4209 matches found
Vulnerabilities fixed in Oracle Supply Chain
Vulnerabilities have been fixed in Oracle Supply Chain Products Suite, specifically in the Agile PLM. The vulnerabilities allow a malicious party to perform attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Access to sensitive data...
Vulnerability fixed in Schneider Electric PowerLogic
Schneider Electric has fixed a vulnerability in PowerLogic HDPM6000. A malicious party could exploit the vulnerability to cause a denial-of-service DoS, or possibly to execute arbitrary execute arbitrary code on the vulnerable system, by sending specially prepared Ethernet packets. To send the...
Vulnerabilities fixed in SolarWinds Platform
Solarwinds has fixed vulnerabilities in Solarwinds Platform and the Database Performance Analyzer DPA. A pre-authenticated malicious person can exploit the vulnerabilities exploit them for attacks that can result in the following categories of damage: Cross-Site Scripting XSS. Remote code executi...
Vulnerabilities fixed in Google Chrome
Google has fixed vulnerabilities in Chrome. A malicious person could exploit the vulnerabilities to cause a denial-of-service, to gain access to system data, or to execute arbitrary code in the context of the browser of the victim. To do this, the malicious party must trick the victim into openin...
Vulnerabilities fixed in Oracle JD Edwards
Vulnerabilities have been fixed in Oracle JD Edwards products. The vulnerabilities potentially enable a malicious party to launch attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS. Manipulation of data Remote code execution User Rights Access to...
Vulnerabilities fixed in Oracle Solaris
Oracle has fixed vulnerabilities in Oracle Solaris. The vulnerabilities potentially enable a malicious party to launch attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS. Manipulation of data Increased user privileges...
Vulnerabilities fixed in Oracle Peoplesoft
Vulnerabilities have been fixed in Oracle PeopleSoft. The vulnerabilities allow a malicious party to carry out attacks execute attacks that can result in the following categories of damage: Denial-of-Service DoS. Remote code execution User Rights Access to sensitive data...
Vulnerabilities fixed in Oracle Construction and Engineering
Oracle has fixed vulnerabilities in Primavera P6 Enterprise Project Portfolio Management and Primavera Unifier. The vulnerability with reference CVE-2022-27404 allows an unauthenticated malicious party to execute arbitrary code under the rights of the application...
Vulnerabilities fixed in Oracle Communications Applications
Vulnerabilities have been fixed in Oracle Communications Applications. The vulnerabilities allow a malicious party to perform attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Bypassing authentication Bypassing security measure Remote code...
Vulnerabilities fixed in Oracle Essbase
Oracle has fixed vulnerabilities in Oracle Essbase. The vulnerabilities allow a malicious party to cause a denial-of-service DoS or to gain access to sensitive data. ------------------.------.------------------------------------- | CVE ID | CVSS | Vector |...
Vulnerabilities fixed in Oracle Java SE
Vulnerabilities have been fixed in Oracle Java SE. The vulnerabilities allow a malicious party to perform attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Access to system data...
Vulnerabilities fixed in Oracle MySQL
Vulnerabilities have been fixed in Oracle MySQL. The vulnerabilities allow a malicious party to launch attacks that lead to the following categories of damage: Denial-of-Service DoS Manipulation of data Access to sensitive data Oracle has fixed vulnerabilities in the following products: - MySQL...
Vulnerabilities fixed in Oracle Communications
Vulnerabilities have been fixed in Oracle Communications. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS. Bypassing authentication Remote code execution User rights Access to system data...
Vulnerabilities fixed in Oracle Financial Services Applications
Vulnerabilities have been fixed in several Oracle Financial Services Applications. The vulnerabilities allow a malicious able to perform attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution Administrator/Root rights Access to...
Vulnerabilities fixed in Oracle Fusion Middleware
Oracle has fixed vulnerabilities in several Oracle Fusion Middleware products. The vulnerabilities allow a malicious potentially able to launch attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution Administrator/Root rights...
Vulnerabilities fixed in Oracle Database Server
Vulnerabilities have been fixed in Oracle Database Server. The vulnerabilities allow a malicious party to carry out attacks execute attacks that lead to a denial-of-service DoS or manipulation of data. Oracle has fixed vulnerabilities in the following products: - Oracle Database Server - Oracle...
Vulnerabilities fixed in Google Chrome
Google has fixed two vulnerabilities in Chrome. No CVE ID has been disclosed of one of the vulnerabilities. The vulnerability with attribute CVE-2023-2033 allows a malicious person remotely able to cause a denial-of-service, or to execute arbitrary code in the context of the browser of the victim...
Vulnerabilities fixed in IBM AIX
IBM has fixed vulnerabilities in AIX. The vulnerabilities allow a local, authenticated user to execute arbitrary execute commands on the system. Even those for which the malicious user is not initially authorized to do. IBM has released updates to fix the vulnerabilities in AIX. For more...
Vulnerabilities fixed in Autodesk AutoCad
Autodesk has fixed vulnerabilities in AutoCad. A malicious party could exploit the vulnerabilities to cause a denial-of-service, or possibly execute code with user privileges. This requires the malicious party to trick the victim into opening a rogue XB file to open. Autodesk has released updates...
Vulnerabilities fixed in Juniper JunOS
Juniper has fixed vulnerabilities in JunOS. A malicious person can exploit the vulnerabilities to carry out attacks that can lead to the following categories of damage: Denial-of-Service DoS. Circumvention of security measure Remote code execution Administrator/Root rights Remote code execution...
Vulnerabilities fixed in Schneider Electric Modicon components
Schneider Electric has fixed vulnerabilities in several Modicon components. A malicious party could exploit the vulnerabilities to cause a denial-of-service, or to manipulate the operation of the vulnerable components. To do this, however, the malicious party must have access to the production...
Vulnerabilities fixed in Fortinet FortiSandbox
Fortinet has fixed vulnerabilities in FortiSandbox. A authenticated malicious person could exploit the vulnerabilities to execute arbitrary code, or to gain access to sensitive data from within the underlying system. Fortinet has released updates to fix the vulnerabilities in FortiSandbox. For mo...
Vulnerabilities fixed in Adobe Dimension
Adobe has fixed vulnerabilities in Dimension. A malicious person could exploit the vulnerabilities to gain access to sensitive data in the victim's context, or to execute arbitrary code execute arbitrary code with the victim's privileges. To do this, the malicious party must trick the victim into...
Vulnerability fixed in Adobe Digital Editions
Adobe has fixed a vulnerability in Digital Editions. A malicious party can exploit the vulnerability to execute arbitrary code execute arbitrary code. To do this, the malicious party must trick the victim into opening a malicious file to open. Adobe has released updates to fix the vulnerability i...
Vulnerabilities fixed in Adobe Acrobat and Acrobat Reader
Adobe has fixed vulnerabilities in Acrobat and Acrobat Reader. A malicious party can exploit the vulnerabilities for attacks that can lead to the following categories of damage: Circumvention of security measure. Remote code execution User rights Access to sensitive data Increased user privileges...
Vulnerabilities fixed in Fortinet FortiWeb and FortiADC
Fortinet has fixed vulnerabilities in FortiWeb and FortiADC. A malicious party can exploit the vulnerability with reference CVE-2022-43955 exploit to perform a cross-site scripting attack XSS on the web interface of the vulnerable systems. Such an attack can lead to execution of code within the...
Vulnerabilities fixed in Fortinet FortiClient
Fortinet has fixed vulnerabilities in the FortiClient. A local malicious person can exploit the vulnerabilities to grant themselves elevated privileges, be able to create arbitrary files be able to create arbitrary files on the underlying system and potentially execute arbitrary code execution...
Vulnerability fixed in Adobe InCopy
Adobe has fixed a vulnerability in InCopy. A malicious person could exploit the vulnerability to execute arbitrary code with the victim's privileges. To do so, the malicious party must trick the victim into opening a malicious file to open. Adobe has released updates to fix the vulnerability in...
Vulnerabilities fixed in FortiOS and FortiProxy
Fortinet has fixed vulnerabilities in FortiOS and FortiProxy. A malicious person with access to the management interface can exploit the vulnerability with attribute CVE-2022-41330 to exploit it to perform a cross-site scripting XSS attack. Such an attack can lead to execution of arbitrary code i...
Vulnerabilities fixed in Schneider Electric EcoStruxture Control Expert
Schneider Electric has fixed vulnerabilities in EcoStruxture Control Expert. A malicious party could exploit the vulnerabilities to cause a denial-of-service, or to execute arbitrary code execute arbitrary code on the vulnerable environment. To do so, the malicious party must have access to the...
Vulnerabilities fixed in Mozilla Firefox and Thunderbird
Mozilla has fixed vulnerabilities in Firefox and Thunderbird. A malicious party can exploit the vulnerabilities to launch attacks execute attacks that can lead to the following categories of damage: Denial-of-Service DoS. Circumvention of security measure. Remote code execution User rights Spoofi...
Vulnerabilities fixed in Microsoft Azure
Microsoft has fixed vulnerabilities in the Azure components Service Connector and Machine Learning. A malicious party could exploit the vulnerabilities to bypass internal firewall rules, or to gain access to logging data. The malicious party must be authenticated with the appropriate...
Fixed vulnerabilities in HP Laserjet printers and multifunctionals
Hewlett Packard has fixed vulnerabilities in the firmware of several HP Laserjet, Color Laserjet and Laserjet Pro printers and multifunction devices. An unauthenticated malicious person with access to the local network could exploit the vulnerabilities to cause a denial-of-service cause, or to...
Vulnerabilities fixed in Microsoft SQL Server
Microsoft has fixed vulnerabilities in MS SQL Server. The vulnerabilities allow a malicious person to execute arbitrary execute arbitrary code with SYSTEM privileges. To exploit the vulnerabilities exploit, the malicious party must trick a user of SQL Server entice a rogue query to open and...
Vulnerabilities fixed in Microsoft Developer Tools
Microsoft has fixed vulnerabilities in Microsoft Developer Tools. A malicious party could exploit the vulnerabilities to gain access to sensitive data, obtain elevated privileges or execute arbitrary code. To do so the malicious party must have access to a system on which the vulnerable...
Vulnerabilities fixed in SAP products
SAP has released updates for several products, including SAP, SAP Gui, CRM, Netweaver and Business Objects. A malicious person could vulnerabilities potentially exploit and cause damage in the categories below: Cross-Site Scripting XSS Denial-of-Service DoS. Manipulation of data Bypassing...
Vulnerability fixed in Microsoft Defender
Microsoft has fixed a vulnerability in Defender. The vulnerability allows a malicious party to cause a denial-of-service exploit. Microsoft Defender for Endpoint: |----------------|------|-------------------------------------| | CVE ID | CVSS | Impact |...
Vulnerabilities fixed in Microsoft Dynamics
Microsoft has fixed vulnerabilities in Dynamics 365. A remote malicious person could exploit the vulnerabilities for a cross-site scripting attack. Such an attack can result in execution of code in the context of the victim's browser and thereby potentially accessing sensitive data. Microsoft...
Vulnerabilities fixed in Microsoft Office
Microsoft has fixed vulnerabilities in several Office products. A malicious person could exploit the vulnerabilities to execute arbitrary code with the victim's privileges. The malicious party must trick the victim into opening a malicious file to open. The vulnerability in Sharepoint allows an...
Vulnerability fixed in Node.js vm2
A vulnerability has been fixed in vm2. vm2 is a package for Node.js and provides a sandbox environment for running untrusted code. The vulnerability allows a malicious party to to break out of the sandbox and thus execute code on the system on which vm2 is running. The way the vulnerability can b...
Vulnerabilities fixed in Siemens products
Siemens has fixed vulnerabilities in, among others: TIA Portal, SIPROTEC, SICAM , SCALANCE, SIMANTIC and Mendix. The vulnerabilities potentially enable a malicious party to launch attacks that could result in the following categories of damage: Denial-of-Service DoS. Remote code execution User...
Vulnerabilities fixed in Microsoft Windows
Microsoft has fixed vulnerabilities in Windows. A malicious party can exploit the vulnerabilities to launch attacks execute attacks that can lead to the following categories of damage: Denial-of-Service DoS. Circumvention of security measure Remote code execution Administrator/Root rights Remote...
Vulnerabilities fixed in Apple macOS, iOS and iPadOS
Apple has fixed vulnerabilities in macOS, iOS, iPadOS and Safari. The vulnerabilities allow an unauthenticated remote malicious party to execute arbitrary code. execute. Apple says it has received signals of active misuse of the vulnerabilities. Organizations are advised to implement the made...
Vulnerabilities fixed in Cisco Prime Infrastructure and Evolved Programmable Network Manager (EPNM)
Cisco has fixed vulnerabilities in the web management interface of Prime Infrastructure and Evolved Programmable Network Manager EPNM. A malicious person with access to the management interface can exploit the exploit vulnerabilities to obtain system information, or to execute commands in the...
Vulnerabilities fixed in IBM QRadar SIEM
IBM fixed vulnerabilities in subcomponents of QRadar SIEM: Data Synchronization App, Use Case Manager app, QRadar Assistant app, Data Synchronization app and Wincollect agent. A malicious party can exploit the vulnerabilities to cause a denial-of-service, to gain access to sensitive data, or to...
Vulnerabilities fixed in Google Chrome and Chromium
Google has fixed several vulnerabilities in Chrome. A remote malicious can exploit the vulnerabilities to perform execute attacks that can lead to the following categories of damage: Denial-of-Service DoS Circumvention of security measure Remote code execution User rights Access to sensitive data...
Vulnerabilities fixed in Google Android and Samsung Mobile
Google has fixed vulnerabilities in Android. Also fixed vulnerabilities in closed-source parts of Android that are developed by third parties, such as Qualcomm, Arm, Imagination Technologies, Unisoc and Mediatek. The vulnerabilities potentially enable a malicious person to execute attacks that...
Vulnerability fixed in HP LaserJet printers
HP has fixed a vulnerability in the firmware of several LaserJet systems. An unauthenticated malicious person could exploit the exploit the vulnerability to gain access to sensitive data when IPSEC is enabled. HP has released updates to fix the vulnerability in the vulnerable LaserJet systems. Fo...
Vulnerabilities fixed in Dell EMC Networker
Dell has fixed vulnerabilities in EMC Networker. A authenticated malicious person could exploit the vulnerabilities to bypass security measures or execute arbitrary code execute application privileges on the underlying system. Under normal circumstances, the application runs with limited...
Vulnerabilities fixed in IBM Aspera Cargo and Connect
IBM has fixed vulnerabilities in Aspera Connect and Aspera Cargo. A local malicious party could exploit the vulnerabilities to cause a Buffer overflow. This usually leads to a Denial-of-Service, but can also lead to execution of arbitrary code on the system. The malicious party does not need prio...