Lucene search
K

4209 matches found

NCSC
NCSC
•added 2022/07/13 12:0 a.m.•34 views

Vulnerabilities fixed in Adobe products

Adobe has fixed vulnerabilities in Acrobat, Acrobat Reader, Photoshop and RoboHelp. The vulnerabilities allow a malicious able to execute arbitrary code within the context of the user, or gain access to sensitive data. Adobe has released updates to fix the vulnerabilities. For more information,...

9.3CVSS7.9AI score0.12561EPSS
Exploits0
NCSC
NCSC
•added 2022/07/12 12:0 a.m.•14 views

Vulnerabilities fixed in Microsoft Windows

Microsoft has fixed vulnerabilities in Windows. The vulnerabilities potentially enable a malicious person to launch attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS. Remote code execution Administrator/Root rights Remote code execution User rights...

8.8CVSS6.8AI score0.88609EPSS
Exploits5
NCSC
NCSC
•added 2022/07/12 12:0 a.m.•31 views

Vulnerabilities fixed in Microsoft Office, Skype and Lync

Microsoft has fixed vulnerabilities in Microsoft Office, Skype and Lync. A malicious party could potentially exploit the vulnerabilities to bypass a security measure or execute arbitrary code. Skype for Business and Microsoft Lync: |----------------|------|-------------------------------------| |...

7.2CVSS6.5AI score0.02204EPSS
Exploits0
NCSC
NCSC
•added 2022/07/12 12:0 a.m.•50 views

Vulnerabilities fixed in Siemens products

Vulnerabilities have been fixed in several Siemens products. The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Bypassing authentication Circumvention of security measure...

10CVSS8.1AI score0.02373EPSS
Exploits0
NCSC
NCSC
•added 2022/07/12 12:0 a.m.•10 views

Vulnerabilities fixed in Microsoft Azure Site Recovery and Azure Storage Library

Vulnerabilities have been fixed in Azure Storage Library and Azure Site Recovery. The vulnerabilities allow a malicious party to perform attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution User rights Access to sensitive data...

8.8CVSS6.8AI score0.02237EPSS
Exploits1
NCSC
NCSC
•added 2022/07/11 12:0 a.m.•5 views

Fixed vulnerabilities in IBM MQ (Operator and Queue manager)

IBM has fixed multiple vulnerabilities in supporting software provided with IBM MQ Operator and Queue manager. The vulnerabilities are in the Golang software provided. A malicious party could potentially exploit the vulnerabilities to obtain increased user privileges, sensitive data and/or...

7.5CVSS9.5AI score0.06934EPSS
Exploits4
NCSC
NCSC
•added 2022/07/08 12:0 a.m.•3 views

Vulnerability fixed in rsyslog

The developers of rsyslog have fixed a vulnerability in rsyslog. A malicious party could exploit the vulnerability to cause a denial-of-service, or to potentially manipulate data manipulate and thus potentially inject false information into the central syslog environment. The developers do not ru...

8.1CVSS7.2AI score0.03821EPSS
Exploits0
NCSC
NCSC
•added 2022/07/08 12:0 a.m.•9 views

Vulnerabilities fixed in Bently Nevada systems

Bently Nevada has fixed two vulnerabilities in its ADAPT 3701/x series monitoring systems. A malicious person with access to the infrastructure could exploit the vulnerabilities to execute arbitrary code on the systems, cause a denial-of-service, or to gain access to system data and potentially...

9.8CVSS7.4AI score0.00904EPSS
Exploits0
NCSC
NCSC
•added 2022/07/07 12:0 a.m.•25 views

Vulnerabilities fixed in Cisco products

Vulnerabilities have been fixed in several Cisco products. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Cross-Site Scripting XSS. Manipulation of data Circumvention of security measure Remote code execution Use...

9CVSS7.1AI score0.01795EPSS
Exploits0
NCSC
NCSC
•added 2022/07/07 12:0 a.m.•12 views

Vulnerabilities fixed in IBM Tivoli Netcool Impact

Vulnerabilities have been fixed in IBM Tivoli Netcool Impact. The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS. Circumvention of security measure Spoofing Accessing sensitive data Accessing...

10CVSS7.1AI score0.96275EPSS
Exploits25
NCSC
NCSC
•added 2022/07/07 12:0 a.m.•14 views

Vulnerabilities fixed in Google Android and Samsung Mobile

Google has fixed vulnerabilities in Android. In addition to the vulnerabilities fixed by Google fixed vulnerabilities, Samsung itself has fixed 41 other vulnerabilities fixed in Samsung Mobile. The vulnerabilities potentially enable a malicious person to carry out attacks that lead to the followi...

10CVSS7.5AI score0.03461EPSS
Exploits3
NCSC
NCSC
•added 2022/07/06 12:0 a.m.•28 views

Vulnerabilities fixed in Fortinet products

Fortinet has fixed vulnerabilities in several products. The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Remote code execution Administrator/Root rights Increased us...

7.8CVSS6.8AI score0.02144EPSS
Exploits0
NCSC
NCSC
•added 2022/07/06 12:0 a.m.•8 views

Vulnerabilities fixed in Red Hat Satellite

Vulnerabilities have been fixed in Red Hat Satellite. The vulnerabilities allow a malicious person to carry out attacks that lead to the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Circumvention of security measure. Remote code execution User Rights Access to...

9.8CVSS6.8AI score0.49246EPSS
Exploits14
NCSC
NCSC
•added 2022/07/05 12:0 a.m.•2 views

Vulnerabilities fixed in Google Chrome

Google has fixed vulnerabilities in Google Chrome. A malicious party could potentially exploit the vulnerabilities to cause a denial-of-service, or execute code in the scope of the application. Google indicates that the vulnerability with attribute CVE-2022-2294 has been has had limited active...

8.8CVSS7.3AI score0.70461EPSS
Exploits0
NCSC
NCSC
•added 2022/07/01 12:0 a.m.•2 views

Vulnerability found in OpenSSL

A vulnerability has been found in OpenSSL 3.0.4. A malicious party can exploit the vulnerability to cause of a denial-of-service DoS. The extent of this DoS can vary from one application. Although it is reported that the vulnerability also provides the ability to execute arbitrary code execute...

10CVSS6.1AI score0.44881EPSS
Exploits3
NCSC
NCSC
•added 2022/07/01 12:0 a.m.•4 views

Vulnerabilities fixed in Elastic Kibana and Elastic Endpoint Security

Elastic has fixed vulnerabilities in Kibana and Endpoint Security for Windows. An authenticated malicious party could potentially exploit the vulnerabilities potentially exploit them to perform a cross-site scripting attack or to obtain elevated permissions. Elastic has released updates to fix th...

7.8CVSS6.6AI score0.00777EPSS
Exploits0
NCSC
NCSC
•added 2022/07/01 12:0 a.m.•9 views

Vulnerabilities fixed in GitLab CE and EE

Vulnerabilities have been fixed in GitLab Enterprise Edition EE and Community Edition CE. The vulnerabilities can be exploited by a malicious party to gain access to sensitive data, manipulate data without being authorized to do so be authorized, to perform a Cross-Site-Scripting XSS attack or to...

9.9CVSS7.5AI score0.76884EPSS
Exploits0
NCSC
NCSC
•added 2022/07/01 12:0 a.m.•5 views

Vulnerability fixed in ManageEngine ADAudit Plus

ManageEngine has fixed a vulnerability in ADAudit Plus. A unauthenticated malicious person could exploit the vulnerability to execute arbitrary code on the system on which ADAudit Plus is installed. Horizon researchers have published a write-up and proof-of-concept code published. They indicate...

9.8CVSS7.7AI score0.97011EPSS
Exploits6
NCSC
NCSC
•added 2022/06/30 12:0 a.m.•5 views

Vulnerability fixed in Atlassian Jira

Atlassian has fixed a vulnerability in Jira. A authenticated malicious person could exploit the vulnerability to execute a server-side request-forgery attack. This enables the malicious party to gain access to sensitive data or information about the system. The vulnerability is located in a plug-...

6.5CVSS6.8AI score0.71169EPSS
Exploits1
NCSC
NCSC
•added 2022/06/30 12:0 a.m.•45 views

Vulnerabilities fixed in IBM Spectrum Protect

IBM has fixed vulnerabilities in several components of Spectrum Protect. The vulnerabilities allow a malicious potentially able to launch attacks that result in the following categories of damage: Denial-of-Service DoS Circumvention of security measure Remote code execution User rights Access to...

9.8CVSS7.5AI score0.89063EPSS
Exploits134
NCSC
NCSC
•added 2022/06/29 12:0 a.m.•3 views

Vulnerabilities fixed in Mozilla Firefox, Firefox ESR and Thunderbird

Mozilla has fixed vulnerabilities in Firefox, Firefox Extended Support Release ESR and Thunderbird. The vulnerabilities allow a malicious party potentially able to launch attacks that lead to the following categories of damage: Denial-of-Service DoS Circumvention of security measure Remote code...

9.8CVSS7.5AI score0.23941EPSS
Exploits2
NCSC
NCSC
•added 2022/06/28 12:0 a.m.•2 views

Vulnerabilities fixed in cURL

Vulnerabilities have been fixed in cURL. A malicious person at remote can exploit the vulnerabilities to cause a denial-of-service, or to gain access to sensitive data by performing a man-in-the-middle attack. Project CURL has released updates to address the vulnerabilities fixes in cURL 7.84.0...

9.8CVSS9.3AI score0.3197EPSS
Exploits4
NCSC
NCSC
•added 2022/06/24 12:0 a.m.•2 views

Vulnerability fixed in IBM Db2

IBM has fixed a vulnerability in Db2. The vulnerability allows a malicious person to gain access to sensitive data. IBM has released updates to fix the vulnerability in Db2. For more information, see: https://www.ibm.com/support/pages/node/6597993...

7.5CVSS6.9AI score0.00906EPSS
Exploits0
NCSC
NCSC
•added 2022/06/24 12:0 a.m.•4 views

Malleability remedied in Salt

Salt Project has fixed a vulnerability in Salt. A malicious person who has a locked user account can still perform actions under privileges of this account. Systems are vulnerable only when PAM authentication is used. Salt Project has released updates to fix the vulnerability fix in Salt 3002.9,...

8.8CVSS7AI score0.01878EPSS
Exploits0
NCSC
NCSC
•added 2022/06/24 12:0 a.m.•3 views

Vulnerabilities fixed in Jenkins

Vulnerabilities have been fixed in Jenkins. The vulnerabilities allow a remote malicious person to launch a Cross-site Scripting attack. Jenkins has released updates to fix the vulnerabilities. More information can be found on the page below:...

5.4CVSS6.7AI score0.01361EPSS
Exploits0
NCSC
NCSC
•added 2022/06/23 12:0 a.m.•2 views

Vulnerability fixed in TheHive and Cortex

A vulnerability has been fixed in TheHive and Cortex. The vulnerability allows an unauthenticated remote malicious person able to bypass authentication by providing an existing username but not including a password. send. This vulnerability is only exploitable if TheHive and Cortex use an AD to...

6.9AI score
Exploits0
NCSC
NCSC
•added 2022/06/23 12:0 a.m.•62 views

Vulnerabilities fixed in IBM Cognos

IBM has fixed vulnerabilities in Cognos. The vulnerabilities potentially enable a malicious person to launch attacks leading to the following categories of damage: Denial-of-Service DoS. Bypassing authentication Circumvention of security measure. Remote code execution Administrator/Root rights...

10CVSS9.6AI score0.44515EPSS
Exploits37
NCSC
NCSC
•added 2022/06/22 12:0 a.m.•5 views

Vulnerabilities fixed in Dell SupportAssistant

Vulnerabilities have been fixed in Dell SupportAssist. The vulnerabilities allow a malicious party to launch attacks execute attacks that result in the following categories of damage: Cross-Site Scripting XSS. Manipulation of data Remote code execution User Rights Access to system data Increased...

9.6CVSS6.8AI score0.01091EPSS
Exploits0
NCSC
NCSC
•added 2022/06/22 12:0 a.m.•6 views

Vulnerability fixed in RealVNC VNC Server

RealVNC has fixed a vulnerability in VNC Server for Windows. A local, authenticated malicious party can exploit the exploit the vulnerability to obtain elevated privileges on the system on which VNC Server is installed. The vulnerability is caused by an installation file executing files in %TEMP%...

7.8CVSS6.7AI score0.0066EPSS
Exploits1
NCSC
NCSC
•added 2022/06/22 12:0 a.m.•4 views

Vulnerability fixed in OpenSSL

A vulnerability has been fixed in OpenSSL. The vulnerability is located in the cvrehash script and is caused by the fact that shell meta-characters being insufficiently removed from user input. removed. On some operating systems, the vulnerable script is is executed automatically. On such systems...

10CVSS6.9AI score0.96275EPSS
Exploits6
NCSC
NCSC
•added 2022/06/22 12:0 a.m.•3 views

Vulnerabilities fixed in Google Chrome

Vulnerabilities have been fixed in Google Chrome. The vulnerabilities potentially allow a malicious person to execute arbitrary code execute under the application's permissions and bypass a security measure to bypass. As usual, Google has made few substantive details made available about the...

8.8CVSS7.1AI score0.01312EPSS
Exploits1
NCSC
NCSC
•added 2022/06/20 12:0 a.m.•34 views

Vulnerabilities fixed in Linux kernel

Vulnerabilities have been fixed in the Linux kernel. The vulnerabilities allow a malicious person to carry out attacks execute attacks that lead to the following categories of damage: Denial-of-Service DoS Circumvention of security measure Remote code execution User rights Access to sensitive dat...

7.8CVSS6.9AI score0.06451EPSS
Exploits10
NCSC
NCSC
•added 2022/06/16 12:0 a.m.•6 views

Vulnerabilities fixed in Tenable Nessus Agent

Vulnerabilities have been fixed in Tenable Nessus Agent. The vulnerabilities allow a malicious person with elevated privileges to able to execute arbitrary code under administrator privileges and the read arbitrary files on the underlying system. Tenable has released a new version of Nessus Agent...

9CVSS7.8AI score0.01255EPSS
Exploits0
NCSC
NCSC
•added 2022/06/16 12:0 a.m.•62 views

Vulnerabilities fixed in Splunk products

Vulnerabilities have been fixed in Splunk products. The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Bypassing authentication Bypassing security measure Remote code execution Administrator/Root rights Accessing...

10CVSS7.9AI score0.01799EPSS
Exploits0
NCSC
NCSC
•added 2022/06/16 12:0 a.m.•10 views

Vulnerabilities fixed in Cisco Identity Services Engine

Vulnerabilities have been fixed in Cisco Identity Services Engine. The vulnerabilities allow a malicious party to access system data or to bypass authentication. Cisco has released updates to fix the vulnerabilities. More information can be found on the pages below: CVE-2022-20733...

9.8CVSS6.8AI score0.01045EPSS
Exploits0
NCSC
NCSC
•added 2022/06/16 12:0 a.m.•13 views

Vulnerabilities fixed in Citrix Application Delivery Manager (ADM).

Citrix has fixed two vulnerabilities in Application Delivery Manager ADM. A malicious person with access to the management environment can exploit the vulnerabilities to cause a denial-of-service by disabling the License service, or to gain access to a root shell, by forcing a reset on the...

8.1CVSS7AI score0.12325EPSS
Exploits0
NCSC
NCSC
•added 2022/06/16 12:0 a.m.•5 views

Vulnerabilities fixed in Cisco Email Security Appliance, Secure Email and Web Manager

Vulnerabilities have been fixed in Cisco Email Security Appliance and Cisco Secure Email and Web Manager. The vulnerability with reference CVE-2022-20798 allows an unauthenticated remote malicious person able to bypass authentication bypass authentication and thereby log into the Web management...

9.8CVSS6.9AI score0.01427EPSS
Exploits0
NCSC
NCSC
•added 2022/06/15 12:0 a.m.•31 views

Vulnerabilities fixed in Adobe Bridge

Adobe has fixed several vulnerabilities in Bridge. A malicious party could exploit the vulnerabilities to execute arbitrary code in the context of the application, or to access gain access to sensitive data in the context of the application. To do this, the malicious party must trick the victim...

9.3CVSS7.1AI score0.02857EPSS
Exploits0
NCSC
NCSC
•added 2022/06/15 12:0 a.m.•9 views

Vulnerability fixed in Adobe RoboHelp Server

Adobe has fixed a vulnerability in RoboHelp Server. A malicious party, with prior authentication and user authorization, could potentially exploit the vulnerability to grant themselves elevated privileges. The malicious party can through manipulation of API requests, perform actions that are...

9CVSS7AI score0.01343EPSS
Exploits0
NCSC
NCSC
•added 2022/06/15 12:0 a.m.•16 views

Vulnerabilities fixed in Intel processors

Vulnerabilities have been fixed in several Intel processors. The vulnerabilities allow a malicious person with local access to the processor to obtain sensitive data or cause a denial-of-service. Intel has released updates to fix the vulnerabilities. More information can be found on the pages...

5.5CVSS5.6AI score0.06451EPSS
Exploits0
NCSC
NCSC
•added 2022/06/15 12:0 a.m.•53 views

Vulnerabilities fixed in SAP products

Vulnerabilities have been fixed in several SAP products. The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Cross-Site Request Forgery XSRF. Cross-Site Scripting XSS. Denial-of-Service DoS. Bypassing authentication...

9.8CVSS6.3AI score0.02062EPSS
Exploits4
NCSC
NCSC
•added 2022/06/15 12:0 a.m.•48 views

Vulnerabilities fixed in Adobe Illustrator

Adobe has fixed several vulnerabilities in Illustrator 2021 and 2022. A malicious party could exploit the vulnerabilities to execute arbitrary code in the context of the application, or to gain access to sensitive data. The malicious party must trick the victim into opening a rogue file. Adobe ha...

7.8CVSS7.4AI score0.02424EPSS
Exploits0
NCSC
NCSC
•added 2022/06/15 12:0 a.m.•28 views

Vulnerabilities fixed in Adobe InDesign

Adobe has fixed vulnerabilities in InDesign. A malicious person could exploit the vulnerabilities to execute arbitrary code in the context of the application. To do this, the malicious party must entice the victim to open a rogue file. Adobe has released updates to fix the vulnerabilities in...

9.3CVSS7.4AI score0.05941EPSS
Exploits0
NCSC
NCSC
•added 2022/06/14 12:0 a.m.•4 views

Vulnerability fixed in Microsoft Edge

A vulnerability has been fixed in Microsoft Edge. A remote malicious person could potentially exploit the vulnerability to execute arbitrary code. Because it is possible to get out of Edge's sandbox environment, execution of code at the SYSTEM level cannot be ruled out. Abuse requires that the...

8.3CVSS7.3AI score0.02839EPSS
Exploits0
NCSC
NCSC
•added 2022/06/14 12:0 a.m.•32 views

Vulnerabilities fixed in Microsoft Windows

Microsoft has fixed vulnerabilities in Windows. The vulnerabilities potentially enable a malicious person to launch attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS. Remote code execution Administrator/Root rights Remote code execution User rights...

10CVSS6.7AI score0.74677EPSS
Exploits3
NCSC
NCSC
•added 2022/06/14 12:0 a.m.•15 views

Vulnerability fixed in Siemens SCALANCE

A vulnerability has been fixed in Siemens SCALANCE. The vulnerability allows an unauthenticated remote malicious person capable of causing a denial-of-service. Siemens has released updates to fix the vulnerability. More information can be found on the page below:...

7.5CVSS6.8AI score0.00588EPSS
Exploits0
NCSC
NCSC
•added 2022/06/14 12:0 a.m.•11 views

Vulnerabilities fixed in Microsoft Azure

Vulnerabilities have been fixed in Microsoft Azure components. A malicious party could exploit the vulnerabilities to obtain elevated privileges, or to gain access to sensitive data in the context of the victim. Microsoft states for several of the vulnerabilities listed below to be in possession ...

7.8CVSS6.8AI score0.02408EPSS
Exploits0
NCSC
NCSC
•added 2022/06/14 12:0 a.m.•5 views

Vulnerabilities fixed in Microsoft Office

Vulnerabilities have been fixed in several Microsoft Office products. The table below lists the vulnerabilities that have been fixed by Microsoft with the corresponding CVSSv3 scores. Misuse of the vulnerabilities in SharePoint requires prior authentication. Abuse of the vulnerabilities in Excel...

8.8CVSS6.6AI score0.07366EPSS
Exploits0
NCSC
NCSC
•added 2022/06/14 12:0 a.m.•6 views

Vulnerabilities fixed in TYPO3

Vulnerabilities have been fixed in TYPO3. The vulnerabilities allow a malicious person to carry out attacks that result in the following categories of damage: Cross-Site Scripting XSS. Circumvention of security measure Accessing sensitive data TYPO3 has released updates to address the...

7.2CVSS6.2AI score0.01165EPSS
Exploits0
NCSC
NCSC
•added 2022/06/14 12:0 a.m.•3 views

Vulnerability fixed in Microsoft SQL Server

A vulnerability has been fixed in Microsoft SQL Server. The vulnerability allows an authenticated malicious person to execute arbitrary code, possibly as a Database Administrator, by executing a specially prepared query via the $ partition on a table where a Column Store index is present. Abuse o...

7.5CVSS7.2AI score0.01974EPSS
Exploits0
Total number of security vulnerabilities4209