Lucene search
K

4207 matches found

NCSC
NCSC
•added 2022/01/20 12:0 a.m.•11 views

Vulnerability fixed in Linux kernel

A local malicious party can, by exploiting a buffer overflow vulnerability in the Linux kernel, gain elevated privileges acquire, execute arbitrary code or cause a denial of service cause a denial of service on the vulnerable system. -= Red Hat =- Red Hat has made updates available for...

8.4CVSS7.9AI score0.25151EPSS
Exploits11
NCSC
NCSC
•added 2022/01/20 12:0 a.m.•4 views

Vulnerabilities fixed in McAfee Agent

Vulnerabilities have been fixed in McAfee Agent. The vulnerabilities potentially allow a malicious party to obtain elevated privileges to obtain or execute arbitrary code with the privileges of the application. McAfee has made updates available to address the vulnerabilities. fixes. For more...

9.3CVSS7.8AI score0.02969EPSS
Exploits0
NCSC
NCSC
•added 2022/01/20 12:0 a.m.•4 views

Vulnerabilities fixed in Cisco StarOS Software

Cisco has fixed vulnerabilities in StarOS, the operating system of a series of Aggregation Services Routers ASR. Because the debug mode was misconfigured, a remote malicious party may be able to access sensitive information and may be able to execute arbitrary code under the root privileges of th...

8.1CVSS7.8AI score0.11636EPSS
Exploits0
NCSC
NCSC
•added 2022/01/20 12:0 a.m.•3 views

Vulnerabilities fixed in Google Chrome

Vulnerabilities have been fixed in Google Chrome. The vulnerabilities potentially allow a remote malicious person to execute arbitrary code to execute under the application's permissions. Google typically does not release details about the vulnerabilities but marks the vulnerability with attribut...

9.6CVSS7.2AI score0.85352EPSS
Exploits0
NCSC
NCSC
•added 2022/01/19 12:0 a.m.•3 views

Vulnerability fixed in ClamAV

A vulnerability has been fixed in ClamAV. A malicious party could potentially exploit the vulnerability to cause a denial-of-service cause by having a rogue file opened by the parser in the application. The clamscan --gen-json function must be enabled. -= ClamAV =- Cisco has released updates to f...

7.5CVSS6.6AI score0.03061EPSS
Exploits1
NCSC
NCSC
•added 2022/01/19 12:0 a.m.•7 views

Vulnerabilities fixed in Oracle E-Business Suite

Oracle has fixed vulnerabilities in the following Oracle E-Business Suite products: Configurator Time and Labor iStore Trade Management Partner Management Installed Base Sourcing Project Costing The vulnerabilities enable a malicious person to carry out attacks execute attacks that result in the...

8.1CVSS6.5AI score0.28839EPSS
Exploits1
NCSC
NCSC
•added 2022/01/19 12:0 a.m.•4 views

Vulnerabilities fixed in Oracle PeopleSoft

Oracle has fixed vulnerabilities in the following products: PeopleSoft Enterprise PeopleTools PeopleSoft Enterprise CS SA Integration Pack The vulnerabilities potentially enable a malicious party to execute attacks that result in the following categories of damage: Cross-Site Scripting XSS...

9.8CVSS8AI score0.50445EPSS
Exploits10
NCSC
NCSC
•added 2022/01/19 12:0 a.m.•6 views

Vulnerabilities fixed in Oracle Virtualization

Oracle has fixed vulnerabilities in VM VirtualBox. A malicious party needs local access rights to exploit the vulnerabilities. ------------------.------.------------------------------------- | CVE ID | CVSS | Vector |. |------------------|------|-------------------------------------| |...

6.5CVSS6.4AI score0.0066EPSS
Exploits0
NCSC
NCSC
•added 2022/01/19 12:0 a.m.•8 views

Vulnerabilities fixed in Oracle Enterprise Manager

Oracle has fixed vulnerabilities in the following products: Enterprise Manager Base Platform Application Testing Suite APM - Application Performance Management Enterprise Manager Ops Center The vulnerabilities potentially enable a malicious party to execute attacks that result in the following...

9.8CVSS6.4AI score0.23293EPSS
Exploits6
NCSC
NCSC
•added 2022/01/19 12:0 a.m.•3 views

Vulnerability fixed in Oracle Health Sciences Applications

Oracle has fixed a vulnerability in the following products: Thesaurus Management System Clinical Health Sciences Clinical Development Analytics Argus Safety Argus Insight Argus Analytics Health Sciences InForm CRF Submit Argus Mart ------------------.------.------------------------------------- |...

8.3CVSS7.3AI score0.025EPSS
Exploits5
NCSC
NCSC
•added 2022/01/19 12:0 a.m.•4 views

Vulnerability fixed in Oracle JD Edwards EnterpriseOne Tools

Oracle has fixed a vulnerability in JD Edwards EnterpriseOne Tools. ------------------.------.------------------------------------- | CVE ID | CVSS | Vector |. |------------------|------|-------------------------------------| | CVE-2021-23337 | 7.2 | AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |...

7.2CVSS7.4AI score0.2241EPSS
Exploits3
NCSC
NCSC
•added 2022/01/19 12:0 a.m.•14 views

Vulnerabilities fixed in Oracle Communications Applications

Oracle has fixed vulnerabilities in the following Oracle Communications Applications products: Communications Billing and Revenue Management Communications Offline Mediation Controller Communications Design Studio Communications Network Integrity Communications Unified Inventory Management...

10CVSS7.8AI score0.77735EPSS
Exploits12
NCSC
NCSC
•added 2022/01/19 12:0 a.m.•9 views

Vulnerabilities fixed in Oracle Financial Services Applications

Oracle has fixed vulnerabilities in the following Oracle Financial Services Applications products: Financial Services Analytical Applications Infrastructure FLEXCUBE Investor Servicing FLEXCUBE Private Banking Banking Platform Financial Services Behavior Detection Platform Financial Services...

9.8CVSS6.8AI score0.99999EPSS
Exploits34
NCSC
NCSC
•added 2022/01/19 12:0 a.m.•52 views

Vulnerabilities fixed in Oracle Fusion Middleware

Oracle has fixed vulnerabilities in the following Oracle Fusion Middleware products: Fusion Middleware HTTP Server Fusion Middleware MapViewer BI Publisher formerly XML Publisher BAM Business Activity Monitoring WebCenter Portal Business Intelligence Enterprise Edition Data Integrator WebLogic...

9.8CVSS7.6AI score0.99999EPSS
Exploits68
NCSC
NCSC
•added 2022/01/19 12:0 a.m.•16 views

Vulnerabilities fixed in Oracle Communications

Oracle has fixed vulnerabilities in the following products: Communications Services Gatekeeper Communications Service Broker Communications Session Border Controller Enterprise Session Border Controller Enterprise Communications Broker Communications Operations Monitor Communications Interactive...

9.8CVSS7.4AI score0.99999EPSS
Exploits75
NCSC
NCSC
•added 2022/01/19 12:0 a.m.•12 views

Vulnerabilities fixed in Oracle Database Server

Oracle has fixed vulnerabilities in the following Oracle Database Server products: Database - Enterprise Edition Database Configuration Assistant Spatial and Graph Application Express APEX Engineered Systems Utilities The vulnerabilities allow a malicious person to carry out attacks execute attac...

7.8CVSS6AI score0.99999EPSS
Exploits22
NCSC
NCSC
•added 2022/01/19 12:0 a.m.•32 views

Vulnerabilities fixed in Oracle Systems

Oracle has fixed vulnerabilities in the following products: Solaris Operating System Sun ZFS Storage Appliance Kit AK Software Sun ZFS Storage Application Integration Engineering Software Fujitsu SPARC Servers Firmware The vulnerability with CVE attribute CVE-2021-2351 allows for an unauthorized...

8.6CVSS8.3AI score0.50732EPSS
Exploits7
NCSC
NCSC
•added 2022/01/19 12:0 a.m.•7 views

Vulnerabilities fixed in Oracle Essbase

Oracle has fixed vulnerabilities in the following products: Hyperion Essbase Hyperion Essbase Administration Services The vulnerabilities potentially enable a malicious party to perform attacks that result in the following categories of damage: Denial-of-Service DoS Remote code execution...

9.9CVSS8.6AI score0.87816EPSS
Exploits2
NCSC
NCSC
•added 2022/01/19 12:0 a.m.•4 views

Vulnerability fixed in Oracle Java SE and GraalVM Enterprise Edition

Oracle has fixed vulnerabilities in the following products: Java SE JDK and JRE GraalVM Enterprise Edition The vulnerabilities potentially enable a malicious party to execute attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Circumvention of...

6.5CVSS6.8AI score0.08346EPSS
Exploits1
NCSC
NCSC
•added 2022/01/19 12:0 a.m.•11 views

Vulnerabilities fixed in Oracle Supply Chain

Oracle has fixed vulnerabilities in the following products: Demantra Demand Management Agile Engineering Data Management Agile PLM MCAD Connector Agile PLM Framework Agile Product Lifecycle Management Integration Pack for Oracle E-Business Suite Rapid Planning Product Lifecycle Analytics The...

8.3CVSS9.4AI score0.75353EPSS
Exploits6
NCSC
NCSC
•added 2022/01/19 12:0 a.m.•5 views

Vulnerabilities fixed in Oracle Siebel CRM

Oracle has fixed vulnerabilities in the Siebel UI Framework product. ------------------.------.------------------------------------- | CVE-ID | CVSS | Vector |. |------------------|------|-------------------------------------| | CVE-2021-2351 | 8.3 | AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H | |...

8.5CVSS9.4AI score0.97906EPSS
Exploits14
NCSC
NCSC
•added 2022/01/19 12:0 a.m.•41 views

Vulnerabilities fixed in Oracle MySQL

Oracle has fixed vulnerabilities in the following products: MySQL Workbench MySQL Server MySQL Cluster MySQL Connectors The vulnerabilities potentially enable a malicious party to execute attacks that result in the following categories of damage: Denial-of-Service DoS Remote code execution...

7.5CVSS7.1AI score0.78951EPSS
Exploits1
NCSC
NCSC
•added 2022/01/19 12:0 a.m.•11 views

Vulnerabilities fixed in Oracle Construction and Engineering

Oracle has fixed vulnerabilities in the following products: Primavera P6 Enterprise Project Portfolio Management Primavera P6 Professional Project Management Primavera Portfolio Management Primavera Data Warehouse Primavera Analytics Primavera Unifier Instantis EnterpriseTrack Primavera Gateway T...

9.8CVSS9.5AI score0.99999EPSS
Exploits34
NCSC
NCSC
•added 2022/01/18 12:0 a.m.•6 views

Vulnerabilities fixed in Expat

Developers have fixed vulnerabilities in Expat. The vulnerabilities allow a remote malicious person to perform a Denial-of-Service. To do this, the malicious party must send an XML tag with an overflow of attributes to the vulnerable XML server send or trigger an integer overflow on various...

9.8CVSS9.5AI score0.04829EPSS
Exploits2
NCSC
NCSC
•added 2022/01/18 12:0 a.m.•10 views

Vulnerability fixed in Zoho ManageEngine Desktop Central

Zoho has fixed a vulnerability in ManageEngine Desktop Central. Desktop Central is a solution used by administrators to remotely manage devices within an organization. manage. The vulnerability makes it possible for a malicious person to bypass authentication and execute arbitrary code under the...

9.1CVSS7.3AI score0.24195EPSS
Exploits0
NCSC
NCSC
•added 2022/01/18 12:0 a.m.•6 views

Vulnerabilities fixed in Gitlab

Vulnerabilities have been fixed in Gitlab. The vulnerabilities allow a malicious person to perform attacks that lead to the following categories of damage: Cross-Site Request Forgery XSRF. Cross-Site Scripting XSS Denial-of-Service DoS. Bypassing authentication Spoofing Accessing sensitive data O...

8.7CVSS6.3AI score0.01449EPSS
Exploits1
NCSC
NCSC
•added 2022/01/13 12:0 a.m.•5 views

Vulnerabilities fixed in Schneider Electric products

Schneider Electric has fixed vulnerabilities in Modicon products. The vulnerabilities allow an unauthenticated malicious person able to cause a denial-of-service or gain access to sensitive data. Schneider Electric has released updates to address the vulnerabilities. fixes. For more information,...

8.8CVSS6.8AI score0.0093EPSS
Exploits0
NCSC
NCSC
•added 2022/01/13 12:0 a.m.•4 views

Vulnerabilities fixed in Ghostscript

Vulnerabilities have been fixed in Ghostscript. A malicious person could potentially exploit the vulnerability to cause a denial-of-service cause. To do this, a specially prepared PostScript file to be processed by the Ghostscript instance. Because Ghostscript is commonly used on print servers in...

5.5CVSS6.6AI score0.01401EPSS
Exploits2
NCSC
NCSC
•added 2022/01/13 12:0 a.m.•5 views

Vulnerabilities fixed Juniper Junos OS

Juniper has fixed several vulnerabilities in Junos OS. The vulnerabilities allow a malicious party to carry out attacks execute attacks that lead to the following categories of damage: Denial-of-Service DoS. Circumvention of security measure Spoofing Increased user privileges Because these are...

9.8CVSS6.9AI score0.01137EPSS
Exploits1
NCSC
NCSC
•added 2022/01/13 12:0 a.m.•9 views

Vulnerabilities fixed in Cisco products

Vulnerabilities have been fixed in Cisco products. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Cross-Site Scripting XSS. Access to sensitive data Increased user privileges Cisco has released updates to fix the...

9.6CVSS6.1AI score0.01649EPSS
Exploits1
NCSC
NCSC
•added 2022/01/13 12:0 a.m.•11 views

Vulnerabilities fixed in Citrix Hypervisor

Several security issues have been fixed in Citrix Hypervisor, which may cause the host to crash or become un responsive. Citrix has released updates to fix the vulnerabilities. More information can be found on the page below: https://support.citrix.com/article/CTX335432...

8.8CVSS9AI score0.00333EPSS
Exploits0
NCSC
NCSC
•added 2022/01/12 12:0 a.m.•41 views

Vulnerabilities fixed in Adobe products

Adobe has fixed vulnerabilities in several of its products. The vulnerabilities potentially enable a malicious person to execute attacks that result in the following categories of damage: Denial-of-Service DoS Circumvention of security measure Remote code execution User rights Increased user...

9.3CVSS8.9AI score0.57304EPSS
Exploits3
NCSC
NCSC
•added 2022/01/12 12:0 a.m.•2 views

Vulnerabilities fixed in Mozilla Firefox, Firefox ESR and Thunderbird

Vulnerabilities have been fixed in Mozilla Firefox, Firefox ESR and Thunderbird. The vulnerabilities allow a malicious person to perform attacks that result in the following categories of damage: Denial-of-Service DoS Circumvention of security measure Remote code execution User Rights Spoofing...

10CVSS7.6AI score0.01344EPSS
Exploits9
NCSC
NCSC
•added 2022/01/11 12:0 a.m.•4 views

Vulnerability fixed in Siemens SIPROTEC systems

Siemens has fixed a vulnerability in SIPROTEC 5 systems. The vulnerability allows an unauthenticated malicious person to read information from the system. The vulnerability is located in the Web component of systems based on CPU variants CP050, CP100 and CP300. To exploit the vulnerability, the...

7.5CVSS6.7AI score0.00968EPSS
Exploits0
NCSC
NCSC
•added 2022/01/11 12:0 a.m.•6 views

Vulnerability fixed in Microsoft Developer Tools

Microsoft has fixed a vulnerability in the .NET Framework. A malicious person with access to the network can exploit the vulnerability potentially exploit it to launch a denial-of-service attack. .NET Framework: |----------------|------|-------------------------------------| | CVE ID | CVSS |...

7.5CVSS6.2AI score0.03052EPSS
Exploits0
NCSC
NCSC
•added 2022/01/11 12:0 a.m.•12 views

Vulnerabilities fixed in SAP products

Vulnerabilities have been fixed in SAP products. The vulnerabilities enable a malicious person to launch attacks that lead to the following categories of damage: Cross-Site Scripting XSS. Remote code execution Administrator/Root rights Access to sensitive data SAP has released updates to address...

10CVSS6.7AI score0.99999EPSS
Exploits355
NCSC
NCSC
•added 2022/01/11 12:0 a.m.•24 views

Vulnerabilities fixed in Microsoft Dynamics

Microsoft has fixed vulnerabilities in Microsoft Dynamics. The vulnerabilities allow a malicious party to launch a Cross-Site Scripting attack and the malicious party can then impersonate then impersonate another user. Microsoft Dynamics:...

7.6CVSS6.3AI score0.01506EPSS
Exploits0
NCSC
NCSC
•added 2022/01/11 12:0 a.m.•5 views

Vulnerabilities fixed in Microsoft Exchange Server

Microsoft has fixed vulnerabilities in Microsoft Exchange Server. The vulnerabilities allow an authenticated malicious person with access to the victim's network is able to execute arbitrary code. Overview of fixed vulnerabilities: |----------------|------|-------------------------------------| |...

9CVSS6.6AI score0.01217EPSS
Exploits0
NCSC
NCSC
•added 2022/01/11 12:0 a.m.•9 views

Vulnerabilities fixed in Microsoft Windows

Microsoft has fixed vulnerabilities in Windows. The vulnerabilities potentially enable a malicious person to launch attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Circumvention of security measure Remote code execution Administrator/Root rights...

10CVSS7.8AI score0.9279EPSS
Exploits33
NCSC
NCSC
•added 2022/01/11 12:0 a.m.•3 views

Vulnerabilities fixed in Microsoft Office

Microsoft has fixed vulnerabilities in Microsoft Office. The vulnerabilities potentially allow a malicious person to launch attacks execute attacks that result in the following categories of damage: Remote code execution User privileges. Access to sensitive data Increased user privileges The...

9.3CVSS7.7AI score0.02924EPSS
Exploits0
NCSC
NCSC
•added 2022/01/10 12:0 a.m.•3 views

Vulnerabilities fixed in WordPress

WordPress developers have fixed several vulnerabilities fixed. A remote malicious party could remotely exploit these vulnerabilities potentially exploit them to perform a Cross-Site Scripting XSS attack and perform SQL Injection. WordPress developers have released updates to fix the...

7.5AI score
Exploits0
NCSC
NCSC
•added 2022/01/07 12:0 a.m.•6 views

Vulnerability fixed in IBM AIX

IBM has fixed a vulnerability in AIX. A local malicious party can, through manipulation of the mount command execute arbitrary code, possibly with elevated privileges up to root privileges. IBM has released updates to fix the vulnerability in AIX v 7.1 and 7.2. For more information, see:...

8.4CVSS6.8AI score0.00286EPSS
Exploits0
NCSC
NCSC
•added 2022/01/07 12:0 a.m.•5 views

Vulnerability fixed in H2 Database Console

A vulnerability has been found in the Console component of H2 Database. This vulnerability allows a local malicious person to to execute arbitrary code under application privileges. Researchers at JFrog found this vulnerability during additional research on Java vulnerabilities following Log4j. S...

10CVSS7.4AI score0.63211EPSS
Exploits3
NCSC
NCSC
•added 2022/01/06 12:0 a.m.•7 views

Vulnerabilities fixed in SonicOS

SonicWall has fixed two vulnerabilities in SonicOS. A remote malicious party could potentially exploit the vulnerabilities to cause a denial-of-service or execute arbitrary code execute arbitrary code on the underlying system with the privileges of the logged-in user. To accomplish this, the...

8.8CVSS7.9AI score0.01939EPSS
Exploits0
NCSC
NCSC
•added 2022/01/06 12:0 a.m.•2 views

Vulnerability fixed in Roundcube Webmail

A vulnerability has been fixed in Roundcube Webmail. A malicious party could exploit the vulnerability to perform a Cross-Site Scripting XSS attack. Such an attack can lead to the execution of arbitrary script code in the browser with which the user opens a rogue e-mail. Roundcube has released...

6.1CVSS6.2AI score0.01045EPSS
Exploits0
NCSC
NCSC
•added 2022/01/05 12:0 a.m.•4 views

Rootkit found in HPE iLO environments

Security researchers at AmnPardaz have published an investigation published about a rootkit found in HPE iLO systems. The malware, called "iLOBleed," was used, among other things, to to wipe a system's hard drives. Because the iLO subsystem has exceptionally high privileges, compromising it means...

6.5AI score
Exploits0
NCSC
NCSC
•added 2022/01/05 12:0 a.m.•4 views

Vulnerability fixed in Atlassian Jira

A vulnerability has been fixed in Atlassian Jira Server and Jira Data Center. A malicious party could exploit the vulnerability to performing a Cross-Site Scripting XSS attack. A such attack can result in the execution of arbitrary script code in the browser used to visit the application. To do...

6.1CVSS6.2AI score0.55364EPSS
Exploits0
NCSC
NCSC
•added 2022/01/05 12:0 a.m.•4 views

Vulnerabilities fixed in Google Chrome

Vulnerabilities have been fixed in Google Chrome. The vulnerabilities potentially enable a malicious person to carry out attacks leading to the following categories of damage: Denial-of-Service DoS Circumvention of security measure Remote code execution User rights Google has made few technical...

9.6CVSS7.4AI score0.015EPSS
Exploits19
NCSC
NCSC
•added 2022/01/05 12:0 a.m.•7 views

Vulnerabilities fixed in Google Android

Vulnerabilities have been fixed in Google Android. The vulnerabilities allow a malicious person to carry out attacks execute attacks that can lead to the following categories of damage: Denial-of-Service DoS Access to sensitive data Increased user privileges This update also fixes vulnerabilities...

10CVSS8.6AI score0.0215EPSS
Exploits1
NCSC
NCSC
•added 2022/01/04 12:0 a.m.•6 views

Vulnerabilities fixed in HCL Technologies Digital Experience

A Server Side Request Forgery SSRF vulnerability has been fixed in HCL Technologies Digital Experience formerly known as IBM WebSphere Portal. The vulnerability potentially allows a malicious person able to gain access to systems that they initially should not have access to. The researchers who...

7.5CVSS8.8AI score0.01666EPSS
Exploits1
Total number of security vulnerabilities4207