Lucene search
K

4209 matches found

NCSC
NCSC
•added 2022/04/25 12:0 a.m.•6 views

Vulnerabilities fixed in Dell PowerEdge Server

Vulnerabilities have been fixed in Dell PowerEdge Server. The vulnerabilities are located in the Broadcom Emulex HBA Manager/OneCommand Manager used in Dell PowerEdge Servers. The vulnerabilities allow a remote malicious person to able to launch attacks that result in the following categories of...

9.8CVSS7.4AI score0.02355EPSS
Exploits1
NCSC
NCSC
•added 2022/04/25 12:0 a.m.•5 views

Vulnerability fixed in WSO2 products

A serious vulnerability has been fixed in several products of WSO2. A malicious person with access to the network can exploit the exploit the vulnerability to execute arbitrary code or gain access to sensitive data. Public exploit code is available. This exploit code allows a remote malicious par...

10CVSS7.5AI score0.99999EPSS
Exploits22
NCSC
NCSC
•added 2022/04/25 12:0 a.m.•2 views

Vulnerability fixed in Red Hat OpenShift Container Platform

A vulnerability has been fixed in Red Hat OpenShift Container Platform. The vulnerability allows a remote malicious party to able to cause a denial-of-service. Red Hat has released updates to fix the vulnerability. More information can be found on the page below:...

7.5CVSS6.4AI score0.05994EPSS
Exploits0
NCSC
NCSC
•added 2022/04/21 12:0 a.m.•5 views

Vulnerability fixed in Kibana

A vulnerability has been fixed in Kibana. A malicious party could potentially exploit the vulnerability to obtain sensitive information. The vulnerability is not in the default configuration. Only Kibana installations that explicitly use Elastic Stack monitoring are potentially vulnerable. Elasti...

5.3CVSS6.6AI score0.00888EPSS
Exploits0
NCSC
NCSC
•added 2022/04/21 12:0 a.m.•3 views

Vulnerabilities fixed in MISP

Vulnerabilities have been fixed in MISP. The vulnerabilities allow a malicious person to perform attacks that result in the following categories of damage: Cross-Site Scripting XSS. Bypassing authentication Remote code execution Administrator/Root rights For these vulnerabilities, at the time of...

7.1AI score
Exploits0
NCSC
NCSC
•added 2022/04/21 12:0 a.m.•7 views

Vulnerability fixed in Jira Seraph

A vulnerability has been fixed in Jira Seraph, the web framework used for authentication within Jira. The vulnerability allows a remote malicious party to circumvent authentication bypass authentication by sending a specially prepared HTTP request to the server. The application is only vulnerable...

9.8CVSS6.9AI score0.88057EPSS
Exploits2
NCSC
NCSC
•added 2022/04/21 12:0 a.m.•9 views

Vulnerability found in Mitel MiVoice Connect

A vulnerability has been found in the Service Appliance component of MiVoice Connect. This vulnerability allows a remote malicious remote user to execute arbitrary code with the permissions with which the Service Appliance component is running. Mitel has made mitigating measures available to fix...

10CVSS7.5AI score0.56556EPSS
Exploits0
NCSC
NCSC
•added 2022/04/21 12:0 a.m.•7 views

Vulnerabilities fixed in Cisco products

Vulnerabilities have been fixed in several Cisco products. The vulnerabilities allow a malicious party to carry out attacks execute attacks that potentially result in the following categories of damage: Cross-Site Request Forgery XSRF. Cross-Site Scripting XSS Denial-of-Service DoS. Manipulation ...

8.5CVSS6.8AI score0.02054EPSS
Exploits0
NCSC
NCSC
•added 2022/04/20 12:0 a.m.•9 views

Vulnerabilities fixed in Oracle Hyperion

Oracle has fixed vulnerabilities in the following Hyperion products: Hyperion BI+ Hyperion Data Relationship Management Hyperion Financial Management Hyperion Infrastructure Technology Hyperion Planning Hyperion Profitability and Cost Management Hyperion Calculation Manager Hyperion Tax Provision...

9.8CVSS9.6AI score0.97906EPSS
Exploits11
NCSC
NCSC
•added 2022/04/20 12:0 a.m.•11 views

Vulnerabilities fixed in AWS patch solutions

Vulnerabilities have been fixed in several AWS patch solutions. These patch solutions were released by AWS to monitor for Java applications vulnerable to Log4Shell and patch these systems immediately. AWS has released three hotpatches released. A hot patch in the form of Debian or RPM packages th...

10CVSS7.6AI score0.99999EPSS
Exploits358
NCSC
NCSC
•added 2022/04/20 12:0 a.m.•10 views

Vulnerabilities fixed in Liferay

Vulnerabilities have been fixed in Liferay Portal versions 7.3.3 through through 7.4.1. The vulnerabilities allow a malicious party to perform a Cross-Site Scripting attack or unintentionally view the list of groups and sites used within the portal. Liferay has made updates available for Liferay...

5.4CVSS6.5AI score0.00731EPSS
Exploits0
NCSC
NCSC
•added 2022/04/20 12:0 a.m.•9 views

Vulnerabilities fixed in Oracle Systems

Oracle has fixed vulnerabilities in the following products: Oracle Solaris Cluster Oracle ZFS Storage Appliance Kit Oracle StorageTek ACSLS Oracle StorageTek Tape Analytics STA Oracle Solaris Oracle Ethernet Switch ES1-24 Oracle Ethernet Switch TOR-72 The vulnerabilities allow a malicious party t...

9.8CVSS7.3AI score0.99019EPSS
Exploits14
NCSC
NCSC
•added 2022/04/20 12:0 a.m.•5 views

Vulnerability fixed in Mattermost

A vulnerability has been fixed in Mattermost with versions lower than 6.5. Email invitations to a Mattermost channel or server are insufficiently invalidated when selected by an administrator. This allows a person to still participate in Mattermost channels even though access has been revoked aft...

5.8CVSS6.6AI score0.0083EPSS
Exploits1
NCSC
NCSC
•added 2022/04/20 12:0 a.m.•12 views

Vulnerabilities fixed in Oracle E-Business Suite

Oracle has fixed vulnerabilities in E-Business Suite applications. The vulnerabilities allow a malicious potentially able to launch attacks that result in the following categories of damage: Manipulation of data. Remote code execution User rights Access to sensitive data Access to system data The...

9.8CVSS9.7AI score0.97906EPSS
Exploits10
NCSC
NCSC
•added 2022/04/20 12:0 a.m.•11 views

Vulnerabilities fixed in Oracle Construction and Engineering

Oracle has fixed vulnerabilities in the following Construction and Engineering products: Primavera Unifier Instantis EnterpriseTrack The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS...

9.8CVSS9.3AI score0.97906EPSS
Exploits12
NCSC
NCSC
•added 2022/04/20 12:0 a.m.•4 views

Vulnerabilities fixed in Oracle Java SE

Oracle has fixed vulnerabilities in Java SE JDK/JRE and GraalVM Enterprise Edition. The vulnerabilities allow a malicious potentially able to launch attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Bypassing authentication Bypassing security...

7.5CVSS8AI score0.70561EPSS
Exploits8
NCSC
NCSC
•added 2022/04/20 12:0 a.m.•26 views

Vulnerabilities fixed in Oracle Enterprise Manager

Oracle has remedied vulnerabilities in the following Enterprise Manager products: Enterprise Manager Base Platform Enterprise Manager for Peoplesoft Application Testing Suite Enterprise Manager Ops Center Enterprise Manager for Storage Management The vulnerabilities allow a malicious person to...

9.8CVSS9.7AI score0.99999EPSS
Exploits21
NCSC
NCSC
•added 2022/04/20 12:0 a.m.•8 views

Vulnerabilities fixed in Oracle Virtualization

Oracle has fixed vulnerabilities in Secure Global Desktop and VirtualBox. The vulnerabilities allow a malicious party to perform attacks execute attacks that result in the following categories of damage: Server-side request forgery Denial-of-Service DoS. Manipulation of data Access to system data...

9CVSS9.5AI score0.99999EPSS
Exploits5
NCSC
NCSC
•added 2022/04/20 12:0 a.m.•13 views

Vulnerabilities fixed in Oracle Supply Chain

Oracle has fixed vulnerabilities in the following Supply Chain products: Advanced Supply Chain Planning Transportation Management Autovue for Agile Product Lifecycle Management. Agile Engineering Data Management Agile PLM MCAD Connector Agile PLM Framework Product Lifecycle Analytics The...

9.8CVSS9.9AI score0.99677EPSS
Exploits114
NCSC
NCSC
•added 2022/04/20 12:0 a.m.•14 views

Vulnerabilities fixed in Oracle MySQL

Oracle has fixed vulnerabilities in the following MySQL products: MySQL Workbench MySQL Server MySQL Cluster MySQL Connectors MySQL Enterprise Monitor The vulnerabilities potentially enable a malicious party to execute attacks that result in the following categories of damage: Denial-of-Service D...

9.8CVSS8.7AI score0.99677EPSS
Exploits132
NCSC
NCSC
•added 2022/04/20 12:0 a.m.•34 views

Vulnerabilities fixed in Oracle Financial Services Applications

Oracle has fixed vulnerabilities in the following Financial Services applications: - Oracle Banking Deposits and Lines of Credit Servicing - Oracle Banking Enterprise Default Management - Oracle Banking Loans Servicing - Oracle Banking Party Management - Oracle Banking Payments - Oracle Banking...

9.8CVSS9.3AI score0.99677EPSS
Exploits118
NCSC
NCSC
•added 2022/04/20 12:0 a.m.•6 views

Vulnerabilities fixed in Oracle Database Server

Oracle has fixed vulnerabilities in the following products: Database - Enterprise Edition Database Configuration Assistant Spatial and Graph Application Express APEX The vulnerabilities potentially enable a malicious party to execute attacks that result in the following categories of damage:...

8.2CVSS7.5AI score0.01655EPSS
Exploits1
NCSC
NCSC
•added 2022/04/20 12:0 a.m.•6 views

Vulnerability fixed in Veritas NetBackup OpsCenter and OpsCenter Analytics

A vulnerability has been fixed in Veritas NetBackup OpsCenter and OpsCenter Analytics. The vulnerability allows an authenticated remote malicious person able to perform Cross-Site ScriptingXSS. execution. Veritas has made mitigation measures and updates available to fix the vulnerability. For mor...

5.4CVSS6.8AI score0.00438EPSS
Exploits0
NCSC
NCSC
•added 2022/04/20 12:0 a.m.•50 views

Vulnerabilities fixed in Oracle Fusion Middleware

Oracle has fixed vulnerabilities in the following Fusion Middleware products: Business Intelligence Enterprise Edition Business Process Management Suite Coherence Data Integrator HTTP Server Helidon Identity Manager Identity Manager Connector Internet Directory JDeveloper Managed File Transfer...

9.8CVSS9.2AI score0.97906EPSS
Exploits28
NCSC
NCSC
•added 2022/04/20 12:0 a.m.•13 views

Vulnerabilities fixed Oracle Communications Applications

Oracle has fixed vulnerabilities in the following products: Communications Billing and Revenue Management Communications ASAP Communications IP Service Activator Communications MetaSolv Solution Communications Order and Service Management Communications Design Studio Communications Network...

10CVSS9AI score0.97906EPSS
Exploits19
NCSC
NCSC
•added 2022/04/20 12:0 a.m.•8 views

Vulnerabilities fixed in Oracle PeopleSoft

Oracle has fixed vulnerabilities in the following products: PeopleSoft Enterprise FIN Cash Management PeopleSoft Enterprise PT PeopleTools PeopleSoft Enterprise PRTL Interaction Hub PeopleSoft Enterprise CS Academic Advisement The vulnerabilities potentially enable a malicious person to execute...

8.8CVSS8.6AI score0.97906EPSS
Exploits11
NCSC
NCSC
•added 2022/04/20 12:0 a.m.•22 views

Vulnerabilities fixed in Oracle JD Edwards

Oracle has fixed vulnerabilities in the following JD Edwards products: JD Edwards EnterpriseOne Tools JD Edwards World Security The vulnerabilities allow an unauthenticated malicious person potentially able to launch attacks that result in the following categories of damage: Denial-of-Service DoS...

9.8CVSS8.6AI score0.99964EPSS
Exploits182
NCSC
NCSC
•added 2022/04/20 12:0 a.m.•65 views

Vulnerabilities fixed in Oracle Communications

Oracle has fixed vulnerabilities in the following products: Communications Services Gatekeeper Communications Session Border Controller Communications Unified Session Manager Enterprise Session Border Controller Enterprise Communications Broker Communications Operations Monitor Communications...

10CVSS6.9AI score0.99679EPSS
Exploits365
NCSC
NCSC
•added 2022/04/20 12:0 a.m.•5 views

Vulnerabilities fixed in OpenJPEG

Vulnerabilities have been fixed in OpenJPEG. The vulnerabilities allow a malicious person to perform attacks that lead to the following categories of damage: Denial-of-Service DoS Remote code execution User Rights Access to system data -= openSUSE =- The developers of openSUSE have made updates...

8.8CVSS7.8AI score0.04932EPSS
Exploits7
NCSC
NCSC
•added 2022/04/19 12:0 a.m.•4 views

Vulnerability found in 7zip for Windows

A vulnerability has been found in 7zip for Windows. This vulnerability allows a malicious person to obtain elevated privileges obtain and execute commands with these privileges. This can be accomplished by moving a file with a .7z extension to "Contents" within the "Help" menu. Within the 7z.dll ...

7.8CVSS7.4AI score0.01523EPSS
Exploits8
NCSC
NCSC
•added 2022/04/19 12:0 a.m.•23 views

Vulnerability fixed in Moxa MGate

A vulnerability has been fixed in Moxa MGate. The vulnerability allows a malicious party to gain a man-in-the-middle MITM position on the vulnerable system. Moxa has released updates to fix the vulnerability. More information can be found on the page below:...

7.4CVSS6.8AI score0.00769EPSS
Exploits0
NCSC
NCSC
•added 2022/04/19 12:0 a.m.•3 views

Vulnerabilities fixed in the Linux kernel

Several vulnerabilities have been fixed in the Linux kernel. The vulnerabilities potentially enable a malicious person to execute attacks that result in the following categories of damage: Denial-of-Service DoS Remote code execution User rights Access to system data Increased user privileges -=...

8.6CVSS7AI score0.05524EPSS
Exploits19
NCSC
NCSC
•added 2022/04/19 12:0 a.m.•20 views

Vulnerabilities fixed in Lenovo notebook BIOS

Vulnerabilities have been found in several Lenovo laptop models by researchers from security firm ESET. These vulnerabilities are Lenovo-specific, a full list of affected Lenovo laptops can be found under "Possible fixes." Two of these vulnerabilities, with attributes CVE-2021-3970 and...

7.2CVSS7AI score0.02999EPSS
Exploits1
NCSC
NCSC
•added 2022/04/19 12:0 a.m.•10 views

Vulnerability fixed in Zoho ManageEngine ADSelfService Plus

Zoho has fixed a vulnerability in ManageEngine ADSelfService Plus. An authenticated malicious person could potentially potentially exploit it to execute arbitrary code. The vulnerability is located in the password reset functionality. Systems are vulnerable only when custom scripts are enabled fo...

7.1CVSS7.4AI score0.70501EPSS
Exploits4
NCSC
NCSC
•added 2022/04/19 12:0 a.m.•6 views

Vulnerabilities fixed in Autodesk products

Autodesk has fixed vulnerabilities in several products including AutoCAD and Design Review. The vulnerabilities allow a malicious party to execute arbitrary code under rights of the application. To do this, the malicious party needs to victim to open a rogue file. Autodesk has released updates to...

7.8CVSS7.8AI score0.07734EPSS
Exploits0
NCSC
NCSC
•added 2022/04/19 12:0 a.m.•2 views

Vulnerability fixed in Cacti

A vulnerability has been fixed in Cacti. The vulnerability allows a remote malicious person to bypass authentication when using LDAP to authenticate. The developers of Cacti have fixed the vulnerability in version v.1.20. For more information, see:...

9.8CVSS6.8AI score0.03445EPSS
Exploits0
NCSC
NCSC
•added 2022/04/15 12:0 a.m.•15 views

Vulnerability fixed in VMWare Cloud Director

A vulnerability has been fixed in VMWare Cloud Director. This vulnerability allows an authenticated outside attacker with network access to the VMWare Cloud Director tenant to execute execute arbitrary code and thereby gain access to the server. gain. VMWare has made updates available for VMware...

7.2CVSS7.4AI score0.0639EPSS
Exploits0
NCSC
NCSC
•added 2022/04/15 12:0 a.m.•8 views

Vulnerabilities fixed in Juniper Junos OS

Vulnerabilities have been fixed in several Juniper products. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Circumvention of security measure. Remote code execution...

8.8CVSS7.2AI score0.01072EPSS
Exploits0
NCSC
NCSC
•added 2022/04/15 12:0 a.m.•6 views

Vulnerabilities fixed in McAfee Agent

Vulnerabilities have been fixed in McAfee Agent. The vulnerabilities potentially enable a malicious party to gain elevated privileges or access to sensitive data, or to execute arbitrary code execute arbitrary code with the application's permissions. McAfee has made updates available to address t...

8.4CVSS7.9AI score0.00936EPSS
Exploits2
NCSC
NCSC
•added 2022/04/15 12:0 a.m.•6 views

Vulnerabilities fixed in Asterisk

Vulnerabilities have been fixed in Asterisk and Certified Asterisk. These vulnerabilities potentially allow a malicious party to perform an SQL injection attack, issue arbitrary requests or download send arbitrary requests or download larger than allowed files. Asterisk has made updates available...

9.8CVSS7.5AI score0.16406EPSS
Exploits0
NCSC
NCSC
•added 2022/04/15 12:0 a.m.•3 views

Vulnerability fixed in Google Chrome

A vulnerability has been fixed in Google Chrome. A remote malicious person could potentially exploit the vulnerability to execute arbitrary code under the browser's permissions. As usual, Google has not made additional information made available about the fixed vulnerability. Google indicates tha...

8.8CVSS7.3AI score0.1372EPSS
Exploits2
NCSC
NCSC
•added 2022/04/14 12:0 a.m.•46 views

Vulnerabilities fixed in Cisco products

Vulnerabilities have been fixed in several Cisco products. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS. Remote code execution Administrator/Root privileges Increased user privileges...

10CVSS7.6AI score0.1986EPSS
Exploits0
NCSC
NCSC
•added 2022/04/14 12:0 a.m.•9 views

Vulnerability fixed in Schneider Electric Modicon M340

Schneider Electric has fixed a vulnerability in the Modicon M340 controllers. An unauthenticated remote malicious person could potentially exploit the vulnerability to cause a denial-of-service cause in the controller's Ethernet interface by sending a specific SNMP request. Schneider Electric has...

7.5CVSS7AI score0.0057EPSS
Exploits0
NCSC
NCSC
•added 2022/04/14 12:0 a.m.•5 views

Vulnerability fixed in PAN-OS

A vulnerability has been fixed in PAN-OS. A malicious person with access to the DNS proxy feature of PAN-OS software could use a Man-in-the-Middle MITM method specifically crafted traffic to the firewall causing the service to be unexpectedly restarted. restart. The vulnerability is in the...

5.9CVSS6.8AI score0.00704EPSS
Exploits0
NCSC
NCSC
•added 2022/04/14 12:0 a.m.•52 views

Vulnerabilities fixed in SAP products

Vulnerabilities have been fixed in several SAP products. The vulnerabilities allow a malicious person to carry out attacks execute attacks that lead to the following categories of damage: Cross-Site Request Forgery XSRF. Cross-Site Scripting XSS Denial-of-Service DoS. Remote code execution User...

10CVSS8.5AI score0.99677EPSS
Exploits147
NCSC
NCSC
•added 2022/04/14 12:0 a.m.•4 views

Vulnerabilities fixed in IBM Db, Db2 on OpenShift and Cloud Pak for Data

Several vulnerabilities have been fixed in IBM Db2 On Openshift and IBM Db2 and Db2 Warehouse on Cloud Pak for Data. These vulnerabilities allow an attacker to execute arbitrary code execute arbitrary code or cause a denial-of-service DoS. For the vulnerabilities with attributes CVE-2021-33196 an...

7.5CVSS9.7AI score0.061EPSS
Exploits4
NCSC
NCSC
•added 2022/04/13 12:0 a.m.•43 views

Vulnerabilities fixed in Adobe products

Adobe has fixed vulnerabilities in Acrobat, After Effects, Photoshop and Reader. The vulnerabilities allow a malicious person to able to execute arbitrary code within the context of the user. The vulnerabilities in Acrobat and Reader additionally allow a malicious party the ability to view...

9.3CVSS7.6AI score0.17804EPSS
Exploits0
NCSC
NCSC
•added 2022/04/13 12:0 a.m.•8 views

Vulnerabilities fixed in Citrix products

Citrix has fixed several vulnerabilities in Citrix SD-WAN, Storefront, Endpoint Management and Gateway Plug-in. The vulnerabilities allow a remote malicious party to cause a Denial-of-Service DoS attack. The vulnerabilities with characteristics CVE-2022-27505 and CVE-2022-27506 are located in...

9CVSS8.6AI score0.07582EPSS
Exploits0
NCSC
NCSC
•added 2022/04/13 12:0 a.m.•6 views

Vulnerabilities fixed in Apache Subversion (SVN)

Apache has fixed vulnerabilities in Subversion SVN. The vulnerabilities allow an unauthenticated remote malicious agent to remotely capable of causing a denial-of-service or obtain system information. -= SUSE =- SUSE has made updates available to fix the vulnerability in SUSE 15. fix in SUSE 15...

7.5CVSS7AI score0.09254EPSS
Exploits1
NCSC
NCSC
•added 2022/04/13 12:0 a.m.•8 views

Vulnerability fixed in Apache Struts

A vulnerability has been fixed in Apache Struts. This vulnerability allows an unauthenticated remote malicious person able to execute arbitrary code under privileges of the Struts application. OGNL evaluation must be enabled to exploit the vulnerability to be exploited. This vulnerability is an...

9.8CVSS8AI score0.95922EPSS
Exploits16
Total number of security vulnerabilities4209