4179 matches found
Vulnerabilities fixed in MariaDB
Vulnerabilities have been fixed in MariaDB. The vulnerabilities allow a malicious person to perform a denial-of-service execution. In the case of the vulnerability with attribute CVE-2020-13249, it also involves an attack from the network. -= Ubuntu =- Canonical has made updates available for...
Vulnerabilities fixed in Trend Micro Antivirus for Mac
Trend Micro has fixed vulnerabilities in Antivirus for Mac. The vulnerabilities allow a locally authenticated malicious agent to able to cause a denial-of-service or to obtain system data obtain. Trend Micro categorizes these vulnerabilities according to the CVSSv3 method with a highest score of...
Vulnerability fixed in Red Hat OpenShift
Red Hat has fixed a vulnerability in OpenShift. The vulnerability allows a malicious owner of a pod to possible to bypass a security measure in the restricted Context Constraints Object to bypass. This enables the malicious person to enabled to send custom network packets. Red Hat scales this...
Vulnerability fixed in management console for 3PAR systems
HP has fixed a vulnerability in the StoreServ Management Console SSMC. SSMC is the Web-based management application for 3PAR StoreServ systems but can also be used to manage other storage systems. The vulnerability allows a malicious remotely able to bypass authentication. HP rates this...
Vulnerabilities fixed in Oracle Solaris
Oracle has fixed several vulnerabilities in Solaris. By exploiting the vulnerabilities, an unauthorized malicious person can gain remote access to the system. It also allows local users bypass security measures or cause a denial-of-service. Oracle has released updates to fix the vulnerabilities...
Vulnerabilities fixed in VMware Horizon Server and Client
Vulnerabilities have been fixed in VMware Horizon Server and Client. The vulnerabilities allow a malicious party to access system data and to execute arbitrary code under the user's privileges. VMware has released updates to fix the vulnerabilities. More information can be found on the page below...
Vulnerabilities fixed in Oracle Virtualbox
Oracle has fixed multiple vulnerabilities in Virtualbox. By exploiting the vulnerabilities, a malicious person with access to a VM gain access to sensitive data, manipulate data manipulate data or cause a denial-of-service. ------------------.------.------------------------------------- | CVE ID ...
Vulnerabilities fixed in Oracle Communications-producton
Oracle has fixed vulnerabilities in Communications Messaging Server. The vulnerabilities allow an unauthenticated malicious person with network access to the vulnerable system may be able to launch attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS...
Vulnerability fixed in ElasticSearch
A vulnerability has been fixed in ElasticSearch. The vulnerability allows a malicious person to obtain system data. This is only possible if Document or Field Level security is used. Elastic classifies this vulnerability with a CvSS score of 3.1. Elastic has released updates to fix the...
Vulnerabilities fixed in Oracle Hyperion
Oracle has fixed vulnerabilities in the following Oracle Hyperion products: Hyperion Analytic Provider Services Hyperion BI+ Hyperion Essbase Hyperion Infrastructure Technology Hyperion Planning Hyperion Lifecycle Management The vulnerabilities allow an unauthenticated malicious person with netwo...
Vulnerabilities fixed in Red Hat OpenShift
Vulnerabilities have been fixed in OpenShift. The vulnerabilities allow a malicious person to launch attacks that lead to the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Bypassing authentication Circumvention of security measure Remote code execution User right...
Vulnerabilities fixed in Oracle Financial Services Software
Oracle has fixed vulnerabilities in several Oracle Financial Services products. The vulnerabilities enable an unauthenticated malicious person with network access to a vulnerable system potentially able to launch attacks that result in the following categories of damage: Denial-of-Service DoS...
Vulnerability fixed in Snort
A vulnerability has been fixed in Snort. The vulnerability allows an unauthenticated remote malicious person to enable an security measure to bypass. Cisco has released updates to fix the vulnerability. More information can be found on the page below: https://tools.cisco.com/security/center/conte...
Vulnerability fixed in Citrix ADC and Citrix Gateway
Citrix has fixed a vulnerability in ADC and Gateway. The vulnerability allows a malicious party to obtain elevated privileges. obtain. The vulnerability can only be exploited from a peer switch whose Link Layer Discovery Protocol LLDP is enabled. Citrix has released updates to fix the...
Vulnerability in Ghisler Total Commander
There is a vulnerability in Ghisler Total Commander. The vulnerability allows a local malicious person to obtain elevated permissions by replacing the Total Commander binary. The developers of Total Commander have indicated that they will not fix the vulnerability will not be fixed. According to...
Vulnerabilities fixed in Cisco ASA and FTD
Vulnerabilities have been fixed in Cisco Adaptive Security Appliance ASA and Cisco Firepower Threat Defense FTD. The vulnerabilities allow a malicious party to conduct attacks execute attacks that result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS...
Vulnerabilities fixed in Oracle Fusion Middleware
Oracle has fixed vulnerabilities in the following Oracle Fusion Middleware products: JDeveloper HTTP Server Identity Manager Connector Business Intelligence Enterprise Edition WebLogic Server The vulnerabilities allow an unauthenticated malicious person with network access to the vulnerable syste...
Vulnerabilities fixed in Xen
Vulnerabilities have been fixed in Xen. The vulnerabilities allow a malicious party the ability to cause a denial-of-service or to obtain elevated privileges. Xen has released updates to fix the vulnerabilities. More information can be found on the pages below: x86 PV guest INVLPG-like flushes ma...
Vulnerabilities fixed in Google Chrome
Google has fixed several vulnerabilities in Chrome. The vulnerabilities potentially allow a remote malicious person to able to perform a denial-of-service attack or to execute arbitrary execute arbitrary code under the user's privileges. As usual, Google has made little substantive information...
Vulnerabilities fixed in libvirt
Vulnerabilities have been fixed in libvirt. The vulnerabilities allow a local malicious person to obtain elevated privileges obtain or perform a denial-of-service attack. -= SUSE =- SUSE has made updates available to fix the vulnerability in SUSE 15. fix the vulnerability in SUSE 15. You can...
Vulnerabilities fixed in Firefox
Vulnerabilities have been fixed in Firefox and Firefox ESR. The vulnerabilities allow a malicious party to carry out attacks execute attacks that lead to the following categories of damage: Denial-of-Service DoS. Possible Remote code execution User Rights Spoofing Access to system data Mozilla ha...
Vulnerability fixed in Adobe InDesign
Adobe has fixed a vulnerability in InDesign. The vulnerability allows a malicious party to execute arbitrary code execute arbitrary code under user privileges. Adobe has released updates to fix the vulnerability. More information can be found on the page below:...
Vulnerability fixed in Adobe Dreamweaver
Adobe has fixed a vulnerability in Dreamweaver. The vulnerability allows a malicious party to obtain elevated rights to obtain. Adobe has released updates to fix the vulnerability. More information can be found on the page below: https://helpx.adobe.com/security/products/dreamweaver/apsb20-55.htm...
Vulnerabilities fixed in Nagios XI
Vulnerabilities have been fixed in Nagios XI. The vulnerabilities allow a malicious person to perform attacks that lead to the following categories of damage: Cross-Site Request Forgery XSRF. Cross-Site Scripting XSS. Remote code execution User Rights SQL Injection Access to sensitive data Nagios...
Vulnerability fixed in Adobe Creative Cloud
Adobe has fixed a vulnerability in Creative Cloud. The vulnerability allows a malicious party to execute arbitrary code execute arbitrary code under user privileges. Adobe has released updates to fix the vulnerability. More information can be found on the page below:...
Vulnerabilities fixed in Adobe After Effects
Adobe has fixed vulnerabilities in After Effects. The vulnerabilities allow a malicious party to execute arbitrary code execute arbitrary code under user privileges. Adobe has released updates to fix the vulnerabilities. More information can be found on the page below:...
Vulnerabilities fixed in Adobe Illustrator
Adobe has fixed vulnerabilities in Illustrator. The vulnerabilities allow a malicious party to execute arbitrary code execute arbitrary code under user privileges. Adobe has released updates to fix the vulnerabilities. More information can be found on the page below:...
Vulnerability fixed in Adobe Premiere
Adobe has fixed a vulnerability in Premiere. The vulnerability allows a malicious party to execute arbitrary code execute arbitrary code under user privileges. Adobe has released updates to fix the vulnerability. More information can be found on the page below:...
Vulnerability fixed in FreeType
A vulnerability has been fixed in FreeType. The vulnerability allows a remote malicious person to execute arbitrary code execute under the user's privileges. FreeType has released an update to fix the vulnerability. fix. More information can be found on the pages below:...
Vulnerability fixed in Adobe Photoshop
Adobe has fixed a vulnerability in Adobe Photoshop. The vulnerability allows a malicious party to execute arbitrary code execute arbitrary code under user privileges. Adobe has released updates to fix the vulnerability. More information can be found on the page below:...
Vulnerabilities fixed in Oracle Java SE
Oracle has fixed vulnerabilities in the following Oracle Database products: Oracle Java SE JDK Oracle Java SE JRE Oracle Java Oracle Java Web Start The vulnerabilities allow an unauthenticated remote malicious person to remote may be able to launch attacks that result in the following categories ...
Vulnerability fixed in NSS
A vulnerability has been fixed in NSS. The vulnerability allows a remote malicious party capable of performing a denial-of-service attack perform on servers compiled with the NSS library by sending sending multiple ChangeCipherSpec messages. Mozilla has released updates to fix the vulnerability...
Vulnerabilities fixed in Oracle E-Business Suite
Oracle has fixed vulnerabilities in the following Oracle E-Business Suite products: Applications Manager Marketing Application Object Library Trade Management Universal Work Queue Installed Base CRM Technical Foundation One-to-One Fulfillment Applications Framework E-Business Suite Secure...
Vulnerabilities fixed in Oracle MySQL
Oracle has fixed vulnerabilities in the following Oracle MySQL products: MySQL Workbench MySQL Server MySQL Cluster MySQL Enterprise Monitor The vulnerabilities allow a malicious person, whether or not unauthenticated and remote, potentially be able to launch attacks that result in the following...
Vulnerabilities fixed in Oracle Siebel CRM
Oracle has fixed vulnerabilities in the following Oracle Siebel CRM products: Siebel Apps - Marketing Siebel UI Framework The vulnerabilities allow an unauthenticated malicious person with network access to the vulnerable application may be able to execute attacks that result in the following...
Vulnerabilities fixed in Oracle PeopleSoft
Oracle has fixed vulnerabilities in the following Oracle PeopleSoft products: PeopleSoft Enterprise HCM Global Payroll Core PeopleSoft Enterprise PT PeopleTools PeopleSoft Enterprise SCM eSupplier Connection The vulnerabilities allow an unauthenticated malicious person with network access to the...
Vulnerabilities fixed in Oracle Database Server
Oracle has fixed vulnerabilities in the following Oracle Database products: Database - Enterprise Edition Text Spatial and Graph Application Express APEX SQL Developer The vulnerabilities allow a malicious person, whether or not unauthenticated and remote, potentially be able to launch attacks th...
Vulnerabilities fixed in Oracle Enterprise Manager
Oracle has fixed vulnerabilities in the following Oracle Enterprise Manager products: Enterprise Manager Base Platform Enterprise Manager for Peoplesoft Application Testing Suite APM - Application Performance Management Enterprise Manager Ops Center Enterprise Manager for Storage Management The...
Vulnerabilities fixed in Ubuntu kernel
Canonical has fixed vulnerabilities in the Ubuntu kernel. The vulnerabilities allow a remote malicious person to opportunity to obtain system data via Bluetooth and to cause a denial-of-service potentially resulting in the execution of arbitrary code as a result. -= Ubuntu =- Canonical has made...
Vulnerabilities fixed in the Debian kernel
Debian has fixed vulnerabilities in the kernel. The vulnerabilities allow a remote malicious person to opportunity to obtain system data via Bluetooth and to cause a denial-of-service potentially resulting in the execution of arbitrary code as a result. Also, the vulnerabilities enable the...
Vulnerabilities fixed in Red Hat kernel
Vulnerabilities have been fixed in the Red Hat kernel. The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS. Access to system data Increased user privileges -= Red Hat =- Red Hat has made updates...
Vulnerability fixed in Nexpose
A vulnerability has been fixed in Nexpose. The vulnerability allows an authenticated malicious party to execute an SQL injection to execute and thereby obtain sensitive data. Rapid7 has released updates to fix the vulnerability. More information can be found on the page below:...
Vulnerabilities fixed in VMware products
Vulnerabilities have been fixed in VMware ESXi, Workstation, Fusion , NSX-T and vCenter. The vulnerabilities allow a malicious party to able to perform attacks that result in the following categories of damage: Denial-of-Service DoS. Circumvention of security measure Remote code execution User...
Vulnerability fixed in Windows
Microsoft has fixed a vulnerability in the Windows Codecs Library. Users who had installed the HEVC codec from the Microsoft Store had installed it were vulnerable to the execution of arbitrary code by a remote malicious person. The malicious party to do this must induce the victim to play a rogu...
Vulnerability fixed in XWiki
A vulnerability has been fixed in XWiki. The vulnerability allows an authenticated malicious person to execute arbitrary code execute arbitrary code under the user's privileges. XWiki has released updates to fix the vulnerability. More information can be found on the page below:...
Vulnerabilities fixed in kernel
Vulnerabilities have been fixed in the openSUSE kernel. The vulnerabilities allow a malicious party to obtain to obtain system information and to cause a denial-of-service cause. -= openSUSE =- The developers of openSUSE have made updates available to fix the vulnerability in openSUSE Leap 15.1...
Vulnerabilities fixed in PowerDNS
Vulnerabilities have been fixed in PowerDNS. The vulnerabilities allow a malicious party to cause a denial-of-service cause or to bypass a security measure. -= openSUSE =- The developers of openSUSE have made updates available to fix the vulnerability in openSUSE Leap 15.1. You can install these...
Vulnerability fixed in Visual Studio
Microsoft has fixed a vulnerability in Visual Studio. The vulnerability allows a remote malicious person to execute arbitrary code under user privileges. The malicious party must do this by inducing the victim to clone a rogue repository and then open a package.json here. Microsoft has released...
Vulnerability fixed in F5 BIG-IP
A vulnerability has been fixed in BIG-IP. The vulnerability allows a remote malicious party to enable kernel address space layout randomization KASLR. This gives the attacker access to system data. F5 has released updates to fix the vulnerability. More information can be found on the page below:...
Vulnerability fixed in Juniper Junos OS for PTX and QFX
Juniper Networks has fixed a vulnerability in Junos OS for the PTX and QTX platforms. An unauthenticated malicious person at remote user could potentially exploit the vulnerability to cause a Denial-of-Service attack. To do this, rogue network traffic should be sent to the vulnerable device. Only...