Lucene search
K

4207 matches found

NCSC
NCSC
•added 2021/08/10 12:0 a.m.•6 views

Several vulnerabilities fixed in SAP products

Vulnerabilities have been fixed in SAP products. The vulnerabilities enable a malicious person to launch attacks that lead to the following categories of damage: Cross-Site Scripting XSS. Bypassing authentication Bypassing security measure SQL Injection SAP designates three vulnerabilities as "Ho...

9.9CVSS6.8AI score0.67699EPSS
Exploits7
NCSC
NCSC
•added 2021/08/10 12:0 a.m.•4 views

Vulnerabilities fixed in Debian Bluetooth protocol stack

Vulnerabilities have been fixed in Bluetooth. The vulnerabilities allow a malicious person to carry out attacks that lead to the following categories of damage: Denial-of-Service DoS. Circumvention of security measure Remote code execution User rights Spoofing -= Debian =- Debian has made updates...

8.6CVSS9AI score0.04242EPSS
Exploits0
NCSC
NCSC
•added 2021/08/10 12:0 a.m.•3 views

Vulnerabilities fixed in Oracle Linux microcode

Vulnerabilities have been fixed in the Oracle Linux microcode. The vulnerabilities allow a malicious party to access system data and increased user privileges. -= Oracle =- Oracle has made updates available for Oracle Linux 7 and 8. U can install these updates using the command 'yum'. More...

6.8AI score
Exploits0
NCSC
NCSC
•added 2021/08/10 12:0 a.m.•5 views

Vulnerabilities fixed in Microsoft Developer Tools

Microsoft has fixed vulnerabilities in its Developer products. The vulnerabilities allow a malicious party to launch attacks execute attacks that could lead to access to sensitive data, or Denial-of-Service, for example, through services and applications that make use of these vulnerable products...

7.5CVSS6.2AI score0.03858EPSS
Exploits0
NCSC
NCSC
•added 2021/08/10 12:0 a.m.•71 views

Vulnerabilities fixed in Siemens Scalance products

Siemens has fixed vulnerabilities in Scalance products. The vulnerabilities potentially enable a malicious person to launch attacks execute attacks that result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Manipulation of data Circumvention of authenticati...

10CVSS6.5AI score0.62906EPSS
Exploits14
NCSC
NCSC
•added 2021/08/10 12:0 a.m.•5 views

Vulnerability fixed in Jupyter notebook

Jupyter has fixed a vulnerability in notebook. The vulnerability is known as a so-called Cross-Site-Scripting XSS. The vulnerability allows a malicious person to execute arbitrary code under the privileges of the victim. To do this, the malicious party must induce the victim to to follow a rogue...

10CVSS7.2AI score0.02106EPSS
Exploits1
NCSC
NCSC
•added 2021/08/10 12:0 a.m.•5 views

Vulnerability fixed in Lynx

A vulnerability has been fixed in Lynx. A malicious person at remote can exploit the vulnerability to obtain login credentials sent over HTTPS via Lynx to a server. transmitted. To do this, the malicious party must have access to network traffic between the victim and the server. It is not...

5.3CVSS6.8AI score0.04455EPSS
Exploits0
NCSC
NCSC
•added 2021/08/10 12:0 a.m.•3 views

Vulnerabilities fixed in SUSE kernel

Vulnerabilities have been fixed in SUSE kernel. The vulnerabilities allow a malicious person to perform attacks that lead to the following categories of damage: Denial-of-Service DoS. Access to system data Increased user privileges -= SUSE =- SUSE has made updates available to fix the vulnerabili...

8.7CVSS8.2AI score0.0066EPSS
Exploits3
NCSC
NCSC
•added 2021/08/10 12:0 a.m.•6 views

Apache Tomcat vulnerability discovered in BIG-IP

F5 has discovered a vulnerability in BIG-IP. The vulnerability is located in the Tomcat component and gives opportunity for HTTP request smuggling. A malicious party can modify an HTTP request of another user. This can lead to many types of consequential damage. F5 has not yet released updates to...

5.3CVSS9.2AI score0.75353EPSS
Exploits1
NCSC
NCSC
•added 2021/08/10 12:0 a.m.•13 views

Vulnerabilities fixed in Siemens Simatic products

Siemens has fixed vulnerabilities in several Simatic products. The vulnerabilities potentially enable a malicious party to execute attacks that result in the following categories of damage: Denial-of-Service DoS. Bypassing authentication Bypassing security measure Remote code execution User right...

9.8CVSS7.3AI score0.78684EPSS
Exploits38
NCSC
NCSC
•added 2021/08/10 12:0 a.m.•4 views

Vulnerabilities fixed in Red Hat OpenShift

Red Hat has fixed vulnerabilities in OpenShift. The vulnerabilities allow an unauthenticated remote malicious person to remotely capable of causing a denial-of-service. -= Red Hat =- Red Hat has made updates available for Red Hat Enterprise Linux 7 and 8. You can install these updates using the...

7.5CVSS6.5AI score0.06975EPSS
Exploits5
NCSC
NCSC
•added 2021/08/09 12:0 a.m.•4 views

Vulnerabilities fixed in Ansible

Vulnerabilities have been fixed in Ansible. The vulnerabilities potentially enable an authenticated malicious person to perform attacks that result in the following categories of damage: Remote code execution User Rights Access to sensitive data Access to system data Increased user privileges -=...

7.9CVSS9.5AI score0.02043EPSS
Exploits6
NCSC
NCSC
•added 2021/08/09 12:0 a.m.•11 views

Vulnerabilities fixed in IBM Workload Scheduler

IBM has fixed vulnerabilities in Workload Scheduler. The vulnerabilities allow an unauthenticated malicious person to opportunity to cause a denial-of-service and to bypass a security measure. IBM categorizes these vulnerabilities using the CVSSv3 method with a highest score of 7.5. IBM has...

7.5CVSS9.2AI score0.62906EPSS
Exploits6
NCSC
NCSC
•added 2021/08/06 12:0 a.m.•5 views

Vulnerabilities fixed in GitLab

Vulnerabilities have been fixed in GitLab. The vulnerabilities potentially enable a malicious person to launch attacks leading to the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Circumvention of security measure Accessing sensitive data Not all vulnerabilities...

8.8CVSS6.4AI score0.00865EPSS
Exploits0
NCSC
NCSC
•added 2021/08/06 12:0 a.m.•6 views

Vulnerabilities fixed in VMware Workspace One Access and Identity Manager

VMware has fixed vulnerabilities in Workspace One Access and Identity Manager, as used by VMware Cloud Foundation, Identity Manager, Workspace One Access and vRealize. A unauthenticated malicious party could potentially exploit them to gain access to sensitive system data. VMware has released...

9.8CVSS7.1AI score0.01207EPSS
Exploits0
NCSC
NCSC
•added 2021/08/06 12:0 a.m.•6 views

Vulnerabilities fixed in Pulse Connect Secure

Pulse Connect has fixed vulnerabilities in Pulse Connect Secure. The vulnerabilities potentially enable a malicious person to able to perform attacks that result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Data manipulation. Remote code execution...

7.2CVSS7.5AI score0.9648EPSS
Exploits5
NCSC
NCSC
•added 2021/08/05 12:0 a.m.•6 views

Vulnerabilities fixed in Cisco RV-series routers

Cisco has fixed vulnerabilities in several routers in its RV product line. An unauthenticated malicious party could potentially exploit the vulnerabilities potentially exploit them to cause a denial-of-service cause or to execute arbitrary code with elevated privileges. execution. To do this, rog...

10CVSS7.7AI score0.09691EPSS
Exploits0
NCSC
NCSC
•added 2021/08/05 12:0 a.m.•4 views

Vulnerabilities fixed in IBM Db2

IBM has fixed vulnerabilities in Db2. A malicious party could vulnerabilities potentially exploit them to cause a denial-of-service cause. To do this, a rogue database query on the database server to be executed. IBM has released updates to fix the vulnerabilities. For more information, see:...

7.5CVSS6.7AI score0.01692EPSS
Exploits0
NCSC
NCSC
•added 2021/08/04 12:0 a.m.•5 views

Vulnerabilities fixed in ForsiOS

FortiGuard Labs has fixed several vulnerabilities in FortiOS. The vulnerabilities allow a malicious party to execute attacks that potentially lead to the execution of arbitrary code under the user's privileges. FortiGuard Labs has released updates to fix the vulnerabilities fixes in FortiOS SSL...

8.8CVSS7.4AI score0.00761EPSS
Exploits0
NCSC
NCSC
•added 2021/08/04 12:0 a.m.•5 views

Vulnerabilities fixed in FortiManager and FortiAnalyzer

A vulnerability has been fixed in FortiManager and FortiAnalyzer. A malicious party could potentially exploit them to execute arbitrary code with elevated privileges or gain access to sensitive data. Fortinet has released updates to fix the vulnerability. More information can be found on the page...

8.8CVSS7.5AI score0.03206EPSS
Exploits1
NCSC
NCSC
•added 2021/08/04 12:0 a.m.•6 views

Vulnerability fixed in FortiManager and FortiAnalyzer

A server-side request forgery SSRF vulnerability in FortiManager and FortiAnalyser GUI could allow a remote attacker to gain access to unauthorized files and services on the system via specially designed web requests. Fortinet has released updates to fix the vulnerability. More information can be...

8.8CVSS6.7AI score0.00668EPSS
Exploits0
NCSC
NCSC
•added 2021/08/04 12:0 a.m.•19 views

Vulnerabilities fixed in ElasticSearch

Elastic has fixed vulnerabilities in the Elastic Stack. A authenticated malicious person could exploit the vulnerabilities to obtain sensitive information or bypass a security measure. The vulnerabilities are located in Elasticsearch itself and in the Elastic App Search API. Elastic has released...

8.8CVSS6.7AI score0.01037EPSS
Exploits0
NCSC
NCSC
•added 2021/08/04 12:0 a.m.•67 views

Vulnerabilities found in NicheStack

Forescout researchers have found fourteen vulnerabilities found in NicheStack. This is a TCP/IP stack used primarily used in embedded systems and ICS/SCADA devices. Among Siemens, Honeywell, Rockwell Automation and Schneider Electric, among others are mentioned by Forescout as manufacturers that...

9.8CVSS6.8AI score0.03627EPSS
Exploits0
NCSC
NCSC
•added 2021/08/03 12:0 a.m.•4 views

Vulnerabilities fixed in Google Chrome

Google has fixed vulnerabilities in Chrome. The vulnerabilities potentially enable a remote malicious person to launch attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Remote code execution User Rights Access to sensitive data Few technical details ...

8.8CVSS7.8AI score0.0282EPSS
Exploits7
NCSC
NCSC
•added 2021/08/03 12:0 a.m.•11 views

Vulnerabilities fixed in Google Android

Google has fixed vulnerabilities in Android. The vulnerabilities potentially enable a malicious person to carry out attacks that lead to the following categories of damage: Remote code execution User Rights Access to sensitive data Access to system data Increased user privileges Few technical...

10CVSS8.8AI score0.01377EPSS
Exploits1
NCSC
NCSC
•added 2021/08/03 12:0 a.m.•10 views

Vulnerabilities fixed in Samsung Mobile

Vulnerabilities have been fixed in Android as used by Samsung Mobile products. The vulnerabilities allow a malicious party potentially able to launch attacks that lead to the following categories of damage: Denial-of-Service DoS. Remote code execution User Rights Access to sensitive data Access t...

10CVSS8.9AI score0.06968EPSS
Exploits3
NCSC
NCSC
•added 2021/08/02 12:0 a.m.•5 views

Vulnerability fixed in PowerDNS

A vulnerability has been fixed in PowerDNS. The vulnerability allows an unauthenticated remote malicious agent to cause a denial-of-service. PowerDNS has released updates to fix the vulnerability. More information can be found on the page below:...

7.5CVSS6.8AI score0.64857EPSS
Exploits0
NCSC
NCSC
•added 2021/08/02 12:0 a.m.•6 views

Vulnerabilities fixed is MISP

Vulnerabilities have been fixed in MISP. The vulnerabilities allow an unauthenticated remote malicious person to be able to execute arbitrary code in the victim's browser. To do so, the malicious party must induce the victim to follow a rogue hyper-link to follow CIRCL has released updates to fix...

5.4CVSS7.5AI score0.00672EPSS
Exploits0
NCSC
NCSC
•added 2021/07/30 12:0 a.m.•3 views

Vulnerability fixed in WebSphere Application Server

IBM has fixed a vulnerability in WebSphere Application Server. The vulnerability allows a malicious party to obtain obtain elevated privileges. IBM has released updates to fix the vulnerabilities. More information can be found on the page below: https://www.ibm.com/support/pages/node/6476678...

8.8CVSS6.5AI score0.01105EPSS
Exploits0
NCSC
NCSC
•added 2021/07/30 12:0 a.m.•7 views

WIBU CodeMeter vulnerabilities fixed

Wibu-Systems has fixed vulnerabilities in CodeMeter. Successful exploitation of these vulnerabilities can enable a malicious person to cause a denial-of-service condition. WIBU-systems has released updates to the following documents: https://cdn.wibu.com/fileadmin/wibudownloads/securityadvisories...

9.1CVSS7AI score0.33304EPSS
Exploits2
NCSC
NCSC
•added 2021/07/30 12:0 a.m.•4 views

Vulnerability fixed in Dell NetWorker

Dell EMC has released updates to fix the vulnerability. For more information, see: https://www.dell.com/support/kbdoc/en-us/000185470 /dsa-2021-081-dell-emc-networker-security-update-for-a-clear-text -vulnerability...

7.8CVSS6.9AI score0.00239EPSS
Exploits0
NCSC
NCSC
•added 2021/07/30 12:0 a.m.•4 views

Vulnerability fixed in Dell Avamar Server

A vulnerability has been fixed in Dell EMC Avamar Server. The vulnerability allows a malicious party to use an Open Redirect attack to send the visitor with a custom link to a malicious website. Dell EMC has released updates to fix the vulnerability. For more information, see:...

6.1CVSS6.8AI score0.00858EPSS
Exploits0
NCSC
NCSC
•added 2021/07/30 12:0 a.m.•16 views

Vulnerabilities fixed in Sophos UTM Up2Date

Sophos has fixed multiple vulnerabilities in Up2Date for Sophos UTM. A malicious party could potentially abuse it to cause a Denial-of-Service or to perform a execute a Cross-Site Scripting XSS attack. Such an attack can result in the execution of arbitrary script code in the browser used to visi...

7.5CVSS7.8AI score0.06968EPSS
Exploits5
NCSC
NCSC
•added 2021/07/29 12:0 a.m.•4 views

Vulnerability fixed in Jetty

A vulnerability has been fixed in Jetty. A malicious party can exploit the exploit the vulnerability to obtain sensitive information. -= NetApp =- NetApp has released updates to fix the Jetty vulnerability fix in Active IQ Unified Manager. For more information, see:...

5.3CVSS8.4AI score0.7848EPSS
Exploits2
NCSC
NCSC
•added 2021/07/29 12:0 a.m.•7 views

Vulnerabilities fixed in Xerox AltaLink systems

Xerox has released a cumulative update that fixes several vulnerabilities that could lead to: Security measure circumvention SQL Injection Accessing sensitive data Xerox has released updates to address the vulnerabilities in AltaLink systems. For more information, see:...

9.8CVSS7.5AI score0.01017EPSS
Exploits0
NCSC
NCSC
•added 2021/07/29 12:0 a.m.•11 views

Vulnerabilities fixed in Xerox FreeFlow Print Server

Xerox has fixed vulnerabilities in Freeflow Print Server. This patch update includes, among other things, a fix for the PrintNightmare vulnerability located in the Windows Print Spooler service and affects the Windows Print Queue. Xerox has released updates to fix vulnerabilities in Freeflow prin...

9.8CVSS9.3AI score0.99759EPSS
Exploits44
NCSC
NCSC
•added 2021/07/28 12:0 a.m.•12 views

Vulnerabilities fixed in Foxit Reader

Vulnerabilities have been fixed in Foxit PDF Reader and PDF Editor. The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Data manipulation. Remote code execution User Rights To exploit these...

8.8CVSS7.7AI score0.04546EPSS
Exploits3
NCSC
NCSC
•added 2021/07/28 12:0 a.m.•6 views

Vulnerability fixed in MISP

A vulnerability has been fixed in MISP. A malicious party can exploit the exploit the vulnerability to perform a Cross-Site Scripting XSS attack. Such an attack can result in the execution of arbitrary script code in the browser used to visit the application is visited. MISP has released updates ...

5.4CVSS6.7AI score0.00504EPSS
Exploits0
NCSC
NCSC
•added 2021/07/27 12:0 a.m.•3 views

Vulnerability fixed in Apple iOS, iPadOS and macOS

A vulnerability has been fixed in iOS, iPadOS and macOS. A malicious party could potentially exploit the vulnerability to execute arbitrary code under root privileges. Apple indicates that this vulnerability may be actively abused being exploited. Apple has released updates to fix the...

9.3CVSS7.4AI score0.28839EPSS
Exploits0
NCSC
NCSC
•added 2021/07/27 12:0 a.m.•6 views

Vulnerability fixed in CheckMK

A vulnerability has been fixed in CheckMK. A malicious party can exploit the vulnerability to perform a Cross-Site Scripting XSS attack. Such an attack can lead to the execution of arbitrary script code in the browser used to visit the application is visited. CheckMK has released updates to fix t...

5.4CVSS6.7AI score0.0172EPSS
Exploits2
NCSC
NCSC
•added 2021/07/26 12:0 a.m.•3 views

Vulnerabilities fixed in Asterisk

Vulnerabilities have been fixed in Asterisk. A malicious party could potentially exploit the vulnerabilities to cause a denial-of-service cause. Asterisk Project has released updates to fix the vulnerabilities. fixes. For more information, see:...

7.5CVSS7.1AI score0.0911EPSS
Exploits2
NCSC
NCSC
•added 2021/07/26 12:0 a.m.•4 views

Vulnerabilities fixed in IBM i2 Analyst's Notebook

Vulnerabilities have been fixed in the IBM i2 Analyst's Notebook. A malicious party could exploit the vulnerabilities to obtain system data and sensitive information. IBM has released updates to fix the vulnerabilities. For more information, see: https://www.ibm.com/support/pages/node/6474861...

6.5CVSS6.8AI score0.01275EPSS
Exploits0
NCSC
NCSC
•added 2021/07/26 12:0 a.m.•5 views

Vulnerability fixed in MIT Kerberos

A vulnerability has been fixed in krb5, part of MIT's Kerberos. A malicious party could potentially exploit the vulnerability to cause a denial-of-service on the KDC process through a specially prepared request. -= Debian =- Debian has made updates to krb5 available for Debian 10.0 Buster to fix...

7.5CVSS7.4AI score0.10276EPSS
Exploits0
NCSC
NCSC
•added 2021/07/23 12:0 a.m.•4 views

Vulnerabilities fixed in Dell OpenManage Enterprise

Vulnerabilities have been fixed in Dell OpenManage Enterprise. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Remote code execution Administrator/Root privileges. Spoofing Access to sensitive data Access to syste...

9.8CVSS7.5AI score0.02091EPSS
Exploits1
NCSC
NCSC
•added 2021/07/22 12:0 a.m.•4 views

Vulnerabilities fixed in NVIDIA GPU Display Driver

Vulnerabilities have been fixed in NVIDIA GPU Display Driver. The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS. Manipulation of data Access to system data Increased user privileges NVIDIA has...

7.8CVSS6.7AI score0.00414EPSS
Exploits0
NCSC
NCSC
•added 2021/07/22 12:0 a.m.•7 views

Vulnerabilities fixed in Apple Mac OS

Apple has fixed vulnerabilities in Apple MacOS Big Sur, Catalina and Mojave. A malicious person could exploit them to cause the following types of damage: Denial-of-Service DoS. Circumvention of security measure Remote code execution Administrator/Root rights Remote code execution User rights...

10CVSS8.6AI score0.03653EPSS
Exploits2
NCSC
NCSC
•added 2021/07/22 12:0 a.m.•10 views

Vulnerabilities fixed in Apple iOS and iPadOS

Apple has fixed vulnerabilities in Apple iOS and iPadOS. A malicious party can exploit the vulnerabilities to cause the following types of damage: Denial-of-Service DoS Circumvention of security measure Remote code execution User rights Access to sensitive data All of the vulnerabilities describe...

9.8CVSS8.5AI score0.03653EPSS
Exploits2
NCSC
NCSC
•added 2021/07/21 12:0 a.m.•6 views

Vulnerability fixed in Adobe Premiere Pro

Adobe has fixed a vulnerability in Premiere Pro. A malicious party could potentially exploit the vulnerability to execute arbitrary code with application privileges. To do this, the malicious party must trick the victim into opening a rogue file to open. Adobe has released updates to fix the...

9.3CVSS7.4AI score0.02875EPSS
Exploits0
NCSC
NCSC
•added 2021/07/21 12:0 a.m.•6 views

Vulnerabilities fixed in Adobe Photoshop

Adobe has fixed vulnerabilities in Photoshop. A local malicious party could exploit the vulnerabilities to execute arbitrary code execute application privileges, or gain access to system files. Adobe has released updates to fix the vulnerabilities in Photoshop 2020 and 2021. For more information,...

9.3CVSS7.6AI score0.05033EPSS
Exploits0
NCSC
NCSC
•added 2021/07/21 12:0 a.m.•9 views

Vulnerability discovered in Microsoft Windows

Researchers have discovered a vulnerability in Microsoft Windows 10 build 1809 and later. A local, authenticated malicious person could exploit the vulnerability to read the local SAM database and execute arbitrary code with SYSTEM privileges. -= Microsoft =- Microsoft has not yet made updates...

7.8CVSS7.2AI score0.67252EPSS
Exploits11
Total number of security vulnerabilities4207