Lucene search
K

4199 matches found

NCSC
NCSC
•added 2021/02/25 12:0 a.m.•33 views

Vulnerabilities fixed in Cisco NX-OS

Vulnerabilities have been fixed in NX-OS. The vulnerabilities allow a malicious person to perform attacks that result in the following categories of damage: Cross-Site Request Forgery XSRF. Denial-of-Service DoS. Manipulation of data Cisco categorizes these vulnerabilities according to the CVSSv3...

9.8CVSS6.8AI score0.01574EPSS
Exploits0
NCSC
NCSC
•added 2021/02/25 12:0 a.m.•7 views

Vulnerabilities fixed in Ansible

Vulnerabilities have been fixed in Ansible. The vulnerabilities allow a remote malicious party to obtain sensitive to obtain data and system information. RedHat categorizes these vulnerabilities according to the CVSSv3 method with a highest score of 5. -= Red Hat =- Red Hat has made updates...

7.5CVSS9.2AI score0.02043EPSS
Exploits0
NCSC
NCSC
•added 2021/02/25 12:0 a.m.•19 views

Vulnerabilities fixed in Cisco FXOS and NX-OS

Cisco has fixed vulnerabilities in FXOS and NX-OS. The vulnerabilities allow an unauthenticated remote malicious person to remote user to cause a denial-of-service and to execute arbitrary code under root privileges. Cisco categorizes this vulnerability according to the CVSSv3 method with a score...

8.8CVSS7.5AI score0.00441EPSS
Exploits0
NCSC
NCSC
•added 2021/02/25 12:0 a.m.•13 views

Vulnerabilities fixed in Cisco Nexus 9000 series

Cisco has fixed vulnerabilities in Nexus 9000 Series Fabric Switches. The vulnerabilities allow an unauthenticated remote malicious party able to cause a denial-of-service cause and to bypass a security measure. Cisco categorizes these vulnerabilities according to the CVSSv3 method with a highest...

8.6CVSS6.8AI score0.01476EPSS
Exploits0
NCSC
NCSC
•added 2021/02/25 12:0 a.m.•12 views

Vulnerabilities fixed in the Ubuntu kernel

Vulnerabilities have been fixed in the Ubuntu kernel. The vulnerabilities allow a malicious person to carry out attacks execute attacks that lead to the following categories of damage: Denial-of-Service DoS Manipulation of data Circumvention of security measure Remote code execution User rights...

8.8CVSS7.7AI score0.06563EPSS
Exploits19
NCSC
NCSC
•added 2021/02/25 12:0 a.m.•5 views

Vulnerability fixed in NetApp products

A vulnerability has been fixed in NetApp products. The vulnerability allows an unauthenticated remote malicious person able to use a so-called man-in-the-middle attack to obtain to obtain sensitive data. Exploiting this vulnerability requires expertise. NetApp has released updates to fix the...

5.9CVSS7.9AI score0.02057EPSS
Exploits2
NCSC
NCSC
•added 2021/02/25 12:0 a.m.•18 views

Large number of vulnerabilities fixed in Red Hat OpenShift container platform

Red Hat has released version 4.7.0 of its OpenShift Container Platform. In this update, a very large number of vulnerabilities have been fixed, both in OpenShift itself, underlying applications and in the underlying operating system. The underlying vulnerabilities were previously fixed at the...

10CVSS7.8AI score0.86692EPSS
Exploits70
NCSC
NCSC
•added 2021/02/24 12:0 a.m.•5 views

Vulnerabilities fixed in Citrix Hypervisor

Vulnerabilities have been fixed in the Citrix Hypervisor. The vulnerabilities allow a malicious person with administrator privileges within the guest VM to cause a denial-of-service on the host. Citrix has released updates to fix the vulnerabilities. More information can be found on the page belo...

7.8CVSS8.2AI score0.00544EPSS
Exploits0
NCSC
NCSC
•added 2021/02/24 12:0 a.m.•6 views

Vulnerability fixed in IBM Integration Bus

A vulnerability has been fixed in IBM Integration Bus. The vulnerability allows a remote malicious party to perform a denial-of-service attack. IBM has released updates to fix the vulnerability. More information can be found on the page below: https://www.ibm.com/support/pages/node/6416609...

7.5CVSS8.4AI score0.05197EPSS
Exploits1
NCSC
NCSC
•added 2021/02/24 12:0 a.m.•3 views

Vulnerabilities fixed in Mozilla Firefox, Firefox ESR and Thunderbird

Vulnerabilities have been fixed in Firefox and Firefox ESR. The vulnerabilities allow a malicious party to carry out attacks execute attacks that lead to the following categories of damage: Denial-of-Service DoS Circumvention of security measure Remote code execution User rights Spoofing Accessin...

8.8CVSS7.4AI score0.0153EPSS
Exploits1
NCSC
NCSC
•added 2021/02/24 12:0 a.m.•6 views

Vulnerability fixed in Huawei S5700

A vulnerability has been fixed in the Huawei S5700 switch. The vulnerability allows a malicious party to cause a denial-of-service cause. Huawei has made little information made available. Huawei has released updates to fix the vulnerability. More information can be found on the page below:...

5.3CVSS6.5AI score0.00715EPSS
Exploits0
NCSC
NCSC
•added 2021/02/24 12:0 a.m.•6 views

Vulnerabilities fixed in VMware ESXi and vSpher

VMware has fixed vulnerabilities in ESXi and vCentre vSphere. The vulnerabilities allow a malicious person to execute arbitrary code on ESXi and vCentre. Also, the the vulnerabilities allow the malicious party to launch a Cross-Site Request Forgery attack on vCentre. It is good practice to unlock...

10CVSS7.3AI score0.9957EPSS
Exploits54
NCSC
NCSC
•added 2021/02/24 12:0 a.m.•5 views

Vulnerabilities fixed in Aruba ClearPass Policy Manager

Vulnerabilities have been fixed in Aruba ClearPass Policy Manager. The vulnerabilities allow a malicious party to conduct attacks execute attacks that result in the following categories of damage: Cross-Site Scripting XSS. Remote code execution Administrator/Root privileges SQL Injection Increase...

9CVSS7.5AI score0.02452EPSS
Exploits2
NCSC
NCSC
•added 2021/02/24 12:0 a.m.•6 views

Vulnerabilities fixed in Intel BIOS

Intel has fixed vulnerabilities in the BIOS which is used along with specific Xeon and Atom processors. The vulnerabilities enable a locally authenticated malicious person to opportunity to obtain elevated privileges. The malicious party needs physical access to the vulnerable machine to do so...

7.8CVSS6.6AI score0.00414EPSS
Exploits0
NCSC
NCSC
•added 2021/02/24 12:0 a.m.•4 views

Vulnerabilities fixed in AirWave

Vulnerabilities have been fixed in the web-based management interface of AirWave. The vulnerabilities allow a malicious able to perform attacks that result in the following categories of damage: Cross-Site Request Forgery XSRF. Cross-Site Scripting XSS Denial-of-Service DoS. Remote code execution...

9.8CVSS7.5AI score0.01428EPSS
Exploits1
NCSC
NCSC
•added 2021/02/23 12:0 a.m.•3 views

Vulnerabilities fixed in Ruby on Rails

Vulnerabilities have been fixed in Ruby on Rails. The vulnerabilities allow a malicious party to cause a denial-of-service cause and redirect a user to a rogue web page. The Ruby on Rails developers have released updates to fix the vulnerabilities. More information can be found on the pages below...

7.5CVSS6.6AI score0.87301EPSS
Exploits2
NCSC
NCSC
•added 2021/02/23 12:0 a.m.•4 views

Vulnerability fixed in Atlassian Jira

A vulnerability has been fixed in Jira. The vulnerability allows unauthenticated a malicious person to gain access to system data Atlassian has released updates to fix the vulnerability. fix. More information can be found on the page below: https://jira.atlassian.com/browse/JRASERVER-72014...

5.3CVSS6.7AI score0.23086EPSS
Exploits0
NCSC
NCSC
•added 2021/02/23 12:0 a.m.•2 views

Vulnerability fixed in Jenkins

A vulnerability has been fixed in Jenkins. The vulnerability allows an authenticated malicious person to obtain elevated privileges. obtain. Jenkins has released updates to fix the vulnerability. More information can be found on the page below: https://www.jenkins.io/security/advisory/2021-02-19/...

9CVSS6.4AI score0.03197EPSS
Exploits0
NCSC
NCSC
•added 2021/02/23 12:0 a.m.•3 views

Vulnerability fixed in OpenLDAP

A vulnerability has been fixed in OpenLDAP. The vulnerability allows an unauthenticated remote malicious party to cause a denial-of-service attack. The developers of OpenLDAP have released updates to fix the vulnerability. More information can be found at the page below:...

7.5CVSS6.8AI score0.64147EPSS
Exploits1
NCSC
NCSC
•added 2021/02/22 12:0 a.m.•4 views

Vulnerabilities fixed in Python

Vulnerabilities have been fixed in Python. The vulnerabilities allow a malicious person to perform attacks that lead to the following categories of damage: Denial-of-Service DoS Remote code execution User Rights Access to sensitive data Python developers have indicated that the vulnerability with...

9.8CVSS6.3AI score0.35963EPSS
Exploits2
NCSC
NCSC
•added 2021/02/19 12:0 a.m.•2 views

Vulnerability fixed in IBM WebSphere Application Server

IBM WebSphere Application Server can let an attacker remotely access folders access folders. An attacker can send a specially crafted URL request with "dot-dot" strings /../ to send arbitrary files on the system. IBM has released updates to fix the vulnerability. For more information, see:...

7.8CVSS6.8AI score0.03696EPSS
Exploits0
NCSC
NCSC
•added 2021/02/19 12:0 a.m.•5 views

Vulnerability fixed in Atlassian Bitbucket

By placing a specially crafted DLL file in the Bitbucket installation directory, an unauthorized user can execute arbitrary code with SYSTEM privileges on a Windows system on which the vulnerable Bitbucket software is installed. Atlassian has released updates to fix the vulnerability. fix. For mo...

7.8CVSS7.5AI score0.00265EPSS
Exploits0
NCSC
NCSC
•added 2021/02/18 12:0 a.m.•5 views

Vulnerability fixed in Atlassian Jira

Atlassian has fixed a vulnerability in the Jira Server for Slack plugin. An authenticated remote malicious person could exploit the exploit the vulnerability to execute arbitrary code on the Jira server. No CVE number has yet been disclosed for the vulnerability. disclosed. Jira installations tha...

7.6AI score
Exploits0
NCSC
NCSC
•added 2021/02/18 12:0 a.m.•5 views

Vulnerability fixed in Xen

The developers of the Xen hypervisor have fixed a vulnerability fixed. A local malicious party within a guest system could potentially exploit the vulnerability potentially exploit it to cause a denial-of-service cause on the host or to obtain elevated privileges. Versions of Xen equal to or high...

6.5AI score
Exploits0
NCSC
NCSC
•added 2021/02/18 12:0 a.m.•7 views

Vulnerability fixed in Cisco Anyconnect Client

Cisco has fixed a vulnerability in the Anyconnect client for Windows. A local, authenticated malicious party could exploit the exploit the vulnerability to perform a DLL hijack and thus potentially execute arbitrary code under SYSTEM privileges. Cisco has released updates to fix the vulnerability...

7.8CVSS7.3AI score0.01253EPSS
Exploits1
NCSC
NCSC
•added 2021/02/18 12:0 a.m.•4 views

Vulnerabilities fixed in Red Hat OpenShift Container Platform

Red Hat has fixed multiple vulnerabilities in OpenShift Container Platform. The vulnerabilities are in the applications Jenkins and Ant, and allow an unauthenticated remote malicious person to remote may be able to launch attacks that result in the following categories of damage: Cross-Site...

8CVSS8.3AI score0.08235EPSS
Exploits0
NCSC
NCSC
•added 2021/02/18 12:0 a.m.•4 views

Vulnerability fixed in BIND

A vulnerability has been fixed in ISC BIND. A malicious party could potentially exploit the vulnerability to cause a denial-of-service cause. This vulnerability can only be exploited when BIND is configured to make use of GSS-TSIG. This is not the default configuration. In environments where BIND...

8.1CVSS6.8AI score0.64161EPSS
Exploits0
NCSC
NCSC
•added 2021/02/18 12:0 a.m.•3 views

Vulnerabilities fixed in PHP

Several vulnerabilities have been fixed in PHP. The vulnerabilities potentially enable an unauthenticated remote malicious person to able to launch attacks that result in the following categories of damage: Denial-of-Service DoS Spoofing Access to sensitive data -= Debian =- Debian has made updat...

7.5CVSS7.1AI score0.05029EPSS
Exploits3
NCSC
NCSC
•added 2021/02/17 12:0 a.m.•3 views

Vulnerability fixed in Foxit Reader and Foxit PhantomPDF

Foxit has fixed vulnerabilities in Foxit Reader and Foxit PhantomPDF. A malicious party could potentially exploit it to cause a denial-of-service or execute arbitrary execute arbitrary code with the privileges of the logged-in user. Foxit has released updates to fix the vulnerabilities. For more...

7.8CVSS7.7AI score0.03554EPSS
Exploits0
NCSC
NCSC
•added 2021/02/17 12:0 a.m.•3 views

Multiple vulnerabilities fixed in Google Chrome

Vulnerabilities have been fixed in Google Chrome. A malicious person could potentially exploit the vulnerabilities to cause a denial-of-service cause or execute arbitrary code with the privileges of the logged in user. As usual, Google is disclosing little information regarding the details of the...

9.6CVSS7.7AI score0.09458EPSS
Exploits8
NCSC
NCSC
•added 2021/02/17 12:0 a.m.•3 views

Vulnerabilities fixed in XEN

The developers of XEN have fixed a number of vulnerabilities. A malicious party could potentially exploit the vulnerabilities to cause a denial-of-service on the guest system and possibly even the entire virtualization environment. Also, a malicious person could possibly gain access to sensitive...

7.8CVSS8.5AI score0.00544EPSS
Exploits0
NCSC
NCSC
•added 2021/02/17 12:0 a.m.•7 views

Vulnerabilities fixed in ClearPass Policy Manager

Vulnerabilities have been fixed in ClearPass Policy Manager. The vulnerabilities allow a malicious party to conduct attacks execute attacks that result in the following categories of damage: Cross-Site Scripting XSS. Remote code execution Administrator/Root rights SQL Injection Increased user...

9CVSS7.7AI score0.02452EPSS
Exploits2
NCSC
NCSC
•added 2021/02/17 12:0 a.m.•11 views

Vulnerability fixed in Red Hat kernel

Vulnerabilities have been fixed in the Red Hat kernel. The vulnerabilities allow a locally authenticated malicious agent to able to cause a denial-of-service and to launch a so-called chache-poisioning attack. -= Red Hat =- Red Hat has made updates available for Red Hat Enterprise Linux 8. You ca...

7.8CVSS7.7AI score0.06692EPSS
Exploits3
NCSC
NCSC
•added 2021/02/17 12:0 a.m.•14 views

Vulnerabilities fixed in Node.js

Vulnerabilities have been fixed in Node.js. The vulnerabilities allow a malicious person to perform attacks that lead to the following categories of damage: Denial-of-Service DoS. Circumvention of security measure Remote code execution User rights Access to system data -= Red Hat =- Red Hat has...

9.8CVSS8.9AI score0.69062EPSS
Exploits10
NCSC
NCSC
•added 2021/02/17 12:0 a.m.•12 views

Vulnerabilities fixed in OpenSSL

Vulnerabilities have been fixed in OpenSSL. The vulnerabilities allow a malicious party to remotely initiate a denial-of-service by offering a rogue certificate to to an SSL server or SSL client. When an SSL server still supports SSLv2, it is possible to inadvertently establish a connection and...

7.5CVSS9.2AI score0.50732EPSS
Exploits0
NCSC
NCSC
•added 2021/02/16 12:0 a.m.•2 views

Vulnerabilities fixed in IBM WebSphere Application Server

Vulnerabilities have been fixed in IBM WebSphere. The vulnerabilities with reference CVE-2020-2773, CVE-2020-14781 and CVE-2020-14782 have been previously described in the security advisories with attribute NCSC-2020-0279 and NCSC-2020-0856. The vulnerability with attribute CVE-2020-27221 allows ...

9.8CVSS8.4AI score0.03625EPSS
Exploits0
NCSC
NCSC
•added 2021/02/15 12:0 a.m.•8 views

Vulnerabilities fixed in IBM Spectrum Protect Plus

Vulnerabilities have been fixed in IBM Spectrum Protect. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS. Remote code execution Administrator/Root rights Circumvention of security measure IBM...

8CVSS7.3AI score0.00627EPSS
Exploits0
NCSC
NCSC
•added 2021/02/15 12:0 a.m.•22 views

Vulnerabilities fixed in Jira

Vulnerabilities have been fixed in JIRA. The vulnerabilities allow a malicious person to perform a Cross-Site Scripting attack and to obtain system data. Atlassian categorizes these vulnerabilities according to the CVSSv3 method with a highest score of 8.2. Atlassian has released updates to addre...

6.1CVSS6.2AI score0.02001EPSS
Exploits0
NCSC
NCSC
•added 2021/02/15 12:0 a.m.•3 views

Vulnerability fixed in Apache Subversion (SVN)

Apache has fixed a vulnerability in Subversion SVN. The vulnerability allows an unauthenticated remote malicious person capable of causing a denial-of-service. Apache categorizes this vulnerability according to the CVSSv3 method with a score of 7.5. Apache has released updates to fix the...

7.5CVSS6.8AI score0.40075EPSS
Exploits1
NCSC
NCSC
•added 2021/02/12 12:0 a.m.•9 views

Vulnerability fixed in vSphere Replication

VMWare has fixed a vulnerability in vSphere Replicator. A malicious person with management privileges in Replicator can exploit the vulnerability exploit it to execute arbitrary code with system privileges on the underlying system. Because such an attack fits into the so-called "evil admin"...

7.2CVSS7.7AI score0.02074EPSS
Exploits0
NCSC
NCSC
•added 2021/02/12 12:0 a.m.•3 views

Vulnerabilities fixed in GitLab

Several vulnerabilities have been fixed in GitLab. The vulnerabilities allow a malicious person to carry out attacks that lead to the following categories of damage: Denial-of-Service DoS Circumvention of security measure Accessing sensitive data Accessing system data No CVE numbers have yet been...

7AI score
Exploits0
NCSC
NCSC
•added 2021/02/12 12:0 a.m.•3 views

Vulnerabilities fixed in PostgreSQL

Several vulnerabilities have been fixed in PostgreSQL. A malicious person with limited privileges could potentially exploit them to gain access to data stored in a PostgreSQL database. Developers have released updates to fix the vulnerabilities fixes in PostgreSQL 13.2, 12.6, 11.11, 10.16, 9.6.21...

4.3CVSS7.1AI score0.01466EPSS
Exploits2
NCSC
NCSC
•added 2021/02/11 12:0 a.m.•9 views

Multiple vulnerabilities fixed in F5 BIG-IP products

F5 has fixed several vulnerabilities in BIG-IP. Malicious parties can exploit the vulnerabilities to cause a denial-of-service or perform cross-site scripting attacks. Authenticated malicious actors can exploit some of the vulnerabilities exploit them to bypass security measures and gain access...

8.5CVSS6.9AI score0.01062EPSS
Exploits0
NCSC
NCSC
•added 2021/02/11 12:0 a.m.•8 views

Vulnerability fixed in IBM Spectrum Protect Plus

IBM has fixed a vulnerability in Spectrum Protect Plus. A unauthenticated remote malicious party can exploit the vulnerability exploit it to cause a denial-of-service. IBM has released updates to fix the vulnerability in Spectrum Protect Plus 10.1.7.2 10.1.7 ifix2. For more information, see:...

7.5CVSS6.8AI score0.02313EPSS
Exploits0
NCSC
NCSC
•added 2021/02/11 12:0 a.m.•8 views

Vulnerabilities fixed in SUSE Linux kernel

Several vulnerabilities have been fixed in SUSE Linux Enterprise Server. The vulnerabilities enable a malicious person remote or otherwise to remote may be able to launch attacks that result in the following categories of damage: Denial-of-Service DoS. Remote code execution Administrator/Root...

8.8CVSS7AI score0.06563EPSS
Exploits2
NCSC
NCSC
•added 2021/02/11 12:0 a.m.•6 views

Vulnerabilities fixed in Schneider Electric equipment

Vulnerabilities have been fixed in Schneider Electric devices. The vulnerabilities allow an unauthorized malicious person at remotely able to cause a denial-of-service and to obtain sensitive data Schneider Electric has released updates to address the vulnerabilities. fix. More information can be...

7.8CVSS6.7AI score0.01155EPSS
Exploits0
NCSC
NCSC
•added 2021/02/11 12:0 a.m.•4 views

Vulnerability fixed in IBM WebSphere Application Server

IBM WebSphere Application Server is vulnerable to an XML External Entity Injection XXE attack when processing XML data. An external attacker can exploit this security vulnerability to obtain obtain sensitive information. IBM has released updates to fix the vulnerability. For more information, see...

8.2CVSS7AI score0.05162EPSS
Exploits0
NCSC
NCSC
•added 2021/02/10 12:0 a.m.•5 views

Vulnerabilities fixed in McAfee Endpoint Security

McAfee has fixed vulnerabilities in Endpoint Security for Windows. A local malicious agent could exploit the vulnerabilities to obtain elevated privileges and to execute arbitrary code with user privileges through a cross-site scripting XSS attack. In addition, the vulnerabilities can be exploite...

8.2CVSS6.6AI score0.00637EPSS
Exploits0
NCSC
NCSC
•added 2021/02/10 12:0 a.m.•3 views

Vulnerabilities fixed in Xerox WorkCentre

Xerox has fixed several vulnerabilities in WorkCentre. A malicious party could exploit the vulnerabilities to cause a Denial-of-Service or to perform a Cross-Site Scripting XSS attack. The latter can lead to the execution of arbitrary script code in the browser used to visit the application is...

6.8AI score
Exploits0
NCSC
NCSC
•added 2021/02/10 12:0 a.m.•4 views

Vulnerabilities fixed in Adobe Acrobat

Adobe has released security updates for Adobe Acrobat and Reader for Windows and macOS. These updates fix multiple critical and important vulnerabilities. Successful misuse can lead to execution of arbitrary code in the context of the current user or obtain elevated privileges. Adobe has received...

9.3CVSS7.3AI score0.8621EPSS
Exploits2
Total number of security vulnerabilities4199