Lucene search
K

4209 matches found

NCSC
NCSC
•added 2022/08/25 12:0 a.m.•5 views

Vulnerability fixed in Cisco ACI Multi-Site Orchestrator

Cisco has fixed a vulnerability in ACI Multi-Site Orchestrator. An authenticated malicious party can exploit the exploit the vulnerability to grant itself elevated privileges and execute commands under Administrator privileges. Cisco has released updates to fix the vulnerability in ACI Multi-Site...

8.8CVSS7.1AI score0.01018EPSS
Exploits0
NCSC
NCSC
•added 2022/08/25 12:0 a.m.•6 views

Vulnerabilities fixed in SonicWall SMA100

Sonicwall has fixed two vulnerabilities in the firmware of SMA100 systems. An authenticated malicious person can exploit the exploit the vulnerabilities to cause a denial-of-service, or to gain access to system data. The vulnerability that could lead to access to system data has not been assigned...

8.8CVSS7AI score0.01357EPSS
Exploits0
NCSC
NCSC
•added 2022/08/25 12:0 a.m.•9 views

Vulnerability fixed in Atlassian Bitbucket

Atlassian has fixed a vulnerability in Bitbucket Server and Data Center. A malicious party could exploit the vulnerability to execute arbitrary code via API calls with permissions from the application. To exploit, the malicious party only needs access to a public repository, or if it is a private...

8.8CVSS7.4AI score0.99077EPSS
Exploits24
NCSC
NCSC
•added 2022/08/24 12:0 a.m.•3 views

Vulnerabilities fixed in Mozilla Firefox and Thunderbird

Mozilla has fixed vulnerabilities in Firefox and Thunderbird. A malicious party could exploit the vulnerabilities to execute arbitrary execute code under the user's privileges or to access gain access to sensitive data within the scope of the application. The vulnerabilities are all in the contex...

8.8CVSS7.3AI score0.00905EPSS
Exploits0
NCSC
NCSC
•added 2022/08/24 12:0 a.m.•4 views

Vulnerability fixed in PowerDNS recursor

PowerDNS has fixed a vulnerability in PowerDNS recursor. A remote malicious party could potentially exploit the vulnerability to cause a denial-of-service. To exploit the vulnerability, the malicious party must use use an IP address allowed by the Access Control List and the vulnerable environmen...

6.5CVSS6.8AI score0.0119EPSS
Exploits0
NCSC
NCSC
•added 2022/08/24 12:0 a.m.•3 views

Vulnerability fixed in Xpdf and Xpdfreader

A vulnerability has been fixed in Xpdf and Xpdfreader. A malicious party can exploit the vulnerabilities to cause a Denial-of-Service or to execute arbitrary code in the scope of the application. Google's Project Zero published a comprehensive analysis in December 2021 published about a zero-clic...

7.8CVSS7.4AI score0.00314EPSS
Exploits0
NCSC
NCSC
•added 2022/08/24 12:0 a.m.•6 views

Vulnerabilities fixed in IBM QRadar SIEM

IBM has fixed vulnerabilities in the underlying software of QRadar SIEM. The vulnerabilities are in supporting software, such as Expat, Eclipse, the Kernel and SASL. For the vulnerabilities, previous security advisories have been issued. These updates to QRadar SIEM are a bundle. A malicious part...

9.8CVSS7.3AI score0.99298EPSS
Exploits20
NCSC
NCSC
•added 2022/08/24 12:0 a.m.•8 views

Vulnerability fixed in VMWare Tools

VMWare has fixed a vulnerability in VMWare Tools. A malicious person with user privileges in a virtual machine VM can exploit the vulnerability to grant himself elevated privileges and execute code with local administrator privileges in the vulnerable virtual machine. As far as is known, the...

7.8CVSS7.1AI score0.0054EPSS
Exploits0
NCSC
NCSC
•added 2022/08/23 12:0 a.m.•4 views

Vulnerabilities fixed in GitLab Enterprise Edition and GitLab Community Edition

GitLab has fixed a vulnerability in GitLab Enterprise Edition and GitLab Community Edition. An authenticated malicious party could exploit the vulnerability to execute arbitrary code via the 'Import from GitHub' API Endpoint to execute arbitrary code with permissions from the application and...

9.9CVSS7.8AI score0.75718EPSS
Exploits4
NCSC
NCSC
•added 2022/08/23 12:0 a.m.•7 views

Vulnerabilities fixed in Red Hat OpenShift Container Platform

Red Hat has released updates to Red Hat OpenShift Container Platform to address several vulnerabilities in underlying software modules fixes. A malicious party could potentially exploit the vulnerabilities to cause the following categories of damage: Denial-of-Service DoS Manipulation of data...

8.2CVSS7.1AI score0.16151EPSS
Exploits10
NCSC
NCSC
•added 2022/08/19 12:0 a.m.•8 views

Vulnerability fixed in IBM MQ

IBM has fixed a vulnerability in IBM MQ. Through an XML External Entity Injection XXE, a malicious party can cause a Denial-of-Service by running the MQ environment out of memory run, or gain access to sensitive information. IBM has released updates to fix the vulnerability in MQ 8.0, 9.1 and 9.2...

9.1CVSS7AI score0.0141EPSS
Exploits0
NCSC
NCSC
•added 2022/08/18 12:0 a.m.•4 views

Zero-day vulnerabilities fixed in Apple macOS, iOS and iPadOS

Apple, in an interim update, has fixed two zero-day 0day vulnerabilities fixed in macOS, iOS and iPadOS. A malicious person can exploit the vulnerabilities to execute arbitrary code. The most serious vulnerability, marked CVE-2022-32894, allows execution of code at the kernel level. Abuse of this...

8.8CVSS7.9AI score0.09785EPSS
Exploits0
NCSC
NCSC
•added 2022/08/18 12:0 a.m.•4 views

Vulnerability fixed in Cisco Secure Web Appliance

Cisco has fixed a vulnerability in the management interface of AsyncOS for the Secure Web Appliance. An authenticated malicious party could exploit the vulnerability to inject commands inject and execute commands with root privileges. The vulnerability can only be exploited through the management...

8.8CVSS7.2AI score0.01863EPSS
Exploits0
NCSC
NCSC
•added 2022/08/17 12:0 a.m.•5 views

Vulnerability fixed in Palo Alto Pan-OS

A vulnerability has been fixed in Palo Alto PAN-OS. The vulnerability allows an unauthenticated remote malicious person able to exploit the affected Palo Alto system in a reflected denial-of-service attack on systems other than the vulnerable Palo Alto system. The attack appears to the victim the...

8.6CVSS7AI score0.02041EPSS
Exploits0
NCSC
NCSC
•added 2022/08/17 12:0 a.m.•6 views

Vulnerabilities fixed in Splunk

Splunk has fixed vulnerabilities in Splunk Enterprise and Universal Forwarder. A malicious party could potentially exploit them to cause a denial-of-service, bypassing security measures or to gain access to system data. The most serious vulnerability involves causing a Denial-of-Service. For this...

10CVSS6.7AI score0.96275EPSS
Exploits6
NCSC
NCSC
•added 2022/08/17 12:0 a.m.•5 views

Vulnerability fixed in Yokogawa Centum controller FCS products

Yokogawa has fixed a vulnerability in Centum controller FCS products. A malicious party could potentially exploit it to cause a denial-of-service. To exploit the vulnerability, the malicious party needs access to the production infrastructure. It is good practice not to have such infrastructure...

7.5CVSS6.8AI score0.00972EPSS
Exploits0
NCSC
NCSC
•added 2022/08/17 12:0 a.m.•3 views

Vulnerabilities fixed in Google Chrome

Google has fixed vulnerabilities in Google Chrome. A malicious party could potentially exploit the vulnerabilities to cause a denial-of-service, bypass a security measure or execute arbitrary code in the context of the browser. The malicious party must entice the victim to open a rogue link or fi...

8.8CVSS7.5AI score0.04493EPSS
Exploits1
NCSC
NCSC
•added 2022/08/16 12:0 a.m.•6 views

Vulnerabilities fixed in ArcGis products

Esri has fixed vulnerabilities in ArcGis Portal and ArcReader. A malicious party could exploit the vulnerabilities to obtain system information, access sensitive data without prior authorization, or to perform a cross-site scripting XSS attack. Such attacks can lead to the execution of JavaScript...

9.6CVSS6.4AI score0.00851EPSS
Exploits0
NCSC
NCSC
•added 2022/08/16 12:0 a.m.•5 views

Vulnerabilities fixed in QNAP products

QNAP has fixed several vulnerabilities in QTS, the operating system of QNAP NAS systems. The vulnerabilities are are in the SAMBA and Kerberos software used within QTS. used within. The vulnerabilities allow a remote malicious person to able to bypass security measures and thus gain access gain...

8.8CVSS7.8AI score0.01064EPSS
Exploits0
NCSC
NCSC
•added 2022/08/15 12:0 a.m.•5 views

Vulnerabilities fixed in apache OpenOffice

Apache Software Foundation has fixed vulnerabilities in OpenOffice. The vulnerabilities allow a malicious person with access to the system to retrieve user passwords stored in a user's configuration database. The vulnerabilities involve weak encryption on this configuration database. Apache has...

8.8CVSS7AI score0.01419EPSS
Exploits0
NCSC
NCSC
•added 2022/08/15 12:0 a.m.•6 views

Vulnerability fixed in Zoom for macOS

Zoom has fixed a vulnerability in the Zoom Client for macOS. A local malicious person with user privileges could exploit to execute arbitrary code under privileges of root. The vulnerability is located in Zoom's installer and makes it possible to substitute the zoom client update for any other...

8.8CVSS7.6AI score0.00177EPSS
Exploits0
NCSC
NCSC
•added 2022/08/15 12:0 a.m.•7 views

Vulnerabilities fixed in HP Integrated Lights-out (ILO)

HP has fixed vulnerabilities in the firmware of HP Integrated Lights-out of several HP Apollo, Proliant, Edgeline and StoreEasy server systems. A local malicious person with access to the systems, or the physical management infrastructure, could exploit them to cause a denial-of-service, the...

8.8CVSS7.2AI score0.00403EPSS
Exploits0
NCSC
NCSC
•added 2022/08/15 12:0 a.m.•43 views

Vulnerabilities fixed in NVIDIA GPU Display Drivers

NVidia has fixed vulnerabilities in the GPU Display Driver, and supporting software. The vulnerabilities allow a local malicious party to carry out attacks resulting in the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution Administrator/Root rights...

7.8CVSS7.6AI score0.00378EPSS
Exploits0
NCSC
NCSC
•added 2022/08/12 12:0 a.m.•7 views

Vulnerabilities fixed in Android

Google has fixed vulnerabilities in Android 13. The vulnerabilities potentially allow a malicious person to launch attacks execute attacks that lead to the following categories of damage: Denial-of-Service DoS. Increased user privileges Access to sensitive data Remote code execution User rights...

8.8CVSS7.9AI score0.00495EPSS
Exploits0
NCSC
NCSC
•added 2022/08/11 12:0 a.m.•33 views

Vulnerabilities fixed in Cisco Adaptive Security Appliance

Vulnerabilities have been fixed in Cisco ASA. The vulnerabilities allow a malicious party to launch attacks that lead to the following categories of damage: Cross-Site Scripting XSS. Denial-of-Service DoS. Remote code execution User Rights Access to sensitive data Cisco has released updates to...

9.3CVSS6.8AI score0.19958EPSS
Exploits3
NCSC
NCSC
•added 2022/08/11 12:0 a.m.•7 views

Vulnerabilities fixed in Dell Wyse Management Suite

Dell has fixed vulnerabilities in Wyse Management Suite. A malicious party could exploit the vulnerabilities to execute arbitrary execute arbitrary code on the vulnerable system and/or gain access to sensitive data. Dell has released updates to fix the vulnerabilities in Wyse Management Suite 3.8...

8.8CVSS7.7AI score0.00701EPSS
Exploits0
NCSC
NCSC
•added 2022/08/11 12:0 a.m.•6 views

Vulnerabilities fixed in SAP products

Vulnerabilities have been fixed in several SAP products. The vulnerabilities allow a malicious person to carry out attacks execute attacks that could potentially lead to access to sensitive data. As usual, SAP is making few technical details about the fixed vulnerabilities publicly available. SAP...

8.2CVSS6.6AI score0.0066EPSS
Exploits0
NCSC
NCSC
•added 2022/08/10 12:0 a.m.•8 views

Vulnerabilities fixed in Adobe products

Adobe has fixed vulnerabilities in Acrobat, Acrobat Reader, Premiere Elements, Illustrator and FrameMaker. The vulnerabilities allow a malicious person to execute arbitrary code execute within the context of the user or gaining elevated privileges. Adobe has released updates to fix the...

7.8CVSS7.3AI score0.06911EPSS
Exploits0
NCSC
NCSC
•added 2022/08/10 12:0 a.m.•5 views

Vulnerabilities fixed in VMware vRealize Operations

Vulnerabilities have been fixed in VMware vRealize Operations. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Bypassing authentication. Remote code execution Administrator/Root privileges Access to sensitive data...

8.8CVSS7.4AI score0.01341EPSS
Exploits4
NCSC
NCSC
•added 2022/08/10 12:0 a.m.•81 views

Vulnerabilities fixed in Intel products

Vulnerabilities have been fixed in several Intel products. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS. Bypassing authentication Accessing sensitive data Increased user privileges The...

9.8CVSS6.4AI score0.17823EPSS
Exploits4
NCSC
NCSC
•added 2022/08/09 12:0 a.m.•5 views

Vulnerabilities discovered in Siemens products

Vulnerabilities have been discovered in several Siemens industrial products. A malicious party could potentially exploit them to cause a denial-of-service, to execute code execute code in the scope of the application, or possibly open a root/admin shell to open on the vulnerable system. The...

9.1CVSS7.5AI score0.01437EPSS
Exploits0
NCSC
NCSC
•added 2022/08/09 12:0 a.m.•4 views

Vulnerabilities fixed in Microsoft Exchange Server

Vulnerabilities have been fixed in Microsoft Exchange Server. The vulnerabilities allow a malicious party to gain access to sensitive data or obtain elevated privileges. The vulnerability with reference CVE-2022-24477 allows an authenticated malicious person to gain access to mailboxes of other...

8CVSS6.3AI score0.02053EPSS
Exploits0
NCSC
NCSC
•added 2022/08/09 12:0 a.m.•9 views

Vulnerabilities fixed in Microsoft Windows

Microsoft has fixed vulnerabilities in several components of Windows. The vulnerabilities allow a malicious party to perform attacks that result in the following categories of damage: Denial-of-Service DoS. Bypassing authentication Bypassing security measure Remote code execution Administrator/Ro...

9.8CVSS7.7AI score0.99374EPSS
Exploits62
NCSC
NCSC
•added 2022/08/09 12:0 a.m.•4 views

Vulnerabilities fixed in Microsoft Developer Tools

Vulnerabilities have been fixed in Microsoft Visual Studio and .NET Core, part of Developer Tools. The vulnerabilities allow a malicious party to gain access to sensitive data and to execute arbitrary code under the privileges of the user. For the vulnerability with attribute CVE-2022-34716 in .N...

8.8CVSS8AI score0.01959EPSS
Exploits0
NCSC
NCSC
•added 2022/08/09 12:0 a.m.•8 views

Vulnerabilities fixed in Microsoft Edge

Vulnerabilities have been fixed in Microsoft Edge. A remote malicious person could potentially exploit the vulnerabilities to execute arbitrary code, bypass security measures and/or obtain elevated user privileges. The vulnerabilities marked CVE-2022-33636 and CVE-2022-33649 potentially enable a...

9.6CVSS7.3AI score0.01931EPSS
Exploits0
NCSC
NCSC
•added 2022/08/09 12:0 a.m.•10 views

Vulnerabilities fixed in Microsoft Azure

Vulnerabilities have been fixed in Microsoft Azure. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Remote code execution User Rights Access to sensitive data Increased user privileges For ma...

8.1CVSS7.5AI score0.01981EPSS
Exploits0
NCSC
NCSC
•added 2022/08/09 12:0 a.m.•12 views

Vulnerabilities fixed in Microsoft Office

Microsoft has fixed vulnerabilities in Office, Excel, and Outlook. The vulnerabilities allow a malicious party to perform attacks that result in the following categories of damage: Denial-of-Service DoS Circumvention of security measure Remote code execution User rights Microsoft indicates that f...

8.8CVSS7.1AI score0.22441EPSS
Exploits0
NCSC
NCSC
•added 2022/08/05 12:0 a.m.•4 views

Vulnerabilities fixed in X.Org Server

Vulnerabilities have been fixed in X.Org Server. A authenticated malicious person can exploit the vulnerabilities to execute arbitrary code. Depending on the permissions under which X.Org Server is running, this allows the malicious party to gain gain root privileges on the vulnerable system. The...

7.8CVSS7.1AI score0.00573EPSS
Exploits0
NCSC
NCSC
•added 2022/08/04 12:0 a.m.•61 views

Vulnerabilities fixed in BIG-IP

F5 has fixed vulnerabilities in BIG-IP. The vulnerabilities allow a malicious party to launch attacks that lead to the following categories of damage: Denial-of-Service DoS. Manipulation of data Circumvention of security measure Access to system data Increased user privileges F5 has released...

9.8CVSS7.1AI score0.01074EPSS
Exploits1
NCSC
NCSC
•added 2022/08/04 12:0 a.m.•3 views

Vulnerabilities fixed in Cisco WebEx Meetings

Vulnerabilities have been fixed in Cisco WebEx Meetings. The vulnerabilities are located in the Cisco WebEx Meetings Web Interface and allow a remote malicious party to launch a cross-site scripting attack or to inject legitimate-looking iframes inject. Cisco has released updates to fix the...

6.5CVSS6.5AI score0.00445EPSS
Exploits0
NCSC
NCSC
•added 2022/08/04 12:0 a.m.•3 views

Vulnerabilities fixed in Red Hat JBoss

Vulnerabilities have been fixed in Red Hat JBoss. The vulnerabilities allow a malicious party to launch attacks that potentially lead to the following categories of damage: Denial-of-Service DoS. Remote code execution User Rights Access to system data Red Hat has released updates to address the...

9.8CVSS9.3AI score0.1158EPSS
Exploits2
NCSC
NCSC
•added 2022/08/04 12:0 a.m.•12 views

Vulnerabilities fixed in BMC Track-It!

BMC has fixed vulnerabilities in Track-It! A malicious person could exploit the vulnerabilities to execute arbitrary code under service account privileges or for gaining access to sensitive data. For accomplishing the former does not require authentication. BMC has released updates to fix the...

9.8CVSS7.2AI score0.01503EPSS
Exploits0
NCSC
NCSC
•added 2022/08/04 12:0 a.m.•17 views

Vulnerability fixed in DrayTek Vigor routers

Researchers from security firm Trellix have found a vulnerability found in DrayTek Vigor routers. A unauthenticated malicious person with network access to the management interface could exploit the vulnerability to execute arbitrary code. This allows the malicious party to gain control of the...

10CVSS6.9AI score0.33795EPSS
Exploits2
NCSC
NCSC
•added 2022/08/03 12:0 a.m.•4 views

Vulnerabilities fixed in Fortinet products

Vulnerabilities have been fixed in Fortinet products. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Circumvention of security measure. Remote code execution User rights Access to system data Fortinet has release...

7.8CVSS7.4AI score0.00488EPSS
Exploits0
NCSC
NCSC
•added 2022/08/03 12:0 a.m.•3 views

Vulnerabilities fixed in Linux kernel

Canonical has fixed vulnerabilities in the Ubuntu Linux kernel. A malicious party could potentially exploit the vulnerabilities to obtain elevated privileges, cause a denial-of-service or execute arbitrary code. Canonical has made updates available for Ubuntu 20.04 LTS and 22.04 LTS to fix the...

7.8CVSS6.2AI score0.05496EPSS
Exploits12
NCSC
NCSC
•added 2022/08/03 12:0 a.m.•4 views

Vulnerability fixed in rsync

A vulnerability has been fixed in rsync. The vulnerability allows a malicious person to overwrite arbitrary files on the victim's system. To exploit this vulnerability exploitation, the victim must connect to a rogue rsync server. The developers of rsync have created a new version to fix the...

7.4CVSS7.4AI score0.01672EPSS
Exploits1
NCSC
NCSC
•added 2022/08/03 12:0 a.m.•3 views

Vulnerabilities fixed in Google Chrome

Vulnerabilities have been fixed in Google Chrome. The vulnerabilities allow a malicious person to launch attacks that lead to the following categories of damage: Denial-of-Service DoS Circumvention of security measure Remote code execution User rights Access to system data Google has released...

8.8CVSS7.2AI score0.00799EPSS
Exploits3
NCSC
NCSC
•added 2022/08/03 12:0 a.m.•28 views

Vulnerabilities fixed in Synology products

Synology has fixed vulnerabilities in multiple products. The vulnerabilities allow a malicious party to launch attacks the following categories of damage: Manipulation of data Remote code execution Application rights Access to sensitive data Synology rated the vulnerability with attribute...

7.2CVSS8AI score0.01603EPSS
Exploits0
NCSC
NCSC
•added 2022/08/03 12:0 a.m.•35 views

Vulnerabilities fixed in VMware products

VMware has fixed several vulnerabilities in VMware Workspace ONE Access, Identity Manager, vRealize Automation and underlying tools. An unauthenticated malicious person could potentially exploit them to cause the following categories of damage: Cross-Site Scripting XSS. Circumvention of...

9.8CVSS7.3AI score0.18994EPSS
Exploits6
NCSC
NCSC
•added 2022/08/02 12:0 a.m.•54 views

Vulnerabilities fixed in Android

Google has fixed vulnerabilities in Android. Samsung has fixed these vulnerabilities fixed in Samsung Mobile. The vulnerabilities potentially enable a malicious person to carry out attacks that lead to the following categories of damage: Denial-of-Service DoS Remote code execution User Rights...

9.8CVSS9AI score0.01002EPSS
Exploits0
Total number of security vulnerabilities4209