Lucene search
+L

4209 matches found

NCSC
NCSC
•added 2023/06/20 12:0 a.m.•5 views

Vulnerabilities fixed in IBM Spectrum Protect

IBM fixed vulnerabilities in Spectrum Protect Plus Microsoft Filesystem Backup and Restore. A malicious party could exploit the vulnerabilities to cause a denial-of-service, bypass a security measure, or gain access to sensitive data. IBM has released updates to fix the vulnerabilities in Spectru...

7.5CVSS6.9AI score0.0142EPSS
Exploits1
NCSC
NCSC
•added 2023/06/17 12:0 a.m.•10 views

Vulnerabilities fixed in Mattermost

The developers of Mattermost have fixed vulnerabilities in Mattermost. A malicious party could exploit the vulnerabilities to cause a denial-of-service, bypass a security measure, bypass, manipulate the operation of the application and thus gain access gain access to channels and conversations to...

6.5CVSS7.1AI score0.00678EPSS
Exploits0
NCSC
NCSC
•added 2023/06/16 12:0 a.m.•6 views

Vulnerabilities fixed in Liferay Portal and DXP

Liferay has fixed vulnerabilities in Portal and DXP. A malicious party can exploit the vulnerabilities for various redirection attacks, such as Cross-site Scripting XSS and Cross-Source-Request-Forgery CSRF. Such attacks can lead to execution of script code in the context of the victim's browser,...

8.8CVSS6.7AI score0.00468EPSS
Exploits0
NCSC
NCSC
•added 2023/06/16 12:0 a.m.•6 views

Fixed vulnerabilities in Microsoft ODBC driver for SQL Server

Microsoft has fixed vulnerabilities in the ODBC Driver for SQL Server. A malicious party could exploit the vulnerabilities to execute arbitrary code on the vulnerable system. To exploit the vulnerabilities, the malicious party must have a rogue SQL server and trick the victim into connecting...

7.8CVSS7.8AI score0.00722EPSS
Exploits0
NCSC
NCSC
•added 2023/06/16 12:0 a.m.•4 views

Vulnerability discovered in MOVEit Transfer

Progress has indicated in a blog post that a vulnerability has been found in MOVEit Transfer. The vulnerability allows an unauthenticated remote malicious person to obtain sensitive data through of an SQL injection to obtain sensitive data. The vulnerability has not yet been assigned a CVE...

9.1CVSS7.6AI score0.12808EPSS
Exploits0
NCSC
NCSC
•added 2023/06/16 12:0 a.m.•5 views

Vulnerability fixed in ESET Security products

ESET has fixed a vulnerability in the following Security products for Linux and macOS: Server Security for Linux Endpoint Antivirus for Linux Cyber Security Endpoint Antivirus for macOS A local malicious agent can exploit the vulnerability to grant themselves elevated privileges and execute code...

7.8CVSS7.1AI score0.00148EPSS
Exploits0
NCSC
NCSC
•added 2023/06/15 12:0 a.m.•7 views

Vulnerabilities fixed in Trend Micro Apex One

Trend Micro has fixed vulnerabilities in Apex One. A local malicious party can exploit the vulnerabilities to gain elevated permissions and affect the operation of Apex One, or to execute arbitrary code with elevated privileges. Trend Micro has released updates to address the vulnerabilities fixe...

7.8CVSS8AI score0.00306EPSS
Exploits0
NCSC
NCSC
•added 2023/06/15 12:0 a.m.•15 views

Vulnerability fixed in Citrix Virtual Apps and Deckstops

Citrix has fixed a vulnerability in the Virtual Delivery Agent for Virtual Apps and Desktops. An authenticated malicious party can exploit the vulnerability to launch applications and desktops for which it is not authorized. Citrix has released updates to fix the vulnerability in Virtual Apps and...

6.3CVSS6.9AI score0.00299EPSS
Exploits0
NCSC
NCSC
•added 2023/06/15 12:0 a.m.•4 views

Vulnerability fixed in Adobe Animate

Adobe has fixed a vulnerability in Animate. A malicious party could exploit the vulnerability to execute arbitrary code with user privileges. The malicious person needs to trick the victim into opening a rogue file to do so. open. Adobe has released updates to fix the vulnerability in Animate...

7.8CVSS7.1AI score0.00418EPSS
Exploits0
NCSC
NCSC
•added 2023/06/15 12:0 a.m.•7 views

Vulnerability fixed in HP LaserJet Multifunctionals

Hewlett Packard has fixed a vulnerability in the firmware of several LaserJet and Scanjet Multifunctionals. An unauthenticated malicious party could exploit the vulnerability to cause a buffer overflow cause a buffer overflow and execute arbitrary code on the vulnerable systems when HP Workpath i...

9.8CVSS8.1AI score0.01465EPSS
Exploits0
NCSC
NCSC
•added 2023/06/15 12:0 a.m.•46 views

Vulnerabilities fixed in Adobe Commerce and Magento

Adobe has fixed vulnerabilities in Commerce and Magento. A malicious party could exploit the vulnerabilities to circumvent a security measure, gain access to arbitrary files on the vulnerable system and execute arbitrary code. Adobe has released updates to fix the vulnerabilities in Adobe Commerc...

9.1CVSS7.1AI score0.01223EPSS
Exploits0
NCSC
NCSC
•added 2023/06/15 12:0 a.m.•5 views

Vulnerabilities fixed in Microfocus ArcSight Logger

Micro Focus has fixed vulnerabilities in ArcSight Logger. A malicious party could exploit the vulnerabilities to launch a Cross-site Scripting attack, or an XML External Entity Injection. Such an attack can lead to execution of arbitrary code in the context of the victim's browser, or access data...

9.1CVSS7AI score0.00895EPSS
Exploits0
NCSC
NCSC
•added 2023/06/15 12:0 a.m.•11 views

Vulnerabilities fixed in Google Chrome

Google has fixed vulnerabilities in Chrome. A malicious person could exploit the vulnerabilities to cause a denial-of-service cause or potentially execute arbitrary code with privileges of the victim. Google has released updates to fix the vulnerabilities in Chrome 114.0.5735.133 for linux and...

8.8CVSS7.8AI score0.13813EPSS
Exploits0
NCSC
NCSC
•added 2023/06/15 12:0 a.m.•7 views

Vulnerability fixed in Citrix Sharefile and Content Collaboration

Citrix has fixed a vulnerability in the StorageZones Controller as in use with Sharefile and Content Collaboration. A malicious party could exploit the vulnerability to gain access gain access to sensitive data. Citrix has released updates to fix the vulnerability in Sharefile and Content...

9.8CVSS6.9AI score0.95076EPSS
Exploits2
NCSC
NCSC
•added 2023/06/13 12:0 a.m.•6 views

Vulnerabilities fixed in Microsoft Exchange

Microsoft has fixed vulnerabilities in Exchange. A authenticated malicious person with the ability to Powershell scripts can execute the vulnerabilities exploit them to execute arbitrary code with permissions from the application. Microsoft Exchange Server:...

8.8CVSS7.3AI score0.81775EPSS
Exploits0
NCSC
NCSC
•added 2023/06/13 12:0 a.m.•11 views

Vulnerabilities fixed in Siemens products

Siemens has fixed vulnerabilities in SIMATIC, SICAM, SIMOTION, WinCC, Solid Edge and Scalance products. The vulnerabilities allow a malicious party potentially capable of carrying out attacks that can result in the following categories of damage: Denial-of-Service DoS Manipulation of data...

10CVSS7.7AI score0.96275EPSS
Exploits92
NCSC
NCSC
•added 2023/06/13 12:0 a.m.•17 views

Vulnerabilities fixed in Zoom

Zoom has fixed vulnerabilities in the Zoom client for Windows and macOS. A malicious party could exploit the vulnerabilities to cause a denial-of-service, to grant themselves elevated privileges granted or gain access to sensitive information. Zoom has released updates to fix the vulnerabilities ...

8.8CVSS7AI score0.00983EPSS
Exploits0
NCSC
NCSC
•added 2023/06/13 12:0 a.m.•11 views

Vulnerabilities fixed in Microsoft Office

Microsoft has fixed vulnerabilities in several Office products. A malicious party could exploit the vulnerabilities to execute attacks that could result in the following categories of damage: Denial-of-Service DoS. Remote code execution User Rights Spoofing Increased user privileges In order to...

9.8CVSS9.1AI score0.99649EPSS
Exploits19
NCSC
NCSC
•added 2023/06/13 12:0 a.m.•18 views

Vulnerabilities fixed in Microsoft Dynamics

Microsoft has fixed vulnerabilities in Power Apps and Dynamics. An authenticated malicious person could exploit the vulnerabilities to impersonate another user and execute arbitrary code execute arbitrary code with privileges of that user. Microsoft Power Apps:...

5.4CVSS7.2AI score0.01488EPSS
Exploits0
NCSC
NCSC
•added 2023/06/13 12:0 a.m.•9 views

Vulnerabilities fixed in SAP

SAP has fixed vulnerabilities in several products, including NetWeaver, CRM and SAPUI5. A malicious person could exploit them to carry out attacks that can lead to the following categories of damage: Cross-Site Scripting XSS. Denial-of-Service DoS. Bypassing authentication SQL Injection SAP has...

8.2CVSS7AI score0.00596EPSS
Exploits0
NCSC
NCSC
•added 2023/06/13 12:0 a.m.•7 views

Vulnerabilities fixed in Microsoft Windows

Microsoft has fixed vulnerabilities in Windows. A malicious party can exploit the vulnerabilities to launch attacks execute attacks that can lead to the following categories of damage: Denial-of-Service DoS. Circumvention of security measure Remote code execution Administrator/Root rights Remote...

9.8CVSS7.7AI score0.22133EPSS
Exploits2
NCSC
NCSC
•added 2023/06/13 12:0 a.m.•47 views

Vulnerabilities fixed in Microsoft Developer Tools

Microsoft has fixed vulnerabilities in several Developer Tools. A malicious party can exploit the vulnerabilities to launch attacks execute attacks that can lead to the following categories of damage: Denial-of-Service DoS. Remote code execution Administrator/Root privileges Remote code execution...

7.8CVSS8.5AI score0.51883EPSS
Exploits2
NCSC
NCSC
•added 2023/06/12 12:0 a.m.•9 views

Vulnerabilities fixed in Fortinet FortiGate

Fortinet has released updates to its FortiGate software. Security researchers indicate that in these updates a serious vulnerability has been fixed in the VPN-SSL. A malicious party could exploit the vulnerability to execute arbitrary code without prior authentication to execute arbitrary code on...

9.8CVSS7.8AI score0.85689EPSS
Exploits10
NCSC
NCSC
•added 2023/06/08 12:0 a.m.•5 views

Vulnerability fixed in Cisco Anyconnect Secure Mobility Client and Secure Client

Cisco has fixed a vulnerability in Anyconnect Secure Mobility Client and Secure Client for windows. A local, authenticated malicious party could exploit the vulnerability to grant themselves elevated privileges and execute arbitrary code execute code with privileges from SYSTEM. Cisco has release...

7.8CVSS7.5AI score0.05374EPSS
Exploits1
NCSC
NCSC
•added 2023/06/08 12:0 a.m.•7 views

Vulnerabilities fixed in VMware Aria Operations Networks

VMware has fixed vulnerabilities in Aria Operations Networks aka vRealize Network Insight. A malicious party could exploit the vulnerabilities to gain access to sensitive data, or to execute arbitrary code on the underlying system. The most serious vulnerability has been labeled CVE-2023-20887 an...

9.8CVSS8.6AI score0.98281EPSS
Exploits7
NCSC
NCSC
•added 2023/06/08 12:0 a.m.•6 views

Vulnerabilities fixed in Cisco Unified Communication Manager

Cisco has fixed vulnerabilities in Unified Communication Manager. An unauthenticated malicious person with access to the web interface could exploit the vulnerabilities to cause a denial-of-service attack. Cisco has released updates to fix the vulnerabilities in Unified Communication Manager. For...

7.5CVSS7AI score0.00933EPSS
Exploits0
NCSC
NCSC
•added 2023/06/08 12:0 a.m.•5 views

Vulnerabilities fixed in Mozilla Firefox

Mozilla has fixed vulnerabilities in Firefox and Firefox ESR. A malicious party could exploit the vulnerabilities to circumvent a security measure, cause a denial-of-service cause, or potentially execute arbitrary code in the scope of the browser. Mozilla has released updates to fix the...

9.8CVSS7.6AI score0.0093EPSS
Exploits0
NCSC
NCSC
•added 2023/06/08 12:0 a.m.•8 views

Vulnerability fixed in Cisco ASA and Firepower Threat defense

Cisco has fixed a vulnerability in ASA and FTD. A unauthenticated malicious person could exploit the vulnerability to cause cause a denial-of-service on the vulnerable system. The vulnerability is in the way ASA and FTD handle SSL/TLS traffic. Cisco has released updates to fix the vulnerability i...

8.6CVSS6.8AI score0.00919EPSS
Exploits0
NCSC
NCSC
•added 2023/06/07 12:0 a.m.•6 views

Vulnerabilities fixed in GeoServer

GeoServer has fixed vulnerabilities in the OGC filters of GeoServer and GeoTools. A malicious party can exploit exploit the vulnerabilities to improperly access publicly access publicly accessible data or execute arbitrary SQL code on the underlying database. execute arbitrary SQL code on the...

9.8CVSS8.2AI score0.85247EPSS
Exploits3
NCSC
NCSC
•added 2023/06/06 12:0 a.m.•2 views

Vulnerabilities fixed in Google Chrome

Google has fixed two vulnerabilities in Chrome. Of one vulnerability no substantive information or CVE attribute has been disclosed stated. The vulnerability with attribute CVE-2023-3079 allows a malicious person to remotely capable of executing arbitrary code in the scope of the browser,...

8.8CVSS7.3AI score0.32724EPSS
Exploits2
NCSC
NCSC
•added 2023/06/06 12:0 a.m.•79 views

Vulnerabilities fixed in Google Android and Samsung Mobile

Google has fixed vulnerabilities in Android. Also fixed vulnerabilities in closed-source parts of Android that are developed by third parties, such as Qualcomm, Arm, Imagination Technologies, Unisoc and Widevine. The vulnerabilities potentially enable a malicious person to execute attacks that...

10CVSS7.9AI score0.01599EPSS
Exploits0
NCSC
NCSC
•added 2023/06/06 12:0 a.m.•73 views

Vulnerabilities fixed in GitLab Enterprise Edition and Community Edition

GitLab has fixed vulnerabilities in GitLab Enterprise Edition EE and Community Edition CE. A malicious party could vulnerabilities to exploit attacks that can result in the following categories of damage: Cross-Site Scripting XSS. Denial-of-Service DoS. Manipulation of data Circumvention of...

8.7CVSS6.4AI score0.96058EPSS
Exploits0
NCSC
NCSC
•added 2023/06/05 12:0 a.m.•5 views

Vulnerability fixed in Sailpoint IdentityIQ

Sailpoint has fixed a vulnerability in IdentityIQ. A authenticated malicious person could exploit the vulnerability to execute arbitrary code in the application, potentially gain access to user credentials and authorization information. Sailpoint has released updates to fix the vulnerability in a...

9CVSS7.3AI score0.00628EPSS
Exploits0
NCSC
NCSC
•added 2023/06/05 12:0 a.m.•8 views

Vulnerabilities fixed in IBM Aspera Connect and Aspera Cargo

IBM has fixed vulnerabilities in Aspera Connect and Aspera Cargo. A malicious party could exploit the vulnerabilities to access gain access to login credentials, or to be able to execute arbitrary code execute with application privileges. IBM has released updates to fix the vulnerabilities in...

8.4CVSS7.3AI score0.00545EPSS
Exploits0
NCSC
NCSC
•added 2023/06/02 12:0 a.m.•65 views

Vulnerabilities fixed in Splunk

Splunk has fixed vulnerabilities in Splunk Enterprise, Splunk Universal Forwarders and Splunk Cloud. A malicious party could vulnerabilities to exploit attacks that can lead to the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Data manipulation. Remote code...

9.9CVSS7.2AI score0.73537EPSS
Exploits7
NCSC
NCSC
•added 2023/06/02 12:0 a.m.•66 views

Vulnerabilities fixed in Rancher

Vulnerabilities have been fixed in Rancher. The vulnerability with reference CVE-2022-43760 allows a malicious person to perform a Cross-Site Scripting attack. Such an attack can lead to execution of arbitrary code in the context of the browser of the victim. The vulnerabilities marked...

9.9CVSS7.4AI score0.00715EPSS
Exploits0
NCSC
NCSC
•added 2023/06/01 12:0 a.m.•5 views

Vulnerability fixed in Arista series 7000 switches

Arista has fixed a vulnerability in the EOS software of several Series 7000 switches. A malicious party can exploit abuse the vulnerability to use a manipulated DHCP packet to crash and restart the DHCP relay service to crash and restart, thus creating a partial Denial-of-Service can occur. Arist...

7.5CVSS6.9AI score0.00616EPSS
Exploits0
NCSC
NCSC
•added 2023/06/01 12:0 a.m.•18 views

Vulnerabilities fixed in IBM QRadar Wincollect Agent

IBM has fixed vulnerabilities in the Wincollect Agent of QRadar. A local malicious person could exploit the vulnerabilities to grant themselves elevated privileges and execute arbitrary code execute code with permissions from the underlying system. IBM has released updates to fix the...

8.2CVSS7.3AI score0.00203EPSS
Exploits0
NCSC
NCSC
•added 2023/06/01 12:0 a.m.•3 views

Actively exploited vulnerability fixed in Progress MOVEit

Progress has fixed a vulnerability in MOVEit Transfer. The vulnerability allows an unauthenticated remote malicious person able to obtain sensitive data processed through the application being processed. In addition, the vulnerability could potentially be exploited to obtain administrator...

6.8AI score
Exploits0
NCSC
NCSC
•added 2023/06/01 12:0 a.m.•8 views

Vulnerability fixed in VMWare Workspace ONE and Identity Manager

VMWare has fixed a vulnerability in Workspace ONE and Identity Manager vIDM. A malicious party could exploit it for a redirect attack, thus tricking the victim into trick the victim into contacting a server under its own control. This may allow the malicious party to obtain login credentials and...

6.1CVSS6.8AI score0.00348EPSS
Exploits0
NCSC
NCSC
•added 2023/06/01 12:0 a.m.•6 views

Vulnerabilities fixed in Joomla!

Joomla! has fixed vulnerabilities in the MultiFactor Authentication system of Joomla! CMS. An unauthenticated malicious party could exploit the vulnerabilities to launch a Cross-Site-Scripting XSS attack, or to use brute force to access the account. forcing to gain access to a user's account and...

7.5CVSS6.9AI score0.0056EPSS
Exploits0
NCSC
NCSC
•added 2023/06/01 12:0 a.m.•5 views

Vulnerabilities fixed in Google Chrome

Google has fixed vulnerabilities in Chrome. A malicious person could exploit the vulnerabilities to cause a denial-of-service cause, execute arbitrary code in the scope of the browser, or to gain access to sensitive data in the scope of the browser. This requires the malicious party to trick the...

8.8CVSS7.8AI score0.23855EPSS
Exploits2
NCSC
NCSC
•added 2023/05/30 12:0 a.m.•6 views

Vulnerabilities fixed in Dell EMC Powerpath

Dell has fixed vulnerabilities in Powerpath. A local malicious person could exploit the vulnerabilities to grant themselves elevated privileges and execute code with SYSTEM privileges, or to gain access to the license key and thereby perform unauthorized new installations. Dell has released updat...

7.8CVSS7.6AI score0.00176EPSS
Exploits0
NCSC
NCSC
•added 2023/05/30 12:0 a.m.•36 views

Vulnerabilities fixed in Zimbra Collaboration Suite

Zimbra has fixed vulnerabilities in the Zimbra Collaboration Suite ZCS. A malicious party can exploit the vulnerabilities to perform attacks that could result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Bypassing authentication Bypassing security measure...

9.8CVSS7AI score0.8377EPSS
Exploits12
NCSC
NCSC
•added 2023/05/26 12:0 a.m.•5 views

Vulnerabilities fixed in LibreOffice

The Document Foundation has fixed two vulnerabilities in LibreOffice. A malicious party could exploit the vulnerabilities to cause a denial-of-service, or possibly execute code with the victim's privileges. This requires the malicious party to trick the victim into opening a malicious document to...

7.8CVSS7.3AI score0.02244EPSS
Exploits2
NCSC
NCSC
•added 2023/05/26 12:0 a.m.•4 views

Vulnerability fixed in Atlassian Confluence

Atlassian has fixed a vulnerability in Confluence. A authenticated malicious person with read-only privileges can exploit the exploit the vulnerability to upload files in places where the malicious party is not authorized to do. Atlassian has released updates to fix the vulnerability in Confluenc...

6.5CVSS7AI score0.00747EPSS
Exploits0
NCSC
NCSC
•added 2023/05/25 12:0 a.m.•4 views

Vulnerability fixed in VMWare NSX-T

VMWare has fixed a vulnerability in NSX-T. A unauthenticated malicious person could exploit the vulnerability to perform perform a cross-site scripting attack on the underlying applications. Such an attack can lead to execution of arbitrary code in the context of the victim's browser, or access t...

6.1CVSS6.4AI score0.00471EPSS
Exploits0
NCSC
NCSC
•added 2023/05/25 12:0 a.m.•5 views

Vulnerabilities fixed in Zyxel firewalls

Zyxel has fixed vulnerabilities in the firmware of firewall series ATP, USG FLEX, VPN and ZyWall/USG. An unauthenticated malicious party could exploit the vulnerabilities to cause a denial-of-service, and possibly also to execute arbitrary execute arbitrary code on the vulnerable system. Zyxel ha...

9.8CVSS7.8AI score0.28813EPSS
Exploits0
NCSC
NCSC
•added 2023/05/25 12:0 a.m.•4 views

ZeroDay vulnerability fixed in Barracuda Email Security Gateway

Barracuda Networks has fixed a vulnerability in its Email Security Gateway appliance ESG. The vulnerability allows an unauthenticated malicious person to gain access gain access to the vulnerable system and execute arbitrary code. execute. Barracuda Networks indicates that this vulnerability has...

9.8CVSS7.3AI score0.86956EPSS
Exploits3
NCSC
NCSC
•added 2023/05/25 12:0 a.m.•8 views

Vulnerability fixed in BitDefender

BitDefender has fixed a vulnerability in Bitdefender Total Security, Bitdefender Internet Security and Bitdefender Antivirus Plus. A malicious person could exploit the vulnerability to grant themselves granted elevated privileges and potentially execute arbitrary code execute arbitrary code with...

7.8CVSS7.7AI score0.00188EPSS
Exploits0
Total number of security vulnerabilities4209