4179 matches found
Vulnerabilities fixed in ClamAV
Vulnerabilities have been fixed in ClamAV. The vulnerabilities allow a malicious person to launch attacks that lead to the following categories of damage: Denial-of-Service DoS Remote code execution User Rights Access to system data The developers of ClamAV have released updates to address the...
Vulnerabilities fixed in MariaDB
Vulnerabilities have been fixed in MariaDB. A malicious party could potentially exploit the vulnerabilities to cause a denial-of-service. To do this, the malicious party needs to execute malicious execute SQL queries on the vulnerable database server. -= Oracle =- Oracle has made updates availabl...
Vulnerabilities fixed in switches from Avaya and Aruba Networks
Researchers at cybersecurity firm Armis have discovered vulnerabilities discovered in implementations of the NanoSSL library. Armis has discovered that in certain network equipment from Aruba and Avaya error messages are not properly processed causing security problems. Previously, Armis has foun...
Vulnerabilities fixed in GitLab Community Edition and Enterprise Edition
Vulnerabilities have been fixed in GitLab. The vulnerabilities allow a malicious person to perform attacks that lead to the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Bypassing authentication Circumvention of security measure Remote code execution User rights...
Vulnerabilities fixed in Android and Samsung Mobile
Google has fixed vulnerabilities in Android. In addition to the vulnerabilities fixed by Google fixed vulnerabilities, Samsung itself has fixed eighteen other vulnerabilities fixed in Samsung Mobile. The vulnerabilities potentially enable a malicious person to carry out attacks that lead to the...
Vulnerability fixed in Progress OpenEdge
Progress has fixed a vulnerability in OpenEdge. A malicious party could, by exploiting this vulnerability, gain gain root privileges on the vulnerable system. For successful misuse requires authentication on the underlying operating system required. Progress has released updates to fix the...
Vulnerabilities fixed in Zoom
Vulnerabilities have been fixed in Zoom. The vulnerabilities allow a malicious person to carry out attacks that result in the following categories of damage: Manipulation of data Circumvention of security measure Access to sensitive data Increased user privileges Zoom has released updates to fix...
Vulnerabilities fixed in Cisco Adaptive Security Appliance
Vulnerabilities have been fixed in Cisco ASA. The vulnerabilities allow a malicious party to launch attacks that lead to the following categories of damage: Denial-of-Service DoS. Manipulation of data Spoofing Access to sensitive data Increased user privileges Cisco has released updates to fix th...
Vulnerability fixed in Cisco Catalyst
A vulnerability has been fixed in Cisco Catalyst. The vulnerability is located in the IOS XE software. The vulnerability allows a locally authenticated malicious person to obtain elevated permissions and execute arbitrary code with these elevated privileges. Cisco has released updates to fix the...
Vulnerabilities fixed in IBM QRadar
Vulnerabilities have been fixed in IBM QRadar. The vulnerabilities have mostly been described previously in Linux kernel security advisories. The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS...
Vulnerabilities fixed in Google Chrome
Vulnerabilities have been fixed in Google Chrome. The vulnerabilities allow a malicious person to launch attacks that lead to the following categories of damage: Bypassing security measure. Remote code execution User rights Access to system data As usual, Google has made few substantive details...
Vulnerabilities fixed in node.js
Vulnerabilities have been fixed in node.js. The vulnerabilities allow a malicious party to launch attacks that lead to the following categories of damage: Denial-of-Service DoS. Remote code execution User Rights Access to system data For the vulnerability with attribute CVE-2021-44906,...
Vulnerabilities fixed in SonicOS
Vulnerabilities have been fixed in SonicOS. A malicious party could potentially exploit the vulnerabilities to cause a denial-of-service or to gain access to system data. SonicWall has issued updates to fix the vulnerabilities in SonicOS. For more information, see below:...
Vulnerabilities fixed in cURL
Vulnerabilities have been fixed in cURL. The vulnerabilities allow a remote malicious party potentially able to obtain sensitive data obtain or to bypass authentication. The developers of cURL have released updates to fix the vulnerabilities. More information can be found on the pages below:...
Vulnerability fixed in SonicWall Global VPN Client
A vulnerability has been fixed in the Global VPN Client from SonicWall. This vulnerability allows a local malicious person with elevated privileges to execute arbitrary code on the system. SonicWall has released updates to fix the vulnerability. fix. For more information, see the link below:...
Vulnerabilities fixed in Netatalk
Vulnerabilities have been fixed in Netatalk. Netatalk is an open-source protocol that allows Unix systems to communicate with Apple systems. Netatalk uses the Apple Filing Protocol; the vulnerabilities found are in this protocol. The vulnerabilities allow an unauthenticated remote malicious perso...
Vulnerabilities fixed in FreeRADIUS
Two vulnerabilities have been fixed in FreeRADIUS. The vulnerabilities allow a malicious party to cause a denial-of-service or to obtain sensitive data obtain. To cause the denial-of-service, the malicious party must possess a system in the FreeRADIUS "circle of trust." The developers of FreeRADI...
Vulnerabilities fixed in IBM QRadar
Vulnerabilities have been fixed in IBM QRadar. The vulnerabilities allow a malicious person to perform attacks that lead to the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Manipulation of data Circumvention of authentication Circumventing security measures Remo...
Vulnerability fixed in Red Hat OpenShift Container Platform
A vulnerability has been fixed in Red Hat OpenShift Container Platform. The vulnerability allows a remote malicious party to able to cause a denial-of-service. Red Hat has released updates to fix the vulnerability. More information can be found on the page below:...
Vulnerability fixed in dnsmasq
A vulnerability has been fixed in dnsmasq.The vulnerability allows an unauthenticated remote malicious agent potentially capable of to cause a denial-of-service. -= openSUSE =- The developers of openSUSE have made updates available to fix the vulnerability in openSUSE Leap 15.3. You can install...
Vulnerabilities fixed in Dell PowerEdge Server
Vulnerabilities have been fixed in Dell PowerEdge Server. The vulnerabilities are located in the Broadcom Emulex HBA Manager/OneCommand Manager used in Dell PowerEdge Servers. The vulnerabilities allow a remote malicious person to able to launch attacks that result in the following categories of...
Vulnerability fixed in WSO2 products
A serious vulnerability has been fixed in several products of WSO2. A malicious person with access to the network can exploit the exploit the vulnerability to execute arbitrary code or gain access to sensitive data. Public exploit code is available. This exploit code allows a remote malicious par...
Vulnerabilities fixed in IBM Cognos Analytics
Several vulnerabilities have been fixed in IBM Cognos Analytics. Most of the vulnerabilities are in third-party software components third-party software components included with IBM Cognos, including OpenSSL and Node.js. The vulnerabilities allow a malicious party to execute attacks that result i...
Vulnerability fixed in Jira Seraph
A vulnerability has been fixed in Jira Seraph, the web framework used for authentication within Jira. The vulnerability allows a remote malicious party to circumvent authentication bypass authentication by sending a specially prepared HTTP request to the server. The application is only vulnerable...
Vulnerabilities fixed in MISP
Vulnerabilities have been fixed in MISP. The vulnerabilities allow a malicious person to perform attacks that result in the following categories of damage: Cross-Site Scripting XSS. Bypassing authentication Remote code execution Administrator/Root rights For these vulnerabilities, at the time of...
Vulnerability found in Mitel MiVoice Connect
A vulnerability has been found in the Service Appliance component of MiVoice Connect. This vulnerability allows a remote malicious remote user to execute arbitrary code with the permissions with which the Service Appliance component is running. Mitel has made mitigating measures available to fix...
Vulnerability fixed in Kibana
A vulnerability has been fixed in Kibana. A malicious party could potentially exploit the vulnerability to obtain sensitive information. The vulnerability is not in the default configuration. Only Kibana installations that explicitly use Elastic Stack monitoring are potentially vulnerable. Elasti...
Vulnerabilities fixed in Cisco products
Vulnerabilities have been fixed in several Cisco products. The vulnerabilities allow a malicious party to carry out attacks execute attacks that potentially result in the following categories of damage: Cross-Site Request Forgery XSRF. Cross-Site Scripting XSS Denial-of-Service DoS. Manipulation ...
Vulnerabilities fixed in Oracle Hyperion
Oracle has fixed vulnerabilities in the following Hyperion products: Hyperion BI+ Hyperion Data Relationship Management Hyperion Financial Management Hyperion Infrastructure Technology Hyperion Planning Hyperion Profitability and Cost Management Hyperion Calculation Manager Hyperion Tax Provision...
Vulnerabilities fixed in Oracle E-Business Suite
Oracle has fixed vulnerabilities in E-Business Suite applications. The vulnerabilities allow a malicious potentially able to launch attacks that result in the following categories of damage: Manipulation of data. Remote code execution User rights Access to sensitive data Access to system data The...
Vulnerabilities fixed in Liferay
Vulnerabilities have been fixed in Liferay Portal versions 7.3.3 through through 7.4.1. The vulnerabilities allow a malicious party to perform a Cross-Site Scripting attack or unintentionally view the list of groups and sites used within the portal. Liferay has made updates available for Liferay...
Vulnerabilities fixed in Oracle Database Server
Oracle has fixed vulnerabilities in the following products: Database - Enterprise Edition Database Configuration Assistant Spatial and Graph Application Express APEX The vulnerabilities potentially enable a malicious party to execute attacks that result in the following categories of damage:...
Vulnerability fixed in Mattermost
A vulnerability has been fixed in Mattermost with versions lower than 6.5. Email invitations to a Mattermost channel or server are insufficiently invalidated when selected by an administrator. This allows a person to still participate in Mattermost channels even though access has been revoked aft...
Vulnerabilities fixed in AWS patch solutions
Vulnerabilities have been fixed in several AWS patch solutions. These patch solutions were released by AWS to monitor for Java applications vulnerable to Log4Shell and patch these systems immediately. AWS has released three hotpatches released. A hot patch in the form of Debian or RPM packages th...
Vulnerabilities fixed in Oracle Java SE
Oracle has fixed vulnerabilities in Java SE JDK/JRE and GraalVM Enterprise Edition. The vulnerabilities allow a malicious potentially able to launch attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Bypassing authentication Bypassing security...
Vulnerabilities fixed in Oracle Construction and Engineering
Oracle has fixed vulnerabilities in the following Construction and Engineering products: Primavera Unifier Instantis EnterpriseTrack The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS...
Vulnerability fixed in Veritas NetBackup OpsCenter and OpsCenter Analytics
A vulnerability has been fixed in Veritas NetBackup OpsCenter and OpsCenter Analytics. The vulnerability allows an authenticated remote malicious person able to perform Cross-Site ScriptingXSS. execution. Veritas has made mitigation measures and updates available to fix the vulnerability. For mor...
Vulnerabilities fixed in Oracle Enterprise Manager
Oracle has remedied vulnerabilities in the following Enterprise Manager products: Enterprise Manager Base Platform Enterprise Manager for Peoplesoft Application Testing Suite Enterprise Manager Ops Center Enterprise Manager for Storage Management The vulnerabilities allow a malicious person to...
Vulnerabilities fixed in Oracle MySQL
Oracle has fixed vulnerabilities in the following MySQL products: MySQL Workbench MySQL Server MySQL Cluster MySQL Connectors MySQL Enterprise Monitor The vulnerabilities potentially enable a malicious party to execute attacks that result in the following categories of damage: Denial-of-Service D...
Vulnerabilities fixed in Oracle Financial Services Applications
Oracle has fixed vulnerabilities in the following Financial Services applications: - Oracle Banking Deposits and Lines of Credit Servicing - Oracle Banking Enterprise Default Management - Oracle Banking Loans Servicing - Oracle Banking Party Management - Oracle Banking Payments - Oracle Banking...
Vulnerabilities fixed in Oracle Virtualization
Oracle has fixed vulnerabilities in Secure Global Desktop and VirtualBox. The vulnerabilities allow a malicious party to perform attacks execute attacks that result in the following categories of damage: Server-side request forgery Denial-of-Service DoS. Manipulation of data Access to system data...
Vulnerabilities fixed in Oracle Supply Chain
Oracle has fixed vulnerabilities in the following Supply Chain products: Advanced Supply Chain Planning Transportation Management Autovue for Agile Product Lifecycle Management. Agile Engineering Data Management Agile PLM MCAD Connector Agile PLM Framework Product Lifecycle Analytics The...
Vulnerabilities fixed in Oracle JD Edwards
Oracle has fixed vulnerabilities in the following JD Edwards products: JD Edwards EnterpriseOne Tools JD Edwards World Security The vulnerabilities allow an unauthenticated malicious person potentially able to launch attacks that result in the following categories of damage: Denial-of-Service DoS...
Vulnerabilities fixed in Oracle Fusion Middleware
Oracle has fixed vulnerabilities in the following Fusion Middleware products: Business Intelligence Enterprise Edition Business Process Management Suite Coherence Data Integrator HTTP Server Helidon Identity Manager Identity Manager Connector Internet Directory JDeveloper Managed File Transfer...
Vulnerabilities fixed in Oracle PeopleSoft
Oracle has fixed vulnerabilities in the following products: PeopleSoft Enterprise FIN Cash Management PeopleSoft Enterprise PT PeopleTools PeopleSoft Enterprise PRTL Interaction Hub PeopleSoft Enterprise CS Academic Advisement The vulnerabilities potentially enable a malicious person to execute...
Vulnerabilities fixed Oracle Communications Applications
Oracle has fixed vulnerabilities in the following products: Communications Billing and Revenue Management Communications ASAP Communications IP Service Activator Communications MetaSolv Solution Communications Order and Service Management Communications Design Studio Communications Network...
Vulnerabilities fixed in OpenJPEG
Vulnerabilities have been fixed in OpenJPEG. The vulnerabilities allow a malicious person to perform attacks that lead to the following categories of damage: Denial-of-Service DoS Remote code execution User Rights Access to system data -= openSUSE =- The developers of openSUSE have made updates...
Vulnerabilities fixed in Oracle Systems
Oracle has fixed vulnerabilities in the following products: Oracle Solaris Cluster Oracle ZFS Storage Appliance Kit Oracle StorageTek ACSLS Oracle StorageTek Tape Analytics STA Oracle Solaris Oracle Ethernet Switch ES1-24 Oracle Ethernet Switch TOR-72 The vulnerabilities allow a malicious party t...
Vulnerabilities fixed in Oracle Communications
Oracle has fixed vulnerabilities in the following products: Communications Services Gatekeeper Communications Session Border Controller Communications Unified Session Manager Enterprise Session Border Controller Enterprise Communications Broker Communications Operations Monitor Communications...
Vulnerability fixed in Zoho ManageEngine ADSelfService Plus
Zoho has fixed a vulnerability in ManageEngine ADSelfService Plus. An authenticated malicious person could potentially potentially exploit it to execute arbitrary code. The vulnerability is located in the password reset functionality. Systems are vulnerable only when custom scripts are enabled fo...