Lucene search
K

4207 matches found

NCSC
NCSC
•added 2021/08/20 12:0 a.m.•5 views

Vulnerability fixed in Icinga

A vulnerability has been fixed in Icinga. Within Icinga TLS certificate verification is used. However However, the validity of the Certificate Authority is not checked. A malicious party can thus circumvent bypass security. Updates have been released to fix the vulnerabilities. More information c...

7.5CVSS7.1AI score0.0142EPSS
Exploits0
NCSC
NCSC
•added 2021/08/19 12:0 a.m.•4 views

Vulnerability fixed in Atlassian Jira

A vulnerability has been fixed in Atlassian Jira. The vulnerability allows a remote malicious party to obtain obtain system data by performing a path-traversal. Atlassian has released updates to fix the vulnerability. fix. More information can be found on the page below:...

5.3CVSS6.7AI score0.99999EPSS
Exploits6
NCSC
NCSC
•added 2021/08/19 12:0 a.m.•8 views

Vulnerability fixed in Autodesk Licensing Service

A vulnerability has been fixed in the Autodesk Licensing Service. This service is present on all of Autodesk's flagship products. The vulnerability allows a malicious person with local access to obtain elevated privileges. Autodesk has released updates to fix the vulnerability. More information c...

7.8CVSS6.3AI score0.00237EPSS
Exploits0
NCSC
NCSC
•added 2021/08/19 12:0 a.m.•8 views

Vulnerability fixed in Red Hat JBoss Enterprise Application Platform

A vulnerability has been fixed in Red Hat JBoss Enterprise Application Platform. A remote malicious agent could vulnerability potentially exploit it to cause a denial-of-service cause. Red Hat has released updates to fix the vulnerability. More information can be found on the page below:...

7.5CVSS6.7AI score0.01375EPSS
Exploits1
NCSC
NCSC
•added 2021/08/19 12:0 a.m.•3 views

Vulnerability fixed in FortiOS

A vulnerability has been fixed in FortiOS. The vulnerability allows a malicious party located within the victim's network is able to execute arbitrary code by providing a specially prepared image. Fortinet has released updates to fix the vulnerability. More information can be found on the page...

8.8CVSS7.5AI score0.00761EPSS
Exploits0
NCSC
NCSC
•added 2021/08/19 12:0 a.m.•10 views

Vulnerability fixed in FortiWeb

FortiNet has released new versions that fix a vulnerability fix in FortiWeb. The vulnerability allows a remote malicious remote user to execute arbitrary code under permissions of the application. FortiNet has released updates to fix the vulnerability. More information can be found on the page...

9CVSS7.6AI score0.7727EPSS
Exploits2
NCSC
NCSC
•added 2021/08/19 12:0 a.m.•5 views

Vulnerability fixed in BIND

A vulnerability has been fixed in BIND. The vulnerability allows a remote malicious party the ability to cause a denial-of-service cause. The vulnerability manifests itself when the RRL functionality is enabled. By default, this is not case. ISC has released updates to fix and mitigation. More...

7.5CVSS6.7AI score0.03559EPSS
Exploits1
NCSC
NCSC
•added 2021/08/19 12:0 a.m.•3 views

Vulnerability fixed in jsoup

A vulnerability has been fixed in jsoup. The vulnerability allows a remote malicious party to cause a denial-of-service. cause. The developers of jsoup have released updates to fix the vulnerability. More information can be found on the pages below:...

7.5CVSS6.7AI score0.06873EPSS
Exploits0
NCSC
NCSC
•added 2021/08/19 12:0 a.m.•3 views

Vulnerabilities fixed in multiple implementations of HTTP/2

A PortSwigger researcher has discovered vulnerabilities in several implementations of HTTP/2. The researcher has demonstrated that it is possible to manipulate HTTP/2 requests. When the front-end of an application uses HTTP/2 and forwards the request to the back-end a downgrade to HTTP/1 takes...

7.5CVSS7.5AI score0.46179EPSS
Exploits1
NCSC
NCSC
•added 2021/08/19 12:0 a.m.•3 views

Vulnerability fixed in Firefox and Thunderbird

Mozilla has fixed a vulnerability in Thunderbird and Firefox. The vulnerability can be exploited with a so-called HTTP Response Splitting attack. In this attack, the malicious party manages to replace the original content of an HTTP response with rogue content. Mozilla has released updates to fix...

8.1CVSS6.6AI score0.00885EPSS
Exploits0
NCSC
NCSC
•added 2021/08/19 12:0 a.m.•18 views

Vulnerabilities fixed in Cisco Expressway Series and TelePresence Video Communication Server

Vulnerabilities have been fixed in Cisco Expressway Series and TelePresence Video Communication Server. The vulnerabilities allow an authenticated remote malicious person to execute arbitrary code to execute under user privileges and under root privileges. Cisco has released updates to fix the...

9CVSS7AI score0.02395EPSS
Exploits0
NCSC
NCSC
•added 2021/08/18 12:0 a.m.•3 views

Vulnerabilities fixed in Ubuntu kernel

Vulnerabilities have been fixed in Ubuntu's kernel. The vulnerabilities allow a malicious person to carry out attacks execute attacks that lead to the following categories of damage: Denial-of-Service DoS Remote code execution User Rights Access to sensitive data Canonical has released updates to...

7.8CVSS8.3AI score0.00872EPSS
Exploits3
NCSC
NCSC
•added 2021/08/18 12:0 a.m.•3 views

Vulnerabilities fixed in OpenSUSE RPM

Vulnerabilities have been fixed in OpenSUSE RPM. The vulnerabilities allow a malicious person to perform attacks that lead to the following categories of damage: Denial-of-Service DoS. Circumvention of security measure Remote code execution User rights -= OpenSUSE =- The developers of OpenSUSE ha...

7CVSS9.9AI score0.01706EPSS
Exploits0
NCSC
NCSC
•added 2021/08/18 12:0 a.m.•6 views

Vulnerabilities fixed in Aruba Networks AirWave Management Platform

Vulnerabilities have been fixed in AirWave Management Platform. The vulnerability with reference CVE-2021-3156 allows a local malicious person able to obtain elevated privileges and thereby execute arbitrary code under root privileges. The vulnerability with CVE-2021-3156 is described in detail i...

7.8CVSS7.2AI score0.99295EPSS
Exploits81
NCSC
NCSC
•added 2021/08/18 12:0 a.m.•11 views

Vulnerabilities fixed in Juniper Junos Space Platform

Vulnerabilities have been fixed in Junos Space Platform. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Bypassing authentication Circumvention of security measure Remote...

10CVSS7AI score0.99512EPSS
Exploits89
NCSC
NCSC
•added 2021/08/18 12:0 a.m.•6 views

Vulnerabilities fixed in Adobe products

Vulnerabilities have been fixed in several Adobe products. The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Circumvention of security measure Remote code execution User rights Access to syste...

9.8CVSS7.5AI score0.05583EPSS
Exploits0
NCSC
NCSC
•added 2021/08/17 12:0 a.m.•5 views

Vulnerability fixed in Zoom Client for Meetings

A vulnerability has been fixed in Zoom Client for Meetings. The vulnerability allows a remote malicious person to execute arbitrary code. To exploit this vulnerability exploit two other misconfigurations within the Zoom client while the attacker is is connected to the victim. Zoom indicates that...

6.8AI score
Exploits0
NCSC
NCSC
•added 2021/08/17 12:0 a.m.•5 views

Vulnerability fixed in BlackBerry QNX Real Time Operating System, QNX SDP, QNX OS for Safety, and QNX OS for Medical

Blackberry has fixed a vulnerability in QNX Real Time Operating System. The vulnerability is known by attribute CVE-2021-22156 and is part of a collection of vulnerabilities known as BadAlloc. A malicious person who manages to gain access to a vulnerable system can exploit the exploit the...

9.8CVSS7.2AI score0.018EPSS
Exploits0
NCSC
NCSC
•added 2021/08/17 12:0 a.m.•2 views

Vulnerabilities fixed in Google Chrome

Vulnerabilities have been fixed in Google Chrome. The vulnerabilities potentially enable a malicious person to carry out attacks leading to the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution User Rights As usual, Google has made few details...

8.8CVSS7.2AI score0.07003EPSS
Exploits6
NCSC
NCSC
•added 2021/08/17 12:0 a.m.•4 views

Vulnerabilities fixed in Oracle Unbreakable Enterprise kernel

Vulnerabilities have been fixed in Oracle Unbreakable Enterprise kernel. The vulnerabilities enable a malicious party to to cause a denial-of-service. -= Oracle =- Oracle has made updates available for Oracle Linux 7 and 8. U can install these updates using the command 'yum'. More information abo...

8.8CVSS8.1AI score0.00658EPSS
Exploits1
NCSC
NCSC
•added 2021/08/17 12:0 a.m.•2 views

Vulnerability fixed in SSSD

A vulnerability has been fixed in SSSD. The vulnerability allows a local malicious person with permissions on the SSSD interface e.g., via sudo to obtain root privileges. -= Oracle =- Oracle has made updates available for Oracle Linux 8. You can install these updates using the command 'yum'. More...

9.3CVSS6.5AI score0.02524EPSS
Exploits0
NCSC
NCSC
•added 2021/08/16 12:0 a.m.•5 views

Vulnerability fixed in Atlassian Jira

A vulnerability has been fixed in Atlassian Jira. The vulnerability allows a remote malicious party to obtain to obtain system data. Atlassian has released updates to fix the vulnerability. fix. More information can be found on the page below: https://jira.atlassian.com/browse/JRASERVER-72695...

5.3CVSS6.6AI score0.99999EPSS
Exploits6
NCSC
NCSC
•added 2021/08/16 12:0 a.m.•5 views

Vulnerabilities fixed in Nagios XI

Nagios has released a new version to address vulnerabilities fixes. The vulnerabilities allow a malicious person to to bypass security measures. Nagios makes little public information about these vulnerabilities available. Nagios has released a new version to address the vulnerabilities. fixes...

9.8CVSS6.7AI score0.03876EPSS
Exploits0
NCSC
NCSC
•added 2021/08/16 12:0 a.m.•2 views

Vulnerability fixed in cpio

A vulnerability has been fixed in cpio. The vulnerability allows a malicious person to execute arbitrary code. The developers of cpio have released updates to fix the vulnerability. More information can be found at the page below: https://git.savannah.gnu.org/cgit/cpio.git/commit...

7.8CVSS8.7AI score0.0415EPSS
Exploits1
NCSC
NCSC
•added 2021/08/16 12:0 a.m.•3 views

Vulnerabilities fixed in NetApp products

NetApp has fixed vulnerabilities in several products. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Access to system data NetApp has released updates to address the...

8.8CVSS8.3AI score0.78684EPSS
Exploits22
NCSC
NCSC
•added 2021/08/16 12:0 a.m.•3 views

Vulnerabilities fixed in the openSUSE kernel

Vulnerabilities have been fixed in the openSUSE kernel. The vulnerabilities allow a malicious person to perform attacks execute attacks that lead to the following categories of damage: Denial-of-Service DoS. Circumvention of security measure Access to system data Increased user privileges -=...

8.7CVSS7AI score0.00687EPSS
Exploits4
NCSC
NCSC
•added 2021/08/16 12:0 a.m.•3 views

Vulnerabilities fixed in SUSE kernel

Vulnerabilities have been fixed in SUSE kernel. The vulnerabilities allow a malicious person to perform attacks that lead to the following categories of damage: Denial-of-Service DoS. Access to system data Increased user privileges -= SUSE =- SUSE has made updates available to address the...

8.7CVSS7.1AI score0.00687EPSS
Exploits4
NCSC
NCSC
•added 2021/08/13 12:0 a.m.•5 views

Vulnerabilities fixed in Arconis Cyber Project

Acronis has fixed vulnerabilities in Cyber Project. The vulnerabilities allow a malicious party to obtain elevated user privileges and to obtain a security measure to circumvention. Acronis has released updates to fix the vulnerabilities. More information can be found on the page below:...

7.8CVSS6.7AI score0.00581EPSS
Exploits0
NCSC
NCSC
•added 2021/08/13 12:0 a.m.•3 views

Vulnerability fixed in Drupal

A vulnerability has been fixed in Drupal. A malicious party can exploit the vulnerability to perform a Cross-Site Scripting XSS attack. Such an attack can lead to the execution of arbitrary script code in the browser used to visit the application is visited. The vulnerability is located in the...

6.8AI score
Exploits0
NCSC
NCSC
•added 2021/08/13 12:0 a.m.•5 views

Vulnerabilities fixed in PostgreSQL

Vulnerabilities have been fixed in PostgreSQL. The vulnerabilities allow a remote malicious party to cause a denial-of-service to potentially access sensitive data as a result. PostgreSQL has released a new version to address the vulnerabilities. fixes. More information can be found on the page...

6.5CVSS6.9AI score0.62906EPSS
Exploits3
NCSC
NCSC
•added 2021/08/13 12:0 a.m.•6 views

Vulnerabilities fixed in Trend Micro Apex One

Trend Micro has fixed vulnerabilities in both the on-premises and SaaS versions of Apex One formerly OfficeScan. The vulnerabilities potentially enable a malicious party to launch attacks execute attacks that result in the following categories of damage: Manipulation of data. Bypassing...

8.8CVSS7.3AI score0.04951EPSS
Exploits0
NCSC
NCSC
•added 2021/08/13 12:0 a.m.•3 views

Vulnerabilities fixed in Node.js

Vulnerabilities have been fixed in Node.js. The vulnerabilities potentially enable a malicious person to perform attacks that lead to the following categories of damage: Cross-Site Scripting XSS. Denial-of-Service DoS. Circumvention of security measure. Remote code execution User Rights The...

9.8CVSS7AI score0.21952EPSS
Exploits2
NCSC
NCSC
•added 2021/08/13 12:0 a.m.•6 views

Vulnerabilities fixed in Brocade Fabric OS

Vulnerabilities have been fixed in Brocade Fabric OS. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS. Circumvention of security measure Remote code execution Administrator/Root privileges...

7.8CVSS7.4AI score0.00905EPSS
Exploits0
NCSC
NCSC
•added 2021/08/12 12:0 a.m.•8 views

Vulnerability found in Microsoft Printer Spooler service

A vulnerability has been found in the Print Spooler service of Microsoft Windows. A local malicious person without administrator privileges can exploit this vulnerability by connecting to a rogue print server. From this print server, a printer driver is then installed. Although the driver should...

9.8CVSS6.9AI score0.99759EPSS
Exploits76
NCSC
NCSC
•added 2021/08/12 12:0 a.m.•25 views

Vulnerabilities fixed in Microsoft Windows

Microsoft has fixed vulnerabilities in several components of Windows. The vulnerabilities potentially enable a malicious person to able to perform attacks that result in the following categories of damage: Obtaining elevated privileges Execution of arbitrary code Accessing sensitive data The...

9.9CVSS6.5AI score0.66023EPSS
Exploits7
NCSC
NCSC
•added 2021/08/12 12:0 a.m.•6 views

Vulnerabilities fixed in PAN-OS

Palo Alto Networks has fixed vulnerabilities in PAN-OS. The vulnerabilities potentially enable a malicious person to launch attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS. Circumvention of authentication. Remote code execution Administrator/Root...

9CVSS7.7AI score0.01779EPSS
Exploits0
NCSC
NCSC
•added 2021/08/12 12:0 a.m.•90 views

Vulnerabilities fixed in Schneider Electric EcoStruxure and Modicon products

Vulnerabilities have been fixed in Schneider Electric products. The vulnerabilities allow a malicious person to carry out attacks that lead to the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution User rights Access to system data Schneider Electric...

10CVSS7.3AI score0.03348EPSS
Exploits12
NCSC
NCSC
•added 2021/08/11 12:0 a.m.•3 views

Vulnerability fixed in the Linux kernel

A vulnerability has been fixed in the Linux kernel. A malicious party could potentially exploit the vulnerability to execute arbitrary code under root privileges. -= Red Hat =- Red Hat has made updates available for Red Hat Enterprise Linux 8. You can install these updates using the command 'yum'...

8.3CVSS8.4AI score0.78684EPSS
Exploits21
NCSC
NCSC
•added 2021/08/11 12:0 a.m.•8 views

Vulnerability fixed in Citrix ShareFile

Citrix has fixed a vulnerability caused by the CTX269106 mitigation tool for Citrix ShareFile storage zones controller. The tool disabled encryption when it was enabled. This would have allowed data to be stored and transmitted. Citrix has released updates to fix the vulnerability. More informati...

7.5CVSS6.5AI score0.00411EPSS
Exploits0
NCSC
NCSC
•added 2021/08/11 12:0 a.m.•5 views

Vulnerability fixed in Dell EMC NetWorker

A vulnerability has been fixed in Dell EMC NetWorker. A authenticated malicious party could potentially exploit it to cause a Denial-of-Service through a rogue API request. Dell EMC has released updates to fix the vulnerability. For more information, see:...

6.5CVSS6.7AI score0.00832EPSS
Exploits0
NCSC
NCSC
•added 2021/08/11 12:0 a.m.•3 views

Vulnerabilities fixed in Tomcat

Debian has fixed vulnerabilities in Tomcat. The vulnerabilities allow a remote malicious person to circumvent a to bypass a security measure. -= Debian =- Debian has made updates to tomcat available for Debian 10.0 Buster to fix the vulnerability. You can install the custom packages by using...

6.5CVSS9.5AI score0.75353EPSS
Exploits1
NCSC
NCSC
•added 2021/08/11 12:0 a.m.•8 views

Vulnerabilities fixed in SolarWinds products

Vulnerabilities have been fixed in SolarWinds products. The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Manipulation of data. Remote code execution Administrator/Root privileges SQL Injection Increased user...

9.4CVSS8.2AI score0.76411EPSS
Exploits0
NCSC
NCSC
•added 2021/08/11 12:0 a.m.•4 views

Vulnerabilities fixed in Mozilla Thunderbird

Mozilla has fixed vulnerabilities in Thunderbird. The vulnerabilities allow an unauthenticated remote malicious person to remote may be able to launch attacks that result in the following categories of damage: Denial-of-Service DoS Circumvention of security measure. Remote code execution User...

8.8CVSS7.7AI score0.01451EPSS
Exploits5
NCSC
NCSC
•added 2021/08/11 12:0 a.m.•3 views

Vulnerabilities fixed in Mozilla Firefox

Mozilla has fixed vulnerabilities in Firefox and Firefox Extended Support Release ESR. The vulnerabilities allow an unauthenticated remote malicious party potentially able to perform attacks that result in the following categories of damage: Denial-of-Service DoS Circumvention of security measure...

8.8CVSS7.5AI score0.01451EPSS
Exploits6
NCSC
NCSC
•added 2021/08/11 12:0 a.m.•10 views

Vulnerabilities fixed in Adobe Connect and Magento

Adobe has fixed vulnerabilities in Adobe Connect and Magento. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Circumvention of security measure. Remote code executio...

9.8CVSS6.8AI score0.0344EPSS
Exploits0
NCSC
NCSC
•added 2021/08/10 12:0 a.m.•9 views

Vulnerabilities fixed in Oracle Linux Unbreakable Enterprise kernel

Oracle has fixed vulnerabilities in the Unbreakable Enterprise Linux kernel. The vulnerabilities potentially enable a malicious person able to perform attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Access to sensitive data Increased user...

7.8CVSS7.4AI score0.09729EPSS
Exploits11
NCSC
NCSC
•added 2021/08/10 12:0 a.m.•2 views

Vulnerabilities in Moxa EDS-405A series ICS Ethernet switches

Moxa has fixed vulnerabilities in Ethernet switches. The vulnerabilities allow a remote malicious person to execute arbitrary code and to perform a denial-of-service execution. Moxa has released updates to fix the vulnerabilities. More information can be found on the page below:...

7.4AI score
Exploits0
NCSC
NCSC
•added 2021/08/10 12:0 a.m.•5 views

Vulnerabilities fixed in Dell OpenManage Enterprise

Vulnerabilities have been fixed in Dell OpenMangage. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Bypassing authentication. Remote code execution Administrator/Root privileges Access to sensitive data Increased...

9.8CVSS7.4AI score0.02091EPSS
Exploits1
NCSC
NCSC
•added 2021/08/10 12:0 a.m.•5 views

Multiple vulnerabilities fixed in Microsoft Office

Microsoft has fixed vulnerabilities in Office products. The vulnerabilities allow a malicious person to carry out attacks execute attacks that lead to the following categories of damage: Executing arbitrary code User privileges. Impersonating another user Below is a summary of the various...

7.8CVSS6.9AI score0.54383EPSS
Exploits0
NCSC
NCSC
•added 2021/08/10 12:0 a.m.•4 views

Vulnerabilities fixed in Microsoft Dynamics

Microsoft has fixed three vulnerabilities in Dynamics. A malicious party can exploit the vulnerabilities to impersonate as another user or to execute arbitrary code. Below is an overview of the affected vulnerabilities: Microsoft Dynamics:...

8.8CVSS7.1AI score0.03264EPSS
Exploits0
Total number of security vulnerabilities4207