Lucene search
K

4207 matches found

NCSC
NCSC
•added 2021/11/01 12:0 a.m.•25 views

Vulnerability fixed in HPE iLO

HPE has fixed a vulnerability in iLO Amplifier Pack. HPE iLO Amplifier Pack is an applicance that allows HPE iLO systems to be be managed. The vulnerability allows a malicious party to opportunity to execute arbitrary code on the HPE iLO Amplifier Pack. HPE recommends that after updating the HPE...

10CVSS7.7AI score0.13478EPSS
Exploits0
NCSC
NCSC
•added 2021/10/29 12:0 a.m.•4 views

Vulnerabilities fixed in Google Chrome

Google has fixed vulnerabilities in Google Chrome. A unauthenticated remote malicious person could exploit the vulnerabilities potentially exploit the vulnerabilities to cause a denial-of-service or execute arbitrary code with the application's permissions. Google has not published substantive...

9.6CVSS7.3AI score0.36238EPSS
Exploits5
NCSC
NCSC
•added 2021/10/28 12:0 a.m.•3 views

Vulnerability fixed in BIND

ISC has fixed a vulnerability in BIND. A unauthenticated remote malicious person could exploit it to significantly affect the performance of a BIND DNS server. impact. Abuse results in it taking longer before a client receives a response from the DNS server and also increases additionally increas...

5.3CVSS6.9AI score0.08001EPSS
Exploits0
NCSC
NCSC
•added 2021/10/28 12:0 a.m.•6 views

Vulnerabilities fixed in Juniper Junos OS

Vulnerabilities have been fixed in Junos OS and Junos OS Evolved. The vulnerabilities allow an authenticated malicious person to obtain elevated privileges. These privileges can then be exploited to perform a denial-of-service Dos attack or executing code under root. These attacks are seen as...

7.8CVSS6.8AI score0.00236EPSS
Exploits0
NCSC
NCSC
•added 2021/10/28 12:0 a.m.•63 views

Vulnerabilities fixed in Cisco Adaptive Security Appliance (ASA)

Cisco has fixed several vulnerabilities in Cisco Adaptive Security Appliance ASA. A malicious party could exploited to bypass implemented security measures, thereby thereby bypassing the functionality of the ASA, or to cause a denial-of-service attack. To exploit the vulnerabilities, the maliciou...

8.6CVSS7.1AI score0.0155EPSS
Exploits0
NCSC
NCSC
•added 2021/10/27 12:0 a.m.•4 views

Vulnerabilities fixed in Mailman

Several vulnerabilities have been fixed in Mailman, a web-based mailing list manager, that can be exploited to perform a cross-site request forgery CSRF attack. A malicious party can exploit these vulnerabilities to obtain elevated privileges or gain access to application data. -= Debian =- Debia...

8.5CVSS7.1AI score0.02698EPSS
Exploits1
NCSC
NCSC
•added 2021/10/27 12:0 a.m.•7 views

Vulnerabilities fixed in Adobe Illustrator

Adobe has fixed vulnerabilities in Adobe Illustrator. A remote malicious party could potentially exploit the vulnerabilities to cause a denial-of-service DoS, or execute arbitrary code execute arbitrary code on the system under the application's privileges. The malicious party to do this must tri...

7.8AI score
Exploits0
NCSC
NCSC
•added 2021/10/27 12:0 a.m.•42 views

Vulnerabilities fixed in Adobe Premiere Elements

Adobe has fixed vulnerabilities in Adobe Premiere Elements. A remote malicious party could potentially exploit the vulnerabilities to cause a denial-of-service DoS, or execute arbitrary code execute arbitrary code on the system under the application's privileges. The malicious party to do this mu...

9.3CVSS7.8AI score0.01603EPSS
Exploits0
NCSC
NCSC
•added 2021/10/27 12:0 a.m.•6 views

Vulnerability fixed in Adobe Lightroom

Adobe has fixed a vulnerability in Adobe Lightroom. A malicious person with access to the file system could exploit the exploit the vulnerability to obtain elevated privileges. To do so, the malicious party must entice a user with elevated privileges coax a rogue file to open. Adobe did not relea...

6.6CVSS6.7AI score0.0052EPSS
Exploits0
NCSC
NCSC
•added 2021/10/27 12:0 a.m.•12 views

Vulnerabilities fixed in Adobe Photoshop

Adobe has fixed three vulnerabilities in Adobe Photoshop. A malicious party could potentially exploit the vulnerabilities to obtain elevated privileges, or execute arbitrary code on the system under the application's permissions. The malicious must do this to trick the victim into opening a rogue...

7.8CVSS7.3AI score0.01979EPSS
Exploits0
NCSC
NCSC
•added 2021/10/27 12:0 a.m.•8 views

Vulnerabilities fixed in Apple macOS

Apple has fixed a large number of vulnerabilities in macOS Catalina, Big Sur and Monterey. The vulnerabilities allow a malicious party potentially able to launch attacks that lead to the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Manipulation of data...

9.3CVSS6.9AI score0.42674EPSS
Exploits0
NCSC
NCSC
•added 2021/10/27 12:0 a.m.•6 views

Vulnerabilities fixed in Adobe Media Encoder

Adobe has fixed vulnerabilities in Adobe Media Encoder. A malicious party could potentially exploit the vulnerabilities to cause a denial-of-service DoS, or execute arbitrary code execute arbitrary code on the system under the application's privileges. The malicious party to do this must trick th...

9.3CVSS7.8AI score0.01932EPSS
Exploits0
NCSC
NCSC
•added 2021/10/27 12:0 a.m.•5 views

Vulnerabilities fixed in Nagios XI

Nagios has fixed vulnerabilities in Nagios XI. The vulnerabilities allow an authenticated malicious person to perform perform attacks that result in the following categories of damage: Cross-Site Scripting XSS. Remote code execution Administrator/Root rights Remote code execution User rights SQL...

9CVSS7.9AI score0.88939EPSS
Exploits4
NCSC
NCSC
•added 2021/10/27 12:0 a.m.•34 views

Vulnerabilities fixed in Apple iOS and iPadOS

Apple has fixed vulnerabilities in iOS and iPadOS. The vulnerabilities potentially allow a malicious person to launch attacks execute attacks that result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Circumvention of security measure. Remote code execution...

9.3CVSS6.8AI score0.14721EPSS
Exploits0
NCSC
NCSC
•added 2021/10/27 12:0 a.m.•7 views

Vulnerabilities fixed in Adobe Bridge

Adobe has fixed vulnerabilities in Adobe Bridge. A remote malicious party could potentially exploit the vulnerabilities to cause a denial-of-service DoS, or execute arbitrary code execute arbitrary code on the system under application privileges. The malicious party to do this must trick the vict...

7.8CVSS7.8AI score0.03824EPSS
Exploits0
NCSC
NCSC
•added 2021/10/27 12:0 a.m.•10 views

Vulnerabilities fixed in Adobe InDesign

Adobe has fixed three vulnerabilities in Adobe Illustrator. A malicious party could potentially exploit the vulnerabilities to cause a denial-of-service DoS, or execute arbitrary code execute arbitrary code on the system under the application's privileges. The malicious party to do this must tric...

9.3CVSS7.8AI score0.05468EPSS
Exploits0
NCSC
NCSC
•added 2021/10/27 12:0 a.m.•5 views

Vulnerabilities fixed in Adobe After Effects

Adobe has fixed vulnerabilities in After Effects. A malicious party could potentially exploit the vulnerabilities to cause a denial-of-service DoS, or execute arbitrary code execute arbitrary code on the system under the application's privileges. The malicious party to do this must trick the vict...

9.3CVSS7.8AI score0.02315EPSS
Exploits0
NCSC
NCSC
•added 2021/10/26 12:0 a.m.•5 views

Vulnerability fixed in Juniper Junos OS

Juniper has fixed a vulnerability in Junos OS on the QFX5000 Series. The vulnerability results in potentially sensitive system information, including kernel versions, being leaked in communication between the routing engine and the packet forwarding engine. A malicious person with access to the...

5.3CVSS6.7AI score0.00815EPSS
Exploits0
NCSC
NCSC
•added 2021/10/25 12:0 a.m.•3 views

Vulnerability fixed in Discourse

A vulnerability has been fixed in Discourse. A unauthenticated remote malicious person could potentially potentially exploit it to execute arbitrary code under the rights of the application. To do so, malicious network traffic should be be sent to the /webhooks/aws endpoint. The vulnerability is...

10CVSS7.7AI score0.19812EPSS
Exploits0
NCSC
NCSC
•added 2021/10/25 12:0 a.m.•2 views

Vulnerabilities fixed in Node.js

Vulnerabilities have been fixed in Node.js. The vulnerabilities potentially allow a remote malicious party to launch an HTTP request smuggling attack. Such an attack could lead to unauthorized access to systems. Possible consequential damages may include gaining access to information or performin...

6.5CVSS6.7AI score0.02936EPSS
Exploits2
NCSC
NCSC
•added 2021/10/25 12:0 a.m.•5 views

Multiple vulnerabilities fixed in McAfee ePolicy Orchestrator

McAfee has fixed multiple vulnerabilities in McAfee ePolicy Orchestrator. The vulnerabilities allow a malicious party whether or not unauthenticated malicious person may be able to launch attacks execute attacks that result in the following categories of damage: Cross-Site Scripting XSS...

7.5CVSS7.7AI score0.75353EPSS
Exploits1
NCSC
NCSC
•added 2021/10/22 12:0 a.m.•4 views

Vulnerabilities fixed in ESET products

ESET has fixed a vulnerability in its consumer and business products for macOS. A user who is logged in can stop the ESET daemon, which disables protection disabled until the system is restarted. ESET has released updates to fix the vulnerabilities. For more information, see:...

5.5CVSS6.8AI score0.00219EPSS
Exploits0
NCSC
NCSC
•added 2021/10/22 12:0 a.m.•5 views

Vulnerabilities fixed in Atlassian Jira

Atlassian has fixed two vulnerabilities in Jira Server. A unauthenticated remote malicious person could exploit them to perform a Cross-Site-Request-Forgery attack XSRF or to gain direct gain unauthorized access to the JQL query component. Both attack methods lead to obtaining sensitive data...

6.5CVSS7.3AI score0.01272EPSS
Exploits0
NCSC
NCSC
•added 2021/10/22 12:0 a.m.•5 views

Vulnerability fixed in Pulse Connect Secure

A vulnerability has been fixed in Pulse Connect Secure. A unauthenticated administrator could potentially exploit it to cause a denial-of-service. Pulse Secure has released updates and a workaround to fix the vulnerability. For more information, see:...

7.8CVSS6.8AI score0.02123EPSS
Exploits0
NCSC
NCSC
•added 2021/10/22 12:0 a.m.•2 views

Vulnerabilities fixed in Ubuntu kernel

Vulnerabilities have been fixed in the Ubuntu Linux kernel. The vulnerabilities allow a malicious person to carry out attacks execute attacks that lead to the following categories of damage: Denial-of-Service DoS. Remote code execution Administrator/Root rights Access to sensitive data Increased...

7.8CVSS8.9AI score0.01476EPSS
Exploits3
NCSC
NCSC
•added 2021/10/22 12:0 a.m.•9 views

Vulnerabilities fixed in Microsoft Edge

Several vulnerabilities have been fixed in Microsoft Edge. A remote attacker could exploit some of these vulnerabilities exploit them to execute external code, bypass security measures and obtain sensitive information. Microsoft has made updates available that fix the described vulnerabilities...

9.6CVSS6.8AI score0.01041EPSS
Exploits0
NCSC
NCSC
•added 2021/10/21 12:0 a.m.•36 views

Vulnerability fixed in Cisco IOS XR

A vulnerability has been found in Cisco IOS XR. The vulnerability is located specifically in the DHCP functionality. It allows an unauthenticated remote malicious person able to stop the DHCP daemon process. While this process is running it is temporarily not possible to obtain a new DHCP lease...

7.8CVSS6.8AI score0.00771EPSS
Exploits0
NCSC
NCSC
•added 2021/10/21 12:0 a.m.•6 views

Vulnerabilities fixed in Cisco Identity Services Engine (ISE).

A vulnerability has been fixed in Cisco Identity Services Engine ISE. The vulnerability allows an unauthenticated malicious person able to execute arbitrary code under privileges of the application. To do this, the malicious party must trick the victim into upload a malicious file in the browser...

6.5CVSS7AI score0.00771EPSS
Exploits0
NCSC
NCSC
•added 2021/10/21 12:0 a.m.•12 views

Vulnerabilities fixed in SolarWinds products

Vulnerabilities have been fixed in SolarWinds products. The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Cross-Site Scripting XSS. Access to sensitive data Increased user privileges SolarWinds has released updates...

7.2CVSS6.3AI score0.01235EPSS
Exploits0
NCSC
NCSC
•added 2021/10/21 12:0 a.m.•46 views

Vulnerability fixed in Cisco Meeting Server

A vulnerability has been fixed in Cisco Meeting Server. The vulnerability has been labeled CVE-2021-40122 and allows an unauthenticated remote malicious party to cause a Denial-of-Service DoS attack. By sending a large amount of messages to the vulnerable API Call Bridge, a malicious party can...

7.8CVSS7AI score0.01126EPSS
Exploits0
NCSC
NCSC
•added 2021/10/20 12:0 a.m.•5 views

Vulnerabilities fixed in Oracle Essbase

Oracle has fixed vulnerabilities in Hyperion Essbase Administration Services. The vulnerabilities allow a malicious potentially be able to launch attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution User rights Access to...

10CVSS7.5AI score0.01813EPSS
Exploits0
NCSC
NCSC
•added 2021/10/20 12:0 a.m.•106 views

Vulnerabilities fixed in Oracle Fusion Middleware

Oracle has fixed vulnerabilities in the following Oracle Fusion Middleware products: HTTP Server BAM Business Activity Monitoring WebCenter Portal Business Intelligence Enterprise Edition Real-Time Decision Server Data Integrator Outside In Technology WebLogic Server Enterprise Repository...

9.8CVSS7.7AI score0.99019EPSS
Exploits15
NCSC
NCSC
•added 2021/10/20 12:0 a.m.•7 views

Vulnerabilities fixed in Nitro Pro PDF

Vulnerabilities have been fixed in Nitro Pro PDF. The vulnerabilities allow an unauthenticated remote malicious person to opportunity to execute arbitrary code under the privileges of the application. To do this, the malicious agent must trick the victim to open a malicious file. Nitro Software...

8.8CVSS7.7AI score0.15777EPSS
Exploits2
NCSC
NCSC
•added 2021/10/20 12:0 a.m.•5 views

Vulnerability fixed in Huawei S5700 switch series

Huawei has fixed a vulnerability in its S5700 switch series. A remote malicious person could exploit the vulnerability to cause a denial-of-service attack. Huawei has released updates to fix the vulnerability. More information can be found on the page below:...

7.5CVSS6.6AI score0.00655EPSS
Exploits0
NCSC
NCSC
•added 2021/10/20 12:0 a.m.•2 views

Vulnerabilities fixed in Google Chrome

Google has released version 95.0.4638.54 of Chrome for Windows, MacoOS and Linux. A malicious party could potentially exploit them to cause a Denial-of-Service, or for executing arbitrary code in the context of the browser. Google has released updates to fix the vulnerabilities in Chrome...

9.6CVSS7.3AI score0.01EPSS
Exploits0
NCSC
NCSC
•added 2021/10/20 12:0 a.m.•6 views

Vulnerabilities fixed in Oracle JD Edwards

Oracle has fixed vulnerabilities in the following JD Edwards products: JD Edwards EnterpriseOne Tools JD Edwards World Security JD Edwards EnterpriseOne Orchestrator The vulnerabilities potentially enable a malicious party to execute attacks that result in the following categories of damage:...

7.5CVSS7.3AI score0.32362EPSS
Exploits5
NCSC
NCSC
•added 2021/10/20 12:0 a.m.•8 views

Vulnerabilities fixed in Oracle Java SE and GraalVM

Oracle has fixed vulnerabilities in Java SE and GraalVM Enterprise Edition. The vulnerabilities allow a malicious potentially able to launch attacks that result in the following categories of damage: Circumvention of security measure. Denial-of-Service DoS. Remote code execution User Rights Acces...

8.6CVSS9.3AI score0.32362EPSS
Exploits6
NCSC
NCSC
•added 2021/10/20 12:0 a.m.•5 views

Vulnerabilities fixed in Oracle E-Business Suite

Oracle has fixed vulnerabilities in the following products: Operations Intelligence Applications Manager Payables Incentive Compensation Mobile Field Service Trade Management Universal Work Queue Shipping Execution Sales Offline Content Manager Applications Framework Web Analytics Deal Management...

8.5CVSS6.6AI score0.0154EPSS
Exploits0
NCSC
NCSC
•added 2021/10/20 12:0 a.m.•15 views

Vulnerabilities fixed in Oracle Communications products

Oracle has fixed vulnerabilities in the following Communications products: Communications Services Gatekeeper Communications Converged Application Server - Service Controller Communications Session Border Controller Enterprise Communications Broker Communications Operations Monitor Communications...

9.9CVSS8.6AI score0.99999EPSS
Exploits144
NCSC
NCSC
•added 2021/10/20 12:0 a.m.•6 views

Vulnerabilities fixed in Oracle Enterprise Manager

Oracle has fixed vulnerabilities in the following products: Enterprise Manager for Oracle Database Enterprise Manager Base Platform Application Testing Suite APM - Application Performance Management Enterprise Manager Ops Center The vulnerabilities potentially enable a malicious party to execute...

9.8CVSS7.5AI score0.77735EPSS
Exploits6
NCSC
NCSC
•added 2021/10/20 12:0 a.m.•6 views

Vulnerabilities fixed in Oracle Systems Solaris, ZFS Storage Appliance Kit and Ethernet switches

Oracle has fixed vulnerabilities in Solaris, ZFS Storage Appliance Kit and ES2-64 and ES2-72 switches. The vulnerabilities potentially enable a malicious party to launch attacks leading to the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution User...

9.8CVSS7.3AI score0.68067EPSS
Exploits0
NCSC
NCSC
•added 2021/10/20 12:0 a.m.•61 views

Vulnerabilities fixed in Oracle MySQL

Oracle has fixed vulnerabilities in the following MySQL products: MySQL Workbench MySQL Server MySQL Cluster MySQL Enterprise Monitor MySQL Connectors The vulnerabilities potentially enable a malicious party to execute attacks that result in the following categories of damage: Denial-of-Service D...

9.8CVSS8.5AI score0.88497EPSS
Exploits6
NCSC
NCSC
•added 2021/10/20 12:0 a.m.•49 views

Vulnerabilities fixed in Oracle Financial Services Applications

Oracle has fixed vulnerabilities in the following products: Financial Services Analytical Applications Infrastructure FLEXCUBE Core Banking Banking Platform Banking Enterprise Default Management Banking Virtual Account Management Financial Services Enterprise Case Management Banking Corporate...

9.9CVSS7.5AI score0.86503EPSS
Exploits15
NCSC
NCSC
•added 2021/10/20 12:0 a.m.•6 views

Vulnerabilities fixed in Oracle Supply Chain Suite products

Oracle has fixed vulnerabilities in the following Supply Chain Suite products: Transportation Management Autovue for Agile Product Lifecycle Management Agile PLM Framework The vulnerabilities potentially enable a malicious party to execute attacks that result in the following categories of damage...

7.8CVSS6.5AI score0.53861EPSS
Exploits1
NCSC
NCSC
•added 2021/10/20 12:0 a.m.•48 views

Vulnerabilities fixed in Oracle Database Server

Oracle has fixed vulnerabilities in the following products: Database - Enterprise Edition Spatial and Graph Application Express APEX Engineered Systems Utilities The vulnerabilities potentially enable a malicious party to execute attacks that result in the following categories of damage:...

9.8CVSS7.1AI score0.18114EPSS
Exploits8
NCSC
NCSC
•added 2021/10/20 12:0 a.m.•7 views

Vulnerabilities fixed in Oracle Virtualization products

Oracle has fixed vulnerabilities in Secure Global Desktop and VirtualBox. The vulnerabilities potentially enable a malicious person to able to perform attacks that result in the following categories of damage: Denial-of-Service DoS Gain access to VM Accessing sensitive data Accessing system data...

7.8CVSS9.1AI score0.75353EPSS
Exploits1
NCSC
NCSC
•added 2021/10/20 12:0 a.m.•7 views

Vulnerabilities fixed in Oracle Communications Applications

Oracle has fixed vulnerabilities in the following Communications Applications products: Communications Billing and Revenue Management Communications MetaSolv Solution Communications Offline Mediation Controller Communications Design Studio Communications Calendar Server Communications Messaging...

9.8CVSS7.1AI score0.75353EPSS
Exploits12
NCSC
NCSC
•added 2021/10/20 12:0 a.m.•9 views

Vulnerabilities fixed in Oracle Siebel CRM

Vulnerabilities have been fixed in Oracle Siebel CRM. The vulnerabilities allow a malicious party to conduct attacks execute attacks that result in the following categories of damage: Denail-Of-Service DOS. Remote code execution User Rights Provide elevated privileges Accessing sensitive data...

7.8CVSS9.2AI score0.95707EPSS
Exploits24
NCSC
NCSC
•added 2021/10/20 12:0 a.m.•8 views

Vulnerabilities fixed in Oracle Peoplesoft products

Oracle has fixed vulnerabilities in the following PeopleSoft products: PeopleSoft Enterprise PT PeopleTools PeopleSoft Enterprise CS SA Integration Pack PeopleSoft Enterprise SCM Purchasing PeopleSoft Enterprise CS Academic Advisement PeopleSoft Enterprise CS Student Records. PeopleSoft Enterpris...

9.8CVSS7.3AI score0.53336EPSS
Exploits4
NCSC
NCSC
•added 2021/10/19 12:0 a.m.•5 views

Vulnerability fixed in OTRS

A vulnerability has been fixed in OTRS. A malicious person at remote user could potentially exploit the vulnerability to cause a Denial-of-Service. OTRS uses the deprecated npm module "resolve-url-loader" which is depends on the module "postcs" and is vulnerable to the ReDoS attack. OTRS has...

5.3CVSS6.8AI score0.0354EPSS
Exploits1
Total number of security vulnerabilities4207