Lucene search
K

4199 matches found

NCSC
NCSC
•added 2021/06/08 12:0 a.m.•10 views

Vulnerabilities fixed in SAP Netweaver

Vulnerabilities have been fixed in SAP Netweaver. The vulnerabilities allow a malicious person to perform attacks that lead to the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Manipulation of data Circumvention of authentication Remote code execution User rights...

9.8CVSS6.7AI score0.01594EPSS
Exploits3
NCSC
NCSC
•added 2021/06/08 12:0 a.m.•8 views

Vulnerabilities fixed in Android

Several vulnerabilities have been fixed in Android. The vulnerabilities allow a malicious person, remote or otherwise, to perform able to launch attacks that result in the following categories of damage: Remote code execution Administrator/Root rights Remote code execution User rights Access to...

9.8CVSS7.8AI score0.01556EPSS
Exploits0
NCSC
NCSC
•added 2021/06/08 12:0 a.m.•4 views

Vulnerabilities in Siemens SIMATIC NET

Siemens has identified a number of vulnerabilities in the SIMATIC NET CP 443-1 OPC UA Communication Processor for S7 systems. The vulnerabilities are all located in the NTP implementation and enable an unauthenticated malicious person to able to cause a Denial-of-Service, or potentially execute...

9.8CVSS7.6AI score0.17245EPSS
Exploits8
NCSC
NCSC
•added 2021/06/08 12:0 a.m.•6 views

Vulnerabilities fixed in Microsoft .NET Core and Visual Studio

Microsoft has fixed vulnerabilities in .NET Core, Visual Studio and Visual Studio Code. An unauthenticated malicious person at remote user could potentially exploit it to cause a denial-of-service. The vulnerability with attribute CVE-2021-31938 could potentially be exploited by a local malicious...

7.8CVSS6.5AI score0.05138EPSS
Exploits0
NCSC
NCSC
•added 2021/06/08 12:0 a.m.•3 views

Vulnerabilities fixed in Apache

Apache has released version 2.4.48 of the Apache Web server. In this version a number of vulnerabilities have been fixed, which can be exploited by an unauthenticated remote malicious person could be exploited to cause a denial-of-service. A vulnerability has also been fixed, which can be exploit...

9.8CVSS7.8AI score0.68067EPSS
Exploits0
NCSC
NCSC
•added 2021/06/08 12:0 a.m.•6 views

Vulnerabilities fixed in the linux kernel

Canonical has fixed a number of vulnerabilities in the Linux kernel. The vulnerabilities allow an authenticated malicious person able to cause a denial-of-service, or potentially execute arbitrary code with root privileges. The vulnerabilities are known to be exploitable only locally or through...

8.8CVSS6.4AI score0.01316EPSS
Exploits1
NCSC
NCSC
•added 2021/06/04 12:0 a.m.•5 views

Vulnerability fixed in Red Hat Enterprise Linux

Red Hat has fixed a vulnerability in the Public Key Infrastructure PKI Core package. A component of this package writes out the administrator password during installation to a log file that is unjustifiably readable by any local user. A local malicious person with knowledge of the location of thi...

7.8CVSS6.4AI score0.00186EPSS
Exploits0
NCSC
NCSC
•added 2021/06/04 12:0 a.m.•34 views

Vulnerability fixed in Huawei S5700 devices

Huawei has fixed a vulnerability in S5700 devices. A authenticated remote malicious person can exploit the vulnerability potentially exploit it to inject system commands. There are few substantive details about the vulnerability disclosed. Huawei has released updates to fix the vulnerability. The...

7.2CVSS6.8AI score0.00917EPSS
Exploits0
NCSC
NCSC
•added 2021/06/04 12:0 a.m.•3 views

Vulnerability fixed in HPE OneView for VMware vCenter

HPE has fixed a vulnerability in OneView for VMware vCenter. An unauthenticated remote malicious agent could exploit it to perform a Cross-Site Scripting XSS attack. Such an attack could result in the execution of arbitrary script code in the browser used to visit the application visited. HPE has...

6.1CVSS6.7AI score0.0067EPSS
Exploits0
NCSC
NCSC
•added 2021/06/04 12:0 a.m.•2 views

Vulnerabilities fixed in Mozilla Thunderbird

Mozilla has fixed vulnerabilities in Thunderbird. A remote malicious party could potentially exploit the vulnerabilities to cause a denial-of-service or execute arbitrary code execute with the application's permissions. Mozilla has released updates to fix the vulnerabilities in Thunderbird 78.11...

8.8CVSS7.3AI score0.01368EPSS
Exploits0
NCSC
NCSC
•added 2021/06/03 12:0 a.m.•6 views

Vulnerabilities fixed in Cisco ASR 5000 series

Cisco has fixed vulnerabilities in StarOS as used by ASR 5000-series devices. The vulnerabilities allow an authenticated remote malicious party able to further authentication to bypass and execute restricted unauthenticated commands execute. To do this, the malicious party must send rogue SSH...

8.8CVSS7.4AI score0.01093EPSS
Exploits0
NCSC
NCSC
•added 2021/06/03 12:0 a.m.•33 views

Vulnerabilities fixed in Cisco Webex Player and Webex Network Recording Player

Cisco has fixed vulnerabilities in Webex Player and Webex Network Recording Player. The vulnerabilities allow an unauthenticated remote malicious party potentially capable of perform attacks that result in the following categories of damage: Denial-of-Service DoS Remote code execution User Rights...

7.8CVSS7.8AI score0.01081EPSS
Exploits0
NCSC
NCSC
•added 2021/06/03 12:0 a.m.•5 views

Vulnerabilities fixed in GitLab

Vulnerabilities have been fixed in GitLab Community Edition and GitLab Enterprise Edition. The vulnerabilities allow a remote malicious party potentially capable of performing attacks that lead to the following categories of damage: Cross-Site Request Forgery XSRF. Cross-Site Scripting XSS...

7.7CVSS6.5AI score0.01058EPSS
Exploits0
NCSC
NCSC
•added 2021/06/03 12:0 a.m.•5 views

Vulnerability fixed in Redis

A vulnerability has been fixed in Redis. A malicious person at remote user could potentially exploit the vulnerability to execute arbitrary execute arbitrary code under application privileges. The vulnerability is caused by an integer overflow that can be triggered via the command "STRALGO LCS" c...

8.8CVSS7.8AI score0.04207EPSS
Exploits0
NCSC
NCSC
•added 2021/06/03 12:0 a.m.•28 views

Vulnerabilities fixed in Cisco Webex Meetings and Webex Server

Cisco has fixed vulnerabilities in Webex Meetings, Webex Meetings Server, Webex Teams and Webex client software. The vulnerabilities allow a malicious person, possibly remotely, to able to launch attacks that result in the following categories of damage: Circumvention of security measure. Remote...

7.8CVSS7.7AI score0.00825EPSS
Exploits0
NCSC
NCSC
•added 2021/06/02 12:0 a.m.•7 views

Vulnerability fixed in FortiGate SSL VPN Portal

FortiGuard has fixed a vulnerability in e FortiGate SSL VPN portal. An unauthenticated remote malicious party could potentially exploit the vulnerability potentially exploit it to perform a Cross-Site Scripting XSS attack. Such an attack could lead to the execution of arbitrary script code in the...

6.1CVSS6.7AI score0.01061EPSS
Exploits0
NCSC
NCSC
•added 2021/06/02 12:0 a.m.•4 views

Vulnerability fixed in Cisco products

Cisco has fixed a vulnerability in the following products: Cisco Adaptive Security Appliance ASA Cisco Content Security Management Appliance SMA Cisco Email Security Appliance ESA Cisco Firepower Threat Defense FTD. Cisco FXOS Cisco Web Security Appliance WSA The vulnerability potentially allows ...

7.5CVSS6.7AI score0.01325EPSS
Exploits0
NCSC
NCSC
•added 2021/06/02 12:0 a.m.•6 views

Vulnerability fixed in F5 BIG-IQ Centralized Management

F5 has fixed a vulnerability in BIG-IQ Centralized Management. An authenticated remote malicious party could potentially exploit the vulnerability potentially exploit it to execute arbitrary code under root privileges. The vulnerability is located in the BIG-IQ Configuration utility. Successful...

9CVSS7.3AI score0.05346EPSS
Exploits3
NCSC
NCSC
•added 2021/06/02 12:0 a.m.•5 views

Vulnerability fixed in WhatsApp

A vulnerability has been fixed in the Android versions of WhatsApp and WhatsApp Business. It involves a path-traversal vulnerability which could potentially be exploited remotely to overwrite files used by WhatsApp. There few substantive details of the vulnerability have been made publicly...

9.1CVSS6.8AI score0.01134EPSS
Exploits0
NCSC
NCSC
•added 2021/06/02 12:0 a.m.•6 views

Vulnerabilities fixed in Mozilla Firefox

Mozilla has fixed vulnerabilities in Firefox. The vulnerabilities potentially allow an unauthenticated remote malicious person to able to launch attacks that result in the following categories of damage: Denial-of-Service DoS Circumvention of security measure. Remote code execution User rights...

8.8CVSS7.6AI score0.01368EPSS
Exploits0
NCSC
NCSC
•added 2021/06/01 12:0 a.m.•4 views

Vulnerability fixed in NetApp Clustered Data ONTAP

NetApp has fixed a vulnerability in Clustered Data ONTAP. A remote malicious party could potentially exploit it to cause a denial-of-service. Few substantive details about the vulnerability publicly available made available. NetApp has released updates to fix the vulnerability in Clustered Data...

6.5CVSS6.9AI score0.00832EPSS
Exploits0
NCSC
NCSC
•added 2021/06/01 12:0 a.m.•5 views

Vulnerability fixed in Squid

A vulnerability has been fixed in Squid. An unauthenticated remote malicious party could potentially exploit the vulnerability to cause cause a denial-of-service. To do this, a rogue HTTP response message should be sent to the Squid service. The developers have released updates to fix the...

6.5CVSS6.8AI score0.79583EPSS
Exploits0
NCSC
NCSC
•added 2021/06/01 12:0 a.m.•3 views

Vulnerability fixed in Linux kernel

A vulnerability has been fixed in the Linux kernel. A local, authenticated malicious person can, by exploiting this vulnerability to gain root privileges on the vulnerable system. -= Fedora =- Fedora has made updates available for Fedora 33 and 34. You can install these updates using the command...

7.8CVSS8.4AI score0.00377EPSS
Exploits0
NCSC
NCSC
•added 2021/06/01 12:0 a.m.•11 views

Vulnerabilities fixed in Red Hat Openshift Container Platform

Red Hat has released updates to a large number of packages for its OpenShift Container Platform. The packages include several applications for which security advisories have previously been written, but for which Red Hat is now releasing a bundle for OpenShift 4.7.13 Malicious parties can exploit...

9.8CVSS7AI score0.3783EPSS
Exploits29
NCSC
NCSC
•added 2021/05/31 12:0 a.m.•13 views

Vulnerabilities fixed in IBM Cognos

IBM has fixed vulnerabilities in Cognos Analytics. The vulnerabilities allow an unauthenticated malicious person, possibly remotely, be able to launch attacks that result in the following categories of damage: Denial-of-Service DoS Remote code execution User Rights Access to sensitive data Access...

10CVSS8.8AI score0.34731EPSS
Exploits11
NCSC
NCSC
•added 2021/05/31 12:0 a.m.•5 views

Vulnerabilities fixed in XWiki

Vulnerabilities have been fixed in XWiki. The vulnerabilities allow an authenticated malicious person to execute scripts without having the necessary permissions to do so. In addition, a malicious person with inactive account could bypass a security measure that allows access to the account to be...

8.8CVSS7.1AI score0.02102EPSS
Exploits1
NCSC
NCSC
•added 2021/05/28 12:0 a.m.•6 views

Vulnerability fixed in Siemens SIMATIC

Siemens has fixed a vulnerability in several SIMATIC products. An unauthenticated malicious person with access to TCP port 102 could potentially exploit the vulnerability to manipulate system memory, execute arbitrary code and gain access to system data. Siemens has released updates to fix the...

9.8CVSS7.7AI score0.05184EPSS
Exploits0
NCSC
NCSC
•added 2021/05/28 12:0 a.m.•4 views

Vulnerability fixed in DHCP

A vulnerability has been fixed in DHCP. The vulnerability allows a remote malicious party to cause a denial-of-service. cause. ISC has released updates to fix the vulnerability. More information can be found on the page below: https://kb.isc.org/docs/cve-2021-25217 -= Ubuntu =- Canonical has made...

7.4CVSS6.7AI score0.06118EPSS
Exploits1
NCSC
NCSC
•added 2021/05/28 12:0 a.m.•5 views

Vulnerability fixed in SonicWall Network Security Manager

A vulnerability has been fixed in the SonicWall Network Security Manager. The vulnerability allows an authenticated malicious person remotely capable of injecting OS commands by sending a specially-prepared HTTP request. SonicWall has released updates to fix the vulnerability. fix. More informati...

9CVSS6.7AI score0.11642EPSS
Exploits1
NCSC
NCSC
•added 2021/05/28 12:0 a.m.•4 views

Vulnerability fixed in cURL

A vulnerability has been fixed in cURL. A malicious person at remote user could potentially exploit the vulnerability to cause a denial-of-service or execute arbitrary code with the application's permissions. To do this, the malicious party needs to entice a victim to execute a cURL request towar...

8.1CVSS9AI score0.60122EPSS
Exploits1
NCSC
NCSC
•added 2021/05/27 12:0 a.m.•4 views

Vulnerability fixed in Drupal

A vulnerability has been fixed in Drupal. The vulnerability is located in CKEditor and can be exploited by a malicious person abused to perform a Cross-Site Scripting XSS attack. Such an attack can lead to the execution of arbitrary script code in the browser used to visit the application visited...

6.6AI score
Exploits0
NCSC
NCSC
•added 2021/05/26 12:0 a.m.•6 views

Vulnerabilities verhopen in IBM WebSphere Appliction Server

IBM has fixed a vulnerability in WebSphere Application Server Java Batch. A malicious party could potentially exploit it to cause a denial-of-service or to gaining access to sensitive data. To do so, the malicious party induces the server to process a rogue XML file. processing. IBM has released...

8.2CVSS6.6AI score0.02071EPSS
Exploits0
NCSC
NCSC
•added 2021/05/26 12:0 a.m.•9 views

Vulnerabilities fixed in Joomla!

Vulnerabilities have been fixed in Joomla! The vulnerabilities allow a malicious person to launch attacks that lead to the following categories of damage: Cross-Site Request Forgery XSRF. Cross-Site Scripting XSS. Access to system data Joomla! has released updates to fix the vulnerabilities. More...

6.5CVSS6.2AI score0.0098EPSS
Exploits1
NCSC
NCSC
•added 2021/05/26 12:0 a.m.•4 views

Vulnerabilities fixed in Google Chrome

Google has fixed vulnerabilities in Chrome. The vulnerabilities potentially enable a remote malicious person to launch attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Circumvention of security measure Remote code execution User rights Accessing...

8.8CVSS7.6AI score0.16611EPSS
Exploits19
NCSC
NCSC
•added 2021/05/26 12:0 a.m.•2 views

Vulnerabilities fixed in the Linux kernel

Vulnerabilities have been fixed in the linux kernel. The vulnerabilities allow a local malicious agent to launch attacks execute attacks that lead to the following categories of damage: Denial-of-Service DoS Remote code execution Administrator/Root privileges Increased user privileges -= Ubuntu =...

8.8CVSS8AI score0.27477EPSS
Exploits8
NCSC
NCSC
•added 2021/05/26 12:0 a.m.•58 views

Vulnerabilities fixed in Synology DiskStation Manager

Vulnerabilities have been fixed in Synology DiskStation Manager. The vulnerabilities allow a malicious party to carry out attacks execute attacks that lead to the following categories of damage: Remote code execution Administrator/Root privileges. Spoofing Access to sensitive data Synology has...

9.8CVSS7.3AI score0.03786EPSS
Exploits6
NCSC
NCSC
•added 2021/05/26 12:0 a.m.•6 views

Vulnerability fixed in Salt

A vulnerability has been fixed in Salt. A malicious person could vulnerability potentially exploit it to execute execute arbitrary code. To do this, the malicious party must have the ability to place a rogue file on a Salt monitored device. This file should then be passed through the Snapper modu...

7.8CVSS7AI score0.03808EPSS
Exploits1
NCSC
NCSC
•added 2021/05/26 12:0 a.m.•7 views

Vulnerabilities fixed in Dell Precision products

Vulnerabilities have been fixed in Dell Precision products. The vulnerabilities allow a local malicious person to obtain elevated rights or to cause a denial-of-service. Dell has released updates to fix the vulnerabilities. More information can be found on the page below:...

6.7CVSS6.4AI score0.00371EPSS
Exploits0
NCSC
NCSC
•added 2021/05/26 12:0 a.m.•8 views

Vulnerabilities fixed in VMware vCenter Server

Vulnerabilities have been fixed in VMware vCenter Server. The vulnerability with reference CVE-2021-21985 allows an unauthenticated malicious person with access to port 443 of the vSphere HTML5 Client to execute under elevated privileges execute arbitrary code on both the vCenter Server and the...

10CVSS7.5AI score0.99999EPSS
Exploits13
NCSC
NCSC
•added 2021/05/26 12:0 a.m.•7 views

Vulnerability fixed in Nginx

A vulnerability has been fixed in Nginx. The vulnerability allows a remote malicious party the ability to cause a denial-of-service cause and potentially execute arbitrary code by sending a specially prepared DNS response. Nginx is only vulnerable if the "resolver directive" is used in the...

7.7CVSS9.3AI score0.53461EPSS
Exploits10
NCSC
NCSC
•added 2021/05/25 12:0 a.m.•5 views

Vulnerability fixed in Red Hat OpenShift Container Platform

A vulnerability has been fixed in runc, a component of Red Hat OpenShift Container Platform. The vulnerability allows a malicious user under certain circumstances to themselves, through a rogue container image, to gain access to the host's file system. For more information about the vulnerability...

8.5CVSS9.4AI score0.06604EPSS
Exploits0
NCSC
NCSC
•added 2021/05/25 12:0 a.m.•42 views

Vulnerabilities found in Bluetooth specifications

Researchers have discovered seven vulnerabilities in two components of the Bluetooth standard. Specifically, these are the Bluetooth Core Specification and Bluetooth Mesh Specification 1.0 and 1.0.1. The vulnerabilities allow a malicious person to spoof Bluetooth devices during the pairing proces...

8.8CVSS8.1AI score0.00907EPSS
Exploits1
NCSC
NCSC
•added 2021/05/25 12:0 a.m.•2 views

Vulnerabilities fixed in Apple Safari

Apple has fixed vulnerabilities in Safari. The vulnerabilities potentially enable an unauthenticated remote malicious person to able to launch attacks that result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Circumvention of security measure Remote code...

8.8CVSS8.7AI score0.07471EPSS
Exploits2
NCSC
NCSC
•added 2021/05/25 12:0 a.m.•5 views

Vulnerabilities fixed in Apple iOS and iPadOS

Apple has fixed several vulnerabilities in iOS and iPadOS. The vulnerabilities allow a malicious person possibly unauthenticated and remote to launch attacks that result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Manipulation of data Circumvention of...

9.3CVSS8.5AI score0.07471EPSS
Exploits2
NCSC
NCSC
•added 2021/05/25 12:0 a.m.•6 views

Vulnerabilities fixed in Apple macOS

Apple has fixed vulnerabilities in macOS. The vulnerabilities allow a malicious person possibly unauthenticated and remote able to launch attacks that result in the following categories of damage: Denial-of-Service DoS Bypassing authentication Circumvention of security measure Remote code executi...

9.8CVSS9.4AI score0.84224EPSS
Exploits2
NCSC
NCSC
•added 2021/05/21 12:0 a.m.•4 views

Vulnerability fixed in Apache Cassandra

A vulnerability has been found in Apache Cassandra. The vulnerability allows a local malicious person to obtain to obtain sensitive information. Apache categorizes this vulnerability according to the CVSSv3 method with a score of 5.9. Apache has released updates to fix the vulnerability. More...

5.9CVSS6.2AI score0.02951EPSS
Exploits0
NCSC
NCSC
•added 2021/05/21 12:0 a.m.•7 views

Vulnerability fixed in Huawei S5700 switch series

Huawei has fixed a vulnerability in its S5700 switch series. A remote malicious person could exploit the vulnerability to cause a denial-of-service attack. Huawei categorizes this vulnerability according to the CVSSv3 method with a score of 6.5. Huawei has released updates to fix the vulnerabilit...

7.5CVSS6.6AI score0.00696EPSS
Exploits0
NCSC
NCSC
•added 2021/05/21 12:0 a.m.•5 views

Vulnerability fixed in QNAP QTS

QNAP has fixed a vulnerability in the QTS operating system. The vulnerability allows a local malicious person to perform a so-called path-traversal attack. In the event of a successful attack, a malicious party can compromise the integrity of files. QNAP has released updates to fix the...

8.8CVSS6.4AI score0.00938EPSS
Exploits0
NCSC
NCSC
•added 2021/05/21 12:0 a.m.•2 views

Vulnerability fixed in Confluence

A vulnerability has been fixed in JIRA. The vulnerability allows a local malicious agent the ability to execute arbitrary code execute under application privileges. JIRA has released updates to fix the vulnerability. More information can be found on the page below:...

8.8CVSS8.5AI score0.77735EPSS
Exploits1
NCSC
NCSC
•added 2021/05/21 12:0 a.m.•5 views

Vulnerability found in Mozilla Firefox

Researchers have found a vulnerability in Mozilla Firefox. The vulnerability allows a remote malicious person to execute arbitrary JavaScript code in the context of the web browser. To exploit this vulnerability, a malicious person to induce the victim to visit a rogue server. visit. Then, the...

7AI score
Exploits0
Total number of security vulnerabilities4199