4207 matches found
Several vulnerabilities fixed in SAP products
Vulnerabilities have been fixed in SAP products. The vulnerabilities enable a malicious person to launch attacks that lead to the following categories of damage: Cross-Site Scripting XSS. Bypassing authentication Bypassing security measure SQL Injection SAP designates three vulnerabilities as "Ho...
Vulnerabilities fixed in Debian Bluetooth protocol stack
Vulnerabilities have been fixed in Bluetooth. The vulnerabilities allow a malicious person to carry out attacks that lead to the following categories of damage: Denial-of-Service DoS. Circumvention of security measure Remote code execution User rights Spoofing -= Debian =- Debian has made updates...
Vulnerabilities fixed in Oracle Linux microcode
Vulnerabilities have been fixed in the Oracle Linux microcode. The vulnerabilities allow a malicious party to access system data and increased user privileges. -= Oracle =- Oracle has made updates available for Oracle Linux 7 and 8. U can install these updates using the command 'yum'. More...
Vulnerabilities fixed in Microsoft Developer Tools
Microsoft has fixed vulnerabilities in its Developer products. The vulnerabilities allow a malicious party to launch attacks execute attacks that could lead to access to sensitive data, or Denial-of-Service, for example, through services and applications that make use of these vulnerable products...
Vulnerabilities fixed in Siemens Scalance products
Siemens has fixed vulnerabilities in Scalance products. The vulnerabilities potentially enable a malicious person to launch attacks execute attacks that result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Manipulation of data Circumvention of authenticati...
Vulnerability fixed in Jupyter notebook
Jupyter has fixed a vulnerability in notebook. The vulnerability is known as a so-called Cross-Site-Scripting XSS. The vulnerability allows a malicious person to execute arbitrary code under the privileges of the victim. To do this, the malicious party must induce the victim to to follow a rogue...
Vulnerability fixed in Lynx
A vulnerability has been fixed in Lynx. A malicious person at remote can exploit the vulnerability to obtain login credentials sent over HTTPS via Lynx to a server. transmitted. To do this, the malicious party must have access to network traffic between the victim and the server. It is not...
Vulnerabilities fixed in SUSE kernel
Vulnerabilities have been fixed in SUSE kernel. The vulnerabilities allow a malicious person to perform attacks that lead to the following categories of damage: Denial-of-Service DoS. Access to system data Increased user privileges -= SUSE =- SUSE has made updates available to fix the vulnerabili...
Apache Tomcat vulnerability discovered in BIG-IP
F5 has discovered a vulnerability in BIG-IP. The vulnerability is located in the Tomcat component and gives opportunity for HTTP request smuggling. A malicious party can modify an HTTP request of another user. This can lead to many types of consequential damage. F5 has not yet released updates to...
Vulnerabilities fixed in Siemens Simatic products
Siemens has fixed vulnerabilities in several Simatic products. The vulnerabilities potentially enable a malicious party to execute attacks that result in the following categories of damage: Denial-of-Service DoS. Bypassing authentication Bypassing security measure Remote code execution User right...
Vulnerabilities fixed in Red Hat OpenShift
Red Hat has fixed vulnerabilities in OpenShift. The vulnerabilities allow an unauthenticated remote malicious person to remotely capable of causing a denial-of-service. -= Red Hat =- Red Hat has made updates available for Red Hat Enterprise Linux 7 and 8. You can install these updates using the...
Vulnerabilities fixed in Ansible
Vulnerabilities have been fixed in Ansible. The vulnerabilities potentially enable an authenticated malicious person to perform attacks that result in the following categories of damage: Remote code execution User Rights Access to sensitive data Access to system data Increased user privileges -=...
Vulnerabilities fixed in IBM Workload Scheduler
IBM has fixed vulnerabilities in Workload Scheduler. The vulnerabilities allow an unauthenticated malicious person to opportunity to cause a denial-of-service and to bypass a security measure. IBM categorizes these vulnerabilities using the CVSSv3 method with a highest score of 7.5. IBM has...
Vulnerabilities fixed in GitLab
Vulnerabilities have been fixed in GitLab. The vulnerabilities potentially enable a malicious person to launch attacks leading to the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Circumvention of security measure Accessing sensitive data Not all vulnerabilities...
Vulnerabilities fixed in VMware Workspace One Access and Identity Manager
VMware has fixed vulnerabilities in Workspace One Access and Identity Manager, as used by VMware Cloud Foundation, Identity Manager, Workspace One Access and vRealize. A unauthenticated malicious party could potentially exploit them to gain access to sensitive system data. VMware has released...
Vulnerabilities fixed in Pulse Connect Secure
Pulse Connect has fixed vulnerabilities in Pulse Connect Secure. The vulnerabilities potentially enable a malicious person to able to perform attacks that result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Data manipulation. Remote code execution...
Vulnerabilities fixed in Cisco RV-series routers
Cisco has fixed vulnerabilities in several routers in its RV product line. An unauthenticated malicious party could potentially exploit the vulnerabilities potentially exploit them to cause a denial-of-service cause or to execute arbitrary code with elevated privileges. execution. To do this, rog...
Vulnerabilities fixed in IBM Db2
IBM has fixed vulnerabilities in Db2. A malicious party could vulnerabilities potentially exploit them to cause a denial-of-service cause. To do this, a rogue database query on the database server to be executed. IBM has released updates to fix the vulnerabilities. For more information, see:...
Vulnerabilities fixed in ForsiOS
FortiGuard Labs has fixed several vulnerabilities in FortiOS. The vulnerabilities allow a malicious party to execute attacks that potentially lead to the execution of arbitrary code under the user's privileges. FortiGuard Labs has released updates to fix the vulnerabilities fixes in FortiOS SSL...
Vulnerabilities fixed in FortiManager and FortiAnalyzer
A vulnerability has been fixed in FortiManager and FortiAnalyzer. A malicious party could potentially exploit them to execute arbitrary code with elevated privileges or gain access to sensitive data. Fortinet has released updates to fix the vulnerability. More information can be found on the page...
Vulnerability fixed in FortiManager and FortiAnalyzer
A server-side request forgery SSRF vulnerability in FortiManager and FortiAnalyser GUI could allow a remote attacker to gain access to unauthorized files and services on the system via specially designed web requests. Fortinet has released updates to fix the vulnerability. More information can be...
Vulnerabilities fixed in ElasticSearch
Elastic has fixed vulnerabilities in the Elastic Stack. A authenticated malicious person could exploit the vulnerabilities to obtain sensitive information or bypass a security measure. The vulnerabilities are located in Elasticsearch itself and in the Elastic App Search API. Elastic has released...
Vulnerabilities found in NicheStack
Forescout researchers have found fourteen vulnerabilities found in NicheStack. This is a TCP/IP stack used primarily used in embedded systems and ICS/SCADA devices. Among Siemens, Honeywell, Rockwell Automation and Schneider Electric, among others are mentioned by Forescout as manufacturers that...
Vulnerabilities fixed in Google Chrome
Google has fixed vulnerabilities in Chrome. The vulnerabilities potentially enable a remote malicious person to launch attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Remote code execution User Rights Access to sensitive data Few technical details ...
Vulnerabilities fixed in Google Android
Google has fixed vulnerabilities in Android. The vulnerabilities potentially enable a malicious person to carry out attacks that lead to the following categories of damage: Remote code execution User Rights Access to sensitive data Access to system data Increased user privileges Few technical...
Vulnerabilities fixed in Samsung Mobile
Vulnerabilities have been fixed in Android as used by Samsung Mobile products. The vulnerabilities allow a malicious party potentially able to launch attacks that lead to the following categories of damage: Denial-of-Service DoS. Remote code execution User Rights Access to sensitive data Access t...
Vulnerability fixed in PowerDNS
A vulnerability has been fixed in PowerDNS. The vulnerability allows an unauthenticated remote malicious agent to cause a denial-of-service. PowerDNS has released updates to fix the vulnerability. More information can be found on the page below:...
Vulnerabilities fixed is MISP
Vulnerabilities have been fixed in MISP. The vulnerabilities allow an unauthenticated remote malicious person to be able to execute arbitrary code in the victim's browser. To do so, the malicious party must induce the victim to follow a rogue hyper-link to follow CIRCL has released updates to fix...
Vulnerability fixed in WebSphere Application Server
IBM has fixed a vulnerability in WebSphere Application Server. The vulnerability allows a malicious party to obtain obtain elevated privileges. IBM has released updates to fix the vulnerabilities. More information can be found on the page below: https://www.ibm.com/support/pages/node/6476678...
WIBU CodeMeter vulnerabilities fixed
Wibu-Systems has fixed vulnerabilities in CodeMeter. Successful exploitation of these vulnerabilities can enable a malicious person to cause a denial-of-service condition. WIBU-systems has released updates to the following documents: https://cdn.wibu.com/fileadmin/wibudownloads/securityadvisories...
Vulnerability fixed in Dell NetWorker
Dell EMC has released updates to fix the vulnerability. For more information, see: https://www.dell.com/support/kbdoc/en-us/000185470 /dsa-2021-081-dell-emc-networker-security-update-for-a-clear-text -vulnerability...
Vulnerability fixed in Dell Avamar Server
A vulnerability has been fixed in Dell EMC Avamar Server. The vulnerability allows a malicious party to use an Open Redirect attack to send the visitor with a custom link to a malicious website. Dell EMC has released updates to fix the vulnerability. For more information, see:...
Vulnerabilities fixed in Sophos UTM Up2Date
Sophos has fixed multiple vulnerabilities in Up2Date for Sophos UTM. A malicious party could potentially abuse it to cause a Denial-of-Service or to perform a execute a Cross-Site Scripting XSS attack. Such an attack can result in the execution of arbitrary script code in the browser used to visi...
Vulnerability fixed in Jetty
A vulnerability has been fixed in Jetty. A malicious party can exploit the exploit the vulnerability to obtain sensitive information. -= NetApp =- NetApp has released updates to fix the Jetty vulnerability fix in Active IQ Unified Manager. For more information, see:...
Vulnerabilities fixed in Xerox AltaLink systems
Xerox has released a cumulative update that fixes several vulnerabilities that could lead to: Security measure circumvention SQL Injection Accessing sensitive data Xerox has released updates to address the vulnerabilities in AltaLink systems. For more information, see:...
Vulnerabilities fixed in Xerox FreeFlow Print Server
Xerox has fixed vulnerabilities in Freeflow Print Server. This patch update includes, among other things, a fix for the PrintNightmare vulnerability located in the Windows Print Spooler service and affects the Windows Print Queue. Xerox has released updates to fix vulnerabilities in Freeflow prin...
Vulnerabilities fixed in Foxit Reader
Vulnerabilities have been fixed in Foxit PDF Reader and PDF Editor. The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Data manipulation. Remote code execution User Rights To exploit these...
Vulnerability fixed in MISP
A vulnerability has been fixed in MISP. A malicious party can exploit the exploit the vulnerability to perform a Cross-Site Scripting XSS attack. Such an attack can result in the execution of arbitrary script code in the browser used to visit the application is visited. MISP has released updates ...
Vulnerability fixed in Apple iOS, iPadOS and macOS
A vulnerability has been fixed in iOS, iPadOS and macOS. A malicious party could potentially exploit the vulnerability to execute arbitrary code under root privileges. Apple indicates that this vulnerability may be actively abused being exploited. Apple has released updates to fix the...
Vulnerability fixed in CheckMK
A vulnerability has been fixed in CheckMK. A malicious party can exploit the vulnerability to perform a Cross-Site Scripting XSS attack. Such an attack can lead to the execution of arbitrary script code in the browser used to visit the application is visited. CheckMK has released updates to fix t...
Vulnerabilities fixed in Asterisk
Vulnerabilities have been fixed in Asterisk. A malicious party could potentially exploit the vulnerabilities to cause a denial-of-service cause. Asterisk Project has released updates to fix the vulnerabilities. fixes. For more information, see:...
Vulnerabilities fixed in IBM i2 Analyst's Notebook
Vulnerabilities have been fixed in the IBM i2 Analyst's Notebook. A malicious party could exploit the vulnerabilities to obtain system data and sensitive information. IBM has released updates to fix the vulnerabilities. For more information, see: https://www.ibm.com/support/pages/node/6474861...
Vulnerability fixed in MIT Kerberos
A vulnerability has been fixed in krb5, part of MIT's Kerberos. A malicious party could potentially exploit the vulnerability to cause a denial-of-service on the KDC process through a specially prepared request. -= Debian =- Debian has made updates to krb5 available for Debian 10.0 Buster to fix...
Vulnerabilities fixed in Dell OpenManage Enterprise
Vulnerabilities have been fixed in Dell OpenManage Enterprise. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Remote code execution Administrator/Root privileges. Spoofing Access to sensitive data Access to syste...
Vulnerabilities fixed in NVIDIA GPU Display Driver
Vulnerabilities have been fixed in NVIDIA GPU Display Driver. The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS. Manipulation of data Access to system data Increased user privileges NVIDIA has...
Vulnerabilities fixed in Apple Mac OS
Apple has fixed vulnerabilities in Apple MacOS Big Sur, Catalina and Mojave. A malicious person could exploit them to cause the following types of damage: Denial-of-Service DoS. Circumvention of security measure Remote code execution Administrator/Root rights Remote code execution User rights...
Vulnerabilities fixed in Apple iOS and iPadOS
Apple has fixed vulnerabilities in Apple iOS and iPadOS. A malicious party can exploit the vulnerabilities to cause the following types of damage: Denial-of-Service DoS Circumvention of security measure Remote code execution User rights Access to sensitive data All of the vulnerabilities describe...
Vulnerability fixed in Adobe Premiere Pro
Adobe has fixed a vulnerability in Premiere Pro. A malicious party could potentially exploit the vulnerability to execute arbitrary code with application privileges. To do this, the malicious party must trick the victim into opening a rogue file to open. Adobe has released updates to fix the...
Vulnerabilities fixed in Adobe Photoshop
Adobe has fixed vulnerabilities in Photoshop. A local malicious party could exploit the vulnerabilities to execute arbitrary code execute application privileges, or gain access to system files. Adobe has released updates to fix the vulnerabilities in Photoshop 2020 and 2021. For more information,...
Vulnerability discovered in Microsoft Windows
Researchers have discovered a vulnerability in Microsoft Windows 10 build 1809 and later. A local, authenticated malicious person could exploit the vulnerability to read the local SAM database and execute arbitrary code with SYSTEM privileges. -= Microsoft =- Microsoft has not yet made updates...