Lucene search
K

4197 matches found

NCSC
NCSC
•added 2021/01/27 12:0 a.m.•3 views

Vulnerability fixed in Linux kernel

A vulnerability has been fixed in the Linux kernel. A malicious party can exploit the vulnerability to obtain sensitive information via a "path traversal" attack that allows security measures can be bypassed. The vulnerability can only be exploited when the target system provides a file system to...

6.5CVSS7.7AI score0.02417EPSS
Exploits0
NCSC
NCSC
•added 2021/01/27 12:0 a.m.•7 views

Vulnerabilities fixed in Red Hat JBoss Enterprise Application Platform

Red Hat has made updates available for JBoss Enterprise Application Platform. A malicious party could potentially exploit them to cause a denial-of-service or for obtaining sensitive information. This also fixes the vulnerabilities described in NCSC-2020-0968 and NCSC-2020-1010. Red Hat has made...

7.8CVSS8.4AI score0.08665EPSS
Exploits2
NCSC
NCSC
•added 2021/01/27 12:0 a.m.•5 views

Vulnerabilities fixed in sudo

Several vulnerabilities have been fixed in sudo. A local malicious party can, by exploiting these vulnerabilities, gain gain root privileges on the vulnerable system. The developers of sudo have released updates to fix the vulnerability marked CVE-2021-3156 in version 1.9.5p2. The vulnerabilities...

7.8CVSS8.7AI score0.99295EPSS
Exploits83
NCSC
NCSC
•added 2021/01/27 12:0 a.m.•3 views

Vulnerabilities fixed in Mozilla Thunderbird

Mozilla has fixed several vulnerabilities in Thunderbird. The vulnerabilities potentially enable a remote malicious person to able to launch attacks that result in the following categories of damage: Denial-of-Service DoS Remote code execution User Rights Access to sensitive data Access to system...

8.8CVSS7.6AI score0.01556EPSS
Exploits1
NCSC
NCSC
•added 2021/01/27 12:0 a.m.•3 views

Vulnerabilities fixed in Mozilla Firefox

Mozilla has fixed several vulnerabilities in Firefox. The vulnerabilities potentially enable a remote malicious person to able to launch attacks that result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Remote code execution User Rights Access to sensitive...

8.8CVSS6.9AI score0.01323EPSS
Exploits2
NCSC
NCSC
•added 2021/01/27 12:0 a.m.•3 views

Vulnerabilities fixed in Mozilla Firefox ESR

Mozilla has fixed several vulnerabilities in Firefox ESR. The vulnerabilities potentially enable a remote malicious person to able to launch attacks that result in the following categories of damage: Denial-of-Service DoS Remote code execution User Rights Access to sensitive data Access to system...

8.8CVSS7.5AI score0.01556EPSS
Exploits0
NCSC
NCSC
•added 2021/01/22 12:0 a.m.•3 views

Vulnerabilities fixed in OpenShift Container Platform

Red Hat has fixed multiple vulnerabilities in OpenShift Container Platform. A remote malicious party can exploit the exploit the vulnerabilities to gain access to sensitive information. Red Hat has released updates to fix the vulnerabilities in OpenShift Container Platform 3.11.374. For more...

6.5CVSS9AI score0.09274EPSS
Exploits3
NCSC
NCSC
•added 2021/01/22 12:0 a.m.•8 views

Vulnerabilities fixed in MISP

Vulnerabilities have been fixed in MISP. The vulnerabilities allow a malicious person to bypass a security measure and perform a Cross-Site Scripting XSS attack. Such an attack can result in the execution of arbitrary script code in the browser used to visit the application. The developers of MIS...

9.1CVSS6.3AI score0.01312EPSS
Exploits0
NCSC
NCSC
•added 2021/01/21 12:0 a.m.•4 views

Vulnerability fixed in Cisco Security Appliances

Cisco has fixed multiple vulnerabilities in Cisco Email Security Appliance, Cisco Content Security Management Appliance and Cisco Web Security Appliance. A malicious party could exploit it to obtain information about the system. Cisco has released updates to fix the vulnerability. For more...

5.3CVSS6.8AI score0.01142EPSS
Exploits0
NCSC
NCSC
•added 2021/01/21 12:0 a.m.•7 views

Vulnerabilities fixed in Cisco Data Center Network Manager

Cisco has fixed multiple vulnerabilities in several Data Center Network Manager components. The vulnerabilities allow a malicious party to conduct attacks that result in the following categories of damage: Cross-Site Scripting XSS. Manipulation of data Bypassing authentication Circumvention of...

8.8CVSS7.8AI score0.01901EPSS
Exploits0
NCSC
NCSC
•added 2021/01/21 12:0 a.m.•5 views

Vulnerability fixed in Oracle Java SE

Oracle has fixed vulnerabilities in the following Oracle Java products: Java SE JDK and JRE The vulnerabilities allow an unauthenticated malicious person with network access to the vulnerable system may be able to system data. Only applications that execute untrusted code e.g., using third-party...

5.3CVSS7.1AI score0.03122EPSS
Exploits0
NCSC
NCSC
•added 2021/01/21 12:0 a.m.•6 views

Vulnerability fixed in VLC

A vulnerability has been fixed in VLC. The vulnerability allows a malicious party capable of causing a denial-of-service and possibly executing arbitrary code under the privileges of the user. To exploit the vulnerability, a user must open a malicious file open. VLC has released updates to fix th...

7.4AI score
Exploits0
NCSC
NCSC
•added 2021/01/21 12:0 a.m.•7 views

Vulnerabilities fixed in Cisco Unified Communications

Cisco has fixed multiple vulnerabilities in several Unified Communications products. An authenticated malicious person remote can exploit the vulnerabilities to gain access data on the underlying file system or in the underlying database. This includes hashed passwords stored in this database...

6.5CVSS6.9AI score0.01352EPSS
Exploits0
NCSC
NCSC
•added 2021/01/21 12:0 a.m.•5 views

Vulnerability fixed in Drupal

A vulnerability has been fixed in Drupal. A malicious party could potentially exploit the vulnerability to execute arbitrary PHP code execute under the application's permissions. To do so, the malicious party needs to upload a rogue .tar, .tar.gz, .bz2, or .tlz file uploaded to the Drupal server...

7.5CVSS7.5AI score0.70595EPSS
Exploits0
NCSC
NCSC
•added 2021/01/21 12:0 a.m.•7 views

Vulnerabilities fixed in Oracle Enterprise Manager

Oracle has fixed multiple vulnerabilities in Oracle Enterprise Manager. The vulnerabilities allow an unauthenticated remote malicious party potentially able to launch attacks leading to the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution Access to...

9.8CVSS7.6AI score0.9986EPSS
Exploits10
NCSC
NCSC
•added 2021/01/21 12:0 a.m.•3 views

Vulnerability fixed in IBM Integration Bus

A vulnerability has been fixed in IBM Integration Bus. The vulnerability allows a remote malicious party to cause a Denial-of-Service or execute arbitrary code under the user's privileges. IBM has released updates to fix the vulnerability. More information can be found on the page below:...

8.1CVSS7.8AI score0.09503EPSS
Exploits0
NCSC
NCSC
•added 2021/01/21 12:0 a.m.•5 views

Vulnerabilities fixed in Oracle Supply Chain Products Suite

Oracle has fixed multiple vulnerabilities in Supply Chain Products Suite. The vulnerabilities potentially enable a malicious person able to perform attacks that result in the following categories of damage: Cross-Site Scripting XSS. Manipulation of data Remote code execution User Rights Access to...

8.2CVSS6.9AI score0.87218EPSS
Exploits4
NCSC
NCSC
•added 2021/01/21 12:0 a.m.•21 views

Vulnerabilities fixed in Oracle Virtualization

Vulnerabilities have been fixed in Oracle Virtualization/Virtualbox. The vulnerabilities allow a malicious person to perform attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution User rights Access to sensitive data...

8.2CVSS7.5AI score0.00999EPSS
Exploits0
NCSC
NCSC
•added 2021/01/21 12:0 a.m.•6 views

Vulnerabilities fixed in Oracle MySQL

Oracle has fixed vulnerabilities in the following Oracle MySQL products: MySQL Workbench MySQL Server MySQL Enterprise Monitor The vulnerabilities allow an unauthenticated malicious person with network access to the vulnerable system may be able to launch attacks execute attacks that result in th...

8.7CVSS8.2AI score0.28839EPSS
Exploits9
NCSC
NCSC
•added 2021/01/21 12:0 a.m.•82 views

Vulnerabilities fixed in Oracle E-Business Suite

Vulnerabilities have been fixed in Oracle E-Business Suite. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Manipulation of data. Remote code execution User rights Access to sensitive data Access to system data...

9.8CVSS7.3AI score0.59321EPSS
Exploits0
NCSC
NCSC
•added 2021/01/21 12:0 a.m.•35 views

Vulnerabilities fixed in Oracle Financial Services

Vulnerabilities have been fixed in Oracle Financial Services Applications. The vulnerabilities allow a malicious party to perform attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Circumvention of security measure Remote code execution User righ...

9.8CVSS8.9AI score0.97399EPSS
Exploits25
NCSC
NCSC
•added 2021/01/21 12:0 a.m.•5 views

Vulnerabilities fixed in Oracle Database Server

Oracle has fixed vulnerabilities in the following Oracle Database Server products: Database - Enterprise Edition Text Advanced Networking Option Application Express APEX PERL The vulnerabilities allow an unauthenticated malicious person with network access to the vulnerable system may be able to...

8.8CVSS8.6AI score0.04879EPSS
Exploits0
NCSC
NCSC
•added 2021/01/21 12:0 a.m.•7 views

Vulnerabilities fixed in Oracle Hyperion

Oracle has fixed vulnerabilities in the following Oracle Hyperion products: Hyperion Infrastructure Technology Hyperion Financial Reporting The vulnerabilities allow an unauthenticated malicious person with network access to the vulnerable system may be able to launch attacks execute attacks that...

9.8CVSS7.4AI score0.99019EPSS
Exploits10
NCSC
NCSC
•added 2021/01/21 12:0 a.m.•8 views

Vulnerabilities fixed in Oracle PeopleSoft

Oracle has fixed several vulnerabilities in PeopleSoft. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Cross-Site Request Forgery XSRF. Cross-Site Scripting XSS. Data manipulation. Remote code execution User Righ...

8.4CVSS7AI score0.99019EPSS
Exploits14
NCSC
NCSC
•added 2021/01/21 12:0 a.m.•12 views

Vulnerabilities fixed in Oracle JD Edwards

Oracle has fixed vulnerabilities in the following Oracle JD Edwards products: JD Edwards EnterpriseOne Tools JD Edwards EnterpriseOne Orchestrator The vulnerabilities allow an unauthenticated malicious person with network access to the vulnerable system may be able to launch attacks execute attac...

7.5CVSS6.8AI score0.99019EPSS
Exploits9
NCSC
NCSC
•added 2021/01/21 12:0 a.m.•10 views

Vulnerability fixed in Oracle Siebel

Oracle has fixed several vulnerabilities in Siebel. The vulnerabilities allow an unauthenticated malicious person with network access to the vulnerable system may be able to launch attacks execute attacks that result in the following categories of damage: Denial-of-Service Manipulation of data...

7.6CVSS7.8AI score0.99019EPSS
Exploits22
NCSC
NCSC
•added 2021/01/21 12:0 a.m.•117 views

Vulnerabilities fixed in Oracle Fusion Middleware

Oracle has fixed vulnerabilities in Fusion Middleware products. The vulnerabilities allow a malicious person to able to perform attacks that result in the following categories of damage: Cross-Site Request Forgery XSRF. Cross-Site Scripting XSS Denial-of-Service DoS. Manipulation of data...

9.8CVSS8AI score0.99019EPSS
Exploits40
NCSC
NCSC
•added 2021/01/21 12:0 a.m.•11 views

Vulnerabilities fixed in Oracle Communications

Vulnerabilities have been fixed in Oracle Communications. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS. Circumvention of security measure SQL Injection Accessing sensitive data Accessing...

9.8CVSS7.8AI score0.28839EPSS
Exploits6
NCSC
NCSC
•added 2021/01/20 12:0 a.m.•7 views

Vulnerability fixed in Juniper QFX switches

Juniper has fixed a vulnerability in Junos OS for network switches in the QFX10K series. A remote malicious party could potentially exploit the vulnerability to cause a denial-of-service cause. To do so, rogue multicast network traffic should be sent to the vulnerable switch be sent. Juniper has...

6.5CVSS6.9AI score0.00508EPSS
Exploits0
NCSC
NCSC
•added 2021/01/20 12:0 a.m.•3 views

Vulnerability fixed in Red Hat kernel

A vulnerability has been fixed in the Red Hat kernel. The vulnerability allows a local malicious agent to cause a denial-of-service and to modify data. Red Hat has released updates to fix the vulnerability. More information can be found on the page below:...

6CVSS7.8AI score0.00566EPSS
Exploits1
NCSC
NCSC
•added 2021/01/20 12:0 a.m.•3 views

Vulnerabilities fixed in Google Chrome

Vulnerabilities have been fixed in Google Chrome. The vulnerabilities allow a malicious person to launch attacks that lead to the following categories of damage: Denial-of-Service DoS Circumvention of security measure Remote code execution User rights As usual, Google reveals little information...

9.6CVSS7.3AI score0.23406EPSS
Exploits4
NCSC
NCSC
•added 2021/01/20 12:0 a.m.•3 views

Vulnerability fixed in NetApp products

A vulnerability has been fixed in NetApp products. The vulnerability allows a malicious party to obtain sensitive data obtain sensitive data. NetApp has released updates to fix the vulnerability. More information can be found on the page below:...

4.3CVSS8.2AI score0.04803EPSS
Exploits0
NCSC
NCSC
•added 2021/01/20 12:0 a.m.•15 views

Vulnerabilities fixed in Red Hat OpenShift Virtualization

Red Hat has fixed multiple vulnerabilities in OpenShift Virtualization. The vulnerabilities potentially enable a malicious person able to launch attacks that result in the following categories of damage: Denial-of-Service DoS Access to system data Increased user privileges Red Hat has released...

8.8CVSS8.5AI score0.06968EPSS
Exploits4
NCSC
NCSC
•added 2021/01/19 12:0 a.m.•5 views

Vulnerability fixed in McAfee Agent

McAfee has fixed a vulnerability in McAfee Agent. Due to a flaw in the permissions structure, a local malicious agent can disrupt the operation of Agent by manipulating a directory used by Agent used for temporary files. The result of this is that Agent continues to work, but no longer processes...

5.5CVSS6.7AI score0.00354EPSS
Exploits0
NCSC
NCSC
•added 2021/01/19 12:0 a.m.•33 views

Vulnerabilities fixed in Red Hat OpenShift Container Platform

Vulnerabilities have been fixed in Red Hat OpenShift Container Platform. The vulnerabilities allow a malicious party to perform attacks that result in the following categories of damage: Server-side Request Forgery SSRF Denial-of-Service DoS. Access to sensitive data Access to system data Red Hat...

7.5CVSS6.8AI score0.03813EPSS
Exploits0
NCSC
NCSC
•added 2021/01/19 12:0 a.m.•7 views

Vulnerability fixed in XStream

A vulnerability has been fixed in XStream. When it is possible for a user is able to submit XML files to the application delivery, the vulnerability could potentially be exploited to execute shell commands under application privileges. Only applications using the default blacklist functionality,...

9.3CVSS7AI score0.85001EPSS
Exploits7
NCSC
NCSC
•added 2021/01/19 12:0 a.m.•7 views

Vulnerability fixed in Atlassian Confluence

A vulnerability has been fixed in Atlassian Confluence. The vulnerability allows a malicious party to cause a denial-of-service cause. Atlassian has released updates to fix the vulnerability. fix. More information can be found on the page below: https://jira.atlassian.com/browse/CONFSERVER-60854...

6.5CVSS6.5AI score0.02214EPSS
Exploits0
NCSC
NCSC
•added 2021/01/19 12:0 a.m.•3 views

DNSpooq vulnerabilities fixed in dnsmasq

The developers of dnsmasq have fixed vulnerabilities in the dnsmasq application. Dnsmasq is widely used open source software for caching and forwarding DNS traffic. Although the DNS functionality is widely supported, dnsmasq is designed specifically for modest networks. Dnsmasq is commonly found,...

8.3CVSS7.2AI score0.86692EPSS
Exploits2
NCSC
NCSC
•added 2021/01/18 12:0 a.m.•5 views

Vulnerability fixed in the Fedora Linux kernel

Fedora developers have fixed a vulnerability in the Linux kernel they use. The vulnerability allows an authenticated remote malicious person to obtain to obtain sensitive information and to manipulate data. -= Fedora =- Fedora has made updates available for Fedora 32 and 33. You can install these...

8.1CVSS8.1AI score0.06563EPSS
Exploits0
NCSC
NCSC
•added 2021/01/18 12:0 a.m.•4 views

Vulnerability fixed in Atlassian Crucible

A vulnerability has been fixed in Atlassian Crucible. The vulnerability allows a malicious party to obtain system data obtain. Atlassian has released updates to fix the vulnerability. fix. More information can be found on the page below: https://jira.atlassian.com/browse/CRUC-8496...

5.3CVSS6.5AI score0.01144EPSS
Exploits0
NCSC
NCSC
•added 2021/01/15 12:0 a.m.•6 views

Vulnerability fixed in Elasticsearch

A vulnerability has been fixed in Elasticsearch. The vulnerability allows a malicious person to obtain system data. Elastic has released updates to fix the vulnerability. More information can be found on the page below: https://discuss.elastic.co/t/elasticsearch-7-10-2-security-update /261164...

4.8CVSS8.2AI score0.01241EPSS
Exploits0
NCSC
NCSC
•added 2021/01/15 12:0 a.m.•27 views

Vulnerabilities fixed in openSUSE kernel

Vulnerabilities have been fixed in openSUSE. The vulnerabilities allow a malicious person to launch attacks that lead to the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution User Rights Access to sensitive data Increased user rights -= openSUSE =- T...

9.8CVSS6.9AI score0.06563EPSS
Exploits9
NCSC
NCSC
•added 2021/01/15 12:0 a.m.•5 views

Vulnerabilities fixed in SolarWinds Network Performance Monitor

Vulnerabilities have been fixed in SolarWinds Network Performance Monitor. The vulnerabilities allow a malicious party to execute attacks that result in the following categories of damage: Remote code execution Administrator/Root privileges. Access to sensitive data Increased user privileges To...

9CVSS7.4AI score0.9039EPSS
Exploits0
NCSC
NCSC
•added 2021/01/15 12:0 a.m.•3 views

Vulnerability fixed in Ubuntu kernel

Canonical has fixed a vulnerability in the Ubuntu kernel. The vulnerability allows an authenticated remote malicious party to opportunity to obtain sensitive information and to manipulate data manipulate. -= Ubuntu =- Canonical has made updates available for Ubuntu 16.04 LTS, 18.04 LTS, 20.04 LTS...

8.1CVSS7.9AI score0.06563EPSS
Exploits0
NCSC
NCSC
•added 2021/01/14 12:0 a.m.•45 views

Vulnerabilities fixed in Cisco products

Vulnerabilities have been fixed in Cisco products. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Cross-Site Scripting XSS. Manipulation of data Circumvention of security measure Remote code execution User Rights...

7.8CVSS7AI score0.02146EPSS
Exploits0
NCSC
NCSC
•added 2021/01/14 12:0 a.m.•6 views

Vulnerabilities fixed in Jenkins

Vulnerabilities have been fixed in Jenkins. The vulnerabilities allow a malicious person to perform attacks that lead to the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Circumvention of security measure Accessing sensitive data Jenkins has released updates to...

8CVSS6.1AI score0.02226EPSS
Exploits0
NCSC
NCSC
•added 2021/01/14 12:0 a.m.•6 views

Vulnerability discovered in Schneider Electric EcoStruxure Control Expert

Vulnerabilities have been discovered in Schneider Electric EcoStruxure Control Expert. The vulnerabilities allow a local malicious able to cause a denial-of-service and to execute arbitrary execute arbitrary code by opening a rogue file. Schneider Electric categorizes this vulnerability according...

8.6CVSS7.7AI score0.01387EPSS
Exploits0
NCSC
NCSC
•added 2021/01/14 12:0 a.m.•4 views

Vulnerabilities fixed in Palo Alto PAN OS

Palo Alto has fixed a vulnerability in PAN-OS. The vulnerability allows a locally authenticated malicious person to opportunity to obtain sensitive data. Palo Alto has released updates to fix the vulnerability. fix. More information can be found on the page below:...

4.4CVSS6.3AI score0.00207EPSS
Exploits0
NCSC
NCSC
•added 2021/01/14 12:0 a.m.•18 views

Vulnerabilities fixed in Nagios XI

Vulnerabilities have been fixed in Nagios XI. The vulnerabilities allow a malicious person to perform attacks that lead to Cross-Site Scripting XSS and Remote code execution User Rights. Nagios has released updates to fix the vulnerabilities in Nagios XI 5.8.0. For more information, see:...

9CVSS6.3AI score0.81915EPSS
Exploits7
NCSC
NCSC
•added 2021/01/14 12:0 a.m.•5 views

Vulnerabilities fixed in SUSE kernel

Vulnerabilities have been fixed in the SUSE kernel. The vulnerabilities allow a malicious person to carry out attacks execute attacks that lead to the following categories of damage: Denial-of-Service DoS. Access to system data Increased user privileges SUSE has released updates to fix the...

9.8CVSS6.5AI score0.01672EPSS
Exploits9
Total number of security vulnerabilities4197