4179 matches found
Vulnerability fixed in Fortinet FortiSandbox
Fortinet has fixed a vulnerability in FortiSandbox. A authenticated malicious party could potentially abuse the vulnerability to execute arbitrary code. To do so, a rogue HTTP request must be sent to the FortiSandbox appliance. sent. Fortinet has released updates to fix the vulnerability in...
Vulnerabilities fixed in Fortinet FortiClientEMS
Fortinet has fixed vulnerabilities in FortiClientEMS. The vulnerability with reference CVE-2020-15941 concerns a path traversal vulnerability. This vulnerability allows an authenticated malicious person potentially able to add or delete files on the server to add or delete files. The vulnerabilit...
Vulnerabilities discovered in Honeywell Experion
Honeywell reports having found three vulnerabilities in Experion Process Knowledge System PKS C200, C200E, C300 and ACE Controllers. An unauthenticated malicious person could potentially exploit them to cause a denial-of-service, the execute arbitrary code on the vulnerable system or to gain acce...
Vulnerabilities fixed in Squid
Two vulnerabilities have been fixed in Squid. The vulnerabilities potentially allow a remote malicious party to cause a denial-of-service DoS or gain access to sensitive data. The vulnerability with reference CVE-2021-28116 is located in the way Squid handles WCCPv2 traffic. The developers of Squ...
Vulnerabilities fixed in Mozilla Firefox
Mozilla has fixed vulnerabilities in Firefox and Firefox ESR. The vulnerabilities potentially enable a remote malicious person to able to launch attacks that result in the following categories of damage: Denial-of-Service DoS Circumvention of security measure. Remote code execution User rights On...
Vulnerabilities fixed in Google Android
Google has fixed vulnerabilities in the Android OS. A malicious party can misuse the vulnerabilities to execute arbitrary code execute arbitrary code, gain access to sensitive data or to give themselves elevated privileges. To do this, the malicious party must trick the victim into installing a...
Vulnerabilities fixed in Apache web server
Apache Foundation has fixed two vulnerabilities in the apache web server. An unauthenticated remote malicious person could vulnerabilities potentially exploit them to cause a denial-of-service, or to obtain sensitive data. The Denial-of-Service can be caused by sending a specially prepared reques...
Vulnerability fixed in Fedora
A vulnerability has been fixed in the Linux kernel as used by Fedora. A local, authenticated malicious person can gain by exploiting this vulnerability to gain elevated privileges acquire elevated privileges on the vulnerable system. Fedora has made updates available for Fedora 33 and 34. You can...
Vulnerability fixed in Sonatype Nexus
Sonatype has fixed a vulnerability in Nexus Repository. A unauthenticated malicious party could potentially gain access to sensitive information via an HTTP header injection to potentially gain access to sensitive information. Sonatype has released little further substantive information. Sonatype...
Vulnerabilities fixed in GitLab
Vulnerabilities have been fixed in GitLab. The vulnerabilities allow a malicious person to perform attacks that lead to the following categories of damage: Server Side Request Forgery SSRF. Cross-Site Scripting XSS Denial-of-Service DoS. Bypassing authentication Circumvention of security measure...
Vulnerabilities fixed in Google Chrome
Vulnerabilities have been fixed in Google Chrome. The vulnerabilities potentially allow a malicious person to execute arbitrary code under application privileges to execute arbitrary code, cause a denial-of-service and to gain access to sensitive data. Google indicates that for the vulnerabilitie...
Vulnerabilities fixed in MediaWiki
Vulnerabilities have been fixed in MediaWiki. The vulnerabilities allow a malicious person to launch attacks that lead to the following categories of damage: Cross-Site Scripting XSS. Circumvention of security measure Accessing system data MediaWiki has released updates to address the...
Vulnerabilities found in Corel products
FortiGuard Labs has found vulnerabilities in the following Corel products: Corel CorelDraw Standard Corel PDF Fusion Corel PhotoPaint Corel Presentations Corel WordPerfect A malicious party can exploit these vulnerabilities to execute arbitrary code under application privileges or to gain access ...
Vulnerabilities fixed in IBM Tivoli Netcool/OMNIbus
Vulnerabilities have been fixed in IBM Tivoli Netcool/OMNIbus. The vulnerabilities allow a malicious person to execute arbitrary code execute arbitrary code. In addition, IBM reports an unspecified vulnerability that has been fixed. IBM has released updates to fix the vulnerabilities. More...
Vulnerabilities found in Apple iOS and iPadOS
A security researcher has found three vulnerabilities in Apple iOS and iPadOS. A malicious party can exploit these vulnerabilities exploit them to gain access to sensitive data. This includes contact data stored on the device and metadata about interactions with these persons. Successful misuse...
Vulnerability fixed in IBM Aspera
A vulnerability has been fixed in IBM Aspera. The vulnerability allows a remote malicious party to perform a Cross-Site Scripting attack and thereby steal authentication cookies. IBM has released updates to fix the vulnerability. More information can be found on the page below:...
Vulnerability fixed in ArcSight Enterprise Security Manager
Micro Focus has fixed a vulnerability in ArcSight Enterprise Security Manager ESM. An authenticated malicious person at remote user could potentially exploit the vulnerability to execute arbitrary execute arbitrary code under the application's privileges. Micro Focus shared few technical details...
Vulnerabilities fixed in Ubuntu
Vulnerabilities have been fixed in Ubuntu. The vulnerabilities allow a malicious person to carry out attacks that lead to the following categories of damage: Denial-of-Service DoS Circumvention of security measure Accessing sensitive data Increased user privileges -= Ubuntu =- Canonical has made...
Vulnerabilities fixed in Debian
Vulnerabilities have been fixed in Debian. The vulnerabilities allow a malicious person to perform attacks that lead to the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution Administrator/Root rights Access to sensitive data Increased user rights -=...
Vulnerability fixed in Trend Micro ServerProtect
Trend Micro has fixed a vulnerability in ServerProtect. A unauthenticated malicious party could potentially abuse it to bypass authentication. The vulnerability has a CVSS3.1 score of 9.8 assigned. Content-wise, however, few technical details made publicly available. Trend Micro has released...
Vulnerability fixed in Chromium-based browsers
A vulnerability has been fixed in Google Chrome. The vulnerability potentially allows a remote malicious person to execute arbitrary code to execute under the user's privileges. Google has disclosed little information about the vulnerability. The vulnerability is in the "Portals" component, which...
Vulnerabilities fixed in Apple macOS & iOS
Vulnerabilities have been fixed in macOS Catalina. The vulnerability with reference CVE-2021-30869 allows a malicious person to execute execute arbitrary code with root privileges. The malicious person must install a rogue application to exploit the vulnerability. exploit. Apple indicates that...
Vulnerability fixed in OpenVPN Access Server
The vulnerability allows an unauthenticated malicious person to opportunity to execute arbitrary code on the browser of the victim. To do this, the malicious party must trick the victim into to follow a rogue hyperlink. OpenVPN has released updates to fix the vulnerability. More information can b...
Fixed vulnerability in Big-IP Access Policy Manager (APM).
The vulnerability allows an unauthenticated malicious person to opportunity to execute arbitrary code on the browser of the victim. To do this, the malicious party must trick the victim into to follow a rogue hyperlink. BIG-IP has released updates to fix the vulnerability. More information can be...
Vulnerabilities fixed in SonicWall SMA100 series
Vulnerabilities have been fixed in SonicWall SMA100 series. The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS. Remote code execution User Rights Increased user privileges SonicWall has release...
Vulnerabilities fixed in Red Hat JBoss Enterprise Application Platform 7.4.1
Vulnerabilities have been fixed in Red Hat JBoss Enterprise Application Platform 7.4.1 . The vulnerabilities allow a malicious party to perform attacks that result in the following categories of damage: Cross-Site Scripting XSS. Circumvention of security measure Remote code execution User Rights ...
Vulnerabilities fixed in sqlite3
Vulnerabilities have been fixed in sqlite. The vulnerabilities allow a malicious person to perform attacks that lead to the following categories of damage: Denial-of-Service DoS Remote code execution User Rights Access to sensitive data -= SUSE =- SUSE has made updates available to address the...
Vulnerabilities fixed in Cisco products
Vulnerabilities have been fixed in Cisco products. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS. Bypassing authentication Bypassing security measure The vulnerability with attribute...
Vulnerabilities fixed in McAfee Agent for Windows
Vulnerabilities have been fixed in McAfee Agent for Windows. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Remote code execution Administrator/Root privileges. Access to sensitive data Increased user privileges...
Vulnerability fixed in Mattermost
A vulnerability has been fixed in Mattermost. The vulnerability allows a remote malicious person to execute arbitrary code execute arbitrary code under user privileges. To do this, the malicious party must induce the victim to enter rogue code. Mattermost has released updates to fix the...
Vulnerabilities fixed in Oracle Unbreakable Enterprise kernel
Vulnerabilities have been fixed in the Oracle Linux kernel. The vulnerabilities allow a malicious person to carry out attacks execute attacks that lead to the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution User rights Access to sensitive data...
Vulnerabilities fixed in Zoho ManageEngine ADManager Plus Pro
Vulnerabilities have been fixed in ManageEngine ADManager Plus Pro. The vulnerabilities allow a malicious person to launch attacks execute attacks that result in the following categories of damage: Manipulation of data. Circumvention of security measure Remote code execution User rights Increased...
Vulnerability found in Apple macOS
A researcher has found a vulnerability in Apple MacOS. The vulnerability allows a remote malicious person to execute arbitrary code under the user's privileges. The malicious party must induce the victim to open a rogue file to open. The researcher who found the vulnerability indicates that Apple...
Vulnerabilities fixed in openSUSE kernel
Vulnerabilities have been fixed in openSUSE kernel. The vulnerabilities allow a malicious person to carry out attacks execute attacks that lead to the following categories of damage: Denial-of-Service DoS. Access to sensitive data Access to system data -= openSUSE =- The developers of openSUSE ha...
Vulnerabilities fixed in VMware vCenter Server
Vulnerabilities have been fixed in VMware vCenter Server. The vulnerabilities allow a malicious party to perform attacks execute attacks that result in the following categories of damage: Cross-Site Request Forgery XSRF. Cross-Site Scripting XSS Denial-of-Service DoS. Manipulation of data...
Vulnerabilities fixed in Google Chrome
Google has fixed vulnerabilities in Chrome. The vulnerabilities allow a malicious party to cause a denial-of-service cause and to obtain system data. Potentially, the Denial-of-Service attack could be used to execute arbitrary code. Google has released a new version to address the vulnerabilities...
Vulnerabilities fixed in Oracle MySQL
Vulnerabilities have been fixed in MySQL. The vulnerabilities allow a malicious person to perform attacks that result in the following categories of damage: Denial-of-Service DoS SQL Injection Access to sensitive data Access to system data Increased user privileges MySQL categorizes these...
Vulnerability fixed in LibTIFF
A vulnerability has been fixed in LibTIFF. The vulnerability allows a remote malicious party the ability to cause a denial-of-service to cause a denial-of-service, possibly resulting in the execution of arbitrary code. result. The developers of LibTIFF have made available a new version made...
Vulnerabilities fixed in Kubernetes
Vulnerabilities have been found and fixed in Kubernetes. The vulnerabilities allow a malicious party to circumvent a security measure to bypass and to obtain system data obtain. Kubernetes has released updates to fix a vulnerability fix and to mitigate a vulnerability. More information can you ca...
Vulnerability found in Apache OpenOffice
A vulnerability has been found in Apache OpenOffice. The vulnerability allows a remote malicious person to execute arbitrary code. The malicious party must victim to open a rogue document. More information about the vulnerability can be found in a blog post by the researcher who reported the...
Vulnerability fixed in SonicWall
A vulnerability has been fixed in SonicWall. The vulnerability allows a local malicious party to obtain elevated privileges to obtain and thus potentially execute arbitrary code. The vulnerability is located in the installer of the SonicWall VPN Global VPN Client. SonicWall has released updates t...
Vulnerability found in Redis
A vulnerability has been found in Redis. The vulnerability allows a malicious party to perform a denial-of-service. Few details have been made public yet. No patches or mitigating measures have been announced yet. More information can be found at: https://github.com/redis/redis/issues/6633...
Vulnerabilities fixed in Apple products
Vulnerabilities have been fixed in Apple products. The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Circumvention of security measure Remote code execution Administrator/Root rights Remote co...
Vulnerability fixed in AMD chipset kernel driver
AMD has fixed a vulnerability in the Windows driver for multiple chipsets. The vulnerability allows a local malicious able to obtain data. AMD categorizes this vulnerability as "medium. Proof-of-concept code is available. AMD has released updates to fix the vulnerability. More information can be...
Vulnerabilities fixed in McAfee Endpoint Security and McAfee Data Loss Prevention
Vulnerabilities have been fixed in McAfee Endpoint Security and McAfee Data Loss Prevention. The vulnerabilities allow a malicious party to conduct attacks that result in the following categories of damage: Denial-of-Service DoS. Remote code execution Administrator/Root privileges Access to syste...
Vulnerabilities fixed in Oracle Linux
Oracle has fixed vulnerabilities in its kernel. The vulnerabilities allow a malicious party to cause a denial-of-service exploit. Oracle has released updates to fix the vulnerabilities. More information can be found on the page below: https://linux.oracle.com/errata/ELSA-2021-3447.html...
Vulnerabilities fixed in SUSE kernel
SUSE has fixed vulnerabilities in its kernel. The vulnerabilities allow a malicious party to bypass a security measure. circumvention. -= SUSE =- SUSE has made updates available to fix the vulnerabilities fixes in SUSE 12 and 15. You can install these custom packages by using 'YaST'. You can also...
Vulnerabilities fixed in Tivoli Netcool/OMNIbus WebGUI
IBM has fixed vulnerabilities in Tivoli Netcool/OMNIbus WebGUI. The vulnerabilities allow a malicious party to perform a denial-of-service and to obtain sensitive information obtain. IBM categorizes these vulnerabilities using the CVSSv3 method with a highest score of 7.5. IBM has released update...
Vulnerabilities fixed in Ubuntu kernel
Vulnerabilities have been fixed in Ubuntu kernel. The vulnerabilities allow a malicious person to perform attacks that lead to the following categories of damage: Denial-of-Service DoS Manipulation of data Circumvention of security measure Accessing sensitive data Accessing system data -= Ubuntu ...
Vulnerabilities fixed in Ubuntu kernel
Vulnerabilities have been fixed in Ubuntu kernel. The vulnerabilities allow a malicious person to perform attacks that lead to the following categories of damage: Denial-of-Service DoS Manipulation of data Circumvention of security measure Remote code execution User rights Access to system data -...