4179 matches found
Vulnerabilities fixed in Blackberry Android
Blackberry has fixed multiple vulnerabilities in Blackberry Powered by Android. The vulnerabilities allow a malicious person, either remote or otherwise, to launch attacks that can lead to the following types of damage: Denial-of-Service DoS. Remote code execution User Rights Access to system dat...
Vulnerability fixed in containerd
A vulnerability has been fixed in containerd, which is used by Docker and Kubernetes, among others. A malicious party could vulnerability potentially exploit it to gain access to login credentials to an internal or external image registry. To do so the malicious party must induce the user to pull...
Vulnerability fixed in Sonicwall
Due to a vulnerability in SonicOS, a remote malicious party can cause a Denial of Service DoS and potentially execute arbitrary code execute arbitrary code by sending a malicious request to the firewall. SonicWall has released updates to address the vulnerability. fix. For more information, see:...
Vulnerabilities fixed in Juniper Junos OS
Juniper Networks has fixed several vulnerabilities in Junos OS. A malicious person, whether remotely authenticated or not, could potentially exploit these vulnerabilities to carry out attacks leading to the following categories of damage: Cross-Site Scripting XSS. Denial-of-Service DoS...
Vulnerabilities fixed in IBM Security Access Manager
IBM has fixed multiple vulnerabilities in IBM Security Access Manager. The vulnerabilities potentially enable a malicious person to able to launch attacks that result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Manipulation of data Circumvention of...
Vulnerability fixed in Rapid7 Nexpose
Rapid7 has fixed a vulnerability in Nexpose. The vulnerability potentially allows a local malicious person to perform a SQL injection attack that could access gain access to sensitive data or manipulate data. Rapid7 has released updates to fix the vulnerability in Nexpose 6.6.49. For more...
Multiple vulnerabilities fixed in McAfee ePolicy Orchestrator
McAfee has fixed multiple vulnerabilities in McAfee ePolicy Orchestrator. The vulnerabilities allow a malicious party whether or not unauthenticated malicious person may be able to launch attacks execute attacks that result in the following categories of damage: Cross-Site Scripting XSS...
Vulnerability fixed in IBM MQ
IBM has fixed a vulnerability in IBM MQ. A local, authenticated malicious party could potentially exploit it to gain access to log files containing information about the system. IBM has released updates to fix the vulnerability. For more information, see:...
Vulnerability fixed in IBM Security Access Manager
IBM has fixed a vulnerability in IBM Security Access Manager in which sessions are not deleted after a user is logged out. A malicious party could potentially reuse the session of a logged out user thereby potentially reuse it and thus gain elevated rights to the vulnerable system. IBM has releas...
Vulnerability fixed in Adobe Flash Player
Adobe has fixed a vulnerability in Adobe Flash Player. A malicious party could potentially exploit the vulnerability to execute arbitrary code under user privileges. There few substantive details about the vulnerability have been made publicly made available. Adobe has released updates to fix the...
Vulnerabilities fixed in Citrix Gateway Plug-in for Windows
Citrix has fixed two vulnerabilities in the Citrix Gateway Plug-in for Windows. By exploiting these vulnerabilities could potentially gain elevated privileges acquire elevated privileges on the vulnerable system. Citrix has released updates to fix the vulnerabilities. For more information, see:...
Vulnerability fixed in Blackberry Unified Endpoint Management
Blackberry has fixed a vulnerability in Blackberry Unified Endpoint Management UEM. A malicious party with network access to the UEM server could potentially exploit the vulnerability to cause a denial-of-service exploit on UEM Core. Blackberry has released updates to fix the vulnerability fix in...
Vulnerabilities fixed in BIND
Several vulnerabilities have been fixed in BIND. A unauthenticated remote malicious person could potentially exploit them to cause a denial-of-service of the DNS service. cause. To do this, rogue network traffic should be sent to the BIND server. -= SUSE =- SUSE has made updates available to fix...
Vulnerabilities fixed in Siemens Ruggedcom and Scalance
Siemens has fixed multiple vulnerabilities in several Ruggedcom and Scalance products. A remote malicious person could potentially exploit the vulnerabilities to cause a denial-of-service of dnsmasq or execute arbitrary code. To do this requires sending malicious network traffic to the vulnerable...
Vulnerabilities fixed in Microsoft Office products
Microsoft fixes multiple vulnerabilities in Microsoft Office and Sharepoint products. A malicious party could potentially exploit them to execute arbitrary code, to obtain elevated permissions, to gain access to sensitive data obtain access to sensitive data, to conduct a denial-of-service attack...
Vulnerabilities fixed in Microsoft Windows
Microsoft fixes multiple vulnerabilities in Windows. A malicious party could potentially exploit the vulnerabilities to execute arbitrary code, to obtain elevated privileges, gain access to sensitive data, launch a denial-of-service attack, or to bypass a security measure. The vulnerability with...
Vulnerabilities fixed in Acronis Cyber Backup and True Image
Acronis has fixed multiple vulnerabilities in Cyber Backup and True Image. A local malicious party could potentially exploit them to execute arbitrary code under SYSTEM privileges. To do this, a rogue file must be placed in a specific folder on the file system. Acronis has released updates to fix...
Vulnerability fixed in Microsoft Exchange Server
Microsoft has fixed a vulnerability that could allow an authenticated malicious party potentially able to gain access to sensitive systems. Microsoft Exchange Server: |---------------|------|-------------------------------------| | CVE ID | CVSS | Impact |...
Vulnerabilities fixed in Microsoft Dynamics
Microsoft fixes multiple vulnerabilities in Microsoft Dynamics products. The vulnerability in Microsoft Dynamics with the attribute CVE-2020-16943 allows a malicious person to access sensitive data. The vulnerabilities with the attributes CVE-2020-16956 and CVE-2020-16978 enable a remote maliciou...
Vulnerabilities fixed in SUSE
Several vulnerabilities have been fixed in SUSE Linux Enterprise. The vulnerabilities potentially enable a local malicious person to execute attacks that result in the following categories of damage: Denial-of-Service DoS. Circumvention of security measure Accessing sensitive data Access to syste...
Vulnerabilities fixed in Microsoft Developer Tools
Microsoft has fixed several vulnerabilities. A malicious remote user could potentially exploit the vulnerabilities to execute arbitrary execute arbitrary code, bypass security measures or access gain access to sensitive data. Information about the vulnerability with reference CVE-2020-16937 is...
Vulnerabilities fixed in SAP
Several vulnerabilities have been fixed in various SAP products. SAP has identified two of these vulnerabilities as urgent. The first of these two vulnerabilities is located in SAP Solution Manager and has a CVSS score of 10.0 CVE-2020-6364. A unauthenticated remote malicious agent could...
Vulnerability fixed in JIRA
Atlassian has fixed a vulnerability in JIRA. A malicious party could exploit the vulnerability to perform a Cross-Site Scripting XSS attack. Such an attack can lead to the execution of arbitrary script code in the browser with which the application is visited. Atlassian has released updates to fi...
Vulnerability fixed in SPICE
A vulnerability has been fixed in SPICE. A malicious party could vulnerability potentially exploit it to cause a denial-of-service cause or execute arbitrary code. -= Debian =- Debian has made updates of spice available for Debian 10.0 Buster to fix the vulnerability. You can install the custom...
Vulnerability fixed in IBM Db2
IBM has fixed a vulnerability in Db2 and Db2 Connect. A unauthenticated remote malicious party can exploit the vulnerability potentially exploit it to cause a denial-of-service. IBM has released updates to fix the vulnerability. For more information, see:...
Vulnerabilities fixed in phpMyAdmin
Two vulnerabilities have been fixed in phpMyAdmin. A remote malicious party could exploit the vulnerabilities to execute an SQL injection or Cross-Site Scripting XSS attack. To exploit the XSS vulnerability, the malicious party must create a persuade phpMyAdmin user to open a rogue URL. XSS can...
Vulnerabilities fixed in openSUSE
Vulnerabilities have been fixed in the OpenSUSE kernel. The vulnerabilities potentially enable a malicious person to launch attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Circumvention of security measure Access to system data Increased user...
Vulnerability fixed in IBM Informix
IBM has fixed a vulnerability in Informix. A local malicious party could potentially exploit the vulnerability to execute arbitrary code under the privileges of the informix user. IBM has released updates to fix the vulnerability in Informix Dynamic Server. For more information, see:...
Vulnerabilities fixed in IBM Security Access Manager
IBM has fixed multiple vulnerabilities in IBM Security Access Manager. A malicious party could potentially exploit the vulnerabilities to obtain information about the system. Little substantive information about the vulnerabilities has been made publicly available. IBM has released updates to fix...
Vulnerability fixed in Cisco Webex Teams for Windows
Cisco has fixed a vulnerability in the Windows client of Cisco Webex Teams. The vulnerability allows a local, authenticated malicious person to execute arbitrary code execute under privileges of other local users. This requires a malicious DLL file must be placed in a specific location of the fil...
Vulnerabilities fixed in Cisco Identity Services Engine
Cisco has fixed multiple vulnerabilities in Identity Services Engine ISE. The vulnerabilities allow a malicious person with limited administrator privileges be able to modify ISE configurations modify ISE configurations without having the required privileges or a Cross-Site Scripting XSS attack...
Vulnerabilities fixed in Arista EOS
Arista has fixed several vulnerabilities in EOS. The vulnerabilities allow a malicious party to perform a Denial-of-Service DoS exploit. To do this, malicious network traffic to the device. Arista has released updates to fix the vulnerabilities. For more information, see: CVE-2020-15897:...
Vulnerabilities fixed in Cisco StarOS for ASR 5000 Series routers
Cisco has fixed multiple vulnerabilities in StarOS for ASR 5000 Series routers. A local malicious person with limited administrator privileges could potentially exploit the vulnerabilities to execute arbitrary code under root privileges. Cisco has released updates to fix the vulnerabilities in...
Vulnerabilities fixed in Samsung Mobile
Samsung has fixed several vulnerabilities in its Android distribution. The vulnerabilities allow a malicious person whether remote or otherwise may be able to launch attacks that lead to the following categories of damage: Denial-of-server DoS. Remote code execution User rights Access to sensitiv...
Vulnerabilities fixed in GitLab
Several vulnerabilities have been fixed in GitLab. The vulnerabilities potentially allow a malicious person to launch attacks execute attacks that result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Remote code execution User Rights Access to sensitive da...
Vulnerability found in WildFly OpenSSL
A vulnerability has been found in WildFly OpenSSL. A unauthenticated remote malicious party can exploit the vulnerability potentially exploit it to cause a denial-of-service. Red Hat has not yet made updates available that fix the vulnerability. For more information on the vulnerability, see:...
Vulnerabilities fixed in Oracle Unbreakable Enterprise Kernel
Oracle has fixed vulnerabilities in the Oracle Unbreakable Enterprise kernel. The vulnerabilities allow a malicious potentially able to launch attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution User rights Access to sensitiv...
Vulnerabilities fixed in Google Chrome
Google has fixed several vulnerabilities in Chrome. The vulnerabilities potentially enable a remote malicious person to able to launch attacks that result in the following categories of damage: Denial-of-Service DoS Remote code execution User Rights Access to sensitive data As usual, Google has...
Vulnerability fixed in IBM Security Access Manager
IBM has fixed a vulnerability in IBM Security Access Manager. A malicious party could exploit the vulnerability to execute a Cross-Site Scripting XSS attack. Such an attack can result in the execution of arbitrary script code in the browser used to visit the application. IBM has released updates ...
Vulnerabilities fixed in Android
Several vulnerabilities have been fixed in Google Android. The vulnerabilities allow a malicious person remote or otherwise potentially able to carry out attacks leading to the following categories of damage: Remote code execution User rights. Access to sensitive data Access to system data...
Vulnerability fixed in PowerDNS
A vulnerability has been fixed in PowerDNS. The vulnerability allows an authenticated malicious person with access to the control panel or the REST API to gain access to system data. obtain. PowerDNS has released updates to fix the vulnerability. More information can be found on the page below:...
Vulnerabilities fixed in openSUSE
Vulnerabilities have been fixed in openSUSE kernel. The vulnerabilities allow a malicious person to carry out attacks execute attacks that lead to the following categories of damage: Denial-of-Service DoS. Circumvention of security measure Access to system data Increased user privileges -= OpenSU...
Vulnerabilities fixed in PowerDNS
Vulnerabilities have been fixed in PowerDNS. The vulnerabilities enable an unauthenticated remote malicious agent to cause a denial-of-service and to potentially execute arbitrary code to execute under the user's privileges. This applies only to installations compiled with...
Vulnerabilities fixed in GitLab
Vulnerabilities have been fixed in GitLab. The vulnerabilities allow a malicious person to perform attacks that lead to the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Manipulation of data Circumvention of authentication Circumventing security measures Remote...
Vulnerability fixed in Trend Micro Anti-virus
A vulnerability has been fixed in Trend Micro Anti-Virus for Mac. The vulnerability allows a malicious person to obtain elevated privileges. Trend Micro has released updates to fix the vulnerability. fix. More information can be found on the page below:...
Vulnerability fixed I IBM WebSphere Application Server
IBM has fixed a vulnerability in WebSpere Application Server. The vulnerability allows an unauthenticated malicious person remotely able to obtain system data. IBM categorizes this vulnerability according to the CVSSv3 method with a score of 5.3. IBM has released updates to fix the vulnerability...
Vulnerability fixed in FortiOS
A vulnerability has been fixed in FortiOS. The vulnerability allows an authenticated malicious party the ability to cause a denial-of-service denial-of-service. Fortinet has released updates to fix the vulnerability. More information can be found on the page below:...
Vulnerability fixed in Red Hat Satellite
A vulnerability has been fixed in Red Hat Satellite. The vulnerability allows a local malicious person to obtain sensitive data by reading the temporary memory. This vulnerability is exploitable only if an installation of Satellite via RPM an installation of Satellite has taken place. -= Red Hat ...
Vulnerability fixed in NetworkManager security
A vulnerability has been fixed in NetworkManager. The vulnerability allows a locally authenticated malicious party to opportunity to bypass 802.1X authentication allowing network sessions are set up without encryption. -= Red Hat =- Red Hat has made updates available for Red Hat Enterprise Linux ...
Vulnerability fixed in Dell SonicWall
A vulnerability has been fixed in Dell SonicWall. It involves a domain name collision vulnerability. The web interface of SonicWall makes it possible for an attacker to obtain information about domain names used on an organization's internal network. organization. The attacker can register a foun...