Lucene search
K

4207 matches found

NCSC
NCSC
•added 2021/11/09 12:0 a.m.•6 views

Vulnerabilities fixed in Microsoft Office

Microsoft has fixed vulnerabilities in Microsoft Office. The vulnerabilities allow a malicious party to execute arbitrary execute arbitrary code under user privileges or circumvent a security measure to bypass Excel. The vulnerability with reference CVE-2021-42292 has been actively exploited...

7.8CVSS7.4AI score0.31949EPSS
Exploits1
NCSC
NCSC
•added 2021/11/09 12:0 a.m.•5 views

Vulnerabilities fixed in SAP products

SAP has fixed vulnerabilities in the following products: SAP ABAP Platform Kernel SAP Commerce SAP ERP Financial Accounting SAP ERP HCM Portugal SAP Focused SAP GUI for Windows SAP NetWeaver Application Server for ABAP and ABAP Platform. SAP Solution Manager The vulnerabilities potentially enable...

8.8CVSS6.8AI score0.02647EPSS
Exploits0
NCSC
NCSC
•added 2021/11/09 12:0 a.m.•47 views

Vulnerability fixed in Microsoft SQL Server

Microsoft has fixed a vulnerability in Microsoft SQL Server. The vulnerability allows a malicious party to launch Cross-Site Scripting XSS and Cross-Site Request Forgery CSRF attack. execute. By combining the two methods, an attacker can execute arbitrary code on the server under the privileges o...

9.6CVSS7.2AI score0.0062EPSS
Exploits0
NCSC
NCSC
•added 2021/11/09 12:0 a.m.•2 views

Vulnerabilities found in RPKI validators

Researchers at the University of Twente have found vulnerabilities found in several RPKI validators. RPKI validators are used to validate that a route propagated via BGP originates from an AS that is authorized to distribute this route. propagation. The vulnerabilities make it possible for an...

6.8AI score
Exploits0
NCSC
NCSC
•added 2021/11/09 12:0 a.m.•6 views

Vulnerabilities fixed in Citrix ADC, Gateway and SD-WAN WANOP Edition

Citrix has fixed two vulnerabilities in Citrix Application Delivery Controller ADC, Citrix Gateway and Citrix SD-WAN WANOP Edition. The vulnerabilities allow a remote malicious party to able to cause a denial-of-service DoS. The vulnerability with reference CVE-2021-22955 is located in Citrix ADC...

7.5CVSS9.2AI score0.00894EPSS
Exploits0
NCSC
NCSC
•added 2021/11/09 12:0 a.m.•5 views

Vulnerabilities fixed in Siemens SIMATIC WINCC

Siemens has fixed vulnerabilities in WinCC. A authenticated malicious person could exploit the vulnerabilities to execute a "Path Traversal" and thus appropriate elevated privileges, read and write arbitrary files and manipulate write and thereby manipulate data and/or gain access gain access to...

9.9CVSS7.1AI score0.01233EPSS
Exploits0
NCSC
NCSC
•added 2021/11/09 12:0 a.m.•8 views

Vulnerabilities fixed in Microsoft Azure products

Microsoft has fixed vulnerabilities in Azure products. The vulnerabilities allow a malicious party to gain elevated permissions and to obtain sensitive data. Azure RTOS: |----------------|------|-------------------------------------| | CVE ID | CVSS | Impact |...

7.2CVSS6.4AI score0.01211EPSS
Exploits0
NCSC
NCSC
•added 2021/11/09 12:0 a.m.•4 views

Vulnerability fixed in Draytek VigorConnect

Draytek has fixed a vulnerability in VigorConnect, the management software for Draytek networking equipment. A unauthenticated malicious person could exploit the vulnerability to download arbitrary files from the vulnerable system and thus gather information about the underlying system. The...

7.8CVSS6.7AI score0.69248EPSS
Exploits1
NCSC
NCSC
•added 2021/11/09 12:0 a.m.•5 views

Vulnerability fixed in Microsoft Dynamics

Microsoft has fixed a vulnerability in Microsoft Dynamics. The vulnerability allows a malicious person to execute arbitrary execute arbitrary code under the application's permissions. The following table summarizes the vulnerability. |----------------|------|-------------------------------------|...

8.8CVSS7.5AI score0.02146EPSS
Exploits0
NCSC
NCSC
•added 2021/11/09 12:0 a.m.•2 views

Vulnerabilities fixed in Microsoft Exchange Server

Microsoft has fixed vulnerabilities in Microsoft Exchange Server. The vulnerabilities potentially enable a malicious person to able to launch attacks that result in the following categories of damage: Impersonating another user Executing arbitrary code Administrator/Root privileges Microsoft...

8.8CVSS6.9AI score0.93877EPSS
Exploits12
NCSC
NCSC
•added 2021/11/09 12:0 a.m.•56 views

Vulnerabilities fixed in Nucleus NET stack

Forescout researchers have found 13 vulnerabilities in the Siemens Nucleus NET stack. This is a network stack that is used by both Siemens products as well as products from other vendors used. The vulnerabilities have collectively been named "NUCLEUS:13." assigned. The vulnerabilities were found ...

9.8CVSS7AI score0.03031EPSS
Exploits0
NCSC
NCSC
•added 2021/11/09 12:0 a.m.•33 views

Vulnerabilities fixed in Mirosoft Windows

Microsoft has fixed vulnerabilities in Windows. The vulnerabilities potentially enable a malicious person to launch attacks execute attacks that result in the following categories of damage: Increased user privileges. Remote code execution User Rights Denial-of-Service DoS. Circumvention of...

9CVSS7.2AI score0.74265EPSS
Exploits10
NCSC
NCSC
•added 2021/11/09 12:0 a.m.•16 views

Vulnerability fixed in Microsoft Malware Protection Engine

Microsoft has fixed a vulnerability in the Microsoft Malware Protection Engine as used by Windows Defender and Microsoft System Center Endpoint Protection. The vulnerabilities allow a malicious person to execute arbitrary code. The following table lists the vulnerabilities...

9.3CVSS7.3AI score0.05293EPSS
Exploits0
NCSC
NCSC
•added 2021/11/09 12:0 a.m.•13 views

Vulnerabilities fixed in Microsoft Developer Tools

Microsoft has fixed multiple vulnerabilities in Visual Studio and Visual Studio Code. The vulnerabilities allow a malicious person able to execute arbitrary code under the privileges of the user and obtain elevated privileges. Below is a summary of the various vulnerabilities described by compone...

9.8CVSS8.5AI score0.87816EPSS
Exploits1
NCSC
NCSC
•added 2021/11/09 12:0 a.m.•70 views

Vulnerabilities fixed in Siemens SCALANCE

Siemens has fixed vulnerabilities in Siemens SCALANCE products. A malicious party could exploit the vulnerabilities to cause a denial-of-service, or to gain access to sensitive data. Siemens is still working on fixes for several SCALANCE products that are vulnerable. For when updates are not yet...

10CVSS7.3AI score0.02957EPSS
Exploits0
NCSC
NCSC
•added 2021/11/08 12:0 a.m.•4 views

Vulnerability fixed in Cisco Small Business Series Switches

Cisco has fixed a vulnerability in several Small Business Series Switches. The vulnerability allows an unauthenticated malicious person with access to the management interface to obtain obtain administrator privileges. Successful exploitation requires a man-in-the-middle position between the...

8.1CVSS6.8AI score0.01617EPSS
Exploits0
NCSC
NCSC
•added 2021/11/08 12:0 a.m.•4 views

Vulnerabilities fixed in Redis

Vulnerabilities have been fixed in Redis. The vulnerabilities allow an unauthenticated malicious person potentially able to launch attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS. Remote code execution User Rights Access to sensitive data Access to...

9CVSS7.6AI score0.31049EPSS
Exploits0
NCSC
NCSC
•added 2021/11/08 12:0 a.m.•6 views

Vulnerability fixed in IBM MQ

A vulnerability has been fixed in IBM MQ. The vulnerability allows a remote malicious person to perform a denial-of-service DoS execution. IBM has released updates to fix the vulnerability. More information can be found on the page below: https://www.ibm.com/support/pages/node/6513681...

6.5CVSS6.7AI score0.00909EPSS
Exploits0
NCSC
NCSC
•added 2021/11/05 12:0 a.m.•7 views

Vulnerabilities fixed in HP LaserJet

Vulnerabilities have been fixed in HP Laserjet. The vulnerabilities allow a remote malicious person to cause a denial-of-service and to bypass a security measure. circumvention. HP has released updates to fix the vulnerabilities. More information can be found on the page below:...

10CVSS7.1AI score0.01787EPSS
Exploits0
NCSC
NCSC
•added 2021/11/05 12:0 a.m.•64 views

Vulnerabilities fixed in GitLab

Vulnerabilities have been fixed in GitLab. The vulnerabilities allow a malicious person to perform attacks that lead to the following categories of damage: Denial-of-Service DoS Manipulation of data Bypassing authentication Remote code execution User rights Access to system data GitLab categorize...

8.7CVSS7.5AI score0.60729EPSS
Exploits2
NCSC
NCSC
•added 2021/11/05 12:0 a.m.•3 views

Vulnerabilities hide in Java

Vulnerabilities have been fixed in Java. The vulnerabilities allow a malicious person to perform attacks that result in the following categories of damage: Denial-of-Service DoS Circumvention of security measure Remote code execution User rights Access to sensitive data Access to system data -=...

7.5CVSS9.8AI score0.14839EPSS
Exploits0
NCSC
NCSC
•added 2021/11/05 12:0 a.m.•6 views

Vulnerability fixed in FortiWeb

A vulnerability has been fixed in FortiWeb. The vulnerability allows an unauthenticated malicious person who is in the network of the victim is able to execute arbitrary code by sending a rogue HTTP request. Fortinet made few substantive details available. Fortinet has released updates to fix the...

9.8CVSS7.1AI score0.01561EPSS
Exploits0
NCSC
NCSC
•added 2021/11/05 12:0 a.m.•6 views

Vulnerability fixed in FortiClientEMS

A vulnerability has been fixed in FortiClientEMS. The vulnerability allows an authenticated remote malicious person to to execute arbitrary code. Fortinet categorizes this vulnerability according to the CVSSv3 method with a score of 4. Fortinet has released updates to fix the vulnerability. More...

5.4CVSS6.9AI score0.00711EPSS
Exploits0
NCSC
NCSC
•added 2021/11/05 12:0 a.m.•3 views

Vulnerability fixed in systemd

A vulnerability has been fixed in systemd. The vulnerability allows a malicious party the opportunity to cause a denial-of-service cause. -= SUSE =- SUSE has made updates available to fix the vulnerability fix in SUSE 12. You can install these custom packages using 'YaST'. You can also download t...

5.5CVSS6.8AI score0.0865EPSS
Exploits2
NCSC
NCSC
•added 2021/11/04 12:0 a.m.•7 views

Fixed vulnerability in Snow Inventory Agent for Windows

A vulnerability has been fixed in Snow Inventory Agent for Windows. The vulnerability allows a locally authenticated malicious person able to manipulate data. Snow Globe has released updates to fix the vulnerability. fix. More information can be found on the page below:...

6.1CVSS6.5AI score0.00244EPSS
Exploits0
NCSC
NCSC
•added 2021/11/04 12:0 a.m.•6 views

Vulnerabilities fixed in Cisco Unified Communications

Vulnerabilities have been fixed in Cisco Unified Communications. The vulnerabilities allow a malicious party to access sensitive data or perform arbitrary actions perform under the privileges of the user being targeted. attack. Cisco has released updates to fix the vulnerabilities. More informati...

6.5CVSS7AI score0.01513EPSS
Exploits0
NCSC
NCSC
•added 2021/11/04 12:0 a.m.•6 views

Vulnerability fixed in Cisco Email Security Appliance (ESA)

A vulnerability has been fixed in Cisco Email Security Appliance. The vulnerability allows an unauthenticated remote malicious person to remotely capable of causing a denial-of-service. In order to vulnerability, a malicious party must send a rogue e-mail to the appliance. Due to insufficient inp...

7.5CVSS6.7AI score0.01248EPSS
Exploits0
NCSC
NCSC
•added 2021/11/04 12:0 a.m.•2 views

Vulnerability fixed in Ansible

A vulnerability has been fixed in Ansible. The vulnerability allows a malicious party to obtain sensitive data. -= Fedora =- Fedora has made updates available for Fedora 34. You can install these updates by using the command 'dnf' or 'yum'. More information about these updates and about possible...

5.5CVSS9.4AI score0.00384EPSS
Exploits0
NCSC
NCSC
•added 2021/11/04 12:0 a.m.•4 views

Vulnerabilities fixed in Fedora kernel

Vulnerabilities have been fixed in Fedora kernel. The vulnerabilities allow a malicious person to cause a denial-of-service cause. -= Fedora =- Fedora has made updates available for Fedora 34 and 35. You can install these updates using the command 'dnf' or 'yum'. More information about these...

7.8CVSS6.9AI score0.00354EPSS
Exploits0
NCSC
NCSC
•added 2021/11/04 12:0 a.m.•5 views

Vulnerability fixed in Cisco AnyConnect Secure Mobility Client

A vulnerability has been fixed in Cisco AnyConnect Secure Mobility Client. The vulnerability allows a locally authenticated malicious party to obtain elevated privileges. Cisco has released updates to fix the vulnerabilities. More information can be found on the page below:...

7.8CVSS6.5AI score0.00235EPSS
Exploits0
NCSC
NCSC
•added 2021/11/04 12:0 a.m.•5 views

Vulnerability fixed in Cisco Prime Infrastructure

A vulnerability has been fixed in Cisco Prime Infrastructure. The vulnerability is known as a so-called Stored-Cross-Site Scripting and allows a malicious party to execute execute malicious code in the victim's Web browser. Cisco has released updates to fix the vulnerability. More information can...

5.4CVSS6.5AI score0.0058EPSS
Exploits0
NCSC
NCSC
•added 2021/11/04 12:0 a.m.•15 views

Vulnerabilities fixed in Cisco Webex

Vulnerabilities have been fixed in Cisco Webex. The vulnerabilities marked CVE-2021-1500 and CVE-2021-40128 allow an unauthenticated remote malicious person able to trick a user to trick a user into opening a rogue Web page. The vulnerability with reference CVE-2021-40115 allows a malicious perso...

6.1CVSS6.4AI score0.00955EPSS
Exploits0
NCSC
NCSC
•added 2021/11/03 12:0 a.m.•3 views

Vulnerability fixed in php

A vulnerability has been fixed in php. The vulnerability allows a local malicious party to obtain elevated privileges. PHP developers have released updates to fix the vulnerability. More information can be found at the page below: https://www.php.net/ChangeLog-8.php8.0.12 -= Fedora =- Fedora has...

7.8CVSS6.8AI score0.01337EPSS
Exploits1
NCSC
NCSC
•added 2021/11/03 12:0 a.m.•7 views

Vulnerabilities fixed in Red Hat OpenShift

Vulnerabilities have been fixed in OpenShift. The vulnerabilities allow a malicious person to launch attacks that lead to the following categories of damage: Denial-of-Service DoS Circumvention of security measure Access to system data Red Hat categorizes these vulnerabilities according to the...

8.8CVSS6.5AI score0.10276EPSS
Exploits8
NCSC
NCSC
•added 2021/11/03 12:0 a.m.•3 views

Vulnerability fixed in Linux kernel

A vulnerability has been fixed in Linux kernel. The vulnerability allows a remote malicious person to obtain system data obtain. Updates have been released to fix the vulnerability. More information can be found on the page below: https://github.com/torvalds/linux/commit...

9.8CVSS8.7AI score0.5758EPSS
Exploits2
NCSC
NCSC
•added 2021/11/03 12:0 a.m.•3 views

Vulnerability fixed in Red Hat flatpak

Red Hat has fixed a vulnerability in flatpak. The vulnerability allows a malicious person to escape from the flatpak sandbox to escape. -= Red Hat =- Red Hat has made updates available for Red Hat Enterprise Linux 8. You can install these updates using the command 'yum'. More information about...

8.8CVSS6.6AI score0.00406EPSS
Exploits0
NCSC
NCSC
•added 2021/11/03 12:0 a.m.•2 views

Vulnerabilities verhopen in Mozilla Firefox

Vulnerabilities have been fixed in Firefox and Firefox ESR. The vulnerabilities allow a malicious party to carry out attacks execute attacks that lead to the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Circumvention of security measure Spoofing Accessing...

10CVSS6.1AI score0.0383EPSS
Exploits0
NCSC
NCSC
•added 2021/11/03 12:0 a.m.•3 views

Vulnerability fixed in HPE Proliant

Vulnerabilities have been fixed in several HPE Proliant systems. The vulnerabilities allow a malicious party to execute attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Access to sensitive data HPE has released updates to fix the vulnerability...

7.2CVSS6.9AI score0.00286EPSS
Exploits0
NCSC
NCSC
•added 2021/11/02 12:0 a.m.•6 views

Vulnerability fixed in GitLab

A vulnerability was fixed in April 2021 in GitLab Community Edition and GitLab Enterprise Edition. The vulnerability allows an unauthenticated remote malicious person able to execute arbitrary code to execute. The ExifTool built into GitLab could be exploited by the offering a rogue file to be...

10CVSS6.8AI score0.99731EPSS
Exploits30
NCSC
NCSC
•added 2021/11/02 12:0 a.m.•6 views

Vulnerability fixed in Tenable Nessus

Tenable has fixed a vulnerability in Nessus. The vulnerability allows a malicious person with limited privileges to to execute certain commands on Nessus Agent hosts. The use of these commands is normally reserved for legitimate system administrators with the required privileges. Tenable did not...

6.7CVSS7.1AI score0.00298EPSS
Exploits0
NCSC
NCSC
•added 2021/11/02 12:0 a.m.•6 views

Vulnerabilities fixed in Dell BIOS

Dell has fixed vulnerabilities in the BIOS of, among others. Optiplex, Precision and Wyse systems. The vulnerabilities allow a local, authenticated malicious person to execute arbitrary code into the System Management RAM SMRAM. Normally only a system's firmware can execute code in SMRAM. A...

7.5CVSS7.4AI score0.00319EPSS
Exploits0
NCSC
NCSC
•added 2021/11/02 12:0 a.m.•23 views

Vulnerabilities fixed in HP LaserJet printers

Vulnerabilities have been fixed in several HP printers. The vulnerability with the reference CVE-2021-39238 describes a possible buffer overflow. A malicious party could potentially exploit this vulnerability to execute arbitrary code or cause a denial-of-service. The vulnerability with the...

9.8CVSS8AI score0.12135EPSS
Exploits0
NCSC
NCSC
•added 2021/11/02 12:0 a.m.•7 views

Vulnerability fixed in NetApp ONTAP

A vulnerability has been fixed in NetApp ONTAP. The vulnerability allows a malicious party to cause a denial-of-service cause with respect to the HTTP server in ONTAP. NetApp categorizes this vulnerability according to the CVSSv3 method with a score of 5.3. NetApp has released updates to fix the...

7.5CVSS6.6AI score0.0123EPSS
Exploits0
NCSC
NCSC
•added 2021/11/02 12:0 a.m.•9 views

Vulnerabilities fixed in McAfee Data Loss Prevention

McAfee has fixed vulnerabilities in the Data Loss Prevention extension for ePolicy Orchestrator. An authenticated malicious party could exploit the vulnerabilities to perform of an SQL injection or Cross-Site Scripting XSS attack. The latter can lead to the execution of arbitrary script code in t...

8.4CVSS7.4AI score0.01044EPSS
Exploits0
NCSC
NCSC
•added 2021/11/02 12:0 a.m.•6 views

Vulnerabilities fixed in Python

Red Hat has fixed a vulnerability in Python. The vulnerability allows a remote malicious party to cause a denial-of-service exploit in the HTTP client of the victim. To do so, the malicious party must cause the victim to establish an authentication session with an HTTP server that is under contro...

6.5CVSS7AI score0.04675EPSS
Exploits1
NCSC
NCSC
•added 2021/11/02 12:0 a.m.•18 views

Vulnerabilities fixed in Google Android

Vulnerabilities have been fixed in Google Android. The vulnerabilities allow a malicious person to carry out attacks execute attacks that lead to the following categories of damage: Denial-of-Service DoS Remote code execution Administrator/Root rights Access to sensitive data Increased user...

10CVSS7.8AI score0.04447EPSS
Exploits2
NCSC
NCSC
•added 2021/11/02 12:0 a.m.•5 views

Vulnerabilities related to Unicode fixed

Researchers from the universities of Cambridge and Edinburgh have developed developed attack methods for compromising open-source software. This involves the abuse of Unicode control characters. By placing control characters in the source code at tactical places in tactical places, source code is...

8.3CVSS9.4AI score0.12205EPSS
Exploits5
NCSC
NCSC
•added 2021/11/02 12:0 a.m.•4 views

Vulnerabilities fixed in Red Hat kernel

Vulnerabilities have been fixed in Red Hat's kernel. The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Access to system data Increased user privileges -= Red Hat =- Red Ha...

8.8CVSS7.9AI score0.01476EPSS
Exploits0
NCSC
NCSC
•added 2021/11/02 12:0 a.m.•151 views

Vulnerabilities fixed in Wind River Linux

Vulnerabilities have been fixed in Wind River Linux. The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Circumvention of security measure Remote code execution Administrator/Root rights Remote...

10CVSS7.4AI score0.88497EPSS
Exploits90
NCSC
NCSC
•added 2021/11/01 12:0 a.m.•4 views

Vulnerability fixed in Atlassian Jira

Atlassian has fixed a vulnerability in Jira. The vulnerability allows an authenticated remote malicious person to opportunity to bypass a security measure. Atlassian categorizes this vulnerability according to the CVSSv3 method with a score of 4.3. Atlassian has released updates to address the...

4.3CVSS6.5AI score0.00842EPSS
Exploits0
Total number of security vulnerabilities4207