4179 matches found
Vulnerability fixed in Dell NetWorker
Dell EMC has released updates to fix the vulnerability. For more information, see: https://www.dell.com/support/kbdoc/en-us/000185470 /dsa-2021-081-dell-emc-networker-security-update-for-a-clear-text -vulnerability...
WIBU CodeMeter vulnerabilities fixed
Wibu-Systems has fixed vulnerabilities in CodeMeter. Successful exploitation of these vulnerabilities can enable a malicious person to cause a denial-of-service condition. WIBU-systems has released updates to the following documents: https://cdn.wibu.com/fileadmin/wibudownloads/securityadvisories...
Vulnerability fixed in WebSphere Application Server
IBM has fixed a vulnerability in WebSphere Application Server. The vulnerability allows a malicious party to obtain obtain elevated privileges. IBM has released updates to fix the vulnerabilities. More information can be found on the page below: https://www.ibm.com/support/pages/node/6476678...
Vulnerability fixed in Dell Avamar Server
A vulnerability has been fixed in Dell EMC Avamar Server. The vulnerability allows a malicious party to use an Open Redirect attack to send the visitor with a custom link to a malicious website. Dell EMC has released updates to fix the vulnerability. For more information, see:...
Vulnerabilities fixed in Sophos UTM Up2Date
Sophos has fixed multiple vulnerabilities in Up2Date for Sophos UTM. A malicious party could potentially abuse it to cause a Denial-of-Service or to perform a execute a Cross-Site Scripting XSS attack. Such an attack can result in the execution of arbitrary script code in the browser used to visi...
Vulnerabilities fixed in Xerox FreeFlow Print Server
Xerox has fixed vulnerabilities in Freeflow Print Server. This patch update includes, among other things, a fix for the PrintNightmare vulnerability located in the Windows Print Spooler service and affects the Windows Print Queue. Xerox has released updates to fix vulnerabilities in Freeflow prin...
Vulnerabilities fixed in Xerox AltaLink systems
Xerox has released a cumulative update that fixes several vulnerabilities that could lead to: Security measure circumvention SQL Injection Accessing sensitive data Xerox has released updates to address the vulnerabilities in AltaLink systems. For more information, see:...
Vulnerability fixed in Jetty
A vulnerability has been fixed in Jetty. A malicious party can exploit the exploit the vulnerability to obtain sensitive information. -= NetApp =- NetApp has released updates to fix the Jetty vulnerability fix in Active IQ Unified Manager. For more information, see:...
Vulnerability fixed in MISP
A vulnerability has been fixed in MISP. A malicious party can exploit the exploit the vulnerability to perform a Cross-Site Scripting XSS attack. Such an attack can result in the execution of arbitrary script code in the browser used to visit the application is visited. MISP has released updates ...
Vulnerabilities fixed in Foxit Reader
Vulnerabilities have been fixed in Foxit PDF Reader and PDF Editor. The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Data manipulation. Remote code execution User Rights To exploit these...
Vulnerability fixed in CheckMK
A vulnerability has been fixed in CheckMK. A malicious party can exploit the vulnerability to perform a Cross-Site Scripting XSS attack. Such an attack can lead to the execution of arbitrary script code in the browser used to visit the application is visited. CheckMK has released updates to fix t...
Vulnerability fixed in Apple iOS, iPadOS and macOS
A vulnerability has been fixed in iOS, iPadOS and macOS. A malicious party could potentially exploit the vulnerability to execute arbitrary code under root privileges. Apple indicates that this vulnerability may be actively abused being exploited. Apple has released updates to fix the...
Vulnerabilities fixed in Asterisk
Vulnerabilities have been fixed in Asterisk. A malicious party could potentially exploit the vulnerabilities to cause a denial-of-service cause. Asterisk Project has released updates to fix the vulnerabilities. fixes. For more information, see:...
Vulnerabilities fixed in IBM i2 Analyst's Notebook
Vulnerabilities have been fixed in the IBM i2 Analyst's Notebook. A malicious party could exploit the vulnerabilities to obtain system data and sensitive information. IBM has released updates to fix the vulnerabilities. For more information, see: https://www.ibm.com/support/pages/node/6474861...
Vulnerability fixed in MIT Kerberos
A vulnerability has been fixed in krb5, part of MIT's Kerberos. A malicious party could potentially exploit the vulnerability to cause a denial-of-service on the KDC process through a specially prepared request. -= Debian =- Debian has made updates to krb5 available for Debian 10.0 Buster to fix...
Vulnerabilities fixed in Dell OpenManage Enterprise
Vulnerabilities have been fixed in Dell OpenManage Enterprise. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Remote code execution Administrator/Root privileges. Spoofing Access to sensitive data Access to syste...
Vulnerabilities fixed in Apple Mac OS
Apple has fixed vulnerabilities in Apple MacOS Big Sur, Catalina and Mojave. A malicious person could exploit them to cause the following types of damage: Denial-of-Service DoS. Circumvention of security measure Remote code execution Administrator/Root rights Remote code execution User rights...
Vulnerabilities fixed in Apple iOS and iPadOS
Apple has fixed vulnerabilities in Apple iOS and iPadOS. A malicious party can exploit the vulnerabilities to cause the following types of damage: Denial-of-Service DoS Circumvention of security measure Remote code execution User rights Access to sensitive data All of the vulnerabilities describe...
Vulnerabilities fixed in NVIDIA GPU Display Driver
Vulnerabilities have been fixed in NVIDIA GPU Display Driver. The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS. Manipulation of data Access to system data Increased user privileges NVIDIA has...
Vulnerabilities fixed in Google Chrome
Google has fixed vulnerabilities in Google Chrome. The vulnerabilities allow a malicious person to carry out attacks execute attacks that lead to the following categories of damage: Denial-of-Service DoS Circumvention of security measure Remote code execution User rights Google has released updat...
Vulnerability fixed in Adobe Premiere Pro
Adobe has fixed a vulnerability in Premiere Pro. A malicious party could potentially exploit the vulnerability to execute arbitrary code with application privileges. To do this, the malicious party must trick the victim into opening a rogue file to open. Adobe has released updates to fix the...
Vulnerabilities fixed in Oracle Java SE and GraalVM
Oracle has fixed vulnerabilities in Java SE and GraalVM Enterprise Edition. The vulnerabilities allow a malicious potentially be able to launch attacks that result in the following categories of damage: Denial-of-Service DoS. Circumvention of security measure Remote code execution User rights...
Vulnerabilities fixed in Adobe Photoshop
Adobe has fixed vulnerabilities in Photoshop. A local malicious party could exploit the vulnerabilities to execute arbitrary code execute application privileges, or gain access to system files. Adobe has released updates to fix the vulnerabilities in Photoshop 2020 and 2021. For more information,...
Vulnerability discovered in Microsoft Windows
Researchers have discovered a vulnerability in Microsoft Windows 10 build 1809 and later. A local, authenticated malicious person could exploit the vulnerability to read the local SAM database and execute arbitrary code with SYSTEM privileges. -= Microsoft =- Microsoft has not yet made updates...
Vulnerabilities fixed in Adobe After Effects
Adobe has fixed vulnerabilities in After Effects. A malicious party could potentially exploit the vulnerabilities to access gain access to system data, or execute arbitrary code with the application's permissions. To do this, the malicious party must trick the victim into opening a rogue file...
Vulnerabilities fixed in Adobe Media Encoder
Adobe has fixed vulnerabilities in Media Encoder. A malicious party could exploit the vulnerabilities to gain access to system data, or execute arbitrary code with permissions of the application. To do this, the malicious party must entice the victim to open a rogue file. Adobe has released updat...
Vulnerability fixed in Elasticsearch
A vulnerability has been fixed in Elasticsearch. A malicious party can exploit the vulnerability to access system memory through a rogue query. In this way also obtain login credentials. Elastic has released updates to fix the vulnerability in Elasticsearch. For more information, see:...
Vulnerabilities fixed in Oracle Peoplesoft products
Oracle has fixed vulnerabilities in PeopleSoft Enterprise HCM Candidate Gateway, PeopleSoft Enterprise PT PeopleTools, PeopleSoft Enterprise CS Campus Community and PeopleSoft Enterprise HCM Shared Components. The vulnerabilities potentially enable a malicious party to able to perform attacks tha...
Vulnerabilities fixed in Oracle Siebel Suite
Oracle has fixed vulnerabilities in Siebel CRM and Siebel Apps. The vulnerabilities potentially enable a malicious party to execute attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution User rights Access to sensitive data Acce...
Vulnerabilities fixed in Atlassian Jira
Atlassian has fixed vulnerabilities in Jira Server. A remote malicious person could exploit the vulnerabilities to perform a cross-site scripting XSS attack. Such an attack can result in the execution of arbitrary code in the context of the victim's browser. The vulnerability with CVE attribute...
Vulnerabilities fixed in Oracle JD Edwards
Oracle has fixed vulnerabilities in JD Edwards EnterpriseOne Orchestrator and EnterpriseOne Tools. The vulnerabilities allow a malicious party potentially able to launch attacks that lead to the following categories of damage: Denial-of-Service DoS Manipulation of data Bypassing authentication...
Vulnerability fixed in Linux kernel
A vulnerability has been fixed in the Linux kernel. The Qualys researchers have dubbed this vulnerability "Sequoia." A local malicious party can, by exploiting this vulnerability cause a local denial-of-service or they can acquire root privileges on the vulnerable system. For Qualys' research...
Vulnerabilities fixed in Oracle Supply Chain Products Suite
Oracle has fixed vulnerabilities in the following products within the Supply Chain Products Suite: Transportation Management Agile Engineering Data Management Agile PLM Framework An unauthenticated malicious person could potentially exploit them to cause a denial-of-service. In addition the...
Vulnerabilities fixed in Oracle Fusion Middleware products
Oracle has fixed vulnerabilities in several products in the Oracle Fusion product group. The vulnerabilities allow a malicious party potentially able to launch attacks that lead to the following categories of damage: Denial-of-Service DoS. Bypassing authentication Bypassing security measure Remot...
Vulnerabilities fixed in Oracle MySQL
Oracle has fixed vulnerabilities in the following Oracle MySQL products: MySQL Connectors MySQL Server MySQL Enterprise Monitor The vulnerabilities allow an unauthenticated malicious person with network access to the vulnerable system may be able to launch attacks execute attacks that result in t...
Vulnerabilities fixed in Oracle Virtualization products
Oracle has fixed vulnerabilities in Secure Global Desktop and VirtualBox. The vulnerabilities potentially enable a malicious person to able to perform attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution Access to sensitive da...
Vulnerabilities fixed in Typo3
The developers of Typo3 have fixed vulnerabilities in Typo3 Core. The vulnerabilities allow a malicious party to perform Perform cross-site scripting XSS attacks. Such attacks can lead to the execution of arbitrary script code in the context of the victim's browser. In order to perform such an...
Vulnerability fixed in FortiNet products
A vulnerability has been fixed in Fortinet FortiManager and FortiAnalyzer. A malicious party could potentially exploit it to cause a denial-of-service or execute arbitrary execute arbitrary code under root privileges. To do this, a malicious party must send a specially prepared network packet to...
Fixed vulnerabilities in the Lexmark Universal Printer Driver
Lexmark has fixed vulnerabilities in the Universal Printer Driver. A local malicious person with rights to install/activate new printers could install/activate, could exploit the vulnerabilities to execute arbitrary code with SYSTEM privileges. Lexmark has released updates to fix the...
Vulnerability fixed in Juniper Junos OS
Two vulnerabilities have been fixed in Juniper JunOS. A malicious party could potentially exploit the vulnerabilities to cause a denial-of-service attack. To do this, an attacker needs to send valid network traffic in a specific sequence to the device. The traffic should be destined for the Junip...
Vulnerabilities fixed in Aruba AOS-CX switches
Vulnerabilities have been fixed in Aruba AOS-CX switches. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Manipulation of data. Bypassing authentication Remote code execution Administrator/Root privileges The...
Vulnerabilities fixed in Citrix ADC, Gateway and SDWAN WAN-OP
Citrix has fixed vulnerabilities in Citrix ADC formerly NetScaler ADC, Gateway formerly NetScaler Gateway and SDWAN WAN-OP. A malicious party could exploit the vulnerabilities to cause a denial-of-service, or gain access to sensitive data by taking over sessions. To cause a Denial-of-Service, the...
Vulnerabilities fixed in IBM Tivoli Monitoring
Vulnerabilities have been fixed in the IBM WebSphere Application Server as part of IBM Tivoli Monitoring. The vulnerabilities allow a malicious party to launch attacks that lead to the following categories of damage: Denial-of-Service DoS Spoofing Access to sensitive data Access to system data IB...
Vulnerability found in Microsoft Printer Spooler service
Microsoft has found a vulnerability in the Printer Spooler service. A local malicious person with the ability to execute code under user privileges to execute code could potentially exploit it to execute arbitrary code under SYSTEM privileges. It is as yet unknown in which versions of Windows the...
Vulnerability fixed in Cisco ASA
Cisco has fixed a vulnerability in Cisco ASA. A authenticated remote malicious party can exploit the vulnerability exploit the vulnerability to cause a denial-of-service on the system. To do this, the malicious party must send specially prepared network traffic to the vulnerable system. Cisco has...
Vulnerabilities fixed in Icinga Web
Vulnerabilities have been fixed in Icinga Web. A malicious person could exploit the vulnerabilities to gain access to sensitive data, including login credentials to underlying systems such as Databases. Also, a malicious party could potentially cause a Denial-of-Service cause. Icinga has released...
Vulnerabilities fixed in Google Chrome
Google has fixed vulnerabilities in Google Chrome. A unauthenticated remote malicious person can exploit the vulnerabilities potentially exploit them to execute arbitrary code under permissions of the application. As usual, few substantive details about the vulnerabilities disclosed. Google...
Vulnerabilities fixed in Juniper products
Juniper has fixed vulnerabilities in Junos OS, Junos OS Evolved and PTX, QTX, MX, EX9200 and SRX4600 devices. The vulnerabilities potentially enable a malicious party to launch attacks leading to the following categories of damage: Denial-of-Service DoS. Circumvention of security measure Remote...
Vulnerabilities fixed in Linux kernel
Vulnerabilities have been fixed in the Linux kernel. The vulnerabilities potentially enable a malicious person to launch attacks execute attacks that lead to the following categories of damage: Denial-of-Service DoS Manipulation of data Access to sensitive data Access to system data Increased use...
Vulnerability fixed in NetBSD
The developers of NetBSD have fixed a vulnerability in kernfs. The vulnerability allows an authenticated malicious person to able to read any files on the file system, including files both system and userspace for which the malicious party is not originally authorized. No CVE ID has been disclose...