Lucene search
K

4209 matches found

NCSC
NCSC
•added 2022/11/08 12:0 a.m.•6 views

Vulnerabilities fixed in SAP products

Vulnerabilities have been fixed in several SAP products. The vulnerabilities allow a malicious person to carry out attacks execute attacks that could potentially result in the following categories of damage: Denial-of-Service DoS Remote code execution User Rights Access to sensitive data Increase...

9.9CVSS9.6AI score0.17981EPSS
Exploits2
NCSC
NCSC
•added 2022/11/08 12:0 a.m.•11 views

Vulnerabilities fixed in Microsoft Exchange Server

Microsoft has fixed vulnerabilities in Microsoft Exchange Server. The vulnerabilities allow an authenticated malicious person with access to the victim's network is able to impersonate impersonate another user and/or obtain elevated privileges. Very few details have been made available by Microso...

9.8CVSS6.3AI score0.9997EPSS
Exploits11
NCSC
NCSC
•added 2022/11/08 12:0 a.m.•7 views

Vulnerabilities fixed in Citrix Gateway and Citrix ADC

Citrix has fixed vulnerabilities in Citrix Gateway and Citrix ADC. A malicious party could exploit the vulnerabilities to circumvent security measures via bypassing authentication, security measures, or through brute-force methods, gain access to user environments. The vulnerability with referenc...

9.8CVSS9.4AI score0.01231EPSS
Exploits1
NCSC
NCSC
•added 2022/11/08 12:0 a.m.•7 views

Vulnerabilities fixed in Juniper Junos OS

Juniper has fixed several vulnerabilities in Junos OS. A unauthenticated malicious person could exploit the vulnerabilities to cause cause a denial-of-service. The vulnerabilities were discovered by Juniper itself during various investigations into disruptions to users of Juniper hardware. Junipe...

7.5CVSS7AI score0.00766EPSS
Exploits1
NCSC
NCSC
•added 2022/11/08 12:0 a.m.•12 views

Vulnerabilities fixed in Microsoft Office

Vulnerabilities have been fixed in the Microsoft Office. The vulnerabilities allow a malicious party to perform attacks that result in the following categories of damage: Bypassing authentication Bypassing security measure Remote code execution User rights Accessing sensitive data The vulnerabili...

8.8CVSS7.2AI score0.02243EPSS
Exploits0
NCSC
NCSC
•added 2022/11/08 12:0 a.m.•52 views

Vulnerabilities fixed in Siemens products

Siemens has discovered several vulnerabilities in several products, including Ruggedcom, Simatic, Scalance and Sicam. A malicious person with access to the production network can exploit the exploit vulnerabilities to launch attacks that result in the following categories of damage: Cross-Site...

9.9CVSS8.6AI score0.23061EPSS
Exploits1
NCSC
NCSC
•added 2022/11/08 12:0 a.m.•11 views

Vulnerabilities fixed in Juniper Junos Space

Juniper has fixed several vulnerabilities in Third-Party products fixed in Junos Space. For the vulnerabilities, previous security advisories published for the specific product. Juniper has bundled the third-party updates into the new release of Junos Space. A malicious party could exploit the...

9.8CVSS7.3AI score0.70561EPSS
Exploits24
NCSC
NCSC
•added 2022/11/08 12:0 a.m.•14 views

Vulnerabilities fixed in Microsoft Developer Tools

Vulnerabilities have been fixed in Microsoft Developer Tools. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Remote code execution User rights. Access to sensitive data Increased user privileges The table below...

7.8CVSS9.3AI score0.01336EPSS
Exploits1
NCSC
NCSC
•added 2022/11/07 12:0 a.m.•3 views

Vulnerabilities fixed in libxml2

Vulnerabilities have been fixed in libxml2. The vulnerabilities allow a remote malicious person to cause a denial-of-service cause. -= Debian =- Debian has made updates to libxml2 available for Debian 11.0 Bullseye to address the vulnerabilities. You can install the custom packages installed by...

7.8CVSS5.7AI score0.22791EPSS
Exploits2
NCSC
NCSC
•added 2022/11/04 12:0 a.m.•29 views

Vulnerabilities fixed in VMware Spring

VMware has fixed vulnerabilities in Spring Security and spring-security-oauth2-client. A malicious party could vulnerabilities potentially exploit them to obtain elevated privileges or to bypass authentication. Only Spring environments using specific configurations are vulnerable. VMware has...

9.8CVSS7AI score0.03425EPSS
Exploits3
NCSC
NCSC
•added 2022/11/03 12:0 a.m.•40 views

Vulnerabilities fixed in Splunk Enterprise

Several vulnerabilities have been fixed in Splunk Enterprise. The vulnerabilities can be exploited by a malicious person to perform attacks that result in the following categories of damage: Cross-Site Scripting XSS. Denial-of-Service DoS. Remote code execution Administrator/Root rights Remote co...

8.8CVSS7.3AI score0.42801EPSS
Exploits10
NCSC
NCSC
•added 2022/11/03 12:0 a.m.•4 views

Vulnerabilities fixed in Cisco ESA, SWA and Secure Email and Web Manager

Cisco has fixed several vulnerabilities in Cisco Email Security Appliance ESA, Secure Web Appliance SWA, vh. Web Security Appliance and the Secure Email and Web Manager. A malicious party could exploit the vulnerabilities to cause a denial-of-service, to execute arbitrary commands execute with ro...

8.8CVSS7.6AI score0.00891EPSS
Exploits0
NCSC
NCSC
•added 2022/11/03 12:0 a.m.•9 views

Vulnerabilities fixed in GitLab enterPrise Edition and Community Edition

GitLab has fixed several vulnerabilities in GitLab Enterprise Edition and Community Edition. An authenticated malicious person can exploit the vulnerabilities for attacks that can result in the following categories of damage: Cross-Site Scripting XSS. Denial-of-Service DoS. Circumvention of...

9CVSS6.9AI score0.86326EPSS
Exploits2
NCSC
NCSC
•added 2022/11/03 12:0 a.m.•6 views

Vulnerabilities fixed in Cisco Identity Serrvices Engine (ISE).

Cisco has fixed several vulnerabilities in the Identity Services Engine ISE. A malicious person with access to the management interface can exploit the vulnerabilities for attacks that can lead to the following categories of damage: Cross-Site Request Forgery XSRF. Cross-Site Scripting XSS...

8.8CVSS7.2AI score0.01322EPSS
Exploits0
NCSC
NCSC
•added 2022/11/02 12:0 a.m.•54 views

Vulnerabilities fixed in FortiOS

FortiNet has fixed vulnerabilities in FortiOS. A malicious party could exploit the vulnerabilities to gain access to system data, potentially manipulate it, or launch a Man-in-the-Middle attack. To manipulate system data, the malicious party needs need prior authentication. For performing a...

8.1CVSS7.2AI score0.22991EPSS
Exploits0
NCSC
NCSC
•added 2022/11/02 12:0 a.m.•4 views

Vulnerabilities fixed in Xen

Xen's developers have fixed vulnerabilities in Xen. The vulnerabilities are located in the xenstored and allow a malicious with rights to deploy and configure guest images through rogue guests to cause a Denial-of-Service, or potentially gain access to memory of other guest systems and thus...

8.8CVSS7.1AI score0.00277EPSS
Exploits0
NCSC
NCSC
•added 2022/11/02 12:0 a.m.•5 views

Vulnerability fixed in FortiManager and FortiAnalyzer

FortiNet has fixed a vulnerability in FortiManager and FortiAnalyzer. A malicious person with low privileges can exploit the exploit the vulnerability to perform a cross-site scripting attack via the reporting module. Such an attack can lead to the execution of arbitrary code in the context of th...

8CVSS7.3AI score0.00684EPSS
Exploits0
NCSC
NCSC
•added 2022/11/02 12:0 a.m.•11 views

Vulnerability fixed in FortiMail

FortiNet has fixed a vulnerability in FortiMail. A malicious person with admin rights in a private, possibly self-hosted configured domain is able to read and modify system information modify for a domain for which it is not authorized. FortiNet has released updates to fix the vulnerability in...

6.5CVSS6.9AI score0.00349EPSS
Exploits0
NCSC
NCSC
•added 2022/11/01 12:0 a.m.•5 views

Vulnerabilities fixed in OpenSSL

Vulnerabilities have been fixed in OpenSSL 3. OpenSSL is widely found on web and mail servers but is also used by other types of systems. Think of network devices, embedded systems and containerized images. The vulnerabilities can be exploited by a malicious party to execute arbitrary code or cau...

7.5CVSS7.6AI score0.92488EPSS
Exploits6
NCSC
NCSC
•added 2022/10/31 12:0 a.m.•4 views

Vulnerability fixed in Expat

Expat developers have fixed a vulnerability. A malicious party could exploit the vulnerability to cause a denial-of-service, or possibly to execute arbitrary code execute arbitrary code with permissions from the application in which the libexpat library is used. The developers of expat have...

7.5CVSS9.1AI score0.0226EPSS
Exploits1
NCSC
NCSC
•added 2022/10/28 12:0 a.m.•4 views

Vulnerability fixed in Google Chrome

Google has fixed a vulnerability in Chrome. The vulnerability allows a malicious party to cause a denial-of-service cause or potentially execute arbitrary code. To do so requires the malicious party to induce the victim to open a rogue web page. Google indicates that exploit code is circulating f...

8.8CVSS7.5AI score0.0675EPSS
Exploits1
NCSC
NCSC
•added 2022/10/28 12:0 a.m.•4 views

Vulnerabilities fixed in Tenable Nessus

Vulnerabilities have been fixed in Tenable Nessus. Nessus makes uses opensource products moment.js, expat, datatables, libxml2 and zlib. Tenable chose to upgrade these components to upgrade to address the potential impact of the issues. Tenable has issued updates to address the vulnerabilities. F...

9.8CVSS7.6AI score0.16004EPSS
Exploits11
NCSC
NCSC
•added 2022/10/28 12:0 a.m.•4 views

Vulnerability fixed in Rockwell Automation FactoryTalk

A vulnerability has been fixed in Rockwell Automation FactoryTalk Services Platform. The vulnerability allows an unauthenticated remote user to remote capable of performing a denial-of-service DoS. Rockwell Automation has released updates and mitigating measures released to address the...

7.5CVSS7AI score0.01092EPSS
Exploits0
NCSC
NCSC
•added 2022/10/28 12:0 a.m.•7 views

Vulnerabilities fixed in ArubaOS and SD-WAN

Aruba Networks has fixed vulnerabilities in ArubaOS and Aruba Mobility Conductor formerly Mobility Master which are used in various Aruba Networks access points. A malicious party can exploit the vulnerabilities to execute arbitrary code on the vulnerable system. execute arbitrary code on the...

9.8CVSS7.9AI score0.01697EPSS
Exploits0
NCSC
NCSC
•added 2022/10/28 12:0 a.m.•18 views

Vulnerabilities fixed in Apple iOS and iPadOS

Apple has fixed vulnerabilities in iOS and iPadOS. The vulnerabilities potentially allow a malicious person to launch attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Circumvention of security measure Remote code execution Administrator/Root rights...

9.8CVSS7AI score0.16004EPSS
Exploits2
NCSC
NCSC
•added 2022/10/28 12:0 a.m.•2 views

Vulnerabilities fixed in Microsoft Edge

Vulnerabilities have been fixed in Microsoft Edge. A remote malicious party could potentially exploit the vulnerabilities to execute arbitrary code and/or cause a denial-of-service DoS Microsoft has made updates for Edge available to address the vulnerabilities. For more information, see:...

8.8CVSS7.7AI score0.23798EPSS
Exploits2
NCSC
NCSC
•added 2022/10/27 12:0 a.m.•5 views

Vulnerabilities fixed in VMware Cloud Foundation

VMware has fixed vulnerabilities in NSX-V as used by VMware Cloud Foundation. An unauthenticated malicious person can exploit the exploit the vulnerabilities to cause a denial-of-service or execute arbitrary code with privileges of root. This requires sending malicious network traffic to a...

9.1CVSS8AI score0.98124EPSS
Exploits7
NCSC
NCSC
•added 2022/10/27 12:0 a.m.•4 views

Vulnerability fixed in Zoom

A vulnerability has been fixed in Zoom. The vulnerability allows a malicious person to bypass a security measure and gain access to sensitive data. To exploit the vulnerability, a malicious person needs to victim to open a rogue link. This enables the malicious party to perform further attacks su...

9.6CVSS6.7AI score0.01134EPSS
Exploits0
NCSC
NCSC
•added 2022/10/25 12:0 a.m.•5 views

Vulnerabilities fixed in Apple Safari

Apple has fixed vulnerabilities in Safari. A unauthenticated remote malicious person could exploit the vulnerabilities potentially exploit them to execute arbitrary code under application privileges, gain access to sensitive data or spoofing Safari's user interface. For successful abuse, the...

8.8CVSS7.7AI score0.0141EPSS
Exploits0
NCSC
NCSC
•added 2022/10/25 12:0 a.m.•12 views

Vulnerabilities fixed in Apple macOS

Apple has fixed vulnerabilities in macOS. The vulnerabilities potentially enable a malicious person to launch attacks that lead to the following categories of damage: Denial-of-Service DoS Manipulation of data Circumvention of security measure. Remote code execution Administrator/Root rights Remo...

9.8CVSS8.1AI score0.3197EPSS
Exploits49
NCSC
NCSC
•added 2022/10/25 12:0 a.m.•7 views

Vulnerabilities fixed in Apple iOS and iPadOS

Apple has fixed vulnerabilities in iOS and iPadOS. The vulnerabilities potentially allow a malicious person to launch attacks execute attacks that result in the following categories of damage: Manipulation of data Circumvention of security measure Remote code execution Administrator/Root rights...

9.8CVSS7.9AI score0.01996EPSS
Exploits0
NCSC
NCSC
•added 2022/10/24 12:0 a.m.•7 views

Vulnerability found in Cisco Identity Services Engine (ISE)

A vulnerability has been found in Cisco Identity Services Engine ISE. A malicious party could potentially exploit it to access and delete files stored on the vulnerable system. Successful exploitation requires authenticated access to the management interface required. It is good practice to make...

8.1CVSS6.9AI score0.0124EPSS
Exploits0
NCSC
NCSC
•added 2022/10/24 12:0 a.m.•3 views

Vulnerability found in Microsoft Windows

A vulnerability has been found in Microsoft Windows. A malicious party can exploit the vulnerability to execute arbitrary code under privileges of the logged-in user. To do this the malicious party must induce the victim to open a rogue file. The vulnerability is located in Mark-of-the-Web...

6.7AI score
Exploits0
NCSC
NCSC
•added 2022/10/21 12:0 a.m.•4 views

Vulnerability fixed in Bentley Systems MicroStation Connect

Two vulnerabilities have been fixed in Bentley Systems MicroStation Connect. A malicious party could potentially exploit the vulnerability to cause a denial-of-service or execute arbitrary code with the privileges of the logged in user. To do this, the malicious party needs to trick the victim in...

7.8CVSS7.6AI score0.00332EPSS
Exploits0
NCSC
NCSC
•added 2022/10/20 12:0 a.m.•52 views

Vulnerabilities fixed in several F5 products

F5 has fixed several vulnerabilities in BIG-IP and NGINX. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Circumvention of security measure Remote code execution...

8.8CVSS7.7AI score0.011EPSS
Exploits2
NCSC
NCSC
•added 2022/10/19 12:0 a.m.•10 views

Vulnerabilities fixed in Oracle E-Business Suite

Vulnerabilities have been fixed in Oracle E-Business Suite. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution Administrator/Root privileges Access to...

9.8CVSS9.2AI score0.98342EPSS
Exploits9
NCSC
NCSC
•added 2022/10/19 12:0 a.m.•5 views

Vulnerabilities fixed in Oracle Enterprise Manager

Vulnerabilities have been fixed in Oracle Enterprise Manager. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution User rights Access to sensitive data...

9.8CVSS9.6AI score0.81147EPSS
Exploits11
NCSC
NCSC
•added 2022/10/19 12:0 a.m.•6 views

Vulnerabilities fixed in Oracle Systems

Vulnerabilities have been fixed in Oracle Systems. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution Administrator/Root privileges Access to sensitive...

8.5CVSS9.1AI score0.97906EPSS
Exploits10
NCSC
NCSC
•added 2022/10/19 12:0 a.m.•6 views

Vulnerability fixed in Oracle Hyperion

Oracle has fixed a vulnerability in Oracle Hyperion Infrastructure Technology. The vulnerability allows an unauthenticated remote malicious person able to execute arbitrary code to execute under the application's permissions. Oracle has fixed vulnerabilities in the following products: - Oracle...

9.8CVSS7.2AI score0.42646EPSS
Exploits3
NCSC
NCSC
•added 2022/10/19 12:0 a.m.•11 views

Vulnerabilities fixed in Oracle Java SE

Vulnerabilities have been fixed in Oracle Java SE. The vulnerabilities allow a malicious party to perform attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution User rights Access to sensitive data Oracle has fix...

7.5CVSS7.6AI score0.68796EPSS
Exploits1
NCSC
NCSC
•added 2022/10/19 12:0 a.m.•6 views

Vulnerabilities fixed in Oracle Virtualization

Vulnerabilities have been fixed in Oracle Virtualization. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution Administrator/Root rights Remote code...

8.8CVSS7.3AI score0.01635EPSS
Exploits0
NCSC
NCSC
•added 2022/10/19 12:0 a.m.•10 views

Vulnerabilities fixed in Oracle Financial Services Applications

Vulnerabilities have been fixed in Oracle Financial Services Applications. The vulnerabilities allow a malicious party to perform attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Circumvention of security measure Remote code execution User righ...

9.8CVSS9.6AI score0.97906EPSS
Exploits30
NCSC
NCSC
•added 2022/10/19 12:0 a.m.•15 views

Vulnerabilities fixed in Oracle JD Edwards

Vulnerabilities have been fixed in Oracle JD Edwards. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution User rights Access to sensitive data Oracle ha...

10CVSS7.7AI score0.83223EPSS
Exploits6
NCSC
NCSC
•added 2022/10/19 12:0 a.m.•46 views

Vulnerabilities fixed in Oracle Communications Applications

Vulnerabilities have been fixed in Oracle Communications Applications. The vulnerabilities allow a malicious party to perform attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution User rights Access to sensitive data Access to...

10CVSS7.8AI score0.97906EPSS
Exploits36
NCSC
NCSC
•added 2022/10/19 12:0 a.m.•9 views

Vulnerabilities fixed in Oracle Database Server

Vulnerabilities have been fixed in Oracle Database Server. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution User rights Access to sensitive data Orac...

9.1CVSS8.9AI score0.0486EPSS
Exploits2
NCSC
NCSC
•added 2022/10/19 12:0 a.m.•2 views

Vulnerabilities fixed in Wordpress

Several vulnerabilities have been fixed in Wordpress. The vulnerabilities allow a malicious person to carry out attacks execute attacks that lead to the following categories of damage: Cross-Site Request Forgery XSRF Cross-Site Scripting XSS SQL Injection Accessing sensitive data Wordpress...

7AI score
Exploits0
NCSC
NCSC
•added 2022/10/19 12:0 a.m.•6 views

Vulnerabilities fixed in Oracle PeopleSoft

Vulnerabilities have been fixed in Oracle PeopleSoft. The vulnerabilities allow a malicious party to launch attacks that lead to the following categories of damage: Denial-of-Service DoS Manipulation of data Access to sensitive data Oracle has fixed vulnerabilities in the following products:...

8.1CVSS6.5AI score0.1158EPSS
Exploits1
NCSC
NCSC
•added 2022/10/19 12:0 a.m.•13 views

Vulnerabilities fixed in Oracle Fusion Middleware

Vulnerabilities have been fixed in Oracle Fusion Middleware. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution User rights Access to sensitive data...

9.8CVSS8.2AI score0.99298EPSS
Exploits23
NCSC
NCSC
•added 2022/10/19 12:0 a.m.•40 views

Vulnerabilities fixed in Oracle Supply Chain Products Suite

Vulnerabilities have been fixed in Oracle Supply Chain Products Suite. The vulnerabilities allow a malicious party to perform attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution User rights Access to sensitive data Access to...

9.8CVSS7.5AI score0.73139EPSS
Exploits7
NCSC
NCSC
•added 2022/10/19 12:0 a.m.•11 views

Vulnerabilities fixed in Oracle Siebel CRM

Vulnerabilities have been fixed in Oracle Siebel CRM. The vulnerabilities allow a malicious party to conduct attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Access to sensitive data Oracle has fixed vulnerabilities in the...

9.3CVSS7AI score0.42229EPSS
Exploits3
Total number of security vulnerabilities4209