Lucene search
K

4207 matches found

NCSC
NCSC
•added 2021/09/14 12:0 a.m.•7 views

Vulnerabilities fixed in Microsoft Visual Studio

Microsoft has fixed vulnerabilities in Microsoft Visual Studio. The vulnerabilities allow a malicious person to launch attacks execute attacks that could lead to the execution of arbitrary code under a user's privileges, obtaining elevated permissions and spoofing. Below is a summary of the vario...

7.8CVSS6.8AI score0.54171EPSS
Exploits0
NCSC
NCSC
•added 2021/09/14 12:0 a.m.•8 views

Vulnerabilities fixed in Microsoft Windows

Microsoft has fixed vulnerabilities in Windows. The vulnerabilities potentially enable a malicious person to launch attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Circumvention of security measure Remote code execution User rights Spoofing SQL...

9.8CVSS7.9AI score0.96843EPSS
Exploits38
NCSC
NCSC
•added 2021/09/14 12:0 a.m.•10 views

Vulnerabilities fixed in Microsoft Edge

Microsoft has made updates available to fix vulnerabilities fixes in Microsoft Edge. The vulnerabilities allow a malicious party potentially able to launch attacks that lead to the following categories of damage: Denial-of-Service DoS Circumvention of security measure Remote code execution User...

8.8CVSS8.4AI score0.0559EPSS
Exploits2
NCSC
NCSC
•added 2021/09/14 12:0 a.m.•6 views

Vulnerabilities fixed in Microsoft Azure products

Microsoft has fixed vulnerabilities in Azure products. The vulnerabilities allow an unauthenticated remote malicious person to remote user to execute arbitrary code, gain elevated permissions and obtain sensitive information. Microsoft indicates that for the vulnerability with the attribute...

9.8CVSS7.2AI score0.99723EPSS
Exploits20
NCSC
NCSC
•added 2021/09/14 12:0 a.m.•5 views

Vulnerability fixed in Microsoft Dynamics

Microsoft has fixed a vulnerability in Microsoft Dynamics Business Central Control. A malicious party could exploit the vulnerability to perform of a Cross-Site Scripting XSS attack. Such an attack can lead to the execution of arbitrary script code in the browser with which the application is...

5.4CVSS5.7AI score0.00983EPSS
Exploits0
NCSC
NCSC
•added 2021/09/14 12:0 a.m.•3 views

Vulnerabilities fixed in Apple iOS, iPadOS and macOS

Vulnerabilities have been fixed in iOS, iPadOS and macOS. A malicious party could potentially exploit the vulnerability to execute arbitrary code. To exploit the vulnerabilities a user must open a rogue PDF document or visit Web page visit. Apple indicates that these vulnerabilities may be active...

8.8CVSS7.2AI score0.75994EPSS
Exploits2
NCSC
NCSC
•added 2021/09/14 12:0 a.m.•4 views

Vulnerabilities fixed in Google Chrome

Vulnerabilities have been fixed in Google Chrome. The vulnerabilities allow a malicious person to launch attacks that lead to the following categories of damage: Denial-of-Service DoS Remote code execution User Rights Access to system data Google, as usual, is releasing few technical details abou...

9.6CVSS7.5AI score0.64546EPSS
Exploits4
NCSC
NCSC
•added 2021/09/13 12:0 a.m.•3 views

Vulnerabilities fixed in IBM Connections

Multiple vulnerabilities have been fixed in IBM SDK Java Technology Edition that is used by Content Collector for IBM Connections. IBM has released updates that fix the vulnerability. For more information see: https://www.ibm.com/support/pages/node/6487171...

4.3CVSS9.2AI score0.03701EPSS
Exploits0
NCSC
NCSC
•added 2021/09/10 12:0 a.m.•2 views

Vulnerabilities fixed in WordPress

WordPress developers have fixed several vulnerabilities fixed. A remote malicious person could potentially exploit these vulnerabilities potentially exploit them to perform a Cross-Site Scripting XSS attack. Also, a data exposure vulnerability has been fixed within the REST API. No CVE numbers ha...

6.4AI score
Exploits0
NCSC
NCSC
•added 2021/09/10 12:0 a.m.•7 views

Vulnerabilities fixed in Dell iDRAC

Vulnerabilities have been fixed in Dell iDRAC. The vulnerabilities allow a malicious person to execute arbitrary code execute under user privileges by performing an SQL Injection, Denial-of-Service DoS and executing arbitrary code. It is good practice not to have such an environment publicly to b...

8.2CVSS7AI score0.33317EPSS
Exploits0
NCSC
NCSC
•added 2021/09/10 12:0 a.m.•8 views

Vulnerabilities fixed in Cisco IOS XR

Vulnerabilities have been fixed in Cisco IOS XR. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS. Circumvention of security measure Access to sensitive data Increased user privileges Cisco ha...

8.6CVSS7AI score0.01581EPSS
Exploits0
NCSC
NCSC
•added 2021/09/10 12:0 a.m.•7 views

Vulnerability fixed in AVEVA System Platform

A vulnerability has been fixed in Platform Common Services PCS Portal which is a component of AVEVA System Platform. It concerns a certain "DLL hijacking" vulnerability. A local malicious person could potentially exploit the vulnerability to execute arbitrary code execute with the privileges of t...

7.8CVSS7.1AI score0.00215EPSS
Exploits0
NCSC
NCSC
•added 2021/09/09 12:0 a.m.•21 views

Vulnerabilities fixed in PAN-OS

Palo Alto Networks has fixed vulnerabilities in PAN-OS. The vulnerabilities potentially enable a malicious person to launch attacks execute attacks that result in the following categories of damage: Cross-Site Scripting XSS. Denial-of-Service DoS. Remote code execution Administrator/Root rights...

10CVSS7AI score0.74513EPSS
Exploits2
NCSC
NCSC
•added 2021/09/09 12:0 a.m.•4 views

Vulnerabilities fixed in Citrix Hypervisor

Vulnerabilities have been fixed in the Citrix Hypervisor. The vulnerabilities allow a malicious person with administrator privileges within the guest VM to cause a denial-of-service on the host and execute arbitrary code. Citrix has released updates to fix the vulnerabilities. More information ca...

7.8CVSS7.1AI score0.00378EPSS
Exploits0
NCSC
NCSC
•added 2021/09/08 12:0 a.m.•10 views

Vulnerabilities fixed in Google Android

Google has fixed vulnerabilities in the Android OS. A malicious party could misuse the vulnerabilities to gain access to sensitive data or give himself elevated privileges. To do this, the malicious party must trick the victim into installing a rogue app to install. The vulnerability with referen...

10CVSS7AI score0.00796EPSS
Exploits0
NCSC
NCSC
•added 2021/09/08 12:0 a.m.•5 views

Vulnerability fixed in IBM WebSphere

A vulnerability has been fixed in the Dojo library used used by WebSphere Application Server. By exploiting this vulnerability, a remote malicious person may be able to inject arbitrary code onto the system. IBM has released updates to fix the vulnerabilities. More information can be found on the...

7.7CVSS7.3AI score0.0399EPSS
Exploits1
NCSC
NCSC
•added 2021/09/08 12:0 a.m.•5 views

Multiple vulnerabilities fixed in Fortinet products

Fortinet has fixed multiple vulnerabilities in Fortinet products. The vulnerabilities allow a malicious person to execute attacks that potentially lead to: Bypassing security measure Bypassing authentication Remote code execution User rights Spoofing Accessing sensitive data Fortinet has released...

9.3CVSS7.7AI score0.8482EPSS
Exploits0
NCSC
NCSC
•added 2021/09/08 12:0 a.m.•7 views

Vulnerability fixed in Nessus agent

Nessus Agent 8.3.0 and earlier contains multiple local vulnerabilities that would allow an authenticated, local administrator to execute specific executable code on the Nessus Agent host could execute. Tenable has made updates available for Nessus to address the vulnerability. More information ca...

7.2CVSS6.6AI score0.00303EPSS
Exploits0
NCSC
NCSC
•added 2021/09/08 12:0 a.m.•4 views

Vulnerability found in Microsoft Windows

A vulnerability has been found in Microsoft Windows' MSHTML component. A malicious party could potentially exploit it to execute arbitrary code under the privileges of a user. To do this, the malicious party needs to get the victim to to open a rogue Office document. Microsoft indicates that ther...

8.8CVSS7.4AI score0.96843EPSS
Exploits38
NCSC
NCSC
•added 2021/09/08 12:0 a.m.•4 views

Vulnerabilities fixed in Mozilla Firefox

Mozilla has fixed vulnerabilities in Firefox and Firefox Extended Support Release ESR. The vulnerabilities allow an unauthenticated remote malicious agent potentially able to perform attacks that result in the following categories of damage: Denial-of-Service DoS Circumvention of security measure...

8.8CVSS7.6AI score0.01205EPSS
Exploits1
NCSC
NCSC
•added 2021/09/03 12:0 a.m.•18 views

Vulnerabilities fixed in Dell EMC NetWorker

Dell has fixed two vulnerabilities in EMC NetWorker. A malicious party with user rights on the NetWorker server could access sensitive data on NetWorker clients via path-traveral. data on NetWorker clients. Dell has released updates to fix the vulnerabilities in EC Networker 19.4.0.4. Also, Dell...

6.8CVSS6.9AI score0.00929EPSS
Exploits0
NCSC
NCSC
•added 2021/09/03 12:0 a.m.•7 views

Vulnerabilities fixed in IBM Spectrum Protect Plus

IBM has fixed vulnerabilities in Spectrum Protect Plus. A authenticated malicious person could exploit the vulnerabilities to cause a denial-of-service, or to execute arbitrary commands on the underlying system. IBM has released updates to fix the vulnerabilities in Spectrum Protect Plus 10.1.8.2...

9.8CVSS8.7AI score0.23132EPSS
Exploits7
NCSC
NCSC
•added 2021/09/02 12:0 a.m.•7 views

Vulnerability fixed in Cisco Prime Infrastructure and Evolved Programmable Network Manager

Cisco has fixed a vulnerability in Prime Infrastructure and Evolved Programmable Network Manager. An authenticated malicious person with access to the command-line interface could exploit the exploit the vulnerability to gain access to sensitive information. Cisco has released updates to fix the...

5.5CVSS7AI score0.00225EPSS
Exploits0
NCSC
NCSC
•added 2021/09/02 12:0 a.m.•6 views

Vulnerabilities fixed in Elasticsearch and Kibana

Vulnerabilities have been fixed in Elasticsearch and Kibana. The vulnerabilities potentially enable a malicious person to launch attacks execute attacks that result in the following categories of damage: Remote code execution User rights. Access to sensitive data Increased user privileges Elastic...

8.8CVSS7.5AI score0.01154EPSS
Exploits0
NCSC
NCSC
•added 2021/09/02 12:0 a.m.•4 views

Vulnerability fixed in Cisco Identity Services Engine

Cisco has fixed a vulnerability in Identity Services Engine ISE. A malicious person with administrator privileges can exploit the vulnerability exploit it to perform a Cross-Site Scripting XSS attack. Such an attack can result in the execution of arbitrary script code in the browser used to visit...

4.8CVSS6.5AI score0.00594EPSS
Exploits0
NCSC
NCSC
•added 2021/09/01 12:0 a.m.•3 views

Vulnerabilities fixed in Google Chrome

Google has fixed vulnerabilities in Chrome. The vulnerabilities potentially enable an unauthenticated remote malicious person to able to launch attacks that result in the following categories of damage: Denial-of-Service DoS Circumvention of security measure. Remote code execution User rights...

8.8CVSS7.8AI score0.0559EPSS
Exploits1
NCSC
NCSC
•added 2021/09/01 12:0 a.m.•7 views

Vulnerabilities fixed in ArubaOS and Aruba SD-WAN

Aruba Networks has fixed vulnerabilities in ArubaOS and SD-WAN as used by Aruba Mobility Conductor former Mobility Master, Access-Points and SD-WAN Gateways. The vulnerabilities potentially enable a malicious party to launch attacks execute attacks that result in the following categories of damag...

10CVSS8.3AI score0.03055EPSS
Exploits1
NCSC
NCSC
•added 2021/08/30 12:0 a.m.•19 views

Vulnerabilities fixed in Wind River Linux

Wind River has found and fixed vulnerabilities in Wind River Linux. The vulnerabilities potentially enable a malicious person to able to perform attacks that result in the following categories of damage: Denial-of-Service DoS Remote code execution User Rights Access to sensitive data Access to...

9.8CVSS7.7AI score0.87816EPSS
Exploits63
NCSC
NCSC
•added 2021/08/27 12:0 a.m.•14 views

Vulnerability fixed in NetApp Clustered Data ONTAP

NetApp has fixed a vulnerability in the BSD sub-layer of Clustered Data ONTAP. The vulnerability is located in the ipv6 impelementation and potentially allows a malicious party to cause a denial-of-service exploit. NetApp has released updates to fix the vulnerability in Clustered Data ONTAP. For...

7.5CVSS6.8AI score0.01221EPSS
Exploits0
NCSC
NCSC
•added 2021/08/27 12:0 a.m.•4 views

Vulnerability fixed in libssh

A vulnerability has been fixed in libssh. A malicious party could potentially exploit the vulnerability to cause a denial-of-service cause or execute arbitrary code with the privileges of application that uses libssh. It is good practice to apply the principle of "privilege separation" to this ty...

6.5CVSS7.1AI score0.04683EPSS
Exploits0
NCSC
NCSC
•added 2021/08/27 12:0 a.m.•3 views

Vulnerabilities fixed in XStream

Several vulnerabilities have been fixed in XStream. A malicious party could potentially exploit the vulnerabilities to cause a denial-of-service or execute arbitrary code with the application's permissions. The vulnerabilities are exploitable only when using use of the default XStream blacklist...

8.8CVSS7.9AI score0.98124EPSS
Exploits16
NCSC
NCSC
•added 2021/08/26 12:0 a.m.•8 views

Vulnerabilities fixed in Cisco Application Policy Infrastructure Controller (APIC).

Vulnerabilities have been fixed in Cisco Application Policy Infrastructure Controller APIC. The vulnerabilities allow a malicious party to conduct attacks that result in the following categories of damage: Cross-Site Scripting XSS. Data manipulation. Remote code execution Administrator/Root right...

9.1CVSS7.1AI score0.02125EPSS
Exploits0
NCSC
NCSC
•added 2021/08/26 12:0 a.m.•5 views

Vulnerabilities fixed in IBM AIX

Vulnerabilities have been fixed in IBM AIX. A local malicious party can, by exploiting these vulnerabilities, gain gain root privileges on the vulnerable system or can cause a Denial-of-Service exploit on the local system. IBM has released updates to fix the vulnerabilities in AIX. For more...

8.4CVSS6.8AI score0.00262EPSS
Exploits0
NCSC
NCSC
•added 2021/08/26 12:0 a.m.•5 views

Vulnerability fixed in Atlassian Confluence

A vulnerability has been fixed in Atlassian Confluence. A malicious party could potentially exploit the vulnerability to execute arbitrary code under the application's permissions. Atlassian has released updates to fix the vulnerability in Confluence. For more information, see:...

9.8CVSS7.4AI score0.99999EPSS
Exploits45
NCSC
NCSC
•added 2021/08/26 12:0 a.m.•4 views

Vulnerabilities fixed in Cisco Nexus 9000 series switches

Vulnerabilities have been fixed in Cisco Nexus 9000 series switches that operate in Application Centric Infrastructure ACI mode. The vulnerabilities allow a malicious party to perform attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Access to...

8.6CVSS6.8AI score0.02453EPSS
Exploits0
NCSC
NCSC
•added 2021/08/26 12:0 a.m.•14 views

Vulnerabilities fixed in Cisco NX-OS

Vulnerabilities have been fixed in Cisco NX-OS. A malicious person could potentially exploit the vulnerabilities to cause a denial-of-service cause. Both vulnerabilities are not exploitable with standard configuration. exploited. For the vulnerability with CVE attribute CVE-2021-1588 requires tha...

8.6CVSS7AI score0.01681EPSS
Exploits0
NCSC
NCSC
•added 2021/08/26 12:0 a.m.•7 views

Vulnerabilities fixed in TeamViewer

Teamviewer has fixed two vulnerabilities in Teamviewer 15. A malicious party could potentially exploit the vulnerabilities to execute arbitrary code with the application's privileges, causing a denial-of-service, or to gain access to sensitive data. To execute code, or cause a Denial-of-Service,...

8.8CVSS7.5AI score0.09134EPSS
Exploits0
NCSC
NCSC
•added 2021/08/26 12:0 a.m.•5 views

Vulnerabilities fixed in Xen

Xen's developers have fixed several vulnerabilities in Xen. A local malicious person could exploit the vulnerabilities to cause a denial-of-service, both in the guest system as well as the underlying host. Also, potentially the vulnerabilities could be exploited to obtain sensitive data in memory...

7.8CVSS6.6AI score0.0187EPSS
Exploits0
NCSC
NCSC
•added 2021/08/25 12:0 a.m.•5 views

Vulnerabilities fixed in VMware vRealize

VMware has fixed vulnerabilities in vRealize. A malicious person with access to the vRealize Operations Manager API could potentially exploit the vulnerabilities potentially exploit them to obtain sensitive data via accessing log files and arbitrary files, potentially possibly taking over a user...

7.5CVSS7AI score0.0116EPSS
Exploits1
NCSC
NCSC
•added 2021/08/25 12:0 a.m.•14 views

Vulnerabilities fixed in F5 BIG-IP

Vulnerabilities have been fixed in F5 BIG-IP. The vulnerabilities allow a malicious party to launch attacks that lead to the following categories of damage: Cross-Site Request Forgery XSRF. Cross-Site Scripting XSS Denial-of-Service DoS. Remote code execution User Rights SQL Injection Access to...

9.9CVSS7.8AI score0.02288EPSS
Exploits0
NCSC
NCSC
•added 2021/08/25 12:0 a.m.•4 views

Vulnerabilities fixed in OpenSSL

The developers of OpenSSL have fixed two vulnerabilities. The vulnerabilities allow an unauthenticated remote malicious person to remotely able to cause a denial-of-service, or potentially gain access to sensitive data, including possibly private keys currently actively in use on the system. Misu...

9.8CVSS8.4AI score0.87816EPSS
Exploits1
NCSC
NCSC
•added 2021/08/24 12:0 a.m.•6 views

Vulnerability fixed in F-Secure anti-virus engine

A vulnerability has been fixed in the F-Secure anti-virus engine. A malicious party could potentially exploit the vulnerability to cause a denial-of-service by running a specially prepared file to be scanned. F-Secure has released updates to fix the vulnerability. For more information, see:...

6.5CVSS6.8AI score0.00739EPSS
Exploits0
NCSC
NCSC
•added 2021/08/24 12:0 a.m.•7 views

Vulnerability fixed in Joomla! media manager

Joomla has fixed a vulnerability in the Joomla! media!! manager. Due to improper access control, a user could without being authorized to do so could delete arbitrary content from the media directory. Joomla has released updates to fix the vulnerability in Joomla! 4.0.1. For more information, see...

9.1CVSS6.9AI score0.00918EPSS
Exploits0
NCSC
NCSC
•added 2021/08/23 12:0 a.m.•6 views

Vulnerabilities fixed in Arista MOS on 7130 switches

Several vulnerabilities have been fixed in Arista 7130 switches that use the Metamako Operating System MOS. The vulnerabilities allow a malicious party to perform attacks execute attacks that result in the following categories of damage: Bypassing authentication Bypassing security measure Remote...

9.8CVSS7.7AI score0.0093EPSS
Exploits0
NCSC
NCSC
•added 2021/08/23 12:0 a.m.•4 views

Vulnerability fixed in Ruby on Rails

A vulnerability has been fixed in Ruby on Rails. The vulnerability allows a malicious person to use an Open Redirect attack to send the visitor with a custom link to a malicious website. send. Ruby on Rails has released updates to fix the vulnerability. fix. For more information, see:...

6.1CVSS6.8AI score0.0164EPSS
Exploits0
NCSC
NCSC
•added 2021/08/23 12:0 a.m.•3 views

Vulnerability fixed in Kerberos KDC

MIT has fixed a vulnerability in Kerberos. A malicious could potentially exploit the vulnerability to cause a denial-of-service cause in the KDC. -= Fedora =- Fedora has made updates available for Fedora 34. You can install these updates by using the command 'dnf' or 'yum'. More information about...

6.5CVSS8.8AI score0.02166EPSS
Exploits0
NCSC
NCSC
•added 2021/08/23 12:0 a.m.•4 views

Vulnerabilities fixed in QEMU

Vulnerabilities have been fixed in several components of QEMU. A malicious party could potentially exploit the vulnerabilities to cause a denial-of-service on the QEMU hypervisor or execute arbitrary code with the privileges of the QEMU emulator on the host. -= OpenSUSE =- The developers of...

8.5CVSS7.6AI score0.02904EPSS
Exploits0
NCSC
NCSC
•added 2021/08/20 12:0 a.m.•7 views

Vulnerabilities fixed in AVEVA products

AVEVA has fixed vulnerabilities in several products. The vulnerabilities allow a malicious party to perform a denial-of-service exploit. AVEVA categorizes these vulnerabilities according to the CVSSv3 method with a highest score of 8.1. AVEVA has released updates to fix the vulnerabilities. More...

9.8CVSS6.8AI score0.0093EPSS
Exploits0
NCSC
NCSC
•added 2021/08/20 12:0 a.m.•5 views

Vulnerability fixed in Rapid7 Nexpose

A vulnerability has been fixed in Rapid7 Nexpose. The vulnerability allows a malicious party to read and edit tickets that should not be available to the account the malicious party is logged in should be available. Rapid7 has released updates to fix the vulnerability. More information can be fou...

5.5CVSS6.5AI score0.00474EPSS
Exploits0
NCSC
NCSC
•added 2021/08/20 12:0 a.m.•8 views

Vulnerability fixed in VMware Workspace ONE

VMware has fixed a vulnerability in Workspace ONE. The vulnerability allows a malicious party with access to /API/system/admins/session the ability to perform a Denial of Service execution. VMware categorizes this vulnerability according to the CVSSv3 method with a score of 5.8. VMware has releas...

7.5CVSS6.6AI score0.00961EPSS
Exploits0
Total number of security vulnerabilities4207