4207 matches found
Vulnerabilities fixed in SonicWall SMA100 series
Vulnerabilities have been fixed in SonicWall SMA100 series. The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS. Remote code execution User Rights Increased user privileges SonicWall has release...
Fixed vulnerability in Big-IP Access Policy Manager (APM).
The vulnerability allows an unauthenticated malicious person to opportunity to execute arbitrary code on the browser of the victim. To do this, the malicious party must trick the victim into to follow a rogue hyperlink. BIG-IP has released updates to fix the vulnerability. More information can be...
Vulnerabilities fixed in Apple macOS & iOS
Vulnerabilities have been fixed in macOS Catalina. The vulnerability with reference CVE-2021-30869 allows a malicious person to execute execute arbitrary code with root privileges. The malicious person must install a rogue application to exploit the vulnerability. exploit. Apple indicates that...
Vulnerabilities fixed in sqlite3
Vulnerabilities have been fixed in sqlite. The vulnerabilities allow a malicious person to perform attacks that lead to the following categories of damage: Denial-of-Service DoS Remote code execution User Rights Access to sensitive data -= SUSE =- SUSE has made updates available to address the...
Vulnerabilities fixed in Red Hat JBoss Enterprise Application Platform 7.4.1
Vulnerabilities have been fixed in Red Hat JBoss Enterprise Application Platform 7.4.1 . The vulnerabilities allow a malicious party to perform attacks that result in the following categories of damage: Cross-Site Scripting XSS. Circumvention of security measure Remote code execution User Rights ...
Vulnerabilities fixed in Cisco products
Vulnerabilities have been fixed in Cisco products. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS. Bypassing authentication Bypassing security measure The vulnerability with attribute...
Vulnerability fixed in Mattermost
A vulnerability has been fixed in Mattermost. The vulnerability allows a remote malicious person to execute arbitrary code execute arbitrary code under user privileges. To do this, the malicious party must induce the victim to enter rogue code. Mattermost has released updates to fix the...
Vulnerabilities fixed in Oracle Unbreakable Enterprise kernel
Vulnerabilities have been fixed in the Oracle Linux kernel. The vulnerabilities allow a malicious person to carry out attacks execute attacks that lead to the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution User rights Access to sensitive data...
Vulnerabilities fixed in McAfee Agent for Windows
Vulnerabilities have been fixed in McAfee Agent for Windows. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Remote code execution Administrator/Root privileges. Access to sensitive data Increased user privileges...
Vulnerabilities fixed in Zoho ManageEngine ADManager Plus Pro
Vulnerabilities have been fixed in ManageEngine ADManager Plus Pro. The vulnerabilities allow a malicious person to launch attacks execute attacks that result in the following categories of damage: Manipulation of data. Circumvention of security measure Remote code execution User rights Increased...
Vulnerability found in Apple macOS
A researcher has found a vulnerability in Apple MacOS. The vulnerability allows a remote malicious person to execute arbitrary code under the user's privileges. The malicious party must induce the victim to open a rogue file to open. The researcher who found the vulnerability indicates that Apple...
Vulnerabilities fixed in VMware vCenter Server
Vulnerabilities have been fixed in VMware vCenter Server. The vulnerabilities allow a malicious party to perform attacks execute attacks that result in the following categories of damage: Cross-Site Request Forgery XSRF. Cross-Site Scripting XSS Denial-of-Service DoS. Manipulation of data...
Vulnerability fixed in LibTIFF
A vulnerability has been fixed in LibTIFF. The vulnerability allows a remote malicious party the ability to cause a denial-of-service to cause a denial-of-service, possibly resulting in the execution of arbitrary code. result. The developers of LibTIFF have made available a new version made...
Vulnerabilities fixed in Oracle MySQL
Vulnerabilities have been fixed in MySQL. The vulnerabilities allow a malicious person to perform attacks that result in the following categories of damage: Denial-of-Service DoS SQL Injection Access to sensitive data Access to system data Increased user privileges MySQL categorizes these...
Vulnerabilities fixed in openSUSE kernel
Vulnerabilities have been fixed in openSUSE kernel. The vulnerabilities allow a malicious person to carry out attacks execute attacks that lead to the following categories of damage: Denial-of-Service DoS. Access to sensitive data Access to system data -= openSUSE =- The developers of openSUSE ha...
Vulnerabilities fixed in Google Chrome
Google has fixed vulnerabilities in Chrome. The vulnerabilities allow a malicious party to cause a denial-of-service cause and to obtain system data. Potentially, the Denial-of-Service attack could be used to execute arbitrary code. Google has released a new version to address the vulnerabilities...
Vulnerability fixed in SonicWall
A vulnerability has been fixed in SonicWall. The vulnerability allows a local malicious party to obtain elevated privileges to obtain and thus potentially execute arbitrary code. The vulnerability is located in the installer of the SonicWall VPN Global VPN Client. SonicWall has released updates t...
Vulnerability found in Redis
A vulnerability has been found in Redis. The vulnerability allows a malicious party to perform a denial-of-service. Few details have been made public yet. No patches or mitigating measures have been announced yet. More information can be found at: https://github.com/redis/redis/issues/6633...
Vulnerabilities fixed in Kubernetes
Vulnerabilities have been found and fixed in Kubernetes. The vulnerabilities allow a malicious party to circumvent a security measure to bypass and to obtain system data obtain. Kubernetes has released updates to fix a vulnerability fix and to mitigate a vulnerability. More information can you ca...
Vulnerability found in Apache OpenOffice
A vulnerability has been found in Apache OpenOffice. The vulnerability allows a remote malicious person to execute arbitrary code. The malicious party must victim to open a rogue document. More information about the vulnerability can be found in a blog post by the researcher who reported the...
Vulnerabilities fixed in Apple products
Vulnerabilities have been fixed in Apple products. The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Circumvention of security measure Remote code execution Administrator/Root rights Remote co...
Vulnerability fixed in AMD chipset kernel driver
AMD has fixed a vulnerability in the Windows driver for multiple chipsets. The vulnerability allows a local malicious able to obtain data. AMD categorizes this vulnerability as "medium. Proof-of-concept code is available. AMD has released updates to fix the vulnerability. More information can be...
Vulnerabilities fixed in Oracle Linux
Oracle has fixed vulnerabilities in its kernel. The vulnerabilities allow a malicious party to cause a denial-of-service exploit. Oracle has released updates to fix the vulnerabilities. More information can be found on the page below: https://linux.oracle.com/errata/ELSA-2021-3447.html...
Vulnerabilities fixed in SUSE kernel
SUSE has fixed vulnerabilities in its kernel. The vulnerabilities allow a malicious party to bypass a security measure. circumvention. -= SUSE =- SUSE has made updates available to fix the vulnerabilities fixes in SUSE 12 and 15. You can install these custom packages by using 'YaST'. You can also...
Vulnerabilities fixed in McAfee Endpoint Security and McAfee Data Loss Prevention
Vulnerabilities have been fixed in McAfee Endpoint Security and McAfee Data Loss Prevention. The vulnerabilities allow a malicious party to conduct attacks that result in the following categories of damage: Denial-of-Service DoS. Remote code execution Administrator/Root privileges Access to syste...
Vulnerabilities fixed in Tivoli Netcool/OMNIbus WebGUI
IBM has fixed vulnerabilities in Tivoli Netcool/OMNIbus WebGUI. The vulnerabilities allow a malicious party to perform a denial-of-service and to obtain sensitive information obtain. IBM categorizes these vulnerabilities using the CVSSv3 method with a highest score of 7.5. IBM has released update...
Vulnerabilities fixed in Ubuntu kernel
Vulnerabilities have been fixed in Ubuntu kernel. The vulnerabilities allow a malicious person to perform attacks that lead to the following categories of damage: Denial-of-Service DoS Manipulation of data Circumvention of security measure Remote code execution User rights Access to system data -...
Vulnerabilities fixed in Ubuntu kernel
Vulnerabilities have been fixed in Ubuntu kernel. The vulnerabilities allow a malicious person to perform attacks that lead to the following categories of damage: Denial-of-Service DoS Manipulation of data Circumvention of security measure Accessing sensitive data Accessing system data -= Ubuntu ...
Vulnerability fixed in Zoho ManageEngine ADSelfService Plus
Zoho ManageEngine has fixed a vulnerability in ADSelfService Plus. ADSelfService Plus is a self-service password management and single-sign-on solution. The vulnerability allows a malicious remotely able to bypass authentication. Zoho ManageEngine categorizes this vulnerability according to the...
Vulnerabilities fixed in Netgear SmartSwitches
Netgear has fixed three vulnerabilities in a large number of SmartSwitches Seventh Inferno, Demon's Cries and Draconian Fear. The vulnerabilities allow a malicious party to cause a denial-of-service, or, when the vulnerabilities are used in tandem, to reset the password of the local admin reset...
Vulnerability discovered in Schneider Electric EcoStruxure Control Expert
A vulnerability has been discovered in Schneider Electric EcoStruxure Control Expert. The vulnerability could cause a malicious script to be deployed deployed to an unauthorized location which in turn could lead to the execution of code. Schneider Electric has published mitigating measures. More...
Vulnerabilities fixed in Dell BIOS
Vulnerabilities have been fixed in the BIOS of a number of Dell products. These vulnerabilities allow a local malicious person to able to access sensitive information and execute execute arbitrary code. Dell has released updates to fix the vulnerabilities. More information can be found on the pag...
Vulnerabilities fixed in BIND
A vulnerability has been fixed in BIND. The vulnerability allows a malicious party with access to the internal network of a group of BIND servers able to launch a denial-of-service attack on an update process. This enables the distribution of zone information from the master server to slave serve...
Vulnerabilities fixed in curl
Vulnerabilities have been fixed in curl. The vulnerabilities allow a malicious person to perform attacks that lead to the following categories of damage: Denial-of-Service DoS Circumvention of security measure Accessing sensitive data Updates have been released to fix the vulnerabilities. More...
Issues fixed in Apache web server
Apache has released version 2.4.49 of the Apache Web server. In this version a number of vulnerabilities have been fixed. Please note that the 2.2.x branch is now at the end of the life of the Apache HTTP Server project and there will be no further activity take place, including security updates...
Vulnerabilities fixed in FortiSandbox
Due to a session expiration vulnerability in FortiSandbox allows a malicious party to reuse the non-expired session IDs of an administrator reuse to obtain information about other users. obtain. CVE-2020-29012 Due to a vulnerability in the input validation of the sniffer interface of FortiSandbox...
Vulnerabilities fixed in Drupal
Several vulnerabilities have been fixed in Drupal. A malicious party can exploit the vulnerabilities to perform of Cross-Site Scripting XSS, Cross-Site Request Forgery XSRF and bypassing security measures. Drupal has released updates to fix the vulnerabilities. For more information, see:...
Vulnerabilities fixed in Apache Tomcat
Vulnerabilities have been fixed in Apache Tomcat that can lead to the following categories of damage: Denial-of-Service DoS. Access to sensitive data The developers of Apache Tomcat have made updates available made available. For more information, see the following page: https://tomcat.apache.org...
Vulnerability fixed in Artifex Ghostscript
Artifex has fixed a vulnerability in Ghostscript. The vulnerability allows an unauthenticated malicious person to opportunity to execute arbitrary code under the privileges of Ghostscript. To do this, the malicious party must trick the victim into to open a malicious document. Artifex has release...
Vulnerabilities fixed in QNAP nas
QNAP has fixed vulnerabilities in nas systems. The vulnerabilities allow a malicious person to execute arbitrary code execute arbitrary code. QNAP has released updates to fix the vulnerability. More information can be found on the pages below: CVE-2021-28816 and CVE-2021-34343:...
Vulnerability fixed in Fedora kernel
Fedora has fixed a vulnerability in its kernel. The vulnerability allows a malicious party to cause a Denial-of-Service exploit. -= Fedora =- Fedora has made updates available for Fedora 33 and 34. You can install these updates using the command 'dnf' or 'yum'. More information about these update...
Vulnerabilities fixed in Adobe products
Vulnerabilities have been fixed in several Adobe products. The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Circumvention of security measure Remote code execution User...
Vulnerabilities fixed in Microsoft Office products
Microsoft has fixed vulnerabilities in Office products. A malicious party can exploit the vulnerabilities to execute arbitrary code with user privileges and spoofing. Below is a summary of the various vulnerabilities described by component and the impact. Microsoft Office SharePoint:...
Vulnerability fixed in Nitro Pro PDF
A vulnerability has been fixed in Nitro Pro PDF. The vulnerability allows a remote malicious person to execute arbitrary execute arbitrary code under the victim's privileges. The malicious party to do this must induce the victim to open a rogue document to be opened. Nitro has released updates to...
Vulnerability fixed in Microsoft Edge
Microsoft has fixed a vulnerability in Edge. The vulnerability allows a malicious person to manipulate data manipulate. Microsoft has made few details public and categorizes this vulnerability according to the CVSSv3 method with a score of 6.4. Microsoft has released updates to fix the...
Vulnerabilities fixed in SAP products
Vulnerabilities have been fixed in SAP products. The vulnerabilities enable a malicious person to launch attacks that lead to the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Bypassing authentication Circumvention of security measure Remote code execution...
Vulnerabilities fixed in Siemens products.
Vulnerabilities have been fixed in Siemens products. The vulnerabilities allow a malicious person to carry out attacks that lead to the following categories of damage: Denial-of-Service DoS. Remote code execution Administrator/Root privileges Spoofing Access to sensitive data Increased user right...
Vulnerability fixed in Git
A vulnerability has been fixed in Git. The vulnerability allows a malicious party to bypass a security measure. Git has released updates to fix the vulnerability. More information can be found on the page below: https://github.com/git/git/commit /a02ea577174ab8ed18f847cf1693f213e0b9c473 -= Ubuntu...
Vulnerability fixed in Citrix ShareFile Storage Zones
A security issue has been fixed in the Citrix ShareFile storage area controller that, if exploited, would allow an unauthenticated malicious person would be able to remotely compromise the storage zone controller. All currently supported versions of the Citrix ShareFile storage zone controller...
Vulnerabilities fixed in NetIQ Access Manager
Vulnerabilities have been fixed in Access Manager. The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Manipulation of data Access to sensitive data Access to system da...