4209 matches found
Vulnerabilities fixed in SUSE Linux Enterprise kernel
SUSE has fixed vulnerabilities in the Linux kernel. A authenticated malicious person could potentially exploit them to cause a denial-of-service or to obtain elevated privileges. -= SUSE =- SUSE has made updates available to fix the vulnerability fixes in SUSE 12 and 15. You can install these...
Vulnerability fixed in Zimbra Collaboration
Zimbra has fixed a vulnerability in Zimbra Collaboration. The vulnerability allows a remote malicious person to inject memcached commands and thereby manipulate cached data manipulate. This makes it possible to manipulate content that is served to users of Zimbra Collaboration. Thus functionaliti...
Vulnerabilities fixed in Red Hat OpenShift Logging
Red Hat has fixed vulnerabilities in OpenShift Logging. A malicious party could exploit the vulnerabilities to cause a denial-of-service, bypassing a security measure or perform an HTTP request smuggling attack. Red Hat has released updates to fix the vulnerabilities. For more information, see:...
Vulnerabilities fixed in Intel processors and -chipsets
Intel has fixed vulnerabilities in several processors and chipsets. A local malicious party could potentially exploit them to cause a denial-of-service, gain gain access to system data or obtain elevated privileges. For the vulnerability with reference CVE-2021-33149 no security updates have been...
Vulnerability fixed in Microsoft Exchange Server
A vulnerability has been fixed in Microsoft Exchange Server. The vulnerability allows an authenticated malicious party to obtain obtain elevated privileges. To exploit the vulnerability the malicious party must have access to the Exchange Server and be authenticated with elevated privileges. If t...
Vulnerabilities fixed in Adove InDesign
Adobe has fixed vulnerabilities in InDesign. The vulnerabilities allow a malicious person to execute arbitrary code execute with application privileges. To do this, the malicious party induces the victim to open a rogue file open. Adobe has released updates to fix the vulnerabilities. For more...
Vulnerabilities fixed in Adobe Framemaker
Adobe has fixed vulnerabilities in Framemaker. The vulnerabilities allow a malicious party to cause a denial-of-service or execute arbitrary code under privileges of the application. To do this, the malicious party must persuade the victim to open a rogue file. Adobe has released updates to fix t...
Vulnerabilities fixed in Oracle Enterprise Linux kernel
Oracle has fixed vulnerabilities in the Oracle Linux kernel. The vulnerabilities allow a local malicious person to cause a denial-of-service, obtain elevated privileges or gain access to system information. Successful exploit requires authentication. -= Oracle =- Oracle has made updates available...
Vulnerability fixed in Microsoft Azure
A vulnerability has been fixed in Microsoft Azure. The vulnerability allows an authenticated malicious person to execute arbitrary code. The vulnerability is in a driver used to run in Azure Synapse pipelines and Azure Data Factory Integration Runtime IR to connect to Amazon Redshift. The malicio...
Vulnerabilities fixed in HPE Integrated Lights-Out
HPE has fixed a vulnerability in Integrated Lights-Out. The vulnerability allows an authenticated remote malicious party to able to cause a denial-of-service. Few substantive details about the vulnerability publicly available made available. HPE has released updates to fix the vulnerability. For...
Vulnerability fixed in ecdsautils
Debian has fixed a vulnerability in ecdsautils. This is a library used for cryptographic applications based based on ECDSA. The vulnerability is in functionality for validating of ECDSA signatures. The flaw causes an application considers specially crafted signatures to be valid when they are not...
Vulnerabilities fixed in Microsoft Developer Tools
Vulnerabilities have been fixed in Microsoft Developer Tools. The vulnerabilities allow a malicious party to cause a denial-of-service or to execute arbitrary code execute arbitrary code under the user's privileges. The vulnerability with reference CVE-2022-30129 allows a malicious person to...
Vulnerabilities fixed in Siemens products
Vulnerabilities have been fixed in several Siemens products. The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Manipulation of data Circumvention of security measure...
Vulnerabilities fixed in Microsoft Office
Vulnerabilities have been fixed in Microsoft Office. The vulnerabilities allow a remote malicious person to execute arbitrary code under the user's privileges or to bypass a security measure. Microsoft Office Excel: |----------------|------|-------------------------------------| | CVE ID | CVSS |...
Vulnerabilities fixed in Microsoft Windows
Microsoft has fixed several vulnerabilities in Windows. The vulnerabilities potentially enable a malicious person to launch attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Circumvention of authentication Remote code execution Administrator/SYSTEM...
Vulnerabilities fixed in F5 products
Vulnerabilities have been fixed in products from F5, including BIG-IP and Traffix SDC. The vulnerabilities allow a malicious able to launch attacks that result in the following categories of damage: Cross-Site Request Forgery XSRF. Cross-Site Scripting XSS Denial-of-Service DoS. Manipulation of...
Vulnerabilities fixed in Cisco TelePresence
Vulnerabilities have been fixed in Cisco TelePresence. The vulnerabilities allow an authenticated malicious party to gain gain access to sensitive data and to cause a denial-of-service. Cisco has released updates to fix the vulnerabilities. More information can be found on the page below:...
Vulnerabilities fixed in QNAP QTS, QuTS hero and QuTScloud
QNAP has fixed vulnerabilities in QTS, QuTS hero and QuTScloud. The vulnerabilities potentially enable a malicious party to execute attacks that result in the following categories of damage: Cross-Site Scripting XSS. Remote code execution User Rights Access to sensitive data Access to system data...
Vulnerabilities fixed in Aruba ClearPass Policy Manager
Aruba has fixed vulnerabilities in ClearPass Policy Manager CPPM. The vulnerabilities potentially enable a malicious person to able to perform attacks that result in the following categories of damage: Cross-Site Request Forgery XSRF Cross-Site Scripting XSS Denial-of-Service DoS. Manipulation of...
Vulnerability fixed in OpenLDAP
A vulnerability has been fixed in OpenLDAP. The vulnerability allows a malicious person to perform an SQL injection. The is a vulnerability in the back-sql backend. This backend is no longer actively supported but is still available in OpenLDAP. The developers of OpenLDAP have released updates to...
Vulnerability fixed in Aveva InTouch Access Anywhere and AVEVA Plant SCADA Access Anywhere
A vulnerability has been fixed in Aveva InTouch Access Anywhere and AVEVA Plant SCADA. The vulnerability allows an authenticated remote malicious party to execute system commands. No CVE attribute is currently available for this vulnerability. available. Aveva has released updates to fix the...
Vulnerabilities fixed in Red Hat Satellite
Vulnerabilities have been fixed in Red Hat Satellite. The vulnerabilities allow a remote malicious party to obtain obtain sensitive data or to cause a denial-of-service cause. Red Hat has released updates to fix the vulnerabilities. More information can be found on the page below:...
Vulnerabilities fixed in Splunk
Vulnerabilities have been fixed in Splunk. The vulnerabilities potentially enable a malicious person to carry out attacks leading to the following categories of damage: Cross-Site Scripting XSS. Circumvention of security measure Access to system data Increased user privileges Updates have been...
Vulnerabilities fixed in Oracle Enterprise Linux
Vulnerabilities have been fixed in the kernel of Oracle Enterprise Linux. The vulnerabilities allow a malicious person to perform attacks that result in the following categories of damage: Denial-of-Service DoS. Access to system data Increased user privileges Oracle has released updates to fix th...
Vulnerabilities fixed in FortiOS
Vulnerabilities have been fixed in FortiOS. The vulnerabilities allow a malicious person to launch attacks that lead to the following categories of damage: Cross-Site Scripting XSS. Remote code execution User Rights Access to sensitive data Access to system data Fortinet has released updates to...
Vulnerabilities fixed in Firefox and Firefox ESR
Vulnerabilities have been fixed in Firefox and Firefox ESR. The vulnerabilities allow a malicious party to carry out attacks execute attacks that lead to the following categories of damage: Bypassing security measure. Remote code execution User rights Spoofing Accessing sensitive data Access to...
Vulnerabilities fixed in ClamAV
Vulnerabilities have been fixed in ClamAV. The vulnerabilities allow a malicious person to launch attacks that lead to the following categories of damage: Denial-of-Service DoS Remote code execution User Rights Access to system data The developers of ClamAV have released updates to address the...
Vulnerabilities fixed in the Linux kernel
Vulnerabilities have been fixed in the Linux kernel. The vulnerabilities allow a malicious person to carry out attacks execute attacks that lead to the following categories of damage: Denial-of-Service DoS. Access to system data Increased user privileges -= Debian =- Debian has made updates to...
Vulnerabilities fixed in OpenSSL
Vulnerabilities have been fixed in OpenSSL. A malicious party could potentially exploit the vulnerabilities to circumvent security measures bypass security measures, cause a denial-of-service, or execute code execute code under privileges of another process. The vulnerability with reference...
Vulnerability fixed in FortiClient
A vulnerability has been fixed in FortiClient. The vulnerability allows a malicious person with access to the system to execute or delete files with admin rights. The vulnerability is located in the FortiClient MSI installer. Fortinet has released updates to fix the vulnerability. More informatio...
Vulnerabilities fixed in Yokogawa Centum VP, ProSafe-RS and B/M9000 VP
Yokogawa has fixed vulnerabilities in Centum VP, ProSafe-RS and B/M9000 VP. The vulnerabilities potentially enable a malicious person to able to perform attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution User Rights Access t...
Vulnerabilities fixed in MariaDB
Vulnerabilities have been fixed in MariaDB. A malicious party could potentially exploit the vulnerabilities to cause a denial-of-service. To do this, the malicious party needs to execute malicious execute SQL queries on the vulnerable database server. -= Oracle =- Oracle has made updates availabl...
Vulnerabilities fixed in switches from Avaya and Aruba Networks
Researchers at cybersecurity firm Armis have discovered vulnerabilities discovered in implementations of the NanoSSL library. Armis has discovered that in certain network equipment from Aruba and Avaya error messages are not properly processed causing security problems. Previously, Armis has foun...
Vulnerabilities fixed in Android and Samsung Mobile
Google has fixed vulnerabilities in Android. In addition to the vulnerabilities fixed by Google fixed vulnerabilities, Samsung itself has fixed eighteen other vulnerabilities fixed in Samsung Mobile. The vulnerabilities potentially enable a malicious person to carry out attacks that lead to the...
Vulnerabilities fixed in GitLab Community Edition and Enterprise Edition
Vulnerabilities have been fixed in GitLab. The vulnerabilities allow a malicious person to perform attacks that lead to the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Bypassing authentication Circumvention of security measure Remote code execution User rights...
Vulnerability fixed in Progress OpenEdge
Progress has fixed a vulnerability in OpenEdge. A malicious party could, by exploiting this vulnerability, gain gain root privileges on the vulnerable system. For successful misuse requires authentication on the underlying operating system required. Progress has released updates to fix the...
Vulnerability fixed in Cisco Catalyst
A vulnerability has been fixed in Cisco Catalyst. The vulnerability is located in the IOS XE software. The vulnerability allows a locally authenticated malicious person to obtain elevated permissions and execute arbitrary code with these elevated privileges. Cisco has released updates to fix the...
Vulnerabilities fixed in Zoom
Vulnerabilities have been fixed in Zoom. The vulnerabilities allow a malicious person to carry out attacks that result in the following categories of damage: Manipulation of data Circumvention of security measure Access to sensitive data Increased user privileges Zoom has released updates to fix...
Vulnerabilities fixed in Google Chrome
Vulnerabilities have been fixed in Google Chrome. The vulnerabilities allow a malicious person to launch attacks that lead to the following categories of damage: Bypassing security measure. Remote code execution User rights Access to system data As usual, Google has made few substantive details...
Vulnerabilities fixed in node.js
Vulnerabilities have been fixed in node.js. The vulnerabilities allow a malicious party to launch attacks that lead to the following categories of damage: Denial-of-Service DoS. Remote code execution User Rights Access to system data For the vulnerability with attribute CVE-2021-44906,...
Vulnerabilities fixed in cURL
Vulnerabilities have been fixed in cURL. The vulnerabilities allow a remote malicious party potentially able to obtain sensitive data obtain or to bypass authentication. The developers of cURL have released updates to fix the vulnerabilities. More information can be found on the pages below:...
Vulnerabilities fixed in Cisco Adaptive Security Appliance
Vulnerabilities have been fixed in Cisco ASA. The vulnerabilities allow a malicious party to launch attacks that lead to the following categories of damage: Denial-of-Service DoS. Manipulation of data Spoofing Access to sensitive data Increased user privileges Cisco has released updates to fix th...
Vulnerabilities fixed in SonicOS
Vulnerabilities have been fixed in SonicOS. A malicious party could potentially exploit the vulnerabilities to cause a denial-of-service or to gain access to system data. SonicWall has issued updates to fix the vulnerabilities in SonicOS. For more information, see below:...
Vulnerabilities fixed in IBM QRadar
Vulnerabilities have been fixed in IBM QRadar. The vulnerabilities have mostly been described previously in Linux kernel security advisories. The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS...
Vulnerability fixed in SonicWall Global VPN Client
A vulnerability has been fixed in the Global VPN Client from SonicWall. This vulnerability allows a local malicious person with elevated privileges to execute arbitrary code on the system. SonicWall has released updates to fix the vulnerability. fix. For more information, see the link below:...
Vulnerabilities fixed in Netatalk
Vulnerabilities have been fixed in Netatalk. Netatalk is an open-source protocol that allows Unix systems to communicate with Apple systems. Netatalk uses the Apple Filing Protocol; the vulnerabilities found are in this protocol. The vulnerabilities allow an unauthenticated remote malicious perso...
Vulnerabilities fixed in FreeRADIUS
Two vulnerabilities have been fixed in FreeRADIUS. The vulnerabilities allow a malicious party to cause a denial-of-service or to obtain sensitive data obtain. To cause the denial-of-service, the malicious party must possess a system in the FreeRADIUS "circle of trust." The developers of FreeRADI...
Vulnerabilities fixed in IBM QRadar
Vulnerabilities have been fixed in IBM QRadar. The vulnerabilities allow a malicious person to perform attacks that lead to the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Manipulation of data Circumvention of authentication Circumventing security measures Remo...
Vulnerabilities fixed in IBM Cognos Analytics
Several vulnerabilities have been fixed in IBM Cognos Analytics. Most of the vulnerabilities are in third-party software components third-party software components included with IBM Cognos, including OpenSSL and Node.js. The vulnerabilities allow a malicious party to execute attacks that result i...
Vulnerability fixed in dnsmasq
A vulnerability has been fixed in dnsmasq.The vulnerability allows an unauthenticated remote malicious agent potentially capable of to cause a denial-of-service. -= openSUSE =- The developers of openSUSE have made updates available to fix the vulnerability in openSUSE Leap 15.3. You can install...