, or to execute arbitrary code with privileges of the victim. Successful exploitation requires the malicious party to trick the victim into opening a rogue file. Adobe ha...

7.8CVSS8AI score0.0038EPSS
Exploits0
NCSC
NCSC
•added 2023/11/16 12:0 a.m.•6 views

Vulnerabilities fixed in Fortinet FortiClient

Fortinet has fixed vulnerabilities in FortiClient. A local malicious party can exploit the vulnerabilities to gain elevated permissions, bypass security measures and via DDL hijacking or by deleting arbitrary files to alter the operation of the system on which FortiClient is installed. manipulate...

7.8CVSS7.4AI score0.00309EPSS
Exploits0
NCSC
NCSC
•added 2023/11/16 12:0 a.m.•27 views

Vulnerabilities fixed in Elastic Kibana and Logstash

Elastic has fixed vulnerabilities in Kibana and Logstash. The vulnerability with reference CVE-2023-46671 is located in Kibana and allows an authenticated malicious party to obtain sensitive data from the log, such as api keys, user credentials and system credentials. The vulnerability with...

8.4CVSS6.8AI score0.00656EPSS
Exploits0
NCSC
NCSC
•added 2023/11/16 12:0 a.m.•6 views

Vulnerabilities fixed in Citrix Hypervisor

Citrix has released an update to fix vulnerabilities in Citrix hypervisor. The vulnerability with reference CVE-2023-23583 allows a local malicious party to use a virtual guest system to compromise the host system via PCI passthrough. This vulnerability is only present when the vulnerable product...

8.8CVSS7AI score0.01728EPSS
Exploits0
NCSC
NCSC
•added 2023/11/16 12:0 a.m.•6 views

Vulnerabilities fixed in Adobe Acrobat and Acrobat Reader

Adobe has fixed vulnerabilities in Acrobat and Acrobat Reader. A malicious person could exploit the vulnerabilities to execute arbitrary execute code with the victim's privileges and to access gain access to sensitive data in the victim's context. Successful exploitation requires the malicious...

7.8CVSS7.3AI score0.04907EPSS
Exploits0
Total number of security vulnerabilities4199