Lucene search
K

4209 matches found

NCSC
NCSC
•added 2022/08/02 12:0 a.m.•54 views

Vulnerabilities fixed in Android

Google has fixed vulnerabilities in Android. Samsung has fixed these vulnerabilities fixed in Samsung Mobile. The vulnerabilities potentially enable a malicious person to carry out attacks that lead to the following categories of damage: Denial-of-Service DoS Remote code execution User Rights...

9.8CVSS9AI score0.01002EPSS
Exploits0
NCSC
NCSC
•added 2022/08/01 12:0 a.m.•6 views

Vulnerability fixed in SonicWall Hosted Email Security

SonicWall has fixed a vulnerability in Hosted Email Security. An unauthenticated malicious person could exploit it to bypass the Capture ATP service, thereby bypass the functionality of the product. SonicWall has released updates to fix the vulnerability in Hosted Email Security 10.0.18.7423. For...

7.5CVSS6.9AI score0.00552EPSS
Exploits0
NCSC
NCSC
•added 2022/08/01 12:0 a.m.•4 views

Vulnerabilities fixed in Foxit Reader and Foxit PDF Editor

Foxit has fixed vulnerabilities in Foxit Reader and PDF Editor formerly PhantomPDF. A malicious party could exploit them to cause a denial-of-service, to obtain obtain sensitive data, or to execute arbitrary code execute arbitrary code in the scope of the application. Foxit has released updates t...

7.5CVSS7.8AI score0.00946EPSS
Exploits2
NCSC
NCSC
•added 2022/07/29 12:0 a.m.•2 views

Vulnerabilities fixed in Zimbra Collaboration

Vulnerabilities have been fixed in Zimbra Collaboration ZCS. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Cross-Site Scripting XSS. Denial-of-Service DoS. Bypassing authentication Remote code execution User...

10CVSS7.5AI score0.96275EPSS
Exploits1
NCSC
NCSC
•added 2022/07/29 12:0 a.m.•13 views

Vulnerabilities fixed in IBM AIX

Vulnerabilities have been fixed in IBM AIX and VIOS. These vulnerabilities, in the Expat and BIND components, allow a malicious party to carry out attacks that result in the following categories of damage: Remote code execution User Rights Denial-of-Service DoS. Manipulation of data For these...

10CVSS8AI score0.99999EPSS
Exploits361
NCSC
NCSC
•added 2022/07/28 12:0 a.m.•77 views

Vulnerabilities fixed in Veritas NetBackup Primary and Media Server

Veritas has fixed vulnerabilities in NetBackup Primary and Media Server. The vulnerabilities allow a malicious party to perform attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution Administrator/Root rights Access to sensitive...

9.9CVSS7.9AI score0.01484EPSS
Exploits0
NCSC
NCSC
•added 2022/07/27 12:0 a.m.•6 views

Vulnerability fixed in Citrix ADC and Citrix Gateway

A vulnerability has been fixed in Citrix ADC and Citrix Gateway. The vulnerability allows a remote malicious party to redirect a potential victim via the Citrix application to be redirected to a malicious website, allowing the application, for example, to be abused in phishing attacks. By using t...

6.1CVSS6.9AI score0.00399EPSS
Exploits0
NCSC
NCSC
•added 2022/07/27 12:0 a.m.•7 views

Vulnerabilities fixed in Emerson DeltaV

Emerson has fixed vulnerabilities in DeltaV products. A unauthenticated malicious person with network access can exploit the exploit the vulnerabilities to cause a denial-of-service. In addition, a local malicious party can exploit the vulnerabilities to execute arbitrary code and manipulating...

7.8CVSS7.2AI score0.00228EPSS
Exploits0
NCSC
NCSC
•added 2022/07/27 12:0 a.m.•4 views

Vulnerability fixed in Synology DiskStation Manager

Synology has fixed a vulnerability in Diskstation Manager. The vulnerability is located in the webapi component of DiskStation Manager. An authenticated malicious party can perform a path traversal attack that results in the following categories of damage: Denial-of-Service DoS. Manipulation of...

8.1CVSS6.5AI score0.01332EPSS
Exploits0
NCSC
NCSC
•added 2022/07/27 12:0 a.m.•2 views

Vulnerabilities fixed in Samba

The developers of Samba have fixed several vulnerabilities in Samba. A malicious party could potentially exploit them to reset passwords outside of established processes, access system data or possibly execute commands within the scope of the Samba server. To be abused, the malicious party must...

8.8CVSS7.8AI score0.01064EPSS
Exploits0
NCSC
NCSC
•added 2022/07/27 12:0 a.m.•4 views

Vulnerabilities fixed in LibreOffice

The Document Foundation has fixed three vulnerabilities in LibreOffice. An unauthenticated remote malicious person could potentially exploit the vulnerabilities potentially exploit them to execute arbitrary macro code in the user's context, or to gain access to user passwords in the local passwor...

8.8CVSS7.6AI score0.01139EPSS
Exploits0
NCSC
NCSC
•added 2022/07/27 12:0 a.m.•8 views

Vulnerability fixed in Red Hat OpenShift Container Platform

A vulnerability has been found in OpenShift Container Platform. The private key for an external cluster certificate is stored in an insecure manner in the oauth-serving-cert ConfigMaps and therefore available to any OpenShift user or service account. A malicious can obtain this private key and...

6.5CVSS6.5AI score0.00474EPSS
Exploits0
NCSC
NCSC
•added 2022/07/27 12:0 a.m.•4 views

Vulnerability fixed in Xen

A vulnerability has been fixed in Xen. The vulnerability allows a malicious party to cause a denial-of-service. Within Shadow Mode, a TLB flush is performed incorrectly potentially causing the host system to run out of memory memory. Only x86 PV guest systems can trigger this vulnerability trigge...

8.8CVSS7.8AI score0.00289EPSS
Exploits0
NCSC
NCSC
•added 2022/07/27 12:0 a.m.•4 views

Vulnerabilities fixed in IBM QRadar SIEM

Vulnerabilities have been fixed in IBM QRadar SIEM. A remote malicious party could, by misusing the Apache Commons Email component to obtain sensitive information or manipulate user data in SMTP headers. IBM has released updates to fix the vulnerabilities in QRadar. For more information, see:...

7.5CVSS6.6AI score0.06036EPSS
Exploits0
NCSC
NCSC
•added 2022/07/27 12:0 a.m.•3 views

Vulnerabilities fixed in Mozilla Firefox and Firefox ESR

Mozilla has fixed several vulnerabilities in Firefox and Firefox ESR. A malicious party could potentially exploit the vulnerabilities to collect system data or cause a denial-of-service by using up system resources. The vulnerabilities with reference CVE-2022-2505 and CVE-2022-36320 are rated...

9.8CVSS7.4AI score0.00748EPSS
Exploits0
NCSC
NCSC
•added 2022/07/26 12:0 a.m.•3 views

Vulnerabilities fixed in Google Chrome

Several vulnerabilities have been fixed in Google Chrome. A malicious party could potentially exploit the vulnerabilities to execute arbitrary code within the context of the browser, or to gain access to sensitive data within the context of the browser. To do this, the malicious party must entice...

8.8CVSS7.5AI score0.17864EPSS
Exploits0
NCSC
NCSC
•added 2022/07/26 12:0 a.m.•6 views

Vulnerabilities fixed in IBM Rational ClearCase

IBM has fixed several vulnerabilities. The vulnerabilities are in the Java components of IBM Rational ClearCase. A unauthenticated remote malicious person could exploit the vulnerabilities potentially exploit them to cause a denial-of-service or obtain obtain sensitive information. IBM has made...

7.1CVSS9.3AI score0.06868EPSS
Exploits0
NCSC
NCSC
•added 2022/07/25 12:0 a.m.•24 views

Vulnerabilities fixed in Foxit PDF Reader and Foxit PDF Editor

Vulnerabilities have been fixed in the PDF Reader and PDF Editor from Foxit. The vulnerabilities allow a malicious party to perform attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution User rights Access to system data This...

7.8CVSS7.8AI score0.01816EPSS
Exploits1
NCSC
NCSC
•added 2022/07/25 12:0 a.m.•5 views

Vulnerabilities fixed in Scooter Software Beyond Compare

Vulnerabilities have been fixed in Scooter Software Beyond Compare. The vulnerabilities allow a malicious person to execute arbitrary execute arbitrary code under the SYSTEM user's privileges and the obtain elevated user privileges. For the vulnerability with attribute CVE-2022-36414, it is only...

7.8CVSS7.6AI score0.00212EPSS
Exploits0
NCSC
NCSC
•added 2022/07/22 12:0 a.m.•5 views

Vulnerability fixed in SonicWall GMS and Analytics

A vulnerability has been fixed in SonicWall GMS and Analytics. The vulnerability allows an unauthenticated remote malicious person able to perform an SQL injection attack under the privileges of the application. To exploit the vulnerability, the malicious party must have access to the management...

9.8CVSS7.8AI score0.09261EPSS
Exploits0
NCSC
NCSC
•added 2022/07/21 12:0 a.m.•26 views

Vulnerabilities fixed in Cisco Nexus Dashboard

Vulnerabilities have been fixed in Cisco Nexus Dashboard. The vulnerabilities allow a malicious party to perform attacks execute attacks that result in the following categories of damage: Remote code execution Administrator/Root permissions. Cross-Site Scripting XSS. Access to sensitive data...

9.8CVSS7.6AI score0.01437EPSS
Exploits0
NCSC
NCSC
•added 2022/07/21 12:0 a.m.•5 views

Vulnerabilities fixed in Drupal

Drupal developers have fixed multiple vulnerabilities in Drupal core. The vulnerabilities can lead to the following categories of damage: Remote code execution Administrator/Root permissions. Access to sensitive data Increased user privileges Cross-Site Scripting XSS The vulnerability with...

7.5CVSS7.2AI score0.01422EPSS
Exploits0
NCSC
NCSC
•added 2022/07/21 12:0 a.m.•5 views

Vulnerability fixed in Confluence

A vulnerability has been fixed in Questions for Confluence, a plug-in for Confluence. An unauthenticated outside malicious person could exploit the exploit the vulnerability to see all pages of information that are visible to users within the Confluence Users user group. This is because of the us...

9.8CVSS6.7AI score0.9817EPSS
Exploits1
NCSC
NCSC
•added 2022/07/21 12:0 a.m.•7 views

Vulnerabilities fixed in iOS and iPadOS

Apple has fixed vulnerabilities in iOS and iPadOS. The vulnerabilities potentially allow a malicious person to launch attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS. Bypassing authentication Circumvention of security measure. Remote code execution...

10CVSS7.1AI score0.70461EPSS
Exploits8
NCSC
NCSC
•added 2022/07/21 12:0 a.m.•41 views

Vulnerabilities fixed in Apple macOS

Apple has fixed multiple vulnerabilities in macOS Monterey, Big Sur and Catalina. The vulnerabilities allow a malicious person to able to perform attacks that result in the following categories of damage: Denial-of-Service DoS. Circumvention of security measure Remote code execution Kernel/Root...

10CVSS8.9AI score0.70461EPSS
Exploits16
NCSC
NCSC
•added 2022/07/21 12:0 a.m.•4 views

Vulnerabilities fixed in Apple Safari

Apple has fixed several vulnerabilities in Safari. A remote malicious person could potentially exploit the vulnerabilities to execute arbitrary code in the scope of the browser, or to gain access to sensitive data in the scope of the browser. However, the malicious party must trick the victim int...

8.8CVSS7.3AI score0.70461EPSS
Exploits0
NCSC
NCSC
•added 2022/07/20 12:0 a.m.•3 views

Vulnerability fixed in Oracle Siebel CRM

Oracle has fixed a vulnerability in Siebel CRM. The vulnerability allows an unauthenticated malicious person within a local network to perform a denial-of-service DoS. execute. It is good practice not to have such products publicly to be publicly accessible...

5.5CVSS6.2AI score0.03054EPSS
Exploits0
NCSC
NCSC
•added 2022/07/20 12:0 a.m.•4 views

Vulnerabilities fixed in Oracle Virtualbox

Oracle has fixed vulnerabilities in Virtualbox. The vulnerabilities allow an authenticated malicious person to to execute attacks that can result in the following categories of damage: Denial-of-Service DoS Circumvention of security measure Remote code execution Administrator/Root rights An...

8.2CVSS7.4AI score0.00347EPSS
Exploits0
NCSC
NCSC
•added 2022/07/20 12:0 a.m.•12 views

Vulnerabilities fixed in Oracle Supply Chain products

Oracle has fixed vulnerabilities in several products belonging to the Oracle Supply Chain Suite: Agile Engineering Data Management Agile PLM Agile Product Lifecycle Management for Process Autovue for Agile Product Lifecycle Management Product Lifecycle Analytics Transportation Management A...

9.8CVSS8.4AI score0.99298EPSS
Exploits38
NCSC
NCSC
•added 2022/07/20 12:0 a.m.•8 views

Vulnerabilities fixed in Oracle E-Business Suite

Oracle has fixed vulnerabilities in the following E-Business Suite applications: - Oracle Workflow - Oracle E-Business Suite Information Discovery - Oracle iReceivables - Oracle iRecruitment - Oracle Applications Framework - Oracle User Management The vulnerabilities potentially enable a maliciou...

9.8CVSS7.4AI score0.70589EPSS
Exploits2
NCSC
NCSC
•added 2022/07/20 12:0 a.m.•5 views

Vulnerabilities fixed in Oracle Primavera

Oracle has fixed vulnerabilities in the following products: Primavera Gateway Primavera P6 Enterprise Project Portfolio Management Primavera Unifier The vulnerabilities potentially enable a malicious party to execute attacks that lead to denial-of-service DoS. An overview of all fixed...

7.5CVSS6.6AI score0.0486EPSS
Exploits1
NCSC
NCSC
•added 2022/07/20 12:0 a.m.•17 views

Vulnerabilities fixed in Oracle Fusion Middleware

Oracle has fixed vulnerabilities in the following Fusion Middleware products: BI Publisher Business Intelligence Enterprise Edition Coherence Global Lifecycle Management NextGen OUI Framework HTTP Server Managed File Transfer Middleware Common Libraries and Tools Security Service SOA Suite...

9.8CVSS8.5AI score0.99677EPSS
Exploits127
NCSC
NCSC
•added 2022/07/20 12:0 a.m.•4 views

Vulnerability fixed in Oracle Essbase

Oracle has fixed a vulnerability in Essbase Server. The vulnerability potentially allows a malicious party to launch attacks execute attacks that result in the following categories of damage: Manipulation of data. Bypassing authentication Accessing sensitive data...

5.8CVSS6.7AI score0.00244EPSS
Exploits0
NCSC
NCSC
•added 2022/07/20 12:0 a.m.•3 views

Vulnerabilities fixed in Oracle Java SE

Oracle has fixed vulnerabilities in the following Java SE products: GraalVM Enterprise Edition Java SE The vulnerabilities potentially enable a malicious party to execute attacks that lead to data manipulation and access to sensitive data. With the exception of CVE-2022-25647, all vulnerabilities...

7.7CVSS9.2AI score0.17673EPSS
Exploits2
NCSC
NCSC
•added 2022/07/20 12:0 a.m.•11 views

Vulnerabilities fixed in Oracle MySQL

Oracle has fixed vulnerabilities in several MySQL products: Enterprise Manager Base Platform Oracle Application Testing Suite Enterprise Manager Ops Center Enterprise Manager for MySQL Database A malicious party can exploit the vulnerabilities to cause the following categories of damage: The...

10CVSS6.5AI score0.85315EPSS
Exploits26
NCSC
NCSC
•added 2022/07/20 12:0 a.m.•53 views

Vulnerabilities fixed in Oracle Communications Applications

Oracle has fixed vulnerabilities in the following products: Communications ASAP Communications Billing and Revenue Management Communications BRM - Elastic Charging Engine Communications Design Studio Communications Instant Messaging Server Communications Offline Mediation Controller Communication...

9.8CVSS9.4AI score0.99677EPSS
Exploits115
NCSC
NCSC
•added 2022/07/20 12:0 a.m.•10 views

Vulnerabilities fixed in Oracle Enterprise Manager

Oracle has fixed vulnerabilities in the following Enterprise Manager products: Enterprise Manager Base Platform Enterprise Manager Ops Center Oracle Application Testing Suite Enterprise Manager for MySQL Database The vulnerabilities potentially enable a malicious party to execute attacks that...

10CVSS7.2AI score0.99677EPSS
Exploits109
NCSC
NCSC
•added 2022/07/20 12:0 a.m.•8 views

Vulnerabilities fixed in Oracle JD Edwards products

Oracle has fixed vulnerabilities in the following JD Edwards products: EnterpriseOne Orchestrator EnterpriseOne Tools A malicious party can exploit the vulnerabilities to cause the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution Administrator/Root...

9.8CVSS7.4AI score0.44515EPSS
Exploits4
NCSC
NCSC
•added 2022/07/20 12:0 a.m.•26 views

Vulnerabilities fixed in Oracle Systems

Oracle has fixed vulnerabilities in Solaris and ZFS Storage Appliance. A malicious party can exploit the vulnerabilities to causing the following categories of damage: Denial-of-Service DoS. Access to sensitive data Remote code execution Administrator/Root privileges An overview of all fixed...

8.2CVSS7.3AI score0.028EPSS
Exploits0
NCSC
NCSC
•added 2022/07/20 12:0 a.m.•6 views

Vulnerabilities fixed in Zyxel products

Zyxel has fixed several vulnerabilities in a number of products, including USG and ATP firewalls. A malicious party could vulnerabilities potentially exploit them to obtain higher permissions or obtain sensitive information through a path traversal. To exploit the vulnerabilities, the malicious...

7.8CVSS6.8AI score0.01117EPSS
Exploits4
NCSC
NCSC
•added 2022/07/20 12:0 a.m.•68 views

Vulnerabilities fixed in Oracle Financial Services Applications

Oracle has fixed vulnerabilities in the following Financial Services products: Oracle Banking Branch Oracle Banking Cash Management Oracle Banking Corporate Lending Process Management Oracle Banking Credit Facilities Process Management Oracle Banking Deposits and Lines of Credit Servicing Oracle...

9.8CVSS9.3AI score0.99939EPSS
Exploits90
NCSC
NCSC
•added 2022/07/20 12:0 a.m.•34 views

Vulnerabilities fixed in Oracle Communications

Oracle has fixed vulnerabilities in the following products: Communications Cloud Native Core Binding Support Function Communications Cloud Native Core Console Communications Cloud Native Core Network Exposure Function Communications Cloud Native Core Network Function Cloud Native Environment...

10CVSS7.2AI score0.99939EPSS
Exploits227
NCSC
NCSC
•added 2022/07/20 12:0 a.m.•3 views

Vulnerabilities fixed in Oracle Peoplesoft

Oracle has fixed vulnerabilities in Peoplesoft. A malicious party can exploit the vulnerabilities to cause the following categories of damage: Denial-of-Service DoS. Remote code execution Administrator/Root privileges Access to sensitive data The vulnerability with CVE attribute CVE-2022-21543 ha...

9.8CVSS7.2AI score0.52063EPSS
Exploits8
NCSC
NCSC
•added 2022/07/20 12:0 a.m.•38 views

Vulnerabilities fixed in Oracle Database Server

Oracle has fixed vulnerabilities in the following products: Oracle Database Server Oracle Database - Enterprise Edition RDBMS Security. Oracle Spatial and Graph Oracle Universal Installer Oracle Application Express Oracle SQLcl The vulnerabilities potentially enable a malicious party to perform...

9.8CVSS6.3AI score0.44515EPSS
Exploits4
NCSC
NCSC
•added 2022/07/15 12:0 a.m.•10 views

Vulnerabilities fixed in Juniper products

Juniper has fixed vulnerabilities in several products. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Circumvention of security measure Remote code execution User rights...

9.8CVSS8.7AI score0.50732EPSS
Exploits12
NCSC
NCSC
•added 2022/07/15 12:0 a.m.•16 views

Vulnerabilities fixed in Juniper Junos Space

Vulnerabilities have been fixed in Junos Space Platform. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Bypassing authentication Accessing sensitive data Accessing syste...

8.5CVSS6.8AI score0.53461EPSS
Exploits17
NCSC
NCSC
•added 2022/07/14 12:0 a.m.•4 views

Vulnerabilities fixed in IBM Db2

IBM has released updates to fix vulnerabilities in DB2. With the exception of CVE-2022-22389, the vulnerabilities are located in the third-party component Expat. The vulnerabilities allow a malicious party to cause a Denial-of-Service or execute arbitrary code with the privileges of the...

9.8CVSS8.2AI score0.34174EPSS
Exploits1
NCSC
NCSC
•added 2022/07/13 12:0 a.m.•46 views

Vulnerabilities fixed in SAP products

Vulnerabilities have been fixed in several SAP products. The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Bypassing authentication Bypassing security measure SQL...

8.8CVSS6.7AI score0.00903EPSS
Exploits0
NCSC
NCSC
•added 2022/07/13 12:0 a.m.•34 views

Vulnerabilities fixed in Adobe products

Adobe has fixed vulnerabilities in Acrobat, Acrobat Reader, Photoshop and RoboHelp. The vulnerabilities allow a malicious able to execute arbitrary code within the context of the user, or gain access to sensitive data. Adobe has released updates to fix the vulnerabilities. For more information,...

9.3CVSS7.9AI score0.12561EPSS
Exploits0
NCSC
NCSC
•added 2022/07/13 12:0 a.m.•32 views

Vulnerabilities fixed in VMWare products

Vulnerabilities have been fixed in several VMware products. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Cross-Site Request Forgery XSRF. Access to system data A malicious person with administrator access to a...

7.5CVSS6AI score0.04831EPSS
Exploits0
Total number of security vulnerabilities4209