Lucene search
K

4199 matches found

NCSC
NCSC
•added 2023/11/16 12:0 a.m.•11 views

Vulnerabilities fixed in Adobe After Effects

Adobe has fixed vulnerabilities in After Effects. A malicious party could exploit the vulnerabilities to gain access to system data, or to execute arbitrary code with privileges of the victim. Successful exploitation requires the malicious party to trick the victim into opening a rogue file. Adob...

7.8CVSS7.9AI score0.00401EPSS
Exploits0
NCSC
NCSC
•added 2023/11/16 12:0 a.m.•5 views

Vulnerability fixed in Adobe Animate

Adobe has fixed a vulnerability in Animate. A local malicious party could exploit the vulnerability to gain access to sensitive data. The malicious party does not need any prior authorizations required. Adobe has released updates to fix the vulnerability in Animate 24.0 and 23.0.3. For more...

5.5CVSS6.9AI score0.00337EPSS
Exploits0
NCSC
NCSC
•added 2023/11/15 12:0 a.m.•6 views

Vulnerabilities fixed in HPE Aruba Access Points

Vulnerabilities have been fixed in HPE Aruba Access Points. The vulnerabilities allow a local malicious party to manipulate data, perform a denial-of-service and execute unauthenticated arbitrary code. The vulnerability with attribute CVE-2023-45616 has received a CVSS score assigned of 9.8. HPE...

9.8CVSS6.7AI score0.02132EPSS
Exploits0
NCSC
NCSC
•added 2023/11/14 12:0 a.m.•19 views

Vulnerabilities fixed in Microsoft System Center

Microsoft has fixed vulnerabilities in System Center. A malicious party could exploit the vulnerabilities to gain elevated permissions or gain access to sensitive data. For successful abuse, the malicious party needs local access. Open Management Infrastructure:...

7.8CVSS8.8AI score0.01399EPSS
Exploits0
NCSC
NCSC
•added 2023/11/14 12:0 a.m.•6 views

Vulnerabilities fixed in Microsoft Dynamics

Microsoft has fixed vulnerabilities in several Dynamics products. A malicious party could exploit the vulnerabilities to impersonate another user and thus potentially gain access gain access to sensitive data. Microsoft Dynamics 365 Sales:...

7.6CVSS6.4AI score0.01277EPSS
Exploits0
NCSC
NCSC
•added 2023/11/14 12:0 a.m.•4 views

Vulnerabilities fixed in Microsoft Office

Microsoft has fixed vulnerabilities in several Office products. A malicious party could exploit the vulnerabilities to circumvent a security measure or execute arbitrary code with application privileges. Successful exploitation requires the malicious party to trick the victim into opening a rogue...

7.8CVSS7AI score0.56727EPSS
Exploits1
NCSC
NCSC
•added 2023/11/14 12:0 a.m.•5 views

Vulnerabilities fixed in SAP products

SAP has fixed vulnerabilities in Business One and Netweaver. A malicious party can exploit the vulnerabilities to circumvent a bypass a security measure, or gain access via brute-force gain access to sensitive data. SAP has released updates to fix the vulnerabilities in the vulnerable products. F...

9.6CVSS7AI score0.00586EPSS
Exploits0
NCSC
NCSC
•added 2023/11/14 12:0 a.m.•9 views

Vulnerabilities fixed in TYPO3 Core

Vulnerabilities have been fixed in TYPO3 Core. A malicious person could exploit the vulnerabilities to circumvent a security measure circumvention, gain access to system data, or launch a Cross-Site Scripting attack. Such an attack can lead to execution of arbitrary code in the context of the...

6.1CVSS7.4AI score0.00661EPSS
Exploits1
NCSC
NCSC
•added 2023/11/14 12:0 a.m.•7 views

Vulnerabilities fixed in Microsoft Developer Tools

Microsoft has fixed vulnerabilities in several Developer Tools. A malicious party could exploit the vulnerabilities to cause a denial-of-service, bypass a security measure, bypass, grant himself elevated privileges or impersonate impersonate another user. Successful exploitation requires the...

9.8CVSS7.6AI score0.12512EPSS
Exploits0
NCSC
NCSC
•added 2023/11/14 12:0 a.m.•6 views

Vulnerabilities fixed in Microsoft Windows

Microsoft has fixed vulnerabilities in Windows. A malicious party can exploit the vulnerabilities to launch attacks execute attacks that can lead to the following categories of damage: Denial-of-Service DoS. Circumvention of security measure Remote code execution User rights Spoofing Accessing...

9.8CVSS7.8AI score0.88196EPSS
Exploits8
NCSC
NCSC
•added 2023/11/14 12:0 a.m.•8 views

Vulnerabilities fixed in Microsoft Azure

Microsoft has fixed vulnerabilities in components of Azure. A malicious party could exploit the vulnerabilities to circumvent a security measure, execute arbitrary code with the victim's privileges or gain access to sensitive data. Azure:...

8.8CVSS7AI score0.21542EPSS
Exploits0
NCSC
NCSC
•added 2023/11/14 12:0 a.m.•5 views

Vulnerabilities fixed in Microsoft Exchange Server

Microsoft has fixed vulnerabilities in Exchange server. A malicious party could exploit the vulnerabilities to execute arbitrary code execute arbitrary code as SYSTEM, or impersonate another user and thus potentially gain access to sensitive data. For successful abuse, the malicious party must ha...

8CVSS7AI score0.86588EPSS
Exploits0
NCSC
NCSC
•added 2023/11/14 12:0 a.m.•8 views

Vulnerabilities fixed in Siemens products

Siemens has fixed vulnerabilities in several products including. SIMATIC, SINEC, SIPROTEC and RUGGEDCOM. The vulnerabilities allow a malicious party potentially able to launch attacks that could lead to the following categories of damage: Denial-of-Service DoS Manipulation of data Circumvention o...

9.8CVSS8.3AI score0.99735EPSS
Exploits20
NCSC
NCSC
•added 2023/11/14 12:0 a.m.•5 views

Vulnerabilities fixed in Microsoft Edge

Microsoft has fixed vulnerabilities in Edge. A malicious person could exploit the vulnerabilities to impersonate another user, grant himself elevated privileges or execute arbitrary code execute arbitrary code in the context of the browser. Successful exploitation requires the malicious party to...

8.8CVSS7.4AI score0.07094EPSS
Exploits0
NCSC
NCSC
•added 2023/11/13 12:0 a.m.•6 views

Vulnerability fixed in Checkpoint Endpoint Security

Checkpoint has fixed a vulnerability in Endpoint Security. A local malicious party could exploit the vulnerability to grant themselves elevated privileges and execute code with potentially privileges of SYSTEM. Checkpoint has released updates to fix the vulnerability fix in Endpoint Security...

7.8CVSS7.1AI score0.00239EPSS
Exploits0
NCSC
NCSC
•added 2023/11/13 12:0 a.m.•6 views

Vulnerabilities fixed in Ivanti Endpoint Manager Mobile

Ivanti has fixed vulnerabilities in Endpoint Manager Mobile formerly MobileIron. A malicious party could exploit the vulnerabilities to request certificates on behalf of another user request certificates, or register a mobile device in someone else's name. This allows the malicious party to gain...

9.8CVSS7.2AI score0.02278EPSS
Exploits0
NCSC
NCSC
•added 2023/11/13 12:0 a.m.•9 views

Vulnerabilities fixed in Ivanti Secure Access Client

Ivanti has fixed vulnerabilities in Secure Access Client formerly Pulse Secure Desktop Client. A local malicious person could exploit the vulnerabilities to grant himself elevated privileges granted and thus execute code with potentially system privileges and/or gain access to sensitive data...

8.8CVSS7.3AI score0.00713EPSS
Exploits1
NCSC
NCSC
•added 2023/11/10 12:0 a.m.•5 views

Vulnerabilities fixed in Foxit PDF Editor

Foxit has fixed vulnerabilities in PDF Editor for Mac formerly PhantomPDF. A malicious party could exploit the vulnerabilities to cause a denial-of-service, or potentially execute arbitrary code execute arbitrary code within the context of the application and gain access to sensitive data within...

7.4AI score
Exploits0
NCSC
NCSC
•added 2023/11/10 12:0 a.m.•2 views

Vulnerabilities fixed in PostgreSQL

Vulnerabilities have been fixed in PostgreSQL. A malicious person could exploit the vulnerabilities to gain access to system data, cause a denial-of-service, or to execute arbitrary code with application privileges. The vulnerabilities have also been fixed in PostgreSQL 11 11.22. This are, howeve...

8.8CVSS9.6AI score0.04322EPSS
Exploits0
NCSC
NCSC
•added 2023/11/09 12:0 a.m.•5 views

Vulnerability fixed in Progress WS_FTP

Progress has fixed a vulnerability in WSFTP. A authenticated malicious party could exploit the vulnerability to upload files to any location on the file system of the system on which WSFTP is installed. This could result in data overwriting, or affect the operation of the operating system and...

9.1CVSS7AI score0.00896EPSS
Exploits0
NCSC
NCSC
•added 2023/11/09 12:0 a.m.•6 views

Vulnerabilities fixed in Trend Micro Apex One

Trend Micro has fixed vulnerabilities in Apex One. A local, authenticated malicious party could exploit the vulnerabilities to grant themselves elevated privileges and potentially access gain access to data for which the malicious party is not initially authorized. Trend Micro has released update...

7.8CVSS7AI score0.00481EPSS
Exploits0
NCSC
NCSC
•added 2023/11/07 12:0 a.m.•4 views

Vulnerabilities fixed in SolarWinds Platform and Network Configuration Manager

SolarWinds has fixed vulnerabilities in SolarWinds Platform and Network Configuration Manager. A malicious party could exploit the vulnerabilities to gain access to system data or execute arbitrary code, possibly with SYSTEM privileges. SolarWinds has released updates to fix the vulnerabilities...

8.8CVSS7.7AI score0.02729EPSS
Exploits0
NCSC
NCSC
•added 2023/11/07 12:0 a.m.•69 views

Vulnerabilities fixed in Google Android and Samsung Mobile

Google has fixed vulnerabilities in Android. A malicious person can exploit the vulnerabilities to carry out attacks that can lead to the following categories of damage: Denial-of-Service DoS Access to sensitive data Increased user privileges The most serious vulnerability allows a malicious part...

9.8CVSS7.1AI score0.01082EPSS
Exploits0
NCSC
NCSC
•added 2023/11/07 12:0 a.m.•6 views

Vulnerabilities fixed in Veeam ONE

Veeam has fixed vulnerabilities in Veeam ONE. A malicious person can exploit the vulnerabilities to launch attacks that can lead to the following categories of damage: Cross-Site Scripting XSS. Remote code execution Administrator/Root rights Remote code execution User rights Access to sensitive...

9.9CVSS7.9AI score0.19125EPSS
Exploits0
NCSC
NCSC
•added 2023/11/06 12:0 a.m.•3 views

Vulnerability fixed in Roundcube Webmail

Roundcube has fixed a vulnerability in Roundcube Webmail. A malicious party could exploit the vulnerability to perform of a cross-site scripting attack. Such an attack can lead to execution of arbitrary code in the context of the victim's victim's browser, or access sensitive data within the...

6.1CVSS6.7AI score0.00641EPSS
Exploits0
NCSC
NCSC
•added 2023/11/06 12:0 a.m.•7 views

Maladies fixed in Qnap QTS and QuTS Hero

QNAP has fixed vulnerabilities in QTS and QuTS Hero. A malicious party can exploit the vulnerabilities to execute arbitrary code execute arbitrary code on the system. QNAP has released updates to fix the vulnerabilities in QTS and QuTS Hero. For more information, see:...

9.8CVSS7.9AI score0.18687EPSS
Exploits0
NCSC
NCSC
•added 2023/11/03 12:0 a.m.•1 views

Vulnerabilities fixed in Nagios XI

Nagios has fixed vulnerabilities in Nagios XI. A malicious party could exploit the vulnerabilities to circumvent a circumvention of a security measure, to perform an SQL injection execute or for a cross-site scripting attack. Such attacks can lead to execution of arbitrary code and access to syst...

7AI score
Exploits0
NCSC
NCSC
•added 2023/11/02 12:0 a.m.•39 views

Vulnerabilities fixed in GitLab Enterprise Edition and Community Edition

GitLab has fixed vulnerabilities in GitLab Enterprise Edition EE and Community Edition CE. A malicious party could exploit vulnerabilities to bypass command measures, gain access to system data or cause a denial-of-service cause. Also included in this update are updates to several Third-party...

8.5CVSS7.2AI score0.00643EPSS
Exploits1
NCSC
NCSC
•added 2023/11/02 12:0 a.m.•8 views

Vulnerabilities fixed in Cisco Adaptive Security Appliance (ASA)

Cisco has fixed vulnerabilities in the Adaptive Security Appliance ASA. A malicious party could exploit the vulnerabilities to cause a denial-of-service, bypass security measures to bypass security measures to route unauthorized traffic through the system, or use a rogue ASA implementation to...

8.6CVSS7AI score0.00675EPSS
Exploits0
NCSC
NCSC
•added 2023/11/02 12:0 a.m.•6 views

Vulnerability fixed in Cisco Meeting Server

Cisco has fixed a vulnerability in Meeting Server. A unauthenticated malicious person could exploit the vulnerability to cause a denial-of-service. Cisco has released updates to fix the vulnerability in Meeting Server. For more information, see:...

5.3CVSS6.8AI score0.00813EPSS
Exploits0
NCSC
NCSC
•added 2023/11/02 12:0 a.m.•2 views

Vulnerabilities fixed in Google Chrome

Google has fixed vulnerabilities in Chrome. A malicious person can exploit the vulnerabilities to carry out attacks that can lead to the following categories of damage: Denial-of-Service DoS Circumvention of security measure Remote code execution User rights Access to sensitive data Successful...

8.8CVSS7.6AI score0.07094EPSS
Exploits0
NCSC
NCSC
•added 2023/11/02 12:0 a.m.•5 views

Vulnerability fixed in Apache Zookeeper

The Apache Foundation has fixed a vulnerability in Zookeeper. A malicious party could exploit the vulnerability to gain access gain access to data within Zookeeper. The vulnerability is in the way peer authentication takes place. For successful misuse, the malicious party must be able to be able ...

9.1CVSS8.6AI score0.01713EPSS
Exploits0
NCSC
NCSC
•added 2023/10/31 12:0 a.m.•6 views

Vulnerability fixed in Atlassian Confluence

Atlassian has fixed a vulnerability in Confluence Data Center and Confluence Server. A malicious party could exploit it to cause a denial-of-service, or execute arbitrary execute arbitrary code on the system that Confluence is installed on. is installed on. Atlassian reports that no misuse has be...

10CVSS7.7AI score0.99999EPSS
Exploits14
NCSC
NCSC
•added 2023/10/30 12:0 a.m.•8 views

Vulnerability fixed in Apache ActiveMQ

The Apache Foundation has fixed a vulnerability in ActiveMQ. A malicious party could exploit the vulnerability to execute arbitrary execute arbitrary code on the system where ActiveMQ is installed. Apache Foundation has released updates to fix the vulnerability fix in ActiveMQ 5.15.16, 5.16.7,...

10CVSS9.2AI score0.99654EPSS
Exploits31
NCSC
NCSC
•added 2023/10/27 12:0 a.m.•11 views

Vulnerabilities fixed in VMware Tools

VMware has fixed vulnerabilities in VMware Tools. A malicious person with access to a guest system in which VMWare Tools are installed can exploit the vulnerabilities to give themselves elevated privileges and thus potentially execute code with elevated privileges. VMware has released updates to...

7.8CVSS7.5AI score0.01193EPSS
Exploits0
NCSC
NCSC
•added 2023/10/27 12:0 a.m.•6 views

Vulnerability fixed in F5 BIG-IP

F5 has fixed a vulnerability in BIG-IP. A malicious person could exploit the vulnerability to execute arbitrary code on the system. For successful exploitation, the malicious party must have physical or LAN access have access to the physical management port of the vulnerable device, or have acces...

9.8CVSS6.9AI score0.96515EPSS
Exploits17
NCSC
NCSC
•added 2023/10/27 12:0 a.m.•10 views

Vulnerabilities fixed in SugarCRM

Vulnerabilities have been fixed in SugarCRM. A malicious party can exploit the vulnerabilities to conduct a Cross-Site Scripting attack. Such an attack can lead to execution of arbitrary code in the context of the victim's victim's browser, or access sensitive data in the context of the victim's...

8.8CVSS6.9AI score0.00597EPSS
Exploits0
NCSC
NCSC
•added 2023/10/26 12:0 a.m.•3 views

Vulnerability fixed in Google Chrome

Google has fixed a vulnerability in Chrome. A malicious party could exploit the vulnerability to execute arbitrary code execute arbitrary code with user privileges. Google has released updates to fix the vulnerability in Chrome 118.0.5993.117 and 118.0.5993.118. For more information, see:...

8.8CVSS7.7AI score0.01234EPSS
Exploits0
NCSC
NCSC
•added 2023/10/26 12:0 a.m.•5 views

Vulnerabilities fixed in Tenable Nessus Network Monitor

Tenable has fixed vulnerabilities in Nessus Network Monitor. A local, authenticated malicious person could exploit them to grant themselves elevated privileges and execute arbitrary code with potentially SYSTEM privileges. In addition to the vulnerabilities in Nessus itself, Tenable has in this...

8.8CVSS7.5AI score0.00484EPSS
Exploits0
NCSC
NCSC
•added 2023/10/26 12:0 a.m.•3 views

Vulnerability fixed in Roundcube Webmail

Roundcube has fixed a vulnerability in Roundcube Webmail. A malicious party could exploit the vulnerability to launch a Stored Cross-Site Scripting attack. Such an attack can lead to execution of arbitrary code in the browser of the victim and access sensitive data in the context of the victim's...

6.1CVSS7AI score0.75873EPSS
Exploits2
NCSC
NCSC
•added 2023/10/26 12:0 a.m.•5 views

Vulnerabilities fixed in Apple iOS and iPadOS

Apple has fixed vulnerabilities in iOS and iPadOS. A malicious party can exploit the vulnerabilities to launch attacks execute attacks that can lead to the following categories of damage: Denial-of-Service DoS Circumvention of security measure Remote code execution Administrator/Root rights Remot...

8.8CVSS8.7AI score0.01736EPSS
Exploits0
NCSC
NCSC
•added 2023/10/26 12:0 a.m.•3 views

Vulnerabilities fixed in Mozilla Firefox and Thunderbird

Mozilla has fixed vulnerabilities in Firefox and Thunderbird. A malicious party can exploit the vulnerabilities to launch attacks execute attacks that can lead to the following categories of damage: Denial-of-Service DoS. Circumvention of security measure. Remote code execution User rights Spoofi...

9.8CVSS9.3AI score0.01585EPSS
Exploits0
NCSC
NCSC
•added 2023/10/26 12:0 a.m.•4 views

Vulnerabilities fixed in Aruba Networks Clearpass Policy Manager

Aruba Networks has fixed vulnerabilities in Clearpass Policy Manager. An authenticated malicious party can exploit the vulnerabilities exploit them to carry out attacks that can result in the following categories of damage: Bypassing authentication. Remote code execution Administrator/Root rights...

8.8CVSS7.9AI score0.00796EPSS
Exploits0
NCSC
NCSC
•added 2023/10/26 12:0 a.m.•6 views

Vulnerabilities fixed in Apple macOS

Apple has fixed vulnerabilities in macOS. A malicious party could exploit the vulnerabilities to launch attacks that can lead to the following categories of damage: Denial-of-Service DoS. Circumvention of security measure Remote code execution Administrator/Root rights Remote code execution User...

8.8CVSS8.4AI score0.01736EPSS
Exploits12
NCSC
NCSC
•added 2023/10/25 12:0 a.m.•5 views

Vulnerabilities fixed in VMware vCenter Server

VMware has fixed vulnerabilities in vCenter Server. A malicious party could exploit the vulnerabilities to gain access to sensitive data, or to be able to execute arbitrary code on the underlying system. VMware has released updates to fix the vulnerabilities in vCenter Server. For more informatio...

9.8CVSS7.6AI score0.99428EPSS
Exploits1
NCSC
NCSC
•added 2023/10/20 12:0 a.m.•3 views

Vulnerabilities in Best Practical RT fixed

Vulnerabilities have been fixed in Best Practical Request Tracker RT. The vulnerabilities allow an unauthenticated malicious person able to impersonate an RT user and to download specific email attachments to download. Best Practical has released updates to fix the vulnerabilities fixes in RT. Fo...

7.5CVSS7.2AI score0.00717EPSS
Exploits0
NCSC
NCSC
•added 2023/10/19 12:0 a.m.•6 views

Vulnerabilities fixed in Liferay Portal and DXP

Liferay has fixed vulnerabilities in Portal and DXP. A malicious party could exploit the vulnerabilities to perform of cross-site scripting XSS attacks. Such attacks can lead to execution of script code in the context of the victim's browser, or access sensitive data in the context of the browser...

9.6CVSS6.3AI score0.02261EPSS
Exploits2
NCSC
NCSC
•added 2023/10/19 12:0 a.m.•6 views

Vulnerabilities fixed in Zimbra Collaboration Suite

Zimbra has fixed vulnerabilities in the Zimbra Collaboration Suite ZCS. A malicious party could exploit the vulnerabilities to execute attacks that could lead to the execution of an Cross-Site Scripting XSS Zimbra has released updates to fix the vulnerabilities in ZCS 10.0.5, 9.0.0 Patch 37 and...

9.8CVSS6.8AI score0.05556EPSS
Exploits1
NCSC
NCSC
•added 2023/10/19 12:0 a.m.•6 views

Vulnerabilities fixed in Oracle E-Business Suite

Vulnerabilities have been fixed in Oracle E-Business Suite products. A malicious party could exploit the vulnerabilities to perform attacks that can result in the following categories of damage: Manipulation of data Bypassing authentication Oracle has fixed the vulnerabilities in the following...

6.5CVSS7.1AI score0.0051EPSS
Exploits0
NCSC
NCSC
•added 2023/10/19 12:0 a.m.•3 views

Vulnerabilities fixed in Oracle Virtualization

Vulnerabilities have been fixed in Oracle VM VirtualBox. The vulnerabilities potentially enable a malicious party to launch attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Oracle has fixed the vulnerabilities in the following...

8.2CVSS6.6AI score0.0055EPSS
Exploits1
Total number of security vulnerabilities4199