Lucene search
K

4197 matches found

NCSC
NCSC
•added 2021/05/20 12:0 a.m.•4 views

Vulnerability fixed in Redis

A vulnerability in Redis has been fixed. The vulnerability allows a local malicious agent to cause a denial-of-service cause, potentially executing arbitrary code under rights of the application as a result. Redis developers categorize this vulnerability according to the CVSSv3 method with a scor...

8.8CVSS7AI score0.04028EPSS
Exploits0
NCSC
NCSC
•added 2021/05/20 12:0 a.m.•4 views

Vulnerabilities fixed in the Linux kernel

Vulnerabilities have been fixed in the Linux kernel. The vulnerabilities allow a local malicious agent to obtain elevated privileges or cause a denial-of-service cause. Fedora has released updates to fix the vulnerabilities. More information can be found on the page below:...

7.8CVSS7.5AI score0.00819EPSS
Exploits1
NCSC
NCSC
•added 2021/05/20 12:0 a.m.•9 views

Vulnerability fixed in Xerox printer drivers

Xerox has fixed a vulnerability in its printer driver for Windows. A remote malicious person could, by exploiting of this vulnerability obtain elevated privileges on the vulnerable system. Few substantive details about the vulnerability have been made publicly available. Xerox has released update...

7.8CVSS7AI score0.02902EPSS
Exploits1
NCSC
NCSC
•added 2021/05/19 12:0 a.m.•6 views

Vulnerabilities fixed in QEMU and libvirt

Vulnerabilities have been fixed in QEMU and libvirt. The vulnerabilities allow a local, authenticated malicious person potentially able to launch attacks that result in the following categories of damage: Denial-of-Service DoS Access to system data Increased user privileges -= Red Hat =- Red Hat...

7.2CVSS6.4AI score0.0183EPSS
Exploits2
NCSC
NCSC
•added 2021/05/19 12:0 a.m.•23 views

Vulnerability fixed in Keycloak

A vulnerability has been fixed in Keycloak. The vulnerability allows a malicious party to obtain sensitive data and potentially gain elevated privileges as well. Keycloak's developers have released updates to fix the vulnerability. More information can be found at the page below:...

7.3CVSS6.6AI score0.00299EPSS
Exploits0
NCSC
NCSC
•added 2021/05/19 12:0 a.m.•7 views

Vulnerability fixed in Huawei CloudEngine

A vulnerability has been fixed in several Huawei CloudEngine products. The vulnerability allows a malicious party to capable of causing a denial-of-service. Huawei has released updates to fix the vulnerability. More information can be found on the page below:...

5.3CVSS6.6AI score0.00685EPSS
Exploits0
NCSC
NCSC
•added 2021/05/19 12:0 a.m.•4 views

Hiding vulnerabilities in python3

Vulnerabilities have been fixed in python3. The vulnerabilities allow a malicious person to perform attacks that lead to the following categories of damage: Denial-of-Service DoS. Circumvention of security measure Remote code execution User rights -= Red Hat =- Red Hat has made updates available...

9.8CVSS6.8AI score0.35963EPSS
Exploits3
NCSC
NCSC
•added 2021/05/19 12:0 a.m.•8 views

Vulnerabilities fixed in Red Hat OpenShift Container Platform

Vulnerabilities have been fixed in Red Hat OpenShift. The vulnerabilities allow a malicious party to launch attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Circumvention of security measure Accessing sensitive data Accessing...

9.8CVSS7AI score0.69062EPSS
Exploits2
NCSC
NCSC
•added 2021/05/19 12:0 a.m.•9 views

Vulnerability fixed in Dell Remote Access Controller (iDRAC).

A vulnerability has been fixed in Dell Remote Access Controller iDRAC. The vulnerability allows a remote malicious person to able to bypass authentication. With exploiting this vulnerability, the malicious party gains access to the virtual console of iDRAC. iDRAC is a management environment. It i...

10CVSS6.6AI score0.01726EPSS
Exploits0
NCSC
NCSC
•added 2021/05/19 12:0 a.m.•6 views

Vulnerabilities fixed in Red Hat kernel

Red Hat has fixed vulnerabilities in its kernel. The vulnerabilities allow a local malicious party to circumvent a security measure to bypass and to cause a denial-of-service cause. -= Red Hat =- Red Hat has made updates available for Red Hat Enterprise Linux 8. You can install these updates usin...

7.8CVSS5.7AI score0.03292EPSS
Exploits6
NCSC
NCSC
•added 2021/05/19 12:0 a.m.•4 views

Vulnerability fixed in Huawei S5700 switch series

Huawei has fixed a vulnerability in its S5700 switch series. The vulnerability allows an unauthenticated remote malicious person to remotely capable of causing a Denial-of-Service. Huawei has released updates to fix the vulnerability. More information can be found on the page below:...

7.8CVSS6.7AI score0.00695EPSS
Exploits0
NCSC
NCSC
•added 2021/05/17 12:0 a.m.•7 views

Vulnerabilities fixed in Liferay Portal

Vulnerabilities have been fixed in Liferay Portal. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Cross-Site Request Forgery XSRF. Cross-Site Scripting XSS. Manipulation of data Circumvention of security measure...

7.5CVSS6.8AI score0.01115EPSS
Exploits0
NCSC
NCSC
•added 2021/05/14 12:0 a.m.•4 views

Legal vulnerabilities fixed in RedHat AMQ Streams

Red Hat has fixed vulnerabilities in AMQ Stream 1.6.4. A malicious party could exploit the vulnerabilities to cause a denial-of-service, or gain access via path-traversal to potentially sensitive data. -= Red Hat =- Red Hat has made updates available for Red Hat AMQ Stream. U can install these...

7.8CVSS6.9AI score0.82371EPSS
Exploits9
NCSC
NCSC
•added 2021/05/14 12:0 a.m.•4 views

Vulnerability fixed in Graphviz

Graphviz developers have fixed a vulnerability. A malicious party could exploit the vulnerability to execute arbitrary code with the rights of the calling process. The malicious party needs to submit a rogue file to Graphviz to do this. to Graphviz. If Graphviz is used in a web environment, this...

7.8CVSS7AI score0.02618EPSS
Exploits1
NCSC
NCSC
•added 2021/05/14 12:0 a.m.•4 views

Vulnerabilities fixed in Wordpress

Wordpress has fixed two vulnerabilities in the standard included PHPMailer module. A remote malicious party can exploit the exploit the vulnerabilities to execute arbitrary code under the application's permissions, potentially gaining access gain access to sensitive information within the scope o...

9.8CVSS7.3AI score0.03095EPSS
Exploits0
NCSC
NCSC
•added 2021/05/14 12:0 a.m.•5 views

Vulnerabilities fixed in Adobe products

Adobe has fixed several vulnerabilities in After Effects, Creative Cloud, Illustrator, InDesign and Media Encoder. The vulnerabilities potentially allow a malicious party to launch attacks execute attacks that result in the following categories of damage: Remote code execution User rights. Access...

9.3CVSS7.6AI score0.05915EPSS
Exploits0
NCSC
NCSC
•added 2021/05/14 12:0 a.m.•82 views

Vulnerabilities fixed in Schneider Electric products

Vulnerabilities have been fixed in Schneider Electric products. The vulnerabilities allow a malicious person to carry out attacks that lead to the following categories of damage: Denial-of-Service DoS Manipulation of data Circumvention of security measure Remote code execution Administrator/Root...

10CVSS7.6AI score0.84177EPSS
Exploits10
NCSC
NCSC
•added 2021/05/14 12:0 a.m.•2 views

Vulnerabilities fixed in AWStats

Vulnerabilities have been fixed in AWStats. An unauthenticated malicious party could exploit the vulnerabilities to perform a path traversal attack that could gain access to arbitrary files. In doing so, the vulnerabilities can only exploited only to read key/value pairs that can be parsed by...

9.8CVSS7.1AI score0.04352EPSS
Exploits1
NCSC
NCSC
•added 2021/05/12 12:0 a.m.•5 views

Vulnerabilities fixed in Adobe products

Adobe has released security updates for Adobe Acrobat Reader and Adobe Acrobat DC for Windows and macOS. These updates fix multiple critical and important vulnerabilities. Successful misuse can lead to execution of arbitrary code in the context of the current user, obtaining elevated privileges...

9.6CVSS7.6AI score0.66918EPSS
Exploits1
NCSC
NCSC
•added 2021/05/12 12:0 a.m.•3 views

Vulnerabilities fixed in Xerox WorkCentre

Vulnerabilities have been fixed in Xerox WorkCentre. The vulnerabilities allow a remote malicious person to execute arbitrary code. There are no known CVE numbers for these vulnerabilities. Xerox has released updates to fix the vulnerabilities. More information can be found on the page below:...

6.8AI score
Exploits0
NCSC
NCSC
•added 2021/05/12 12:0 a.m.•38 views

Vulnerability fixed in Citrix Workspace

A vulnerability has been fixed in Citrix Workspace that could cause cause a local user to escalate his or her privilege level escalates to SYSTEM on the computer running the Citrix Workspace app for Windows is running. Citrix has made an update available to fix the vulnerability. fix. For more...

7.8CVSS6.9AI score0.00239EPSS
Exploits0
NCSC
NCSC
•added 2021/05/12 12:0 a.m.•28 views

BlackBerry UEM

Vulnerabilities have been fixed in BlackBerry UEM. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Remote code execution User Rights Access to system data BlackBerry categorizes these...

7.3CVSS7.5AI score0.00964EPSS
Exploits0
NCSC
NCSC
•added 2021/05/11 12:0 a.m.•6 views

Vulnerability fixed in Microsoft Dynamics 365 for Finance and Operations

A vulnerability has been fixed in Dynamics 365 for Finance and Operations. An authenticated malicious party can exploit the vulnerability exploit it to perform Cross-Site-Scripting XSS on a logged-in user. Such an attack could result in the execution of arbitrary script code in the browser used t...

6.1CVSS6.4AI score0.01323EPSS
Exploits0
NCSC
NCSC
•added 2021/05/11 12:0 a.m.•2 views

Vulnerability fixed in Microsoft Internet Explorer

Microsoft has fixed a vulnerability in Internet Explorer. A malicious person could exploit the vulnerability to execute arbitrary code in the context of the browser. The malicious needs to entice the user to visit a web page which contains the malicious code. Microsoft has made updates available...

7.6CVSS6.6AI score0.22595EPSS
Exploits3
NCSC
NCSC
•added 2021/05/11 12:0 a.m.•6 views

Vulnerability fixed in SAP NetWeaver

A vulnerability has been fixed in SAP NetWeaver. The vulnerability allows a malicious party to remotely execute arbitrary code execute. As usual, SAP is making few details publicly available. SAP has released updates to fix the vulnerabilities. More information can be found at:...

8.2CVSS6.9AI score0.0027EPSS
Exploits0
NCSC
NCSC
•added 2021/05/11 12:0 a.m.•7 views

Vulnerabilities fixed in Microsoft Exchange

Vulnerabilities have been fixed in Microsoft Exchange. A malicious party could exploit the vulnerabilities to execute arbitrary code under the application's privileges, or possibly impersonate possibly impersonate another user. For the vulnerability with attribute CVE-2021-31207, Proof-of-Concept...

8.8CVSS6.9AI score0.99782EPSS
Exploits12
NCSC
NCSC
•added 2021/05/11 12:0 a.m.•4 views

Vulnerabilities fixed in Google Chrome for desktop

Vulnerabilities have been fixed in Google Chrome for desktop. The vulnerabilities allow a malicious party to carry out attacks execute attacks that lead to the following categories of damage: Denial-of-Service DoS Circumvention of security measure Access to system data As usual, Google makes few...

8.8CVSS6.5AI score0.02517EPSS
Exploits14
NCSC
NCSC
•added 2021/05/11 12:0 a.m.•3 views

Vulnerabilities fixed in Squid

Vulnerabilities have been fixed in Squid. The vulnerabilities allow a remote malicious person to perform attacks that lead to a denial-of-service. The developers of Squid categorize these vulnerabilities according to the CVSSv3 method with a highest score of 8.8. The developers of Squid have...

7.5CVSS6.8AI score0.95785EPSS
Exploits5
NCSC
NCSC
•added 2021/05/11 12:0 a.m.•8 views

Vulnerabilities fixed in Microsoft Office

Microsoft has fixed vulnerabilities in Office products. The vulnerabilities allow a malicious person to carry out attacks execute attacks that lead to the following categories of damage: Spoofing Remote code execution User rights Access to sensitive data Below is a summary of the various...

8.8CVSS7.5AI score0.50628EPSS
Exploits7
NCSC
NCSC
•added 2021/05/11 12:0 a.m.•74 views

Vulnerabilities fixed in Microsoft Windows

Microsoft fixes multiple vulnerabilities in Windows. A malicious party could potentially exploit the vulnerabilities to: Cause a denial-of-service, Bypass security measures, Execute arbitrary code, Obtain elevated privileges, Access sensitive data, Impersonate another user. The vulnerabilities...

9.9CVSS7.5AI score0.99657EPSS
Exploits31
NCSC
NCSC
•added 2021/05/11 12:0 a.m.•54 views

Vulnerabilities fixed in Siemens SCALANCE W1750D (Aruba Instant Access Points)

Vulnerabilities have been fixed in Siemens SCALANCE W1750D. The vulnerabilities allow a malicious person to carry out attacks that lead to the following categories of damage: Cross-Site Scripting XSS. Denial-of-Service DoS. Bypassing authentication Circumvention of security measure Remote code...

10CVSS7AI score0.40523EPSS
Exploits11
NCSC
NCSC
•added 2021/05/11 12:0 a.m.•7 views

Vulnerabilities fixed in Siemens products

Vulnerabilities have been fixed in Siemens products. The vulnerabilities allow a malicious person to carry out attacks that lead to the following categories of damage: Denial-of-Service DoS. Remote code execution Administrator/Root privileges Spoofing Increased user privileges Siemens categorizes...

7.8CVSS8.2AI score0.98745EPSS
Exploits8
NCSC
NCSC
•added 2021/05/11 12:0 a.m.•10 views

Vulnerabilities fixed in Microsoft Developer Tools

Vulnerabilities have been fixed in Windows Developer Tools. The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Remote code execution User privileges. Increased user privileges .NET Core & Visual Studio:...

9.3CVSS7AI score0.53582EPSS
Exploits0
NCSC
NCSC
•added 2021/05/10 12:0 a.m.•4 views

Vulnerability fixed in Foxit products

A vulnerability has been fixed in Foxit products. The vulnerability allows an unauthenticated remote malicious person able to cause a denial-of-service with potentially the execution of arbitrary code under user privileges. The malicious party to do this must induce the victim to open a rogue fil...

8.8CVSS7.4AI score0.01765EPSS
Exploits1
NCSC
NCSC
•added 2021/05/10 12:0 a.m.•34 views

Vulnerabilities fixed in Xerox WorkCentre

Vulnerabilities have been fixed in Xerox WorkCentre. The vulnerabilities allow a remote malicious person to access to sensitive data and cause a denial-of-service cause. Xerox has released updates to fix the vulnerabilities. More information can be found on the page below:...

9.8CVSS6.6AI score0.04925EPSS
Exploits1
NCSC
NCSC
•added 2021/05/10 12:0 a.m.•7 views

Vulnerabilities fixed in Atlassian Confluence

Vulnerabilities have been fixed in Atlassian Confluence Server. The vulnerabilities allow an authenticated remote malicious agent to remote user to gain access to system data and to execute arbitrary code under the user's privileges. Atlassian has released updates to address the vulnerabilities...

5.4CVSS7.6AI score0.01201EPSS
Exploits0
NCSC
NCSC
•added 2021/05/07 12:0 a.m.•2 views

Vulnerabilities fixed in MariaDB

Vulnerabilities have been fixed in MariaDB. An authenticated malicious party could potentially exploit the vulnerabilities to cause a denial-of-service attack. MariaDB has released updates to fix the vulnerabilities in 10.2.38 and 10.3.29. For more information, see:...

4.9CVSS9.4AI score0.04643EPSS
Exploits0
NCSC
NCSC
•added 2021/05/06 12:0 a.m.•16 views

Vulnerabilities fixed in Cisco Content Security Management Appliance

Vulnerabilities have been fixed in several Cisco security appliances. A malicious party could exploit the vulnerability to obtain sensitive information or to execute commands execute commands on the underlying system under root privileges. To exploit this latter vulnerability, the malicious party...

7.2CVSS7.2AI score0.01156EPSS
Exploits0
NCSC
NCSC
•added 2021/05/06 12:0 a.m.•46 views

Vulnerabilities fixed in Cisco Unified Communications Manager

Vulnerabilities have been fixed in Cisco Unified Communications Manager. An authenticated malicious party could potentially exploit the vulnerability with CVE attribute CVE-2021-1478 potentially exploit it to cause a Denial-of-Service attack. To do so, the Java Management Extensions JMX network...

8.1CVSS7.9AI score0.01081EPSS
Exploits0
NCSC
NCSC
•added 2021/05/06 12:0 a.m.•5 views

Vulnerabilities fixed in Mozilla Firefox, Firefox ESR and Thunderbird

Vulnerabilities have been fixed in Mozilla Firefox, Firefox ESR and Thunderbird. A malicious party could potentially exploit them to cause a denial-of-service or execute arbitrary execute arbitrary code with the privileges of the logged-in user. The vulnerability with CVE attribute CVE-2021-29951...

7.5CVSS7.4AI score0.01852EPSS
Exploits0
NCSC
NCSC
•added 2021/05/06 12:0 a.m.•4 views

Vulnerabilities fixed in Redis

Two vulnerabilities have been fixed in Redis. A malicious person could potentially exploit the vulnerability to cause a denial-of-service cause or potentially execute arbitrary code with the privileges of the application. Redis has released updates to fix the vulnerabilities. For more information...

8.8CVSS8AI score0.04028EPSS
Exploits0
NCSC
NCSC
•added 2021/05/06 12:0 a.m.•7 views

Vulnerability found in Dell firmware update driver

A vulnerability has been fixed in the Dell dbutil23.sys driver for Windows systems. This driver has been installed by default on all Dell laptop and desktop systems since 2009. A local malicious person could, by exploiting this vulnerability to gain SYSTEM privileges on the vulnerable system. For...

8.8CVSS6.8AI score0.58132EPSS
Exploits17
NCSC
NCSC
•added 2021/05/06 12:0 a.m.•26 views

Vulnerabilities fixed in Cisco AnyConnect Secure Mobility Client

Vulnerabilities have been fixed in Cisco AnyConnect Secure Mobility Client. The vulnerability with CVE attribute CVE-2021-1519 allows a local malicious person able to overwrite VPN profiles. The remaining vulnerabilities apply only to the Windows client, whereby a local malicious agent, by...

7.8CVSS6.8AI score0.00527EPSS
Exploits0
NCSC
NCSC
•added 2021/05/06 12:0 a.m.•4 views

Vulnerabilities fixed in libxml2

Several vulnerabilities have been fixed in libxml2. A malicious party could potentially exploit the vulnerabilities to cause a Denial-of-Service in an application that uses of this library by submitting a rogue XML file for processing. submit. -= SUSE =- SUSE has made updates available to fix the...

8.8CVSS8.7AI score0.0828EPSS
Exploits1
NCSC
NCSC
•added 2021/05/04 12:0 a.m.•4 views

Vulnerabilities fixed in Exim

Vulnerabilities have been fixed in Exim. Collectively, these vulnerabilities named "21nails." The vulnerabilities allow a malicious person to perform attacks that lead to the following categories of damage: Denial-of-Service DoS Remote code execution Administrator/Root rights Remote code executio...

9.8CVSS8AI score0.61664EPSS
Exploits6
NCSC
NCSC
•added 2021/05/04 12:0 a.m.•4 views

Vulnerability fixed in Apple products

Vulnerabilities have been fixed in several Apple products. The vulnerabilities potentially allow a remote malicious person to able to execute arbitrary code in the context of the application if he manages to get the user to visit a rogue page visit. The vulnerabilities with CVE characteristics...

8.8CVSS7.4AI score0.04528EPSS
Exploits0
NCSC
NCSC
•added 2021/05/04 12:0 a.m.•7 views

Vulnerabilities fixed in Android

Several vulnerabilities have been fixed in Android. The vulnerabilities allow a malicious person, remote or otherwise, to perform able to launch attacks that result in the following categories of damage: Remote code execution Administrator/Root rights Remote code execution User rights Access to...

10CVSS8.4AI score0.12084EPSS
Exploits4
NCSC
NCSC
•added 2021/05/04 12:0 a.m.•16 views

Vulnerabilities fixed in Samsung products

Several vulnerabilities have been fixed in various Android-based products from Samsung. The vulnerabilities allow a malicious person, remotely or otherwise, to carry out attacks that lead to the following categories of damage: Manipulation of data Circumvention of security measure Remote code...

10CVSS8.8AI score0.06692EPSS
Exploits8
NCSC
NCSC
•added 2021/05/03 12:0 a.m.•3 views

Vulnerabilities fixed in Sophos UTM

Several vulnerabilities have been fixed in Sophos UTM. A malicious party could potentially exploit these vulnerabilities to cause a Denial-of-Service or execute arbitrary code with the application's permissions. Sophos has released updates to fix the vulnerabilities in UTM 9.706. For more...

7.5CVSS9AI score0.06968EPSS
Exploits4
NCSC
NCSC
•added 2021/04/29 12:0 a.m.•61 views

Vulnerabilities fixed in F5 BIG-IP

Vulnerabilities have been fixed in F5 BIG-IP. The vulnerabilities allow a malicious party to launch attacks that lead to the following categories of damage: Denial-of-Service DoS. Manipulation of data Bypassing authentication Circumvention of security measure Remote code execution...

9.8CVSS7.8AI score0.01343EPSS
Exploits0
Total number of security vulnerabilities4197