Lucene search
K

4197 matches found

NCSC
NCSC
added 2021/03/10 12:0 a.m.5 views

Vulnerability fixed in Adobe FrameMaker

Adobe has fixed a vulnerability in FrameMaker. A malicious party could exploit the vulnerability to execute arbitrary code execute arbitrary code under application privileges. As of yet, no substantive details about this vulnerability have been made publicly available. Adobe has released updates ...

9.3CVSS7.7AI score0.21224EPSS
Exploits0
NCSC
NCSC
added 2021/03/10 12:0 a.m.3 views

Vulnerability fixed in Websphere Application Server

IBM has fixed a vulnerability in Websphere Application Server. A malicious party could exploit the vulnerability to gain access to sensitive data via Directory Traversal to gain access to sensitive data. IBM has released updates to fix the vulnerability in Websphere Application Server. For more...

6.5CVSS6.8AI score0.02252EPSS
Exploits0
NCSC
NCSC
added 2021/03/10 12:0 a.m.5 views

Vulnerabilities fixed in Adobe Connect

Adobe has fixed vulnerabilities in Adobe Connect. A malicious party could potentially exploit the vulnerabilities remotely to execute arbitrary code under the privileges of the application. In addition, the vulnerabilities can be exploited to performing a Cross-Site Scripting XSS attack. A such...

7.8CVSS6.8AI score0.03738EPSS
Exploits0
NCSC
NCSC
added 2021/03/10 12:0 a.m.3 views

Vulnerability fixed in GNU git

GNU has fixed a vulnerability in git. A malicious person could exploit the vulnerability to create a rogue repository from which scripts are automatically executed upon check out. This allows the malicious party to execute arbitrary code with permissions of git on the vulnerable system. GNU has...

8CVSS7.7AI score0.88644EPSS
Exploits5
NCSC
NCSC
added 2021/03/10 12:0 a.m.5 views

Vulnerabilities fixed in Oracle Enterprise Linux

Oracle has fixed vulnerabilities in Oracle Enterprise Linux. The vulnerabilities allow a local, authenticated malicious agent to able to perform attacks that result in the following categories of damage: Denial-of-Service DoS Code execution at the kernel level Increased user privileges -= Oracle ...

7.8CVSS8.3AI score0.01377EPSS
Exploits1
NCSC
NCSC
added 2021/03/09 12:0 a.m.2 views

Vulnerabilitiesj fixed in Xerox AltaLink systems

Xerox has fixed vulnerabilities in AltaLink systems. The vulnerabilities allow a malicious party to execute arbitrary execute arbitrary code on the system, circumvent a security measure bypass a security measure or gain access to sensitive data. No CVE ID of the vulnerabilities has been disclosed...

7.4AI score
Exploits0
NCSC
NCSC
added 2021/03/09 12:0 a.m.62 views

Vulnerability fixed in Microsoft Azure

A vulnerability has been fixed in Microsoft Azure. The vulnerability allows a malicious party to obtain sensitive data obtain sensitive data. Azure: |----------------|------|-------------------------------------| | CVE ID | CVSS | Impact |...

9.3CVSS6AI score0.01343EPSS
Exploits3
NCSC
NCSC
added 2021/03/09 12:0 a.m.7 views

Vulnerability fixed in Microsoft SQL Server

A vulnerability has been fixed in the Microsoft SQL product group. Server. The vulnerability is in the Power BI application. The vulnerability enables an authenticated remote malicious person to able to obtain sensitive information. Power BI:...

7.7CVSS6.6AI score0.02839EPSS
Exploits0
NCSC
NCSC
added 2021/03/09 12:0 a.m.4 views

Vulnerability fixed in QEMU

A vulnerability has been fixed in QEMU. The vulnerability allows potentially allow a local malicious person from a guest system to execute arbitrary code on the host system under root permissions. Exploiting the vulnerability is no easy task. -= Red Hat =- Red Hat has made updates available for R...

8.2CVSS7AI score0.00522EPSS
Exploits1
NCSC
NCSC
added 2021/03/09 12:0 a.m.2 views

Vulnerability fixed in Apple products

The WebKit module contains code that allows a Web browser to be realized. The WebKit module is found in several Apple products. Apple has fixed a vulnerability in the WebKit module. fixed. The vulnerability allows a remote malicious person to able to cause a denial-of-service with potentially the...

8.8CVSS7AI score0.02368EPSS
Exploits0
NCSC
NCSC
added 2021/03/09 12:0 a.m.81 views

Vulnerabilities fixed in Microsoft Windows

Microsoft fixes multiple vulnerabilities in Windows. A malicious party could potentially exploit the vulnerabilities to: Cause a denial-of-service, Bypass security measures, Execute arbitrary code, Obtain elevated privileges, Access sensitive data. The vulnerabilities marked CVE-2021-26867 CVSS...

10CVSS6.9AI score0.19274EPSS
Exploits6
NCSC
NCSC
added 2021/03/09 12:0 a.m.38 views

Vulnerabilities fixed in Microsoft Office

Microsoft has fixed vulnerabilities in Office products. The vulnerabilities allow a malicious person to carry out attacks execute attacks that lead to the following categories of damage: Circumvention of security measure. Accessing sensitive data Executing arbitrary code User privileges...

9.3CVSS6.7AI score0.14387EPSS
Exploits0
NCSC
NCSC
added 2021/03/09 12:0 a.m.36 views

Vulnerabilities fixed in Siemens Scalance

Siemens has fixed several vulnerabilities in Scalance products. The vulnerabilities allow an unauthenticated remote malicious person may be able to launch attacks leading to the following categories of damage: Denial-of-Service DoS DNS cache poisoning Remote code execution possibly under elevated...

8.8CVSS7.6AI score0.04873EPSS
Exploits3
NCSC
NCSC
added 2021/03/09 12:0 a.m.4 views

Vulnerabilities fixed in Glibc

Vulnerabilities have been fixed in Glibc. The vulnerabilities allow an unauthenticated remote malicious agent the ability to launch a Denial-of-Service attack, possibly resulting in the execution of arbitrary code as a result. -= Ubuntu =- Canonical has made updates available for Ubuntu 16.04 LTS...

7.5CVSS7.8AI score0.0408EPSS
Exploits1
NCSC
NCSC
added 2021/03/09 12:0 a.m.5 views

Vulnerabilities fixed in Microsoft Browsers

Two vulnerabilities have been fixed in Microsoft Internet Explorer. The vulnerabilities allow a malicious person to execute arbitrary code under a user's privileges. To exploit the vulnerabilities, an attacker must trick the entice the victim to open a rogue page. According to Microsoft, the...

8.8CVSS7AI score0.81103EPSS
Exploits0
NCSC
NCSC
added 2021/03/09 12:0 a.m.23 views

Vulnerabilities fixed in Siemens Ruggedcom

Siemens has fixed multiple vulnerabilities in Ruggedcom products. A malicious party could potentially exploit them to cause a denial-of-service. To do so requires sending malicious network traffic to the vulnerable device. sent. In addition, the vulnerabilities can be exploited by a malicious be...

8.8CVSS7.3AI score0.02181EPSS
Exploits2
NCSC
NCSC
added 2021/03/09 12:0 a.m.137 views

Vulnerabilities fixed in SAP products

Vulnerabilities have been fixed in SAP products. The vulnerabilities enable a malicious person to launch attacks that lead to the following categories of damage: Cross-Site Request Forgery XSRF. Bypassing authentication Bypassing security measure Remote code execution User Rights SAP designates...

10CVSS7.4AI score0.98376EPSS
Exploits10
NCSC
NCSC
added 2021/03/09 12:0 a.m.67 views

Vulnerabilities fixed in Siemens Simatic

Siemens has fixed vulnerabilities in Simatic products. The vulnerabilities allow an unauthenticated remote malicious person to remote may be able to launch attacks that result in the following categories of damage: Denial-of-Service DoS Remote code execution Administrator/Root privileges Spoofing...

8.8CVSS9.2AI score0.64161EPSS
Exploits3
NCSC
NCSC
added 2021/03/09 12:0 a.m.6 views

Vulnerabilities fixed in Microsoft Developer Tools

Microsoft has fixed multiple vulnerabilities in Visual Studio and Visual Studio Code. The vulnerabilities allow a malicious person able to execute arbitrary code under the privileges of the user. The vulnerability with reference CVE-2021-21300 has been classified by Microsoft rated "Critical" the...

9.3CVSS7.3AI score0.88644EPSS
Exploits5
NCSC
NCSC
added 2021/03/05 12:0 a.m.7 views

Vulnerability fixed in Snort

A vulnerability has been fixed in Snort. The vulnerability allows an unauthenticated malicious party to cause a denial-of-service denial-of-service. The malicious party should be able to send rogue send Ethernet frames to a device that then then handles them. Cisco indicates that the...

7.4CVSS6.7AI score0.02756EPSS
Exploits0
NCSC
NCSC
added 2021/03/05 12:0 a.m.6 views

Vulnerabilities fixed in GitLab

Several vulnerabilities have been fixed in GitLab Community Edition CE and Enterprise Edition EE. The vulnerabilities allow a malicious party potentially capable of performing attacks that lead to the following categories of damage: Cross-Site Scripting XSS. Circumvention of security measure...

7.2CVSS6.5AI score0.00838EPSS
Exploits0
NCSC
NCSC
added 2021/03/05 12:0 a.m.3 views

Vulnerability fixed in Xerox products

A vulnerability has been fixed in Xerox Phaser, WorkCentre and VersaLink. The vulnerability allows a malicious person to execute arbitrary code under the user's privileges. Xerox did not release any substantive details about this vulnerability. No CVE attribute has been assigned to this...

7.2AI score
Exploits0
NCSC
NCSC
added 2021/03/05 12:0 a.m.29 views

Vulnerability fixed in Cisco Webex Meetings

A vulnerability has been fixed in Cisco Webex Meetings. The vulnerability allows a malicious party to make changes to make changes to the distribution list of Cisco Webex Meetings belonging to another other user within the same organization. Cisco has released updates to fix the vulnerability. Mo...

4.3CVSS6.6AI score0.00808EPSS
Exploits0
NCSC
NCSC
added 2021/03/05 12:0 a.m.10 views

Vulnerabilities fixed in Joomla

Several vulnerabilities have been fixed in Joomla. The vulnerabilities potentially enable a malicious party to launch attacks execute attacks that result in the following categories of damage: Cross-Site Scripting XSS. Manipulation of data Circumvention of security measure The vulnerability with...

9.1CVSS6.7AI score0.06529EPSS
Exploits2
NCSC
NCSC
added 2021/03/05 12:0 a.m.4 views

Vulnerabilities fixed in GRUB2

Vulnerabilities have been fixed in GRUB2. The vulnerabilities allow a local malicious person to execute arbitrary code resulting in the circumvention of "Secure Boot." Also, the vulnerabilities can be used to cause a denial-of-service cause. With the exception of the vulnerability with attribute...

8.2CVSS7.3AI score0.01738EPSS
Exploits0
NCSC
NCSC
added 2021/03/04 12:0 a.m.6 views

Vulnerability fixed in Cisco ESA and SMA

A vulnerability has been fixed in the web-based administrator interface Cisco AsyncOS for Cisco ESA and SMA. The vulnerability allows an authenticated remote malicious party to able to obtain sensitive data. Cisco has released updates to fix the vulnerability. More information can be found on the...

6.5CVSS6.5AI score0.00523EPSS
Exploits0
NCSC
NCSC
added 2021/03/04 12:0 a.m.4 views

Vulnerability fixed in Cisco IP Phones

A vulnerability has been fixed in Cisco IP Phones. The vulnerability allows a malicious party capable of sending rogue Cisco Discovery Protocol or LLDP packet to send to the IP Phone able to execute arbitrary code or cause a Denial-of-Service attack. Cisco has released updates to fix the...

6.5CVSS7.6AI score0.00315EPSS
Exploits0
NCSC
NCSC
added 2021/03/04 12:0 a.m.4 views

Vulnerability fixed in OpenSSH

A vulnerability has been fixed in OpenSSH. The vulnerability allows a malicious party with access to the SSH agent socket to cause a Denial-of-Service and potentially execute arbitrary code. execute. No CVE attribute has been reserved for this vulnerability yet. The developers of OpenSSH have...

7.1AI score
Exploits0
NCSC
NCSC
added 2021/03/04 12:0 a.m.9 views

Vulnerability fixed in Trend Micro products

Trend Micro has fixed a vulnerability in products that use the Virus Scan API VSAPI and/or the Advanced Threat Scan Engine ATSE. The vulnerability allows an unauthenticated remote malicious party capable of causing a denial-of-service cause. Trend Micro has released updates for numerous products ...

5.5CVSS6.8AI score0.00556EPSS
Exploits0
NCSC
NCSC
added 2021/03/04 12:0 a.m.4 views

Vulnerability fixed in FortiGate

Fortinet has fixed a vulnerability in FortiGate. The vulnerability allows an unauthenticated remote malicious person potentially able to bypass the proxy by sending non-HTTPS traffic such as SSH to port 80/443 of FortiGate. Fortinet has released updates to fix the vulnerability in FortiGate 6.4.3...

7.5CVSS7AI score0.00746EPSS
Exploits0
NCSC
NCSC
added 2021/03/04 12:0 a.m.8 views

Vulnerabilities fixed in Clustered Data ONTAP

NetApp has fixed two vulnerabilities in Clustered Data ONTAP. The vulnerabilities could be exploited by a malicious person to gather information about the vulnerable system or cause a denial-of-service. To cause a Denial-of-Service, the malicious party must be authenticated on the vulnerable...

6.5CVSS6.6AI score0.01149EPSS
Exploits0
NCSC
NCSC
added 2021/03/04 12:0 a.m.3 views

Vulnerability fixed in wpa_supplicant

A vulnerability has been fixed in wpasupplicant when it is configured for P2P Wi-Fi Direct support. A malicious person within Wi-Fi range could potentially exploit it to cause a denial-of-service or execute arbitrary execute arbitrary code with root privileges. w1.fi has released updates to fix t...

7.5CVSS7.5AI score0.01179EPSS
Exploits0
NCSC
NCSC
added 2021/03/03 12:0 a.m.7 views

Vulnerability fixed in Juniper JunOS

A vulnerability has been fixed in Juniper JunOS. The vulnerability allows a malicious person with access to the network in which the system resides is able to cause a denial-of-service. Juniper has released updates to fix the vulnerability. More information can be found on the page below:...

6.5CVSS6.5AI score0.00794EPSS
Exploits1
NCSC
NCSC
added 2021/03/03 12:0 a.m.4 views

Vulnerability fixed in NetApp Active IQ Unified Manager and Snap Creator Framework

NetApp has fixed a vulnerability in JQuery as used in Active IQ Unified Manager and Snap Creator Framework, among others. The vulnerabilities allow an unauthenticated malicious person to to access sensitive data or manipulate data. NetApp has released updates to fix the vulnerabilities in Active ...

6.1CVSS6.5AI score0.06273EPSS
Exploits4
NCSC
NCSC
added 2021/03/03 12:0 a.m.2 views

Vulnerabilities fixed in Google Chrome

Vulnerabilities have been fixed in Google Chrome. The vulnerabilities allow a malicious person to launch attacks that lead to the following categories of damage: Denial-of-Service DoS Circumvention of security measure Remote code execution User rights Access to sensitive data As usual, Google...

8.8CVSS7.2AI score0.26525EPSS
Exploits24
NCSC
NCSC
added 2021/03/02 12:0 a.m.4 views

Vulnerabilities fixed in Veritas Backup Exec

Veritas has fixed three vulnerabilities in Veritas Backup Exec. The vulnerabilities allow an unauthenticated remote malicious person to remotely able to execute commands under SYSTEM privileges on systems on which a Veritas Backup Exec Agent is installed. In addition, the vulnerabilities can be...

7.5AI score
Exploits0
NCSC
NCSC
added 2021/03/02 12:0 a.m.6 views

Serious vulnerabilities fixed in Microsoft Exchange Server

Vulnerabilities have been fixed in Microsoft Exchange Server. A combination of several vulnerabilities allow a malicious person remotely able to execute arbitrary code under SYSTEM privileges Microsoft states that the vulnerabilities with attribute CVE-2021-26855, CVE-2021-26857, CVE-2021-26858 a...

9.8CVSS7.3AI score0.99999EPSS
Exploits69
NCSC
NCSC
added 2021/03/02 12:0 a.m.10 views

Vulnerabilities fixed in Android

Several vulnerabilities have been fixed in Android. The vulnerabilities allow a malicious person, remote or otherwise, to perform able to launch attacks that result in the following categories of damage: Remote code execution Administrator/Root rights Remote code execution User rights Access to...

10CVSS8.2AI score0.84925EPSS
Exploits8
NCSC
NCSC
added 2021/03/01 12:0 a.m.6 views

Vulnerability fixed in Red Hat Satellite

A vulnerability has been fixed in Red Hat Satellite. The vulnerability allows an authenticated malicious person with access to the server to obtain sensitive data. Red Hat has released updates to fix the vulnerability. More information can be found on the page below:...

5.3CVSS6.3AI score0.00257EPSS
Exploits0
NCSC
NCSC
added 2021/03/01 12:0 a.m.4 views

Vulnerability fixed in Redis

A vulnerability has been fixed in Redis. A malicious party could vulnerability potentially exploit it to cause a denial-of-service cause or execute arbitrary code under privileges of the Redis application. Only Redis installations with a bulk input size significantly higher than 512MB are...

8.8CVSS7.8AI score0.047EPSS
Exploits0
NCSC
NCSC
added 2021/03/01 12:0 a.m.4 views

Vulnerability fixed in Keycloak

A vulnerability has been fixed in Keycloak. The vulnerability allows a malicious party to bypass authentication. Red Hat has released updates to fix the vulnerability. More information can be found on the pages below: https://issues.jboss.org/browse/KEYCLOAK-14090...

7.5CVSS6.6AI score0.0093EPSS
Exploits0
NCSC
NCSC
added 2021/03/01 12:0 a.m.7 views

Vulnerability fixed in Kaspersky Endpoint Security

Kaspersky has fixed a vulnerability in Kaspersky Endpoint Security and Kaspersky Rescue Disk. A local malicious person with administrator privileges or a malicious person with physical access to the vulnerable device could exploit the vulnerability to bypass of UEFI Secure Boot. This could allow...

6.8CVSS6.6AI score0.00231EPSS
Exploits0
NCSC
NCSC
added 2021/03/01 12:0 a.m.4 views

Vulnerabilities fixed in Salt

Vulnerabilities have been fixed in Salt. Salt is used used in VMware vRealize Operations Manager and RSA NetWitness. The vulnerabilities allow a malicious party to carry out attacks execute attacks that lead to the following categories of damage: Bypassing authentication Bypassing security measur...

9.8CVSS7.2AI score0.92312EPSS
Exploits8
NCSC
NCSC
added 2021/02/26 12:0 a.m.7 views

Vulnerabilities fixed in Adobe Bridge

Adobe has fixed vulnerabilities in Bridge. The vulnerabilities allow a remote malicious person to execute arbitrary execute arbitrary code under the victim's privileges. To exploit the vulnerability, the malicious party must cause the victim to induce malicious TTF files to be loaded. Adobe has...

7.8CVSS7.6AI score0.03361EPSS
Exploits0
NCSC
NCSC
added 2021/02/26 12:0 a.m.5 views

Vulnerabilities fixed in LibTIFF

Vulnerabilities have been fixed in LibTIFF. The vulnerabilities enable an unauthenticated remote malicious agent to opportunity to cause a denial-of-service or potentially execute arbitrary code under user privileges. The malicious party to do this must induce the victim to open a rogue TIFF file...

7.8CVSS7.7AI score0.01922EPSS
Exploits0
NCSC
NCSC
added 2021/02/26 12:0 a.m.46 views

Vulnerabilities fixed in MongoDB

Vulnerabilities have been fixed in MongoDB. The vulnerabilities allow an unauthorized remote malicious person to obtain opportunity to obtain sensitive data. The malicious party must perform a successful man-in-the-middle attack that undoes the encryption of data is undone. Exploiting this...

6.8CVSS6.5AI score0.00432EPSS
Exploits0
NCSC
NCSC
added 2021/02/26 12:0 a.m.18 views

Vulnerability found in Rockwell Automation Logix Controllers

A vulnerability has been found in Rockwell Automation Logix Controllers. The vulnerability allows a malicious party to bypass authentication. After this, it is possible to modify the configuration of the vulnerable system and to execute arbitrary code execute. The attack should be performed from...

9.8CVSS7.2AI score0.25455EPSS
Exploits1
NCSC
NCSC
added 2021/02/26 12:0 a.m.6 views

Vulnerabilities fixed in Node.js

Node.js developers have fixed vulnerabilities. The vulnerabilities allow an unauthorized remote malicious person to remote user to cause a denial-of-service and to bypass a security measure. -= Debian =- Debian has made updates to nodejs available for to address the vulnerabilities. You can insta...

7.8CVSS6.8AI score0.77385EPSS
Exploits1
NCSC
NCSC
added 2021/02/25 12:0 a.m.33 views

Vulnerabilities fixed in Cisco NX-OS

Vulnerabilities have been fixed in NX-OS. The vulnerabilities allow a malicious person to perform attacks that result in the following categories of damage: Cross-Site Request Forgery XSRF. Denial-of-Service DoS. Manipulation of data Cisco categorizes these vulnerabilities according to the CVSSv3...

9.8CVSS6.8AI score0.01574EPSS
Exploits0
NCSC
NCSC
added 2021/02/25 12:0 a.m.7 views

Vulnerabilities fixed in Ansible

Vulnerabilities have been fixed in Ansible. The vulnerabilities allow a remote malicious party to obtain sensitive to obtain data and system information. RedHat categorizes these vulnerabilities according to the CVSSv3 method with a highest score of 5. -= Red Hat =- Red Hat has made updates...

7.5CVSS9.2AI score0.02043EPSS
Exploits0
Total number of security vulnerabilities4197