Lucene search
K

4209 matches found

NCSC
NCSC
•added 2022/05/12 12:0 a.m.•6 views

Vulnerabilities fixed in SUSE Linux Enterprise kernel

SUSE has fixed vulnerabilities in the Linux kernel. A authenticated malicious person could potentially exploit them to cause a denial-of-service or to obtain elevated privileges. -= SUSE =- SUSE has made updates available to fix the vulnerability fixes in SUSE 12 and 15. You can install these...

7.8CVSS5.7AI score0.01169EPSS
Exploits1
NCSC
NCSC
•added 2022/05/12 12:0 a.m.•4 views

Vulnerability fixed in Zimbra Collaboration

Zimbra has fixed a vulnerability in Zimbra Collaboration. The vulnerability allows a remote malicious person to inject memcached commands and thereby manipulate cached data manipulate. This makes it possible to manipulate content that is served to users of Zimbra Collaboration. Thus functionaliti...

7.5CVSS7.1AI score0.85398EPSS
Exploits2
NCSC
NCSC
•added 2022/05/12 12:0 a.m.•4 views

Vulnerabilities fixed in Red Hat OpenShift Logging

Red Hat has fixed vulnerabilities in OpenShift Logging. A malicious party could exploit the vulnerabilities to cause a denial-of-service, bypassing a security measure or perform an HTTP request smuggling attack. Red Hat has released updates to fix the vulnerabilities. For more information, see:...

8.1CVSS6.8AI score0.0628EPSS
Exploits0
NCSC
NCSC
•added 2022/05/12 12:0 a.m.•6 views

Vulnerabilities fixed in Intel processors and -chipsets

Intel has fixed vulnerabilities in several processors and chipsets. A local malicious party could potentially exploit them to cause a denial-of-service, gain gain access to system data or obtain elevated privileges. For the vulnerability with reference CVE-2021-33149 no security updates have been...

7.2CVSS6.9AI score0.00347EPSS
Exploits0
NCSC
NCSC
•added 2022/05/11 12:0 a.m.•13 views

Vulnerability fixed in Microsoft Exchange Server

A vulnerability has been fixed in Microsoft Exchange Server. The vulnerability allows an authenticated malicious party to obtain obtain elevated privileges. To exploit the vulnerability the malicious party must have access to the Exchange Server and be authenticated with elevated privileges. If t...

8.2CVSS6.1AI score0.00842EPSS
Exploits0
NCSC
NCSC
•added 2022/05/11 12:0 a.m.•15 views

Vulnerabilities fixed in Adove InDesign

Adobe has fixed vulnerabilities in InDesign. The vulnerabilities allow a malicious person to execute arbitrary code execute with application privileges. To do this, the malicious party induces the victim to open a rogue file open. Adobe has released updates to fix the vulnerabilities. For more...

7.8CVSS7.4AI score0.00445EPSS
Exploits0
NCSC
NCSC
•added 2022/05/11 12:0 a.m.•5 views

Vulnerabilities fixed in Adobe Framemaker

Adobe has fixed vulnerabilities in Framemaker. The vulnerabilities allow a malicious party to cause a denial-of-service or execute arbitrary code under privileges of the application. To do this, the malicious party must persuade the victim to open a rogue file. Adobe has released updates to fix t...

9.3CVSS7.4AI score0.02579EPSS
Exploits0
NCSC
NCSC
•added 2022/05/11 12:0 a.m.•7 views

Vulnerabilities fixed in Oracle Enterprise Linux kernel

Oracle has fixed vulnerabilities in the Oracle Linux kernel. The vulnerabilities allow a local malicious person to cause a denial-of-service, obtain elevated privileges or gain access to system information. Successful exploit requires authentication. -= Oracle =- Oracle has made updates available...

8.6CVSS6.6AI score0.05524EPSS
Exploits15
NCSC
NCSC
•added 2022/05/10 12:0 a.m.•5 views

Vulnerability fixed in Microsoft Azure

A vulnerability has been fixed in Microsoft Azure. The vulnerability allows an authenticated malicious person to execute arbitrary code. The vulnerability is in a driver used to run in Azure Synapse pipelines and Azure Data Factory Integration Runtime IR to connect to Amazon Redshift. The malicio...

7.8CVSS7AI score0.03686EPSS
Exploits0
NCSC
NCSC
•added 2022/05/10 12:0 a.m.•7 views

Vulnerabilities fixed in HPE Integrated Lights-Out

HPE has fixed a vulnerability in Integrated Lights-Out. The vulnerability allows an authenticated remote malicious party to able to cause a denial-of-service. Few substantive details about the vulnerability publicly available made available. HPE has released updates to fix the vulnerability. For...

7.5CVSS6.8AI score0.01818EPSS
Exploits0
NCSC
NCSC
•added 2022/05/10 12:0 a.m.•5 views

Vulnerability fixed in ecdsautils

Debian has fixed a vulnerability in ecdsautils. This is a library used for cryptographic applications based based on ECDSA. The vulnerability is in functionality for validating of ECDSA signatures. The flaw causes an application considers specially crafted signatures to be valid when they are not...

10CVSS7.1AI score0.48235EPSS
Exploits6
NCSC
NCSC
•added 2022/05/10 12:0 a.m.•15 views

Vulnerabilities fixed in Microsoft Developer Tools

Vulnerabilities have been fixed in Microsoft Developer Tools. The vulnerabilities allow a malicious party to cause a denial-of-service or to execute arbitrary code execute arbitrary code under the user's privileges. The vulnerability with reference CVE-2022-30129 allows a malicious person to...

8.8CVSS7.6AI score0.41717EPSS
Exploits1
NCSC
NCSC
•added 2022/05/10 12:0 a.m.•6 views

Vulnerabilities fixed in Siemens products

Vulnerabilities have been fixed in several Siemens products. The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Manipulation of data Circumvention of security measure...

9.8CVSS8.1AI score0.60122EPSS
Exploits3
NCSC
NCSC
•added 2022/05/10 12:0 a.m.•10 views

Vulnerabilities fixed in Microsoft Office

Vulnerabilities have been fixed in Microsoft Office. The vulnerabilities allow a remote malicious person to execute arbitrary code under the user's privileges or to bypass a security measure. Microsoft Office Excel: |----------------|------|-------------------------------------| | CVE ID | CVSS |...

9.3CVSS7.1AI score0.11576EPSS
Exploits0
NCSC
NCSC
•added 2022/05/10 12:0 a.m.•4 views

Vulnerabilities fixed in Microsoft Windows

Microsoft has fixed several vulnerabilities in Windows. The vulnerabilities potentially enable a malicious person to launch attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Circumvention of authentication Remote code execution Administrator/SYSTEM...

9.8CVSS7.8AI score0.83277EPSS
Exploits11
NCSC
NCSC
•added 2022/05/06 12:0 a.m.•47 views

Vulnerabilities fixed in F5 products

Vulnerabilities have been fixed in products from F5, including BIG-IP and Traffix SDC. The vulnerabilities allow a malicious able to launch attacks that result in the following categories of damage: Cross-Site Request Forgery XSRF. Cross-Site Scripting XSS Denial-of-Service DoS. Manipulation of...

9.8CVSS7.7AI score0.99956EPSS
Exploits63
NCSC
NCSC
•added 2022/05/06 12:0 a.m.•12 views

Vulnerabilities fixed in Cisco TelePresence

Vulnerabilities have been fixed in Cisco TelePresence. The vulnerabilities allow an authenticated malicious party to gain gain access to sensitive data and to cause a denial-of-service. Cisco has released updates to fix the vulnerabilities. More information can be found on the page below:...

8.1CVSS6.5AI score0.00962EPSS
Exploits0
NCSC
NCSC
•added 2022/05/06 12:0 a.m.•4 views

Vulnerabilities fixed in QNAP QTS, QuTS hero and QuTScloud

QNAP has fixed vulnerabilities in QTS, QuTS hero and QuTScloud. The vulnerabilities potentially enable a malicious party to execute attacks that result in the following categories of damage: Cross-Site Scripting XSS. Remote code execution User Rights Access to sensitive data Access to system data...

8.8CVSS7AI score0.01588EPSS
Exploits0
NCSC
NCSC
•added 2022/05/06 12:0 a.m.•50 views

Vulnerabilities fixed in Aruba ClearPass Policy Manager

Aruba has fixed vulnerabilities in ClearPass Policy Manager CPPM. The vulnerabilities potentially enable a malicious person to able to perform attacks that result in the following categories of damage: Cross-Site Request Forgery XSRF Cross-Site Scripting XSS Denial-of-Service DoS. Manipulation of...

10CVSS8.5AI score0.03273EPSS
Exploits0
NCSC
NCSC
•added 2022/05/06 12:0 a.m.•3 views

Vulnerability fixed in OpenLDAP

A vulnerability has been fixed in OpenLDAP. The vulnerability allows a malicious person to perform an SQL injection. The is a vulnerability in the back-sql backend. This backend is no longer actively supported but is still available in OpenLDAP. The developers of OpenLDAP have released updates to...

9.8CVSS7.2AI score0.69899EPSS
Exploits1
NCSC
NCSC
•added 2022/05/06 12:0 a.m.•3 views

Vulnerability fixed in Aveva InTouch Access Anywhere and AVEVA Plant SCADA Access Anywhere

A vulnerability has been fixed in Aveva InTouch Access Anywhere and AVEVA Plant SCADA. The vulnerability allows an authenticated remote malicious party to execute system commands. No CVE attribute is currently available for this vulnerability. available. Aveva has released updates to fix the...

6.8AI score
Exploits0
NCSC
NCSC
•added 2022/05/06 12:0 a.m.•3 views

Vulnerabilities fixed in Red Hat Satellite

Vulnerabilities have been fixed in Red Hat Satellite. The vulnerabilities allow a remote malicious party to obtain obtain sensitive data or to cause a denial-of-service cause. Red Hat has released updates to fix the vulnerabilities. More information can be found on the page below:...

9.8CVSS6.7AI score0.01328EPSS
Exploits0
NCSC
NCSC
•added 2022/05/06 12:0 a.m.•5 views

Vulnerabilities fixed in Splunk

Vulnerabilities have been fixed in Splunk. The vulnerabilities potentially enable a malicious person to carry out attacks leading to the following categories of damage: Cross-Site Scripting XSS. Circumvention of security measure Access to system data Increased user privileges Updates have been...

8.8CVSS6.5AI score0.0139EPSS
Exploits0
NCSC
NCSC
•added 2022/05/06 12:0 a.m.•2 views

Vulnerabilities fixed in Oracle Enterprise Linux

Vulnerabilities have been fixed in the kernel of Oracle Enterprise Linux. The vulnerabilities allow a malicious person to perform attacks that result in the following categories of damage: Denial-of-Service DoS. Access to system data Increased user privileges Oracle has released updates to fix th...

8CVSS6.5AI score0.01747EPSS
Exploits17
NCSC
NCSC
•added 2022/05/04 12:0 a.m.•19 views

Vulnerabilities fixed in FortiOS

Vulnerabilities have been fixed in FortiOS. The vulnerabilities allow a malicious person to launch attacks that lead to the following categories of damage: Cross-Site Scripting XSS. Remote code execution User Rights Access to sensitive data Access to system data Fortinet has released updates to...

6.3CVSS6.7AI score0.00844EPSS
Exploits0
NCSC
NCSC
•added 2022/05/04 12:0 a.m.•2 views

Vulnerabilities fixed in Firefox and Firefox ESR

Vulnerabilities have been fixed in Firefox and Firefox ESR. The vulnerabilities allow a malicious party to carry out attacks execute attacks that lead to the following categories of damage: Bypassing security measure. Remote code execution User rights Spoofing Accessing sensitive data Access to...

9.8CVSS7.2AI score0.01005EPSS
Exploits5
NCSC
NCSC
•added 2022/05/04 12:0 a.m.•5 views

Vulnerabilities fixed in ClamAV

Vulnerabilities have been fixed in ClamAV. The vulnerabilities allow a malicious person to launch attacks that lead to the following categories of damage: Denial-of-Service DoS Remote code execution User Rights Access to system data The developers of ClamAV have released updates to address the...

9.8CVSS7.3AI score0.43382EPSS
Exploits7
NCSC
NCSC
•added 2022/05/04 12:0 a.m.•3 views

Vulnerabilities fixed in the Linux kernel

Vulnerabilities have been fixed in the Linux kernel. The vulnerabilities allow a malicious person to carry out attacks execute attacks that lead to the following categories of damage: Denial-of-Service DoS. Access to system data Increased user privileges -= Debian =- Debian has made updates to...

7.8CVSS6.4AI score0.05524EPSS
Exploits20
NCSC
NCSC
•added 2022/05/04 12:0 a.m.•4 views

Vulnerabilities fixed in OpenSSL

Vulnerabilities have been fixed in OpenSSL. A malicious party could potentially exploit the vulnerabilities to circumvent security measures bypass security measures, cause a denial-of-service, or execute code execute code under privileges of another process. The vulnerability with reference...

10CVSS7.3AI score0.83223EPSS
Exploits5
NCSC
NCSC
•added 2022/05/04 12:0 a.m.•3 views

Vulnerability fixed in FortiClient

A vulnerability has been fixed in FortiClient. The vulnerability allows a malicious person with access to the system to execute or delete files with admin rights. The vulnerability is located in the FortiClient MSI installer. Fortinet has released updates to fix the vulnerability. More informatio...

8.4CVSS6.6AI score0.00215EPSS
Exploits0
NCSC
NCSC
•added 2022/05/04 12:0 a.m.•4 views

Vulnerabilities fixed in Yokogawa Centum VP, ProSafe-RS and B/M9000 VP

Yokogawa has fixed vulnerabilities in Centum VP, ProSafe-RS and B/M9000 VP. The vulnerabilities potentially enable a malicious person to able to perform attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution User Rights Access t...

9.1CVSS7.6AI score0.12841EPSS
Exploits0
NCSC
NCSC
•added 2022/05/04 12:0 a.m.•4 views

Vulnerabilities fixed in MariaDB

Vulnerabilities have been fixed in MariaDB. A malicious party could potentially exploit the vulnerabilities to cause a denial-of-service. To do this, the malicious party needs to execute malicious execute SQL queries on the vulnerable database server. -= Oracle =- Oracle has made updates availabl...

7.1CVSS8.1AI score0.08216EPSS
Exploits5
NCSC
NCSC
•added 2022/05/03 12:0 a.m.•6 views

Vulnerabilities fixed in switches from Avaya and Aruba Networks

Researchers at cybersecurity firm Armis have discovered vulnerabilities discovered in implementations of the NanoSSL library. Armis has discovered that in certain network equipment from Aruba and Avaya error messages are not properly processed causing security problems. Previously, Armis has foun...

9.8CVSS7.7AI score0.21877EPSS
Exploits0
NCSC
NCSC
•added 2022/05/03 12:0 a.m.•105 views

Vulnerabilities fixed in Android and Samsung Mobile

Google has fixed vulnerabilities in Android. In addition to the vulnerabilities fixed by Google fixed vulnerabilities, Samsung itself has fixed eighteen other vulnerabilities fixed in Samsung Mobile. The vulnerabilities potentially enable a malicious person to carry out attacks that lead to the...

10CVSS8.3AI score0.89063EPSS
Exploits104
NCSC
NCSC
•added 2022/05/03 12:0 a.m.•10 views

Vulnerabilities fixed in GitLab Community Edition and Enterprise Edition

Vulnerabilities have been fixed in GitLab. The vulnerabilities allow a malicious person to perform attacks that lead to the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Bypassing authentication Circumvention of security measure Remote code execution User rights...

8.8CVSS6.8AI score0.82003EPSS
Exploits4
NCSC
NCSC
•added 2022/05/02 12:0 a.m.•5 views

Vulnerability fixed in Progress OpenEdge

Progress has fixed a vulnerability in OpenEdge. A malicious party could, by exploiting this vulnerability, gain gain root privileges on the vulnerable system. For successful misuse requires authentication on the underlying operating system required. Progress has released updates to fix the...

7.8CVSS7.1AI score0.00272EPSS
Exploits0
NCSC
NCSC
•added 2022/04/29 12:0 a.m.•5 views

Vulnerability fixed in Cisco Catalyst

A vulnerability has been fixed in Cisco Catalyst. The vulnerability is located in the IOS XE software. The vulnerability allows a locally authenticated malicious person to obtain elevated permissions and execute arbitrary code with these elevated privileges. Cisco has released updates to fix the...

7.8CVSS7.3AI score0.00223EPSS
Exploits0
NCSC
NCSC
•added 2022/04/29 12:0 a.m.•5 views

Vulnerabilities fixed in Zoom

Vulnerabilities have been fixed in Zoom. The vulnerabilities allow a malicious person to carry out attacks that result in the following categories of damage: Manipulation of data Circumvention of security measure Access to sensitive data Increased user privileges Zoom has released updates to fix...

7.9CVSS6.7AI score0.00975EPSS
Exploits0
NCSC
NCSC
•added 2022/04/29 12:0 a.m.•2 views

Vulnerabilities fixed in Google Chrome

Vulnerabilities have been fixed in Google Chrome. The vulnerabilities allow a malicious person to launch attacks that lead to the following categories of damage: Bypassing security measure. Remote code execution User rights Access to system data As usual, Google has made few substantive details...

8.8CVSS7.2AI score0.0105EPSS
Exploits23
NCSC
NCSC
•added 2022/04/29 12:0 a.m.•4 views

Vulnerabilities fixed in node.js

Vulnerabilities have been fixed in node.js. The vulnerabilities allow a malicious party to launch attacks that lead to the following categories of damage: Denial-of-Service DoS. Remote code execution User Rights Access to system data For the vulnerability with attribute CVE-2021-44906,...

9.8CVSS8.7AI score0.70561EPSS
Exploits4
NCSC
NCSC
•added 2022/04/29 12:0 a.m.•2 views

Vulnerabilities fixed in cURL

Vulnerabilities have been fixed in cURL. The vulnerabilities allow a remote malicious party potentially able to obtain sensitive data obtain or to bypass authentication. The developers of cURL have released updates to fix the vulnerabilities. More information can be found on the pages below:...

8.1CVSS9.2AI score0.03425EPSS
Exploits4
NCSC
NCSC
•added 2022/04/29 12:0 a.m.•28 views

Vulnerabilities fixed in Cisco Adaptive Security Appliance

Vulnerabilities have been fixed in Cisco ASA. The vulnerabilities allow a malicious party to launch attacks that lead to the following categories of damage: Denial-of-Service DoS. Manipulation of data Spoofing Access to sensitive data Increased user privileges Cisco has released updates to fix th...

8.8CVSS6.6AI score0.28369EPSS
Exploits1
NCSC
NCSC
•added 2022/04/29 12:0 a.m.•4 views

Vulnerabilities fixed in SonicOS

Vulnerabilities have been fixed in SonicOS. A malicious party could potentially exploit the vulnerabilities to cause a denial-of-service or to gain access to system data. SonicWall has issued updates to fix the vulnerabilities in SonicOS. For more information, see below:...

7.5CVSS7.2AI score0.01051EPSS
Exploits0
NCSC
NCSC
•added 2022/04/29 12:0 a.m.•3 views

Vulnerabilities fixed in IBM QRadar

Vulnerabilities have been fixed in IBM QRadar. The vulnerabilities have mostly been described previously in Linux kernel security advisories. The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS...

8.8CVSS8.4AI score0.0066EPSS
Exploits3
NCSC
NCSC
•added 2022/04/28 12:0 a.m.•4 views

Vulnerability fixed in SonicWall Global VPN Client

A vulnerability has been fixed in the Global VPN Client from SonicWall. This vulnerability allows a local malicious person with elevated privileges to execute arbitrary code on the system. SonicWall has released updates to fix the vulnerability. fix. For more information, see the link below:...

7.8CVSS7.5AI score0.00697EPSS
Exploits0
NCSC
NCSC
•added 2022/04/28 12:0 a.m.•2 views

Vulnerabilities fixed in Netatalk

Vulnerabilities have been fixed in Netatalk. Netatalk is an open-source protocol that allows Unix systems to communicate with Apple systems. Netatalk uses the Apple Filing Protocol; the vulnerabilities found are in this protocol. The vulnerabilities allow an unauthenticated remote malicious perso...

9.8CVSS7.5AI score0.08594EPSS
Exploits0
NCSC
NCSC
•added 2022/04/26 12:0 a.m.•3 views

Vulnerabilities fixed in FreeRADIUS

Two vulnerabilities have been fixed in FreeRADIUS. The vulnerabilities allow a malicious party to cause a denial-of-service or to obtain sensitive data obtain. To cause the denial-of-service, the malicious party must possess a system in the FreeRADIUS "circle of trust." The developers of FreeRADI...

7AI score
Exploits0
NCSC
NCSC
•added 2022/04/26 12:0 a.m.•16 views

Vulnerabilities fixed in IBM QRadar

Vulnerabilities have been fixed in IBM QRadar. The vulnerabilities allow a malicious person to perform attacks that lead to the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Manipulation of data Circumvention of authentication Circumventing security measures Remo...

9.8CVSS6.9AI score0.44515EPSS
Exploits26
NCSC
NCSC
•added 2022/04/25 12:0 a.m.•13 views

Vulnerabilities fixed in IBM Cognos Analytics

Several vulnerabilities have been fixed in IBM Cognos Analytics. Most of the vulnerabilities are in third-party software components third-party software components included with IBM Cognos, including OpenSSL and Node.js. The vulnerabilities allow a malicious party to execute attacks that result i...

9.8CVSS9.1AI score0.77385EPSS
Exploits31
NCSC
NCSC
•added 2022/04/25 12:0 a.m.•4 views

Vulnerability fixed in dnsmasq

A vulnerability has been fixed in dnsmasq.The vulnerability allows an unauthenticated remote malicious agent potentially capable of to cause a denial-of-service. -= openSUSE =- The developers of openSUSE have made updates available to fix the vulnerability in openSUSE Leap 15.3. You can install...

7.5CVSS8.8AI score0.01499EPSS
Exploits0
Total number of security vulnerabilities4209