Lucene search
K

4207 matches found

NCSC
NCSC
•added 2023/10/26 12:0 a.m.•6 views

Vulnerabilities fixed in Apple macOS

Apple has fixed vulnerabilities in macOS. A malicious party could exploit the vulnerabilities to launch attacks that can lead to the following categories of damage: Denial-of-Service DoS. Circumvention of security measure Remote code execution Administrator/Root rights Remote code execution User...

8.8CVSS8.4AI score0.01736EPSS
Exploits12
NCSC
NCSC
•added 2023/10/26 12:0 a.m.•5 views

Vulnerabilities fixed in Aruba Networks Clearpass Policy Manager

Aruba Networks has fixed vulnerabilities in Clearpass Policy Manager. An authenticated malicious party can exploit the vulnerabilities exploit them to carry out attacks that can result in the following categories of damage: Bypassing authentication. Remote code execution Administrator/Root rights...

8.8CVSS7.9AI score0.00796EPSS
Exploits0
NCSC
NCSC
•added 2023/10/25 12:0 a.m.•5 views

Vulnerabilities fixed in VMware vCenter Server

VMware has fixed vulnerabilities in vCenter Server. A malicious party could exploit the vulnerabilities to gain access to sensitive data, or to be able to execute arbitrary code on the underlying system. VMware has released updates to fix the vulnerabilities in vCenter Server. For more informatio...

9.8CVSS7.6AI score0.99428EPSS
Exploits1
NCSC
NCSC
•added 2023/10/20 12:0 a.m.•3 views

Vulnerabilities in Best Practical RT fixed

Vulnerabilities have been fixed in Best Practical Request Tracker RT. The vulnerabilities allow an unauthenticated malicious person able to impersonate an RT user and to download specific email attachments to download. Best Practical has released updates to fix the vulnerabilities fixes in RT. Fo...

7.5CVSS7.2AI score0.00717EPSS
Exploits0
NCSC
NCSC
•added 2023/10/19 12:0 a.m.•6 views

Vulnerabilities fixed in Liferay Portal and DXP

Liferay has fixed vulnerabilities in Portal and DXP. A malicious party could exploit the vulnerabilities to perform of cross-site scripting XSS attacks. Such attacks can lead to execution of script code in the context of the victim's browser, or access sensitive data in the context of the browser...

9.6CVSS6.3AI score0.02261EPSS
Exploits2
NCSC
NCSC
•added 2023/10/19 12:0 a.m.•6 views

Vulnerabilities fixed in Zimbra Collaboration Suite

Zimbra has fixed vulnerabilities in the Zimbra Collaboration Suite ZCS. A malicious party could exploit the vulnerabilities to execute attacks that could lead to the execution of an Cross-Site Scripting XSS Zimbra has released updates to fix the vulnerabilities in ZCS 10.0.5, 9.0.0 Patch 37 and...

9.8CVSS6.8AI score0.05556EPSS
Exploits1
NCSC
NCSC
•added 2023/10/19 12:0 a.m.•6 views

Vulnerabilities fixed in Oracle E-Business Suite

Vulnerabilities have been fixed in Oracle E-Business Suite products. A malicious party could exploit the vulnerabilities to perform attacks that can result in the following categories of damage: Manipulation of data Bypassing authentication Oracle has fixed the vulnerabilities in the following...

6.5CVSS7.1AI score0.0051EPSS
Exploits0
NCSC
NCSC
•added 2023/10/19 12:0 a.m.•3 views

Vulnerabilities fixed in Oracle Virtualization

Vulnerabilities have been fixed in Oracle VM VirtualBox. The vulnerabilities potentially enable a malicious party to launch attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Oracle has fixed the vulnerabilities in the following...

8.2CVSS6.6AI score0.0055EPSS
Exploits1
NCSC
NCSC
•added 2023/10/19 12:0 a.m.•3 views

Vulnerability fixed in Dell Openmanage

A vulnerability has been fixed in Dell OpenManage Server Administrator, version 11.0.0.0 and earlier. A local malicious user could exploit this security vulnerability to execute arbitrary execute code and obtain elevated user privileges. Dell has released updates to fix the vulnerability in OMSA...

7.8CVSS7AI score0.00164EPSS
Exploits0
NCSC
NCSC
•added 2023/10/19 12:0 a.m.•12 views

Vulnerabilities fixed in Oracle Fusion Middleware

Vulnerabilities have been fixed in Oracle Fusion Middleware. A malicious party can exploit the vulnerabilities exploit them to carry out attacks that can result in the following categories of damage: Denial-of-Service DoS Remote code execution Administrator/Root privileges Access to sensitive dat...

9.8CVSS8.2AI score0.75116EPSS
Exploits14
NCSC
NCSC
•added 2023/10/19 12:0 a.m.•7 views

Vulnerabilities fixed in Oracle MySQL

Vulnerabilities have been fixed in Oracle MySQL products. A malicious party can exploit the vulnerabilities to launch attacks execute attacks that can result in the following categories of damage: Denial-of-Service DoS. Access to sensitive data Oracle has fixed the vulnerabilities in the followin...

9.8CVSS7.3AI score0.78483EPSS
Exploits9
NCSC
NCSC
•added 2023/10/19 12:0 a.m.•5 views

Vulnerabilities fixed in Oracle Java SE

Vulnerabilities have been fixed in Oracle Java SE products. A malicious party could exploit the vulnerabilities to gain access to sensitive data and/or perform a denial-of-service DoS. The malicious party must trick the victim into executing untrusted java code to execute. Oracle has fixed the...

7.5CVSS6.7AI score0.03906EPSS
Exploits1
NCSC
NCSC
•added 2023/10/19 12:0 a.m.•4 views

Vulnerability fixed in Oracle Supply Chain

Oracle has fixed a vulnerability in Agile PLM. A malicious party could exploit the vulnerability to gain sensitive information or full access to all data accessible to Oracle Agile PLM accessible data. Oracle has fixed the vulnerability in the following product: - Oracle Agile PLM...

7.5CVSS7.2AI score0.01116EPSS
Exploits0
NCSC
NCSC
•added 2023/10/19 12:0 a.m.•4 views

Vulnerability fixed in Oracle Essbase

A vulnerability has been fixed in Oracle Essbase products. A authenticated malicious party can exploit the vulnerability to cause cause a denial-of-service DoS attack. Oracle has fixed the vulnerability in the following products: - Oracle Essbase...

6.5CVSS7.1AI score0.75116EPSS
Exploits0
NCSC
NCSC
•added 2023/10/19 12:0 a.m.•5 views

Vulnerabilities fixed in Oracle Systems

Vulnerabilities have been fixed in Oracle Systems. The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS. Access to sensitive data Oracle has fixed vulnerabilities in the following products: Oracl...

5.9CVSS6.4AI score0.00474EPSS
Exploits0
NCSC
NCSC
•added 2023/10/19 12:0 a.m.•2 views

Vulnerabilities fixed in Apache HTTP Server

Apache has fixed vulnerabilities in Apache HTTP Server. The vulnerabilities potentially allow a malicious party to launch an attack that could result in a denial-of-service DoS attack. Apache has released updates to fix the vulnerabilities in Apache HTTP Server 2.4.x. For more information, see:...

7.5CVSS8.6AI score0.70595EPSS
Exploits1
NCSC
NCSC
•added 2023/10/19 12:0 a.m.•10 views

Vulnerabilities fixed in Oracle Analytics

Vulnerabilities have been fixed in Oracle Analytics products. A malicious party can exploit the vulnerabilities to launch attacks execute attacks that can result in the following categories of damage: Denial-of-Service DoS. Circumvention of security measure Accessing sensitive data Accessing syst...

9.9CVSS7.7AI score0.8383EPSS
Exploits16
NCSC
NCSC
•added 2023/10/19 12:0 a.m.•10 views

Vulnerabilities fixed in Oracle Hyperion

Vulnerabilities have been fixed in Oracle Hyperion products. A malicious party can exploit the vulnerabilities to gain full control to the Oracle Hyperion infrastructure. ------------------.------.------------------------------------- | CVE-ID | CVSS | Vector |...

9.8CVSS8.5AI score0.8377EPSS
Exploits6
NCSC
NCSC
•added 2023/10/19 12:0 a.m.•7 views

Vulnerabilities fixed in Oracle Database Server

Vulnerabilities have been fixed in Oracle Database Server products. A malicious party can exploit the vulnerabilities to perform attacks that can result in the following categories of damage: Denial-of-Service DoS Manipulation of data Bypassing authentication Bypassing security measure Oracle has...

7.5CVSS7.6AI score0.62246EPSS
Exploits7
NCSC
NCSC
•added 2023/10/19 12:0 a.m.•8 views

Vulnerability fixed in Oracle JD Edwards

A vulnerability has been fixed in Oracle JD Edwards products. A malicious party could exploit the vulnerability to gain access gain access to sensitive data. ------------------.------.------------------------------------- | CVE ID | CVSS | Vector |...

5.3CVSS7.3AI score0.08665EPSS
Exploits1
NCSC
NCSC
•added 2023/10/19 12:0 a.m.•4 views

Vulnerabilities fixed in Oracle Enterprise Manager

Vulnerabilities have been fixed in Oracle Enterprise Manager products. A malicious party can exploit the vulnerabilities to perform attacks that can result in the following categories of damage: Denial-of-Service DoS. Circumvention of security measure Accessing sensitive data Oracle has fixed the...

9.1CVSS8.7AI score0.1158EPSS
Exploits3
NCSC
NCSC
•added 2023/10/19 12:0 a.m.•2 views

Vulnerabilities fixed in Oracle Siebel CRM

Vulnerabilities have been fixed in Oracle Siebel CRM. A malicious party can exploit the vulnerabilities to launch attacks execute attacks that can result in the following categories of damage: Denial-of-Service DoS. Access to sensitive data...

7.5CVSS6.6AI score0.01858EPSS
Exploits1
NCSC
NCSC
•added 2023/10/19 12:0 a.m.•4 views

Vulnerabilities fixed in Oracle PeopleSoft

Vulnerabilities have been fixed in Oracle PeopleSoft. The vulnerabilities allow a malicious party to carry out attacks execute attacks that can result in the following categories of damage: Denial-of-Service DoS. Access to sensitive data Oracle has fixed the vulnerabilities in the following...

9.8CVSS8.2AI score0.02836EPSS
Exploits6
NCSC
NCSC
•added 2023/10/19 12:0 a.m.•12 views

Vulnerabilities fixed in Oracle Financial Services Applications

Vulnerabilities have been fixed in Oracle Financial Services Applications products. A malicious party could exploit them to launch attacks that can result in the following categories of damage: Denial-of-Service DoS Manipulation of data Bypassing authentication Accessing sensitive data Oracle has...

9.9CVSS7.2AI score0.99615EPSS
Exploits26
NCSC
NCSC
•added 2023/10/19 12:0 a.m.•61 views

Vulnerabilities fixed in Oracle Communications Applications

Vulnerabilities have been fixed in Oracle Communications Applications products. A malicious party could exploit them to carry out attacks that can result in the following categories of damage: Denial-of-Service DoS. Remote code execution Administrator/Root privileges Access to sensitive data Acce...

9.8CVSS7.7AI score0.76768EPSS
Exploits41
NCSC
NCSC
•added 2023/10/17 12:0 a.m.•5 views

Vulnerabilities fixed in Sonicwall

SonicWall has fixed vulnerabilities in SonicOS. A remote malicious party can exploit multiple vulnerabilities in SonicOS web interface and SSLVPN portal to cause a denial-of-service, gain access to sensitive data and/or obtain elevated user privileges. SonicWall has released updates to address th...

8.8CVSS7.1AI score0.00803EPSS
Exploits0
NCSC
NCSC
•added 2023/10/16 12:0 a.m.•5 views

Vulnerability fixed in Cisco IOS XE

Cisco has fixed a vulnerability in IOS XE. This vulnerability allows an unauthenticated malicious person to remotely create an account - with access level 15 - on an affected device. Through that account, full control over the affected device. As mitigating measures, Cisco makes the following...

10CVSS7AI score0.99571EPSS
Exploits27
NCSC
NCSC
•added 2023/10/16 12:0 a.m.•6 views

Vulnerability fixed in Fortinet FortiSandbox

A vulnerability has been fixed in FortiSandbox. A malicious person could exploit the vulnerability to remove arbitrary files on the http requests to delete arbitrary files on the vulnerable system. Fortinet has released updates to fix the vulnerability. fix. For more information, see:...

8.1CVSS7AI score0.00784EPSS
Exploits0
NCSC
NCSC
•added 2023/10/16 12:0 a.m.•5 views

Vulnerabilities fixed in OTRS

OTRS developers have fixed vulnerabilities in OTRS. An authenticated malicious person could exploit the vulnerabilities to launch a cross-site scripting attack. In addition, a malicious party can bypass security measures using an invalid certificate. OTRS has released updates to fix the...

9.1CVSS6.3AI score0.00374EPSS
Exploits0
NCSC
NCSC
•added 2023/10/16 12:0 a.m.•8 views

Vulnerabilities fixed Node.js

Several vulnerabilities have been fixed in Node.js. A malicious party could potentially exploit the vulnerabilities remotely to cause a denial-of-service DoS, bypass of authentication and/or gaining access to sensitive data. The vulnerability with attribute CVE-2023-44487 is a Denial-of-Service D...

9.8CVSS7.5AI score0.99999EPSS
Exploits19
NCSC
NCSC
•added 2023/10/13 12:0 a.m.•6 views

Vulnerability fixed in FortiManager and FortiAnalyzer

FortiNet has fixed a vulnerability in FortiManager and FortiAnalyzer. The vulnerability involves a "relative path traversal" vulnerability in FortiManager and FortiAnalyzer and could allow a remote malicious party to execute unauthorized code. execute. FortiNet has released updates to fix the...

8.8CVSS7AI score0.04184EPSS
Exploits1
NCSC
NCSC
•added 2023/10/12 12:0 a.m.•17 views

Vulnerabilities fixed in Adobe Bridge and Photoshop

Adobe has fixed vulnerabilities in Photoshop and Bridge. A malicious party could exploit the vulnerabilities to execute attacks that could lead to the execution of arbitrary code with the victim's privileges. In order for the code to be executed in order for the code to be executed, the malicious...

7.8CVSS7.1AI score0.00435EPSS
Exploits0
NCSC
NCSC
•added 2023/10/12 12:0 a.m.•5 views

Vulnerabilities fixed in Juniper Junos OS and Junos OS Evolved

Vulnerabilities have been fixed in Juniper Junos OS and Junos OS Evolved. The vulnerabilities allow a malicious party to execute attacks that result in the following categories of damage: Denial-of-Service DoS Circumvention of security measure Accessing sensitive data Accessing system data Junipe...

8.8CVSS7AI score0.00582EPSS
Exploits0
NCSC
NCSC
•added 2023/10/12 12:0 a.m.•42 views

Vulnerabilities fixed in FortiOS

FortiNet has fixed vulnerabilities in FortiOS. The vulnerabilities are located in the management environment and allow an unauthenticated malicious person, with access to that management interface, be able to perform a denial-of-service on the management interface, execute arbitrary code on the...

8.8CVSS7.9AI score0.0102EPSS
Exploits0
NCSC
NCSC
•added 2023/10/11 12:0 a.m.•9 views

Vulnerabilities fixed in NetScaler ADC and NetScaler Gateway

Citrix has fixed vulnerabilities in NetScaler ADC and NetScaler Gateway. A malicious party could exploit the vulnerabilities to obtain sensitive information or cause a denial-of-service attack. Citrix has released updates to fix the vulnerabilities. For more information, see:...

9.4CVSS9.1AI score0.99999EPSS
Exploits15
NCSC
NCSC
•added 2023/10/11 12:0 a.m.•4 views

Vulnerability fixed in libcurl

There is a vulnerability in the SOCKS5 proxy handshake of libcurl. A malicious party could potentially exploit the vulnerability to cause a crash in the application using libcurl. To perform this attack successfully, several conditions must be met such as using a SOCKS5 proxy, the use of a long...

9.8CVSS7.7AI score0.78483EPSS
Exploits6
NCSC
NCSC
•added 2023/10/10 12:0 a.m.•4 views

Vulnerabilities fixed in Microsoft Office

Microsoft has fixed vulnerabilities in several Office products. A malicious party could exploit the vulnerabilities to executing arbitrary code or to obtain elevated privileges. Microsoft Office: |----------------|------|-------------------------------------| | CVE ID | CVSS | Impact |...

8.4CVSS9.3AI score0.90353EPSS
Exploits0
NCSC
NCSC
•added 2023/10/10 12:0 a.m.•4 views

Vulnerabilities fixed in Microsoft Exchange Server

Microsoft has fixed a vulnerability in Exchange Server. A malicious party could potentially exploit the vulnerability to execute arbitrary code under SYSTEM privileges. For successful exploitation, the malicious party must be authenticated and authorized on the local network. As far as is known,...

8CVSS6.6AI score0.03709EPSS
Exploits0
NCSC
NCSC
•added 2023/10/10 12:0 a.m.•4 views

Vulnerabilities fixed in Microsoft Dynamics

Microsoft has fixed vulnerabilities in Dynamics. A malicious party could exploit the vulnerabilities to launch a cross-site scripting attack, to gain access to sensitive data or to perform a denial-of-service. Microsoft Common Data Model SDK:...

6.5CVSS6.1AI score0.02802EPSS
Exploits0
NCSC
NCSC
•added 2023/10/10 12:0 a.m.•6 views

Vulnerabilities fixed in SAP products

SAP has fixed vulnerabilities in several products, including SAP Business Objects, SAP HANA, SAP Netweaver and SAP PowerDesigner. A malicious party can exploit the vulnerabilities to launch attacks execute attacks that can lead to the following categories of damage: Cross-Site Request Forgery XSR...

7.5CVSS7.1AI score0.008EPSS
Exploits0
NCSC
NCSC
•added 2023/10/10 12:0 a.m.•10 views

Vulnerabilities fixed in Microsoft Developer Tools

Microsoft has fixed vulnerabilities in several Developer Tools. A malicious party could exploit the vulnerabilities to cause a denial-of-service attack. Of the vulnerabilities with reference CVE-2023-44487, Microsoft has information that they are being exploited to a limited extent. HTTP/2:...

7.5CVSS6.5AI score0.99999EPSS
Exploits19
NCSC
NCSC
•added 2023/10/10 12:0 a.m.•6 views

Vulnerabilities fixed in Siemens products

Siemens has fixed vulnerabilities in QMS Automotive, Parasolid, WIBU, Teamcenter, JT2Go, Spectrum Power 7, SIMATIC, SIPLUS and RUGGEDCOM products. The vulnerabilities allow a malicious potentially able to carry out attacks that could result in the following categories of damage: Denial-of-Service...

9.8CVSS7.2AI score0.74041EPSS
Exploits14
NCSC
NCSC
•added 2023/10/10 12:0 a.m.•5 views

Vulnerabilities fixed in Microsoft SQL Server

Microsoft has fixed four vulnerabilities in OLEDB and the ODBC Driver. These components are used by clients to communicate with SQL Server. A malicious party could exploit the vulnerability to execute arbitrary code on the client that using them. The malicious party must trick the victim into...

7.8CVSS7.9AI score0.01056EPSS
Exploits0
NCSC
NCSC
•added 2023/10/10 12:0 a.m.•9 views

Vulnerabilities fixed in Microsoft Azure

Microsoft has fixed vulnerabilities in components of Azure. A malicious party could exploit the vulnerabilities to afford elevated privileges or to execute code with privileges of a user. Azure Real Time Operating System: |----------------|------|-------------------------------------| | CVE ID |...

9.8CVSS7AI score0.02243EPSS
Exploits0
NCSC
NCSC
•added 2023/10/10 12:0 a.m.•13 views

Vulnerabilities fixed in Microsoft Windows

Microsoft has fixed vulnerabilities in Windows. The most serious vulnerability with reference CVE-2023-35349 is in Microsoft Message Queueing MSQS. This vulnerability allows an unauthenticated remote malicious person to execute arbitrary execute arbitrary code with service privileges. MSMQ is...

9.8CVSS7.7AI score0.99999EPSS
Exploits20
NCSC
NCSC
•added 2023/10/10 12:0 a.m.•11 views

Vulnerabilities fixed in F5 BIG-IP

F5 has fixed vulnerabilities in BIG-IP. An authenticated malicious person with access to the management interface, or access to the shell of the system, could exploit the vulnerabilities to cause a Denial-of-Service, obtain sensitive information or, through a Cross-Site-Scripting attack, execute...

9.9CVSS7.5AI score0.99999EPSS
Exploits19
NCSC
NCSC
•added 2023/10/09 12:0 a.m.•3 views

Vulnerabilities fixed in IBM DB2

IBM has fixed vulnerabilities in DB2. A malicious party can exploit the exploit the vulnerabilities to execute arbitrary code with application privileges, perform a denial-of-service DoS or to gain access to sensitive data. IBM has released updates to fix the vulnerabilities in DB2. For more...

9.8CVSS8.1AI score0.00984EPSS
Exploits0
NCSC
NCSC
•added 2023/10/09 12:0 a.m.•6 views

Vulnerabilities fixed in Kofax Power PDF

Kofax has fixed vulnerabilities in Power PDF. A malicious person could exploit the vulnerabilities to execute arbitrary code with privileges of the victim, or to gain access to sensitive data. To do this, the malicious party must trick the victim into opening a malicious file to open, or follow a...

7.8CVSS7.4AI score0.00399EPSS
Exploits0
NCSC
NCSC
•added 2023/10/06 12:0 a.m.•6 views

Vulnerability fixed in Cisco IOS XE

Cisco has fixed a vulnerability in IOS XE. A authenticated malicious person could remotely exploit it to gain root privileges on the vulnerable system. Cisco has released updates to fix the vulnerability in IOS XE. For more information, see: https://sec.cloudapps.cisco.com/security/center/content...

8.8CVSS7AI score0.00509EPSS
Exploits0
NCSC
NCSC
•added 2023/10/05 12:0 a.m.•5 views

Vulnerability fixed in Atlassian Confluence

Atlassian has fixed a vulnerability in Confluence. A malicious party could exploit the vulnerability to break into publicly accessible Confluence Data Center and Server instances, create unauthorized Confluence administrator accounts and gain access to Confluence instances. Atlassian has released...

10CVSS6.8AI score0.99156EPSS
Exploits39
Total number of security vulnerabilities4207