Lucene search
K

4207 matches found

NCSC
NCSC
•added 2021/10/19 12:0 a.m.•8 views

Vulnerabilities fixed in Trend Micro Apex One

Vulnerabilities have been fixed in Trend Micro Apex One. A malicious party could potentially exploit the vulnerability to cause a Denial-of-Service or execute arbitrary code with SYSTEM privileges. Trend Micro has released updates to address the vulnerabilities fixes in Apex One. For more...

7.8CVSS7.8AI score0.0056EPSS
Exploits0
NCSC
NCSC
•added 2021/10/15 12:0 a.m.•5 views

Vulnerability fixed in Palo Alto Networks GlobalProtect

A vulnerability has been fixed in Palo Alto Networks GlobalProtect app. A malicious party could potentially exploit it to perform a man-in-the-middle attack or to execute execute arbitrary code under SYSTEM privileges. Palo Alto Networks has released updates to fix the vulnerability fix in...

9.3CVSS7.4AI score0.01383EPSS
Exploits0
NCSC
NCSC
•added 2021/10/14 12:0 a.m.•32 views

Vulnerabilities fixed in Foxit products

Vulnerabilities have been fixed in Foxit products. The vulnerabilities allow a malicious person to carry out attacks that lead to the following categories of damage: Denial-of-Service DoS. Remote code execution User Rights Access to system data Foxit has released updates to fix the vulnerabilitie...

7.8CVSS7.4AI score0.01253EPSS
Exploits6
NCSC
NCSC
•added 2021/10/14 12:0 a.m.•4 views

Vulnerabilities fixed in Oracle Linux kernel

Vulnerabilities have been fixed in the Oracle Linux kernel. The vulnerabilities allow a malicious person to carry out attacks execute attacks that lead to the following categories of damage: Denial-of-Service DoS Circumvention of security measure Access to system data Increased user privileges...

8.8CVSS7.8AI score0.50732EPSS
Exploits0
NCSC
NCSC
•added 2021/10/14 12:0 a.m.•5 views

Vulnerabilities fixed in IBM Cognos

IBM has fixed vulnerabilities in Cognos. The vulnerabilities allow a remote malicious person to manipulate data manipulate. To do so, the malicious party must induce the victim to run rogue Java Web Start applications or rogue Java applets. execute. IBM has released updates to fix the...

5.9CVSS9AI score0.04238EPSS
Exploits0
NCSC
NCSC
•added 2021/10/14 12:0 a.m.•7 views

Vulnerabilities fixed in Juniper Junos OS

Vulnerabilities have been fixed in Juniper Junos OS. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Cross-Site Scripting XSS. Denial-of-Service DoS. Remote code execution User Rights Increased user rights Juniper...

9CVSS6.8AI score0.01129EPSS
Exploits1
NCSC
NCSC
•added 2021/10/13 12:0 a.m.•4 views

Vulnerabilities fixed in Acrobat Reader

Acrobat has fixed vulnerabilities in Acrobat Reader. A unauthenticated malicious person could potentially abuse them to obtain elevated privileges or to execute arbitrary code with application privileges. To exploit the vulnerabilities, the malicious party must entice the victim to open a rogue P...

7.8CVSS7.5AI score0.53533EPSS
Exploits0
NCSC
NCSC
•added 2021/10/13 12:0 a.m.•7 views

Vulnerability fixed in Acrobat Reader Mobile

Adobe has fixed a vulnerability in Acrobat Reader Mobile for Android. A remote malicious person could potentially exploit it to execute arbitrary code with permissions from the user. The malicious party must trick the victim into opening a rogue PDF document to open. Adobe has released updates to...

7.8CVSS7.7AI score0.03318EPSS
Exploits0
NCSC
NCSC
•added 2021/10/13 12:0 a.m.•17 views

Vulnerability fixed in SonicOS

SonicWall has fixed a vulnerability in SonicOS. A malicious party could potentially exploit the vulnerability to send a user on the vulnerable SonicWall system via a header redirection to a rogue website under the control of the malicious party's control. However, the rogue website and the...

6.1CVSS6.9AI score0.13041EPSS
Exploits4
NCSC
NCSC
•added 2021/10/13 12:0 a.m.•6 views

Vulnerabilities fixed in Adobe Connect

Adobe has fixed two vulnerabilities in Adobe Connect. A unauthenticated remote malicious person could exploit the vulnerabilities potentially exploit them to execute arbitrary code with permissions of the application. Adobe has released updates to fix the vulnerabilities in Connect 11.2.3. For mo...

9.8CVSS7.9AI score0.03419EPSS
Exploits0
NCSC
NCSC
•added 2021/10/13 12:0 a.m.•7 views

Vulnerabilities fixed in Aruba ClearPass Policy Manager

Vulnerabilities have been fixed in Aruba ClearPass Policy Manager. The vulnerabilities allow a malicious party to conduct attacks execute attacks that result in the following categories of damage: Bypassing authentication. Bypassing security measure Remote code execution Administrator/Root...

9.8CVSS8.2AI score0.03807EPSS
Exploits0
NCSC
NCSC
•added 2021/10/12 12:0 a.m.•4 views

Vulnerabilities fixed in Microsoft Dynamics

Microsoft has fixed vulnerabilities in Microsoft Dynamics. The vulnerabilities allow a malicious party to launch a Cross-Site Scripting attack and the malicious party can then impersonate then impersonate another user. Microsoft indicates That for the vulnerability with attribute CVE-2021-40457...

7.4CVSS6.6AI score0.01545EPSS
Exploits0
NCSC
NCSC
•added 2021/10/12 12:0 a.m.•7 views

Vulnerabilities fixed in SAP products

Vulnerabilities have been fixed in SAP products. The vulnerabilities enable a malicious person to launch attacks that lead to the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Circumvention of security measure. Remote code execution User rights Access to system...

9.8CVSS6.5AI score0.8383EPSS
Exploits6
NCSC
NCSC
•added 2021/10/12 12:0 a.m.•5 views

Vulnerabilities fixed in Microsoft Windows

Microsoft has fixed vulnerabilities in Windows and Hyper-V. The vulnerabilities potentially enable a malicious party to launch attacks execute attacks that lead to the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Bypassing authentication Circumvention of securit...

9CVSS6.6AI score0.73381EPSS
Exploits11
NCSC
NCSC
•added 2021/10/12 12:0 a.m.•6 views

Vulnerabilities fixed in Microsoft Office

Microsoft has fixed vulnerabilities in Office products. The vulnerabilities allow a malicious person to carry out attacks execute attacks that lead to the following categories of damage: Remote code execution User Rights Spoofing Access to sensitive data The vulnerability with reference...

8.8CVSS7.6AI score0.46339EPSS
Exploits0
NCSC
NCSC
•added 2021/10/12 12:0 a.m.•5 views

Vulnerabilities fixed in Microsoft Exchange Server

Microsoft has fixed vulnerabilities in Microsoft Exchange Server. The vulnerabilities potentially enable a malicious person to able to launch attacks that result in the following categories of damage: Denial-of-Service DoS. Impersonating another user Executing arbitrary code Administrator/Root...

9.6CVSS7.2AI score0.02674EPSS
Exploits0
NCSC
NCSC
•added 2021/10/12 12:0 a.m.•3 views

Vulnerability fixed in Apple iOS and iPadOS

Apple has fixed a vulnerability in iOS and iPadOS. A malicious party can exploit the vulnerability to execute arbitrary code execute arbitrary code with kernel privileges and thus access gain access to sensitive information or possibly install more malware install. Apple reports receiving reports...

9.3CVSS7.3AI score0.14721EPSS
Exploits0
NCSC
NCSC
•added 2021/10/12 12:0 a.m.•23 views

Vulnerability fixed in Microsoft System Center Operations Manager

Microsoft has fixed a vulnerability in System Center Operations Manager SCOM. The vulnerability allows a malicious remotely able to view files. The vulnerability is only exploitable on SCOM systems that have the web console installed. System Center:...

7.5CVSS6AI score0.02786EPSS
Exploits0
NCSC
NCSC
•added 2021/10/12 12:0 a.m.•6 views

Vulnerability fixed in Grafana Enterprise

A vulnerability has been fixed in the Snapshot functionality of Grafana. A malicious party could exploit the vulnerability to obtain sensitive information that should not have been shared with them should have been shared. Under certain circumstances, when "publicmode" is configured, an...

9.8CVSS8.2AI score0.99888EPSS
Exploits1
NCSC
NCSC
•added 2021/10/12 12:0 a.m.•7 views

Vulnerabilities fixed in Microsoft Visual Studio

Microsoft has fixed vulnerabilities in Microsoft Visual Studio. The vulnerabilities allow a malicious person to perform attacks execute attacks that result in the following categories of damage: Access to sensitive data. Spoofing, Denial-of-Service DoS The vulnerabilities with characteristics...

7.4CVSS6.2AI score0.62906EPSS
Exploits7
NCSC
NCSC
•added 2021/10/12 12:0 a.m.•51 views

Vulnerabilities fixed in Siemens products

Vulnerabilities have been fixed in Siemens products. The vulnerabilities allow a malicious person to carry out attacks that lead to the following categories of damage: Cross-Site Request Forgery XSRF. Denial-of-Service DoS. Manipulation of data Circumvention of authentication Remote code executio...

10CVSS7.3AI score0.03055EPSS
Exploits1
NCSC
NCSC
•added 2021/10/11 12:0 a.m.•4 views

Vulnerability fixed in Huawei CloudEngine

Huawei has fixed a vulnerability in their CloudEngine series of switches. An unauthenticated malicious person on the same network could exploit the vulnerability to cause a denial-of-service cause. Huawei has released updates to fix the vulnerability in CloudEngine. For more information, see:...

6.5CVSS6.8AI score0.0026EPSS
Exploits0
NCSC
NCSC
•added 2021/10/08 12:0 a.m.•4 views

Vulnerabilities fixed in IBM FileNet Content manager

IBM has fixed two vulnerabilities in the PDFBox module in the FileNet Content Manager. An unauthenticated malicious person at remote can exploit the vulnerabilities to cause a denial-of-service by tricking a victim into processing a rogue PDF file or have it processed. IBM has released updates to...

5.5CVSS6.9AI score0.03445EPSS
Exploits0
NCSC
NCSC
•added 2021/10/08 12:0 a.m.•3 views

Vulnerabilities fixed in Google Chrome

Google has released version 94.0.4606.81 of Chrome for Windows, MacoOS and Linux. In this version, four vulnerabilities are fixed. A malicious party could potentially exploit them to cause a denial-of-service, or to executing arbitrary code in the context of the browser. Google has released updat...

8.8CVSS7.4AI score0.01711EPSS
Exploits1
NCSC
NCSC
•added 2021/10/07 12:0 a.m.•6 views

Vulnerability fixed in Cisco Anyconnect Secure Client

Cisco has fixed a vulnerability in Anyconnect Secure Mobility Client for linux and macOS. A locally authenticated malicious party could exploit the vulnerability to load a rogue shared library, which allows the malicious party to execute arbitrary code execute with root privileges and gain access...

7CVSS7.4AI score0.00171EPSS
Exploits0
NCSC
NCSC
•added 2021/10/07 12:0 a.m.•6 views

Vulnerability fixed in Cisco Email Security Appliance

Cisco has fixed a vulnerability in the Email Security Appliance. An unauthenticated malicious person could exploit the vulnerability to use a specially prepared URL to still bypass the URL Reputation filters and, in effect, the entire filtering system. The integrity or continuity of the Appliance...

5.8CVSS6.9AI score0.01033EPSS
Exploits0
NCSC
NCSC
•added 2021/10/07 12:0 a.m.•6 views

Vulnerabilities fixed in Cisco Identity Services Engine

Cisco has fixed vulnerabilities in the Identity Services Engine ISE. A malicious party could potentially exploit the vulnerabilities to obtain sensitive data, or execute arbitrary code with root privileges. To obtain sensitive data, the malicious party must be authenticated to the management...

9.3CVSS7.5AI score0.01398EPSS
Exploits0
NCSC
NCSC
•added 2021/10/06 12:0 a.m.•4 views

Vulnerabilities fixed in Squid

Two vulnerabilities have been fixed in Squid. The vulnerabilities potentially allow a remote malicious party to cause a denial-of-service DoS or gain access to sensitive data. The vulnerability with reference CVE-2021-28116 is located in the way Squid handles WCCPv2 traffic. The developers of Squ...

7.5CVSS7.2AI score0.13005EPSS
Exploits0
NCSC
NCSC
•added 2021/10/06 12:0 a.m.•4 views

Vulnerabilities discovered in Honeywell Experion

Honeywell reports having found three vulnerabilities in Experion Process Knowledge System PKS C200, C200E, C300 and ACE Controllers. An unauthenticated malicious person could potentially exploit them to cause a denial-of-service, the execute arbitrary code on the vulnerable system or to gain acce...

10CVSS7.4AI score0.00875EPSS
Exploits1
NCSC
NCSC
•added 2021/10/06 12:0 a.m.•23 views

Vulnerability fixed in Fortinet FortiSandbox

Fortinet has fixed a vulnerability in FortiSandbox. A authenticated malicious party could potentially abuse the vulnerability to execute arbitrary code. To do so, a rogue HTTP request must be sent to the FortiSandbox appliance. sent. Fortinet has released updates to fix the vulnerability in...

8.8CVSS7.4AI score0.0047EPSS
Exploits0
NCSC
NCSC
•added 2021/10/06 12:0 a.m.•8 views

Vulnerabilities fixed in Fortinet FortiClientEMS

Fortinet has fixed vulnerabilities in FortiClientEMS. The vulnerability with reference CVE-2020-15941 concerns a path traversal vulnerability. This vulnerability allows an authenticated malicious person potentially able to add or delete files on the server to add or delete files. The vulnerabilit...

9.8CVSS7.1AI score0.03841EPSS
Exploits0
NCSC
NCSC
•added 2021/10/06 12:0 a.m.•4 views

Vulnerability fixed in Typo3

The developers of Typo3 have fixed a vulnerability in Typo3 core. An unauthenticated malicious person could potentially exploit the vulnerability potentially exploit it to perform a Cross-site Request Forgery and thereby trick a victim into execute code under the malicious party's control. In the...

8.8CVSS7.1AI score0.00619EPSS
Exploits0
NCSC
NCSC
•added 2021/10/06 12:0 a.m.•2 views

Vulnerabilities fixed in Mozilla Firefox

Mozilla has fixed vulnerabilities in Firefox and Firefox ESR. The vulnerabilities potentially enable a remote malicious person to able to launch attacks that result in the following categories of damage: Denial-of-Service DoS Circumvention of security measure. Remote code execution User rights On...

9.8CVSS7.6AI score0.01923EPSS
Exploits0
NCSC
NCSC
•added 2021/10/05 12:0 a.m.•84 views

Vulnerabilities fixed in Google Android

Google has fixed vulnerabilities in the Android OS. A malicious party can misuse the vulnerabilities to execute arbitrary code execute arbitrary code, gain access to sensitive data or to give themselves elevated privileges. To do this, the malicious party must trick the victim into installing a...

10CVSS7.3AI score0.13186EPSS
Exploits6
NCSC
NCSC
•added 2021/10/05 12:0 a.m.•9 views

Vulnerabilities fixed in Apache web server

Apache Foundation has fixed two vulnerabilities in the apache web server. An unauthenticated remote malicious person could vulnerabilities potentially exploit them to cause a denial-of-service, or to obtain sensitive data. The Denial-of-Service can be caused by sending a specially prepared reques...

7.5CVSS7AI score0.99992EPSS
Exploits150
NCSC
NCSC
•added 2021/10/04 12:0 a.m.•9 views

Vulnerability fixed in Sonatype Nexus

Sonatype has fixed a vulnerability in Nexus Repository. A unauthenticated malicious party could potentially gain access to sensitive information via an HTTP header injection to potentially gain access to sensitive information. Sonatype has released little further substantive information. Sonatype...

8.2CVSS6.6AI score0.02322EPSS
Exploits0
NCSC
NCSC
•added 2021/10/04 12:0 a.m.•3 views

Vulnerability fixed in Fedora

A vulnerability has been fixed in the Linux kernel as used by Fedora. A local, authenticated malicious person can gain by exploiting this vulnerability to gain elevated privileges acquire elevated privileges on the vulnerable system. Fedora has made updates available for Fedora 33 and 34. You can...

7.8CVSS8.4AI score0.01719EPSS
Exploits2
NCSC
NCSC
•added 2021/10/01 12:0 a.m.•3 views

Vulnerabilities fixed in Google Chrome

Vulnerabilities have been fixed in Google Chrome. The vulnerabilities potentially allow a malicious person to execute arbitrary code under application privileges to execute arbitrary code, cause a denial-of-service and to gain access to sensitive data. Google indicates that for the vulnerabilitie...

8.8CVSS7.8AI score0.34887EPSS
Exploits1
NCSC
NCSC
•added 2021/10/01 12:0 a.m.•5 views

Vulnerabilities found in Corel products

FortiGuard Labs has found vulnerabilities in the following Corel products: Corel CorelDraw Standard Corel PDF Fusion Corel PhotoPaint Corel Presentations Corel WordPerfect A malicious party can exploit these vulnerabilities to execute arbitrary code under application privileges or to gain access ...

9.3CVSS7.5AI score0.03024EPSS
Exploits0
NCSC
NCSC
•added 2021/10/01 12:0 a.m.•10 views

Vulnerabilities fixed in GitLab

Vulnerabilities have been fixed in GitLab. The vulnerabilities allow a malicious person to perform attacks that lead to the following categories of damage: Server Side Request Forgery SSRF. Cross-Site Scripting XSS Denial-of-Service DoS. Bypassing authentication Circumvention of security measure...

8.7CVSS6.1AI score0.01227EPSS
Exploits1
NCSC
NCSC
•added 2021/10/01 12:0 a.m.•3 views

Vulnerabilities fixed in MediaWiki

Vulnerabilities have been fixed in MediaWiki. The vulnerabilities allow a malicious person to launch attacks that lead to the following categories of damage: Cross-Site Scripting XSS. Circumvention of security measure Accessing system data MediaWiki has released updates to address the...

8.8CVSS6.1AI score0.01735EPSS
Exploits1
NCSC
NCSC
•added 2021/10/01 12:0 a.m.•2 views

Vulnerabilities fixed in IBM Tivoli Netcool/OMNIbus

Vulnerabilities have been fixed in IBM Tivoli Netcool/OMNIbus. The vulnerabilities allow a malicious person to execute arbitrary code execute arbitrary code. In addition, IBM reports an unspecified vulnerability that has been fixed. IBM has released updates to fix the vulnerabilities. More...

8.8CVSS9.3AI score0.03653EPSS
Exploits0
NCSC
NCSC
•added 2021/09/30 12:0 a.m.•7 views

Vulnerabilities found in Apple iOS and iPadOS

A security researcher has found three vulnerabilities in Apple iOS and iPadOS. A malicious party can exploit these vulnerabilities exploit them to gain access to sensitive data. This includes contact data stored on the device and metadata about interactions with these persons. Successful misuse...

6.7AI score
Exploits0
NCSC
NCSC
•added 2021/09/29 12:0 a.m.•2 views

Vulnerability fixed in IBM Aspera

A vulnerability has been fixed in IBM Aspera. The vulnerability allows a remote malicious party to perform a Cross-Site Scripting attack and thereby steal authentication cookies. IBM has released updates to fix the vulnerability. More information can be found on the page below:...

6.9AI score
Exploits0
NCSC
NCSC
•added 2021/09/29 12:0 a.m.•4 views

Vulnerability fixed in ArcSight Enterprise Security Manager

Micro Focus has fixed a vulnerability in ArcSight Enterprise Security Manager ESM. An authenticated malicious person at remote user could potentially exploit the vulnerability to execute arbitrary execute arbitrary code under the application's privileges. Micro Focus shared few technical details...

9.8CVSS7.5AI score0.02014EPSS
Exploits0
NCSC
NCSC
•added 2021/09/28 12:0 a.m.•5 views

Vulnerabilities fixed in Ubuntu

Vulnerabilities have been fixed in Ubuntu. The vulnerabilities allow a malicious person to carry out attacks that lead to the following categories of damage: Denial-of-Service DoS Circumvention of security measure Accessing sensitive data Increased user privileges -= Ubuntu =- Canonical has made...

7.8CVSS6.8AI score0.03365EPSS
Exploits8
NCSC
NCSC
•added 2021/09/27 12:0 a.m.•3 views

Vulnerability fixed in Chromium-based browsers

A vulnerability has been fixed in Google Chrome. The vulnerability potentially allows a remote malicious person to execute arbitrary code to execute under the user's privileges. Google has disclosed little information about the vulnerability. The vulnerability is in the "Portals" component, which...

9.6CVSS6.8AI score0.11735EPSS
Exploits0
NCSC
NCSC
•added 2021/09/27 12:0 a.m.•11 views

Vulnerability fixed in Trend Micro ServerProtect

Trend Micro has fixed a vulnerability in ServerProtect. A unauthenticated malicious party could potentially abuse it to bypass authentication. The vulnerability has a CVSS3.1 score of 9.8 assigned. Content-wise, however, few technical details made publicly available. Trend Micro has released...

10CVSS6.9AI score0.09019EPSS
Exploits0
NCSC
NCSC
•added 2021/09/27 12:0 a.m.•7 views

Vulnerabilities fixed in Debian

Vulnerabilities have been fixed in Debian. The vulnerabilities allow a malicious person to perform attacks that lead to the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution Administrator/Root rights Access to sensitive data Increased user rights -=...

8.8CVSS7.6AI score0.01719EPSS
Exploits8
NCSC
NCSC
•added 2021/09/24 12:0 a.m.•6 views

Vulnerability fixed in OpenVPN Access Server

The vulnerability allows an unauthenticated malicious person to opportunity to execute arbitrary code on the browser of the victim. To do this, the malicious party must trick the victim into to follow a rogue hyperlink. OpenVPN has released updates to fix the vulnerability. More information can b...

6.1CVSS7.6AI score0.00722EPSS
Exploits0
Total number of security vulnerabilities4207