4197 matches found
Vulnerability fixed in Redis
A vulnerability in Redis has been fixed. The vulnerability allows a local malicious agent to cause a denial-of-service cause, potentially executing arbitrary code under rights of the application as a result. Redis developers categorize this vulnerability according to the CVSSv3 method with a scor...
Vulnerabilities fixed in the Linux kernel
Vulnerabilities have been fixed in the Linux kernel. The vulnerabilities allow a local malicious agent to obtain elevated privileges or cause a denial-of-service cause. Fedora has released updates to fix the vulnerabilities. More information can be found on the page below:...
Vulnerability fixed in Xerox printer drivers
Xerox has fixed a vulnerability in its printer driver for Windows. A remote malicious person could, by exploiting of this vulnerability obtain elevated privileges on the vulnerable system. Few substantive details about the vulnerability have been made publicly available. Xerox has released update...
Vulnerabilities fixed in QEMU and libvirt
Vulnerabilities have been fixed in QEMU and libvirt. The vulnerabilities allow a local, authenticated malicious person potentially able to launch attacks that result in the following categories of damage: Denial-of-Service DoS Access to system data Increased user privileges -= Red Hat =- Red Hat...
Vulnerability fixed in Keycloak
A vulnerability has been fixed in Keycloak. The vulnerability allows a malicious party to obtain sensitive data and potentially gain elevated privileges as well. Keycloak's developers have released updates to fix the vulnerability. More information can be found at the page below:...
Vulnerability fixed in Huawei CloudEngine
A vulnerability has been fixed in several Huawei CloudEngine products. The vulnerability allows a malicious party to capable of causing a denial-of-service. Huawei has released updates to fix the vulnerability. More information can be found on the page below:...
Hiding vulnerabilities in python3
Vulnerabilities have been fixed in python3. The vulnerabilities allow a malicious person to perform attacks that lead to the following categories of damage: Denial-of-Service DoS. Circumvention of security measure Remote code execution User rights -= Red Hat =- Red Hat has made updates available...
Vulnerabilities fixed in Red Hat OpenShift Container Platform
Vulnerabilities have been fixed in Red Hat OpenShift. The vulnerabilities allow a malicious party to launch attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Circumvention of security measure Accessing sensitive data Accessing...
Vulnerability fixed in Dell Remote Access Controller (iDRAC).
A vulnerability has been fixed in Dell Remote Access Controller iDRAC. The vulnerability allows a remote malicious person to able to bypass authentication. With exploiting this vulnerability, the malicious party gains access to the virtual console of iDRAC. iDRAC is a management environment. It i...
Vulnerabilities fixed in Red Hat kernel
Red Hat has fixed vulnerabilities in its kernel. The vulnerabilities allow a local malicious party to circumvent a security measure to bypass and to cause a denial-of-service cause. -= Red Hat =- Red Hat has made updates available for Red Hat Enterprise Linux 8. You can install these updates usin...
Vulnerability fixed in Huawei S5700 switch series
Huawei has fixed a vulnerability in its S5700 switch series. The vulnerability allows an unauthenticated remote malicious person to remotely capable of causing a Denial-of-Service. Huawei has released updates to fix the vulnerability. More information can be found on the page below:...
Vulnerabilities fixed in Liferay Portal
Vulnerabilities have been fixed in Liferay Portal. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Cross-Site Request Forgery XSRF. Cross-Site Scripting XSS. Manipulation of data Circumvention of security measure...
Legal vulnerabilities fixed in RedHat AMQ Streams
Red Hat has fixed vulnerabilities in AMQ Stream 1.6.4. A malicious party could exploit the vulnerabilities to cause a denial-of-service, or gain access via path-traversal to potentially sensitive data. -= Red Hat =- Red Hat has made updates available for Red Hat AMQ Stream. U can install these...
Vulnerability fixed in Graphviz
Graphviz developers have fixed a vulnerability. A malicious party could exploit the vulnerability to execute arbitrary code with the rights of the calling process. The malicious party needs to submit a rogue file to Graphviz to do this. to Graphviz. If Graphviz is used in a web environment, this...
Vulnerabilities fixed in Wordpress
Wordpress has fixed two vulnerabilities in the standard included PHPMailer module. A remote malicious party can exploit the exploit the vulnerabilities to execute arbitrary code under the application's permissions, potentially gaining access gain access to sensitive information within the scope o...
Vulnerabilities fixed in Adobe products
Adobe has fixed several vulnerabilities in After Effects, Creative Cloud, Illustrator, InDesign and Media Encoder. The vulnerabilities potentially allow a malicious party to launch attacks execute attacks that result in the following categories of damage: Remote code execution User rights. Access...
Vulnerabilities fixed in Schneider Electric products
Vulnerabilities have been fixed in Schneider Electric products. The vulnerabilities allow a malicious person to carry out attacks that lead to the following categories of damage: Denial-of-Service DoS Manipulation of data Circumvention of security measure Remote code execution Administrator/Root...
Vulnerabilities fixed in AWStats
Vulnerabilities have been fixed in AWStats. An unauthenticated malicious party could exploit the vulnerabilities to perform a path traversal attack that could gain access to arbitrary files. In doing so, the vulnerabilities can only exploited only to read key/value pairs that can be parsed by...
Vulnerabilities fixed in Adobe products
Adobe has released security updates for Adobe Acrobat Reader and Adobe Acrobat DC for Windows and macOS. These updates fix multiple critical and important vulnerabilities. Successful misuse can lead to execution of arbitrary code in the context of the current user, obtaining elevated privileges...
Vulnerabilities fixed in Xerox WorkCentre
Vulnerabilities have been fixed in Xerox WorkCentre. The vulnerabilities allow a remote malicious person to execute arbitrary code. There are no known CVE numbers for these vulnerabilities. Xerox has released updates to fix the vulnerabilities. More information can be found on the page below:...
Vulnerability fixed in Citrix Workspace
A vulnerability has been fixed in Citrix Workspace that could cause cause a local user to escalate his or her privilege level escalates to SYSTEM on the computer running the Citrix Workspace app for Windows is running. Citrix has made an update available to fix the vulnerability. fix. For more...
BlackBerry UEM
Vulnerabilities have been fixed in BlackBerry UEM. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Remote code execution User Rights Access to system data BlackBerry categorizes these...
Vulnerability fixed in Microsoft Dynamics 365 for Finance and Operations
A vulnerability has been fixed in Dynamics 365 for Finance and Operations. An authenticated malicious party can exploit the vulnerability exploit it to perform Cross-Site-Scripting XSS on a logged-in user. Such an attack could result in the execution of arbitrary script code in the browser used t...
Vulnerability fixed in Microsoft Internet Explorer
Microsoft has fixed a vulnerability in Internet Explorer. A malicious person could exploit the vulnerability to execute arbitrary code in the context of the browser. The malicious needs to entice the user to visit a web page which contains the malicious code. Microsoft has made updates available...
Vulnerability fixed in SAP NetWeaver
A vulnerability has been fixed in SAP NetWeaver. The vulnerability allows a malicious party to remotely execute arbitrary code execute. As usual, SAP is making few details publicly available. SAP has released updates to fix the vulnerabilities. More information can be found at:...
Vulnerabilities fixed in Microsoft Exchange
Vulnerabilities have been fixed in Microsoft Exchange. A malicious party could exploit the vulnerabilities to execute arbitrary code under the application's privileges, or possibly impersonate possibly impersonate another user. For the vulnerability with attribute CVE-2021-31207, Proof-of-Concept...
Vulnerabilities fixed in Google Chrome for desktop
Vulnerabilities have been fixed in Google Chrome for desktop. The vulnerabilities allow a malicious party to carry out attacks execute attacks that lead to the following categories of damage: Denial-of-Service DoS Circumvention of security measure Access to system data As usual, Google makes few...
Vulnerabilities fixed in Squid
Vulnerabilities have been fixed in Squid. The vulnerabilities allow a remote malicious person to perform attacks that lead to a denial-of-service. The developers of Squid categorize these vulnerabilities according to the CVSSv3 method with a highest score of 8.8. The developers of Squid have...
Vulnerabilities fixed in Microsoft Office
Microsoft has fixed vulnerabilities in Office products. The vulnerabilities allow a malicious person to carry out attacks execute attacks that lead to the following categories of damage: Spoofing Remote code execution User rights Access to sensitive data Below is a summary of the various...
Vulnerabilities fixed in Microsoft Windows
Microsoft fixes multiple vulnerabilities in Windows. A malicious party could potentially exploit the vulnerabilities to: Cause a denial-of-service, Bypass security measures, Execute arbitrary code, Obtain elevated privileges, Access sensitive data, Impersonate another user. The vulnerabilities...
Vulnerabilities fixed in Siemens SCALANCE W1750D (Aruba Instant Access Points)
Vulnerabilities have been fixed in Siemens SCALANCE W1750D. The vulnerabilities allow a malicious person to carry out attacks that lead to the following categories of damage: Cross-Site Scripting XSS. Denial-of-Service DoS. Bypassing authentication Circumvention of security measure Remote code...
Vulnerabilities fixed in Siemens products
Vulnerabilities have been fixed in Siemens products. The vulnerabilities allow a malicious person to carry out attacks that lead to the following categories of damage: Denial-of-Service DoS. Remote code execution Administrator/Root privileges Spoofing Increased user privileges Siemens categorizes...
Vulnerabilities fixed in Microsoft Developer Tools
Vulnerabilities have been fixed in Windows Developer Tools. The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Remote code execution User privileges. Increased user privileges .NET Core & Visual Studio:...
Vulnerability fixed in Foxit products
A vulnerability has been fixed in Foxit products. The vulnerability allows an unauthenticated remote malicious person able to cause a denial-of-service with potentially the execution of arbitrary code under user privileges. The malicious party to do this must induce the victim to open a rogue fil...
Vulnerabilities fixed in Xerox WorkCentre
Vulnerabilities have been fixed in Xerox WorkCentre. The vulnerabilities allow a remote malicious person to access to sensitive data and cause a denial-of-service cause. Xerox has released updates to fix the vulnerabilities. More information can be found on the page below:...
Vulnerabilities fixed in Atlassian Confluence
Vulnerabilities have been fixed in Atlassian Confluence Server. The vulnerabilities allow an authenticated remote malicious agent to remote user to gain access to system data and to execute arbitrary code under the user's privileges. Atlassian has released updates to address the vulnerabilities...
Vulnerabilities fixed in MariaDB
Vulnerabilities have been fixed in MariaDB. An authenticated malicious party could potentially exploit the vulnerabilities to cause a denial-of-service attack. MariaDB has released updates to fix the vulnerabilities in 10.2.38 and 10.3.29. For more information, see:...
Vulnerabilities fixed in Cisco Content Security Management Appliance
Vulnerabilities have been fixed in several Cisco security appliances. A malicious party could exploit the vulnerability to obtain sensitive information or to execute commands execute commands on the underlying system under root privileges. To exploit this latter vulnerability, the malicious party...
Vulnerabilities fixed in Cisco Unified Communications Manager
Vulnerabilities have been fixed in Cisco Unified Communications Manager. An authenticated malicious party could potentially exploit the vulnerability with CVE attribute CVE-2021-1478 potentially exploit it to cause a Denial-of-Service attack. To do so, the Java Management Extensions JMX network...
Vulnerabilities fixed in Mozilla Firefox, Firefox ESR and Thunderbird
Vulnerabilities have been fixed in Mozilla Firefox, Firefox ESR and Thunderbird. A malicious party could potentially exploit them to cause a denial-of-service or execute arbitrary execute arbitrary code with the privileges of the logged-in user. The vulnerability with CVE attribute CVE-2021-29951...
Vulnerabilities fixed in Redis
Two vulnerabilities have been fixed in Redis. A malicious person could potentially exploit the vulnerability to cause a denial-of-service cause or potentially execute arbitrary code with the privileges of the application. Redis has released updates to fix the vulnerabilities. For more information...
Vulnerability found in Dell firmware update driver
A vulnerability has been fixed in the Dell dbutil23.sys driver for Windows systems. This driver has been installed by default on all Dell laptop and desktop systems since 2009. A local malicious person could, by exploiting this vulnerability to gain SYSTEM privileges on the vulnerable system. For...
Vulnerabilities fixed in Cisco AnyConnect Secure Mobility Client
Vulnerabilities have been fixed in Cisco AnyConnect Secure Mobility Client. The vulnerability with CVE attribute CVE-2021-1519 allows a local malicious person able to overwrite VPN profiles. The remaining vulnerabilities apply only to the Windows client, whereby a local malicious agent, by...
Vulnerabilities fixed in libxml2
Several vulnerabilities have been fixed in libxml2. A malicious party could potentially exploit the vulnerabilities to cause a Denial-of-Service in an application that uses of this library by submitting a rogue XML file for processing. submit. -= SUSE =- SUSE has made updates available to fix the...
Vulnerabilities fixed in Exim
Vulnerabilities have been fixed in Exim. Collectively, these vulnerabilities named "21nails." The vulnerabilities allow a malicious person to perform attacks that lead to the following categories of damage: Denial-of-Service DoS Remote code execution Administrator/Root rights Remote code executio...
Vulnerability fixed in Apple products
Vulnerabilities have been fixed in several Apple products. The vulnerabilities potentially allow a remote malicious person to able to execute arbitrary code in the context of the application if he manages to get the user to visit a rogue page visit. The vulnerabilities with CVE characteristics...
Vulnerabilities fixed in Android
Several vulnerabilities have been fixed in Android. The vulnerabilities allow a malicious person, remote or otherwise, to perform able to launch attacks that result in the following categories of damage: Remote code execution Administrator/Root rights Remote code execution User rights Access to...
Vulnerabilities fixed in Samsung products
Several vulnerabilities have been fixed in various Android-based products from Samsung. The vulnerabilities allow a malicious person, remotely or otherwise, to carry out attacks that lead to the following categories of damage: Manipulation of data Circumvention of security measure Remote code...
Vulnerabilities fixed in Sophos UTM
Several vulnerabilities have been fixed in Sophos UTM. A malicious party could potentially exploit these vulnerabilities to cause a Denial-of-Service or execute arbitrary code with the application's permissions. Sophos has released updates to fix the vulnerabilities in UTM 9.706. For more...
Vulnerabilities fixed in F5 BIG-IP
Vulnerabilities have been fixed in F5 BIG-IP. The vulnerabilities allow a malicious party to launch attacks that lead to the following categories of damage: Denial-of-Service DoS. Manipulation of data Bypassing authentication Circumvention of security measure Remote code execution...