Lucene search
K

4209 matches found

NCSC
NCSC
•added 2023/04/20 12:0 a.m.•3 views

Vulnerabilities fixed in Oracle Supply Chain

Vulnerabilities have been fixed in Oracle Supply Chain Products Suite, specifically in the Agile PLM. The vulnerabilities allow a malicious party to perform attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Access to sensitive data...

7.5CVSS6.6AI score0.02706EPSS
Exploits2
NCSC
NCSC
•added 2023/04/20 12:0 a.m.•4 views

Vulnerability fixed in Schneider Electric PowerLogic

Schneider Electric has fixed a vulnerability in PowerLogic HDPM6000. A malicious party could exploit the vulnerability to cause a denial-of-service DoS, or possibly to execute arbitrary execute arbitrary code on the vulnerable system, by sending specially prepared Ethernet packets. To send the...

9.8CVSS7.8AI score0.01118EPSS
Exploits0
NCSC
NCSC
•added 2023/04/20 12:0 a.m.•41 views

Vulnerabilities fixed in SolarWinds Platform

Solarwinds has fixed vulnerabilities in Solarwinds Platform and the Database Performance Analyzer DPA. A pre-authenticated malicious person can exploit the vulnerabilities exploit them for attacks that can result in the following categories of damage: Cross-Site Scripting XSS. Remote code executi...

7.8CVSS7.1AI score0.0839EPSS
Exploits0
NCSC
NCSC
•added 2023/04/20 12:0 a.m.•3 views

Vulnerabilities fixed in Google Chrome

Google has fixed vulnerabilities in Chrome. A malicious person could exploit the vulnerabilities to cause a denial-of-service, to gain access to system data, or to execute arbitrary code in the context of the browser of the victim. To do this, the malicious party must trick the victim into openin...

9.6CVSS9.4AI score0.05786EPSS
Exploits0
NCSC
NCSC
•added 2023/04/20 12:0 a.m.•6 views

Vulnerabilities fixed in Oracle JD Edwards

Vulnerabilities have been fixed in Oracle JD Edwards products. The vulnerabilities potentially enable a malicious party to launch attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS. Manipulation of data Remote code execution User Rights Access to...

10CVSS7AI score0.44881EPSS
Exploits8
NCSC
NCSC
•added 2023/04/20 12:0 a.m.•6 views

Vulnerabilities fixed in Oracle Solaris

Oracle has fixed vulnerabilities in Oracle Solaris. The vulnerabilities potentially enable a malicious party to launch attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS. Manipulation of data Increased user privileges...

7.8CVSS6.5AI score0.00658EPSS
Exploits0
NCSC
NCSC
•added 2023/04/20 12:0 a.m.•7 views

Vulnerabilities fixed in Oracle Peoplesoft

Vulnerabilities have been fixed in Oracle PeopleSoft. The vulnerabilities allow a malicious party to carry out attacks execute attacks that can result in the following categories of damage: Denial-of-Service DoS. Remote code execution User Rights Access to sensitive data...

10CVSS7.7AI score0.16151EPSS
Exploits7
NCSC
NCSC
•added 2023/04/19 12:0 a.m.•3 views

Vulnerabilities fixed in Oracle Construction and Engineering

Oracle has fixed vulnerabilities in Primavera P6 Enterprise Project Portfolio Management and Primavera Unifier. The vulnerability with reference CVE-2022-27404 allows an unauthenticated malicious party to execute arbitrary code under the rights of the application...

9.8CVSS7.7AI score0.03307EPSS
Exploits3
NCSC
NCSC
•added 2023/04/19 12:0 a.m.•6 views

Vulnerabilities fixed in Oracle Communications Applications

Vulnerabilities have been fixed in Oracle Communications Applications. The vulnerabilities allow a malicious party to perform attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Bypassing authentication Bypassing security measure Remote code...

9.8CVSS8AI score0.99615EPSS
Exploits23
NCSC
NCSC
•added 2023/04/19 12:0 a.m.•7 views

Vulnerabilities fixed in Oracle Essbase

Oracle has fixed vulnerabilities in Oracle Essbase. The vulnerabilities allow a malicious party to cause a denial-of-service DoS or to gain access to sensitive data. ------------------.------.------------------------------------- | CVE ID | CVSS | Vector |...

9.8CVSS6.6AI score0.04494EPSS
Exploits7
NCSC
NCSC
•added 2023/04/19 12:0 a.m.•7 views

Vulnerabilities fixed in Oracle Java SE

Vulnerabilities have been fixed in Oracle Java SE. The vulnerabilities allow a malicious party to perform attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Access to system data...

7.5CVSS6AI score0.02474EPSS
Exploits1
NCSC
NCSC
•added 2023/04/19 12:0 a.m.•5 views

Vulnerabilities fixed in Oracle MySQL

Vulnerabilities have been fixed in Oracle MySQL. The vulnerabilities allow a malicious party to launch attacks that lead to the following categories of damage: Denial-of-Service DoS Manipulation of data Access to sensitive data Oracle has fixed vulnerabilities in the following products: - MySQL...

9.8CVSS7.1AI score0.1654EPSS
Exploits4
NCSC
NCSC
•added 2023/04/19 12:0 a.m.•17 views

Vulnerabilities fixed in Oracle Communications

Vulnerabilities have been fixed in Oracle Communications. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS. Bypassing authentication Remote code execution User rights Access to system data...

10CVSS8.1AI score0.99615EPSS
Exploits51
NCSC
NCSC
•added 2023/04/19 12:0 a.m.•13 views

Vulnerabilities fixed in Oracle Financial Services Applications

Vulnerabilities have been fixed in several Oracle Financial Services Applications. The vulnerabilities allow a malicious able to perform attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution Administrator/Root rights Access to...

9.8CVSS7.9AI score0.99931EPSS
Exploits76
NCSC
NCSC
•added 2023/04/19 12:0 a.m.•18 views

Vulnerabilities fixed in Oracle Fusion Middleware

Oracle has fixed vulnerabilities in several Oracle Fusion Middleware products. The vulnerabilities allow a malicious potentially able to launch attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution Administrator/Root rights...

9.8CVSS8.2AI score0.99677EPSS
Exploits127
NCSC
NCSC
•added 2023/04/19 12:0 a.m.•9 views

Vulnerabilities fixed in Oracle Database Server

Vulnerabilities have been fixed in Oracle Database Server. The vulnerabilities allow a malicious party to carry out attacks execute attacks that lead to a denial-of-service DoS or manipulation of data. Oracle has fixed vulnerabilities in the following products: - Oracle Database Server - Oracle...

9.8CVSS6.3AI score0.99615EPSS
Exploits10
NCSC
NCSC
•added 2023/04/17 12:0 a.m.•3 views

Vulnerabilities fixed in Google Chrome

Google has fixed two vulnerabilities in Chrome. No CVE ID has been disclosed of one of the vulnerabilities. The vulnerability with attribute CVE-2023-2033 allows a malicious person remotely able to cause a denial-of-service, or to execute arbitrary code in the context of the browser of the victim...

8.8CVSS7AI score0.40798EPSS
Exploits1
NCSC
NCSC
•added 2023/04/13 12:0 a.m.•6 views

Vulnerabilities fixed in IBM AIX

IBM has fixed vulnerabilities in AIX. The vulnerabilities allow a local, authenticated user to execute arbitrary execute commands on the system. Even those for which the malicious user is not initially authorized to do. IBM has released updates to fix the vulnerabilities in AIX. For more...

8.4CVSS7.1AI score0.01457EPSS
Exploits3
NCSC
NCSC
•added 2023/04/13 12:0 a.m.•6 views

Vulnerabilities fixed in Autodesk AutoCad

Autodesk has fixed vulnerabilities in AutoCad. A malicious party could exploit the vulnerabilities to cause a denial-of-service, or possibly execute code with user privileges. This requires the malicious party to trick the victim into opening a rogue XB file to open. Autodesk has released updates...

7.8CVSS7.6AI score0.00303EPSS
Exploits0
NCSC
NCSC
•added 2023/04/13 12:0 a.m.•15 views

Vulnerabilities fixed in Juniper JunOS

Juniper has fixed vulnerabilities in JunOS. A malicious person can exploit the vulnerabilities to carry out attacks that can lead to the following categories of damage: Denial-of-Service DoS. Circumvention of security measure Remote code execution Administrator/Root rights Remote code execution...

9.8CVSS8.2AI score0.99931EPSS
Exploits42
NCSC
NCSC
•added 2023/04/12 12:0 a.m.•7 views

Vulnerabilities fixed in Schneider Electric Modicon components

Schneider Electric has fixed vulnerabilities in several Modicon components. A malicious party could exploit the vulnerabilities to cause a denial-of-service, or to manipulate the operation of the vulnerable components. To do this, however, the malicious party must have access to the production...

8.8CVSS7AI score0.00883EPSS
Exploits0
NCSC
NCSC
•added 2023/04/12 12:0 a.m.•7 views

Vulnerabilities fixed in Fortinet FortiSandbox

Fortinet has fixed vulnerabilities in FortiSandbox. A authenticated malicious person could exploit the vulnerabilities to execute arbitrary code, or to gain access to sensitive data from within the underlying system. Fortinet has released updates to fix the vulnerabilities in FortiSandbox. For mo...

8.8CVSS7.2AI score0.00975EPSS
Exploits0
NCSC
NCSC
•added 2023/04/12 12:0 a.m.•7 views

Vulnerabilities fixed in Adobe Dimension

Adobe has fixed vulnerabilities in Dimension. A malicious person could exploit the vulnerabilities to gain access to sensitive data in the victim's context, or to execute arbitrary code execute arbitrary code with the victim's privileges. To do this, the malicious party must trick the victim into...

7.8CVSS8AI score0.00334EPSS
Exploits0
NCSC
NCSC
•added 2023/04/12 12:0 a.m.•9 views

Vulnerability fixed in Adobe Digital Editions

Adobe has fixed a vulnerability in Digital Editions. A malicious party can exploit the vulnerability to execute arbitrary code execute arbitrary code. To do this, the malicious party must trick the victim into opening a malicious file to open. Adobe has released updates to fix the vulnerability i...

7.8CVSS7.3AI score0.00328EPSS
Exploits0
NCSC
NCSC
•added 2023/04/12 12:0 a.m.•4 views

Vulnerabilities fixed in Adobe Acrobat and Acrobat Reader

Adobe has fixed vulnerabilities in Acrobat and Acrobat Reader. A malicious party can exploit the vulnerabilities for attacks that can lead to the following categories of damage: Circumvention of security measure. Remote code execution User rights Access to sensitive data Increased user privileges...

7.8CVSS7.6AI score0.04566EPSS
Exploits0
NCSC
NCSC
•added 2023/04/12 12:0 a.m.•8 views

Vulnerabilities fixed in Fortinet FortiWeb and FortiADC

Fortinet has fixed vulnerabilities in FortiWeb and FortiADC. A malicious party can exploit the vulnerability with reference CVE-2022-43955 exploit to perform a cross-site scripting attack XSS on the web interface of the vulnerable systems. Such an attack can lead to execution of code within the...

8.8CVSS6.8AI score0.00642EPSS
Exploits0
NCSC
NCSC
•added 2023/04/12 12:0 a.m.•4 views

Vulnerabilities fixed in Fortinet FortiClient

Fortinet has fixed vulnerabilities in the FortiClient. A local malicious person can exploit the vulnerabilities to grant themselves elevated privileges, be able to create arbitrary files be able to create arbitrary files on the underlying system and potentially execute arbitrary code execution...

8.1CVSS7.3AI score0.00701EPSS
Exploits0
NCSC
NCSC
•added 2023/04/12 12:0 a.m.•8 views

Vulnerability fixed in Adobe InCopy

Adobe has fixed a vulnerability in InCopy. A malicious person could exploit the vulnerability to execute arbitrary code with the victim's privileges. To do so, the malicious party must trick the victim into opening a malicious file to open. Adobe has released updates to fix the vulnerability in...

7.8CVSS7.3AI score0.00365EPSS
Exploits0
NCSC
NCSC
•added 2023/04/12 12:0 a.m.•6 views

Vulnerabilities fixed in FortiOS and FortiProxy

Fortinet has fixed vulnerabilities in FortiOS and FortiProxy. A malicious person with access to the management interface can exploit the vulnerability with attribute CVE-2022-41330 to exploit it to perform a cross-site scripting XSS attack. Such an attack can lead to execution of arbitrary code i...

8.8CVSS6.5AI score0.00645EPSS
Exploits0
NCSC
NCSC
•added 2023/04/12 12:0 a.m.•6 views

Vulnerabilities fixed in Schneider Electric EcoStruxture Control Expert

Schneider Electric has fixed vulnerabilities in EcoStruxture Control Expert. A malicious party could exploit the vulnerabilities to cause a denial-of-service, or to execute arbitrary code execute arbitrary code on the vulnerable environment. To do so, the malicious party must have access to the...

8.8CVSS7.9AI score0.00845EPSS
Exploits0
NCSC
NCSC
•added 2023/04/12 12:0 a.m.•4 views

Vulnerabilities fixed in Mozilla Firefox and Thunderbird

Mozilla has fixed vulnerabilities in Firefox and Thunderbird. A malicious party can exploit the vulnerabilities to launch attacks execute attacks that can lead to the following categories of damage: Denial-of-Service DoS. Circumvention of security measure. Remote code execution User rights Spoofi...

9.8CVSS7.6AI score0.00974EPSS
Exploits0
NCSC
NCSC
•added 2023/04/11 12:0 a.m.•6 views

Vulnerabilities fixed in Microsoft Azure

Microsoft has fixed vulnerabilities in the Azure components Service Connector and Machine Learning. A malicious party could exploit the vulnerabilities to bypass internal firewall rules, or to gain access to logging data. The malicious party must be authenticated with the appropriate...

7.5CVSS6.3AI score0.01752EPSS
Exploits0
NCSC
NCSC
•added 2023/04/11 12:0 a.m.•4 views

Fixed vulnerabilities in HP Laserjet printers and multifunctionals

Hewlett Packard has fixed vulnerabilities in the firmware of several HP Laserjet, Color Laserjet and Laserjet Pro printers and multifunction devices. An unauthenticated malicious person with access to the local network could exploit the vulnerabilities to cause a denial-of-service cause, or to...

9.8CVSS7.9AI score0.01486EPSS
Exploits0
NCSC
NCSC
•added 2023/04/11 12:0 a.m.•7 views

Vulnerabilities fixed in Microsoft SQL Server

Microsoft has fixed vulnerabilities in MS SQL Server. The vulnerabilities allow a malicious person to execute arbitrary execute arbitrary code with SYSTEM privileges. To exploit the vulnerabilities exploit, the malicious party must trick a user of SQL Server entice a rogue query to open and...

7.8CVSS7.8AI score0.00871EPSS
Exploits0
NCSC
NCSC
•added 2023/04/11 12:0 a.m.•5 views

Vulnerabilities fixed in Microsoft Developer Tools

Microsoft has fixed vulnerabilities in Microsoft Developer Tools. A malicious party could exploit the vulnerabilities to gain access to sensitive data, obtain elevated privileges or execute arbitrary code. To do so the malicious party must have access to a system on which the vulnerable...

7.8CVSS8AI score0.01531EPSS
Exploits0
NCSC
NCSC
•added 2023/04/11 12:0 a.m.•55 views

Vulnerabilities fixed in SAP products

SAP has released updates for several products, including SAP, SAP Gui, CRM, Netweaver and Business Objects. A malicious person could vulnerabilities potentially exploit and cause damage in the categories below: Cross-Site Scripting XSS Denial-of-Service DoS. Manipulation of data Bypassing...

10CVSS7.4AI score0.23035EPSS
Exploits0
NCSC
NCSC
•added 2023/04/11 12:0 a.m.•5 views

Vulnerability fixed in Microsoft Defender

Microsoft has fixed a vulnerability in Defender. The vulnerability allows a malicious party to cause a denial-of-service exploit. Microsoft Defender for Endpoint: |----------------|------|-------------------------------------| | CVE ID | CVSS | Impact |...

7.5CVSS6.2AI score0.03049EPSS
Exploits0
NCSC
NCSC
•added 2023/04/11 12:0 a.m.•19 views

Vulnerabilities fixed in Microsoft Dynamics

Microsoft has fixed vulnerabilities in Dynamics 365. A remote malicious person could exploit the vulnerabilities for a cross-site scripting attack. Such an attack can result in execution of code in the context of the victim's browser and thereby potentially accessing sensitive data. Microsoft...

7.6CVSS6.1AI score0.00748EPSS
Exploits0
NCSC
NCSC
•added 2023/04/11 12:0 a.m.•9 views

Vulnerabilities fixed in Microsoft Office

Microsoft has fixed vulnerabilities in several Office products. A malicious person could exploit the vulnerabilities to execute arbitrary code with the victim's privileges. The malicious party must trick the victim into opening a malicious file to open. The vulnerability in Sharepoint allows an...

8.1CVSS7AI score0.06233EPSS
Exploits10
NCSC
NCSC
•added 2023/04/11 12:0 a.m.•4 views

Vulnerability fixed in Node.js vm2

A vulnerability has been fixed in vm2. vm2 is a package for Node.js and provides a sandbox environment for running untrusted code. The vulnerability allows a malicious party to to break out of the sandbox and thus execute code on the system on which vm2 is running. The way the vulnerability can b...

10CVSS7.4AI score0.63186EPSS
Exploits2
NCSC
NCSC
•added 2023/04/11 12:0 a.m.•79 views

Vulnerabilities fixed in Siemens products

Siemens has fixed vulnerabilities in, among others: TIA Portal, SIPROTEC, SICAM , SCALANCE, SIMANTIC and Mendix. The vulnerabilities potentially enable a malicious party to launch attacks that could result in the following categories of damage: Denial-of-Service DoS. Remote code execution User...

9.8CVSS8AI score0.3197EPSS
Exploits7
NCSC
NCSC
•added 2023/04/11 12:0 a.m.•8 views

Vulnerabilities fixed in Microsoft Windows

Microsoft has fixed vulnerabilities in Windows. A malicious party can exploit the vulnerabilities to launch attacks execute attacks that can lead to the following categories of damage: Denial-of-Service DoS. Circumvention of security measure Remote code execution Administrator/Root rights Remote...

9.8CVSS7.8AI score0.95454EPSS
Exploits22
NCSC
NCSC
•added 2023/04/08 12:0 a.m.•3 views

Vulnerabilities fixed in Apple macOS, iOS and iPadOS

Apple has fixed vulnerabilities in macOS, iOS, iPadOS and Safari. The vulnerabilities allow an unauthenticated remote malicious party to execute arbitrary code. execute. Apple says it has received signals of active misuse of the vulnerabilities. Organizations are advised to implement the made...

8.8CVSS7.4AI score0.27076EPSS
Exploits0
NCSC
NCSC
•added 2023/04/06 12:0 a.m.•4 views

Vulnerabilities fixed in Cisco Prime Infrastructure and Evolved Programmable Network Manager (EPNM)

Cisco has fixed vulnerabilities in the web management interface of Prime Infrastructure and Evolved Programmable Network Manager EPNM. A malicious person with access to the management interface can exploit the exploit vulnerabilities to obtain system information, or to execute commands in the...

6.5CVSS7.4AI score0.00917EPSS
Exploits0
NCSC
NCSC
•added 2023/04/06 12:0 a.m.•4 views

Vulnerabilities fixed in IBM QRadar SIEM

IBM fixed vulnerabilities in subcomponents of QRadar SIEM: Data Synchronization App, Use Case Manager app, QRadar Assistant app, Data Synchronization app and Wincollect agent. A malicious party can exploit the vulnerabilities to cause a denial-of-service, to gain access to sensitive data, or to...

9.8CVSS9.6AI score0.05664EPSS
Exploits8
NCSC
NCSC
•added 2023/04/06 12:0 a.m.•3 views

Vulnerabilities fixed in Google Chrome and Chromium

Google has fixed several vulnerabilities in Chrome. A remote malicious can exploit the vulnerabilities to perform execute attacks that can lead to the following categories of damage: Denial-of-Service DoS Circumvention of security measure Remote code execution User rights Access to sensitive data...

8.8CVSS9.7AI score0.01077EPSS
Exploits0
NCSC
NCSC
•added 2023/04/04 12:0 a.m.•10 views

Vulnerabilities fixed in Google Android and Samsung Mobile

Google has fixed vulnerabilities in Android. Also fixed vulnerabilities in closed-source parts of Android that are developed by third parties, such as Qualcomm, Arm, Imagination Technologies, Unisoc and Mediatek. The vulnerabilities potentially enable a malicious person to execute attacks that...

9.8CVSS8.9AI score0.12588EPSS
Exploits7
NCSC
NCSC
•added 2023/04/04 12:0 a.m.•4 views

Vulnerability fixed in HP LaserJet printers

HP has fixed a vulnerability in the firmware of several LaserJet systems. An unauthenticated malicious person could exploit the exploit the vulnerability to gain access to sensitive data when IPSEC is enabled. HP has released updates to fix the vulnerability in the vulnerable LaserJet systems. Fo...

7.5CVSS7AI score0.00867EPSS
Exploits0
NCSC
NCSC
•added 2023/04/04 12:0 a.m.•7 views

Vulnerabilities fixed in Dell EMC Networker

Dell has fixed vulnerabilities in EMC Networker. A authenticated malicious person could exploit the vulnerabilities to bypass security measures or execute arbitrary code execute application privileges on the underlying system. Under normal circumstances, the application runs with limited...

9.8CVSS7.3AI score0.01478EPSS
Exploits0
NCSC
NCSC
•added 2023/04/03 12:0 a.m.•7 views

Vulnerabilities fixed in IBM Aspera Cargo and Connect

IBM has fixed vulnerabilities in Aspera Connect and Aspera Cargo. A local malicious party could exploit the vulnerabilities to cause a Buffer overflow. This usually leads to a Denial-of-Service, but can also lead to execution of arbitrary code on the system. The malicious party does not need prio...

9.8CVSS6.8AI score0.00656EPSS
Exploits0
Total number of security vulnerabilities4209