Lucene search
K

4197 matches found

NCSC
NCSC
•added 2020/10/21 12:0 a.m.•10 views

Vulnerabilities fixed in Oracle MySQL

Oracle has fixed vulnerabilities in the following Oracle MySQL products: MySQL Workbench MySQL Server MySQL Cluster MySQL Enterprise Monitor The vulnerabilities allow a malicious person, whether or not unauthenticated and remote, potentially be able to launch attacks that result in the following...

9.3CVSS9.2AI score0.87553EPSS
Exploits4
NCSC
NCSC
•added 2020/10/21 12:0 a.m.•3 views

Vulnerability fixed in NSS

A vulnerability has been fixed in NSS. The vulnerability allows a remote malicious party capable of performing a denial-of-service attack perform on servers compiled with the NSS library by sending sending multiple ChangeCipherSpec messages. Mozilla has released updates to fix the vulnerability...

7.5CVSS6.7AI score0.03854EPSS
Exploits0
NCSC
NCSC
•added 2020/10/21 12:0 a.m.•4 views

Vulnerabilities fixed in Oracle Siebel CRM

Oracle has fixed vulnerabilities in the following Oracle Siebel CRM products: Siebel Apps - Marketing Siebel UI Framework The vulnerabilities allow an unauthenticated malicious person with network access to the vulnerable application may be able to execute attacks that result in the following...

9.8CVSS7.5AI score0.99019EPSS
Exploits7
NCSC
NCSC
•added 2020/10/21 12:0 a.m.•8 views

Vulnerabilities fixed in Oracle Enterprise Manager

Oracle has fixed vulnerabilities in the following Oracle Enterprise Manager products: Enterprise Manager Base Platform Enterprise Manager for Peoplesoft Application Testing Suite APM - Application Performance Management Enterprise Manager Ops Center Enterprise Manager for Storage Management The...

9.8CVSS7.7AI score0.99019EPSS
Exploits11
NCSC
NCSC
•added 2020/10/21 12:0 a.m.•16 views

Vulnerabilities fixed in Oracle Database Server

Oracle has fixed vulnerabilities in the following Oracle Database products: Database - Enterprise Edition Text Spatial and Graph Application Express APEX SQL Developer The vulnerabilities allow a malicious person, whether or not unauthenticated and remote, potentially be able to launch attacks th...

9.8CVSS7.2AI score0.8904EPSS
Exploits16
NCSC
NCSC
•added 2020/10/21 12:0 a.m.•4 views

Vulnerabilities fixed in Oracle PeopleSoft

Oracle has fixed vulnerabilities in the following Oracle PeopleSoft products: PeopleSoft Enterprise HCM Global Payroll Core PeopleSoft Enterprise PT PeopleTools PeopleSoft Enterprise SCM eSupplier Connection The vulnerabilities allow an unauthenticated malicious person with network access to the...

9.8CVSS7.9AI score0.99019EPSS
Exploits7
NCSC
NCSC
•added 2020/10/20 12:0 a.m.•8 views

Vulnerability fixed in Nexpose

A vulnerability has been fixed in Nexpose. The vulnerability allows an authenticated malicious party to execute an SQL injection to execute and thereby obtain sensitive data. Rapid7 has released updates to fix the vulnerability. More information can be found on the page below:...

8.1CVSS7.6AI score0.01137EPSS
Exploits0
NCSC
NCSC
•added 2020/10/20 12:0 a.m.•31 views

Vulnerabilities fixed in VMware products

Vulnerabilities have been fixed in VMware ESXi, Workstation, Fusion , NSX-T and vCenter. The vulnerabilities allow a malicious party to able to perform attacks that result in the following categories of damage: Denial-of-Service DoS. Circumvention of security measure Remote code execution User...

10CVSS7.6AI score0.83015EPSS
Exploits2
NCSC
NCSC
•added 2020/10/20 12:0 a.m.•2 views

Vulnerabilities fixed in Red Hat kernel

Vulnerabilities have been fixed in the Red Hat kernel. The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS. Access to system data Increased user privileges -= Red Hat =- Red Hat has made updates...

8.8CVSS8.2AI score0.07693EPSS
Exploits8
NCSC
NCSC
•added 2020/10/20 12:0 a.m.•3 views

Vulnerabilities fixed in Ubuntu kernel

Canonical has fixed vulnerabilities in the Ubuntu kernel. The vulnerabilities allow a remote malicious person to opportunity to obtain system data via Bluetooth and to cause a denial-of-service potentially resulting in the execution of arbitrary code as a result. -= Ubuntu =- Canonical has made...

8.8CVSS8.5AI score0.07693EPSS
Exploits6
NCSC
NCSC
•added 2020/10/20 12:0 a.m.•3 views

Vulnerabilities fixed in the Debian kernel

Debian has fixed vulnerabilities in the kernel. The vulnerabilities allow a remote malicious person to opportunity to obtain system data via Bluetooth and to cause a denial-of-service potentially resulting in the execution of arbitrary code as a result. Also, the vulnerabilities enable the...

8.8CVSS8.4AI score0.07693EPSS
Exploits8
NCSC
NCSC
•added 2020/10/19 12:0 a.m.•3 views

Vulnerability fixed in F5 BIG-IP

A vulnerability has been fixed in BIG-IP. The vulnerability allows a remote malicious party to enable kernel address space layout randomization KASLR. This gives the attacker access to system data. F5 has released updates to fix the vulnerability. More information can be found on the page below:...

7.5CVSS8.1AI score0.03252EPSS
Exploits0
NCSC
NCSC
•added 2020/10/19 12:0 a.m.•4 views

Vulnerability fixed in Windows

Microsoft has fixed a vulnerability in the Windows Codecs Library. Users who had installed the HEVC codec from the Microsoft Store had installed it were vulnerable to the execution of arbitrary code by a remote malicious person. The malicious party to do this must induce the victim to play a rogu...

7.8CVSS7.1AI score0.0388EPSS
Exploits0
NCSC
NCSC
•added 2020/10/19 12:0 a.m.•6 views

Vulnerability fixed in XWiki

A vulnerability has been fixed in XWiki. The vulnerability allows an authenticated malicious person to execute arbitrary code execute arbitrary code under the user's privileges. XWiki has released updates to fix the vulnerability. More information can be found on the page below:...

9CVSS7.4AI score0.03358EPSS
Exploits1
NCSC
NCSC
•added 2020/10/19 12:0 a.m.•4 views

Vulnerability fixed in Visual Studio

Microsoft has fixed a vulnerability in Visual Studio. The vulnerability allows a remote malicious person to execute arbitrary code under user privileges. The malicious party must do this by inducing the victim to clone a rogue repository and then open a package.json here. Microsoft has released...

9.3CVSS7.2AI score0.04581EPSS
Exploits0
NCSC
NCSC
•added 2020/10/19 12:0 a.m.•3 views

Vulnerabilities fixed in PowerDNS

Vulnerabilities have been fixed in PowerDNS. The vulnerabilities allow a malicious party to cause a denial-of-service cause or to bypass a security measure. -= openSUSE =- The developers of openSUSE have made updates available to fix the vulnerability in openSUSE Leap 15.1. You can install these...

7.5CVSS7AI score0.06543EPSS
Exploits0
NCSC
NCSC
•added 2020/10/19 12:0 a.m.•3 views

Vulnerabilities fixed in kernel

Vulnerabilities have been fixed in the openSUSE kernel. The vulnerabilities allow a malicious party to obtain to obtain system information and to cause a denial-of-service cause. -= openSUSE =- The developers of openSUSE have made updates available to fix the vulnerability in openSUSE Leap 15.1...

8.8CVSS8.2AI score0.07693EPSS
Exploits7
NCSC
NCSC
•added 2020/10/16 12:0 a.m.•11 views

Vulnerabilities fixed in Blackberry Android

Blackberry has fixed multiple vulnerabilities in Blackberry Powered by Android. The vulnerabilities allow a malicious person, either remote or otherwise, to launch attacks that can lead to the following types of damage: Denial-of-Service DoS. Remote code execution User Rights Access to system dat...

10CVSS6.3AI score0.12651EPSS
Exploits1
NCSC
NCSC
•added 2020/10/16 12:0 a.m.•4 views

Vulnerability fixed in containerd

A vulnerability has been fixed in containerd, which is used by Docker and Kubernetes, among others. A malicious party could vulnerability potentially exploit it to gain access to login credentials to an internal or external image registry. To do so the malicious party must induce the user to pull...

6.1CVSS6.8AI score0.02236EPSS
Exploits1
NCSC
NCSC
•added 2020/10/16 12:0 a.m.•5 views

Vulnerability fixed in Juniper Junos OS for PTX and QFX

Juniper Networks has fixed a vulnerability in Junos OS for the PTX and QTX platforms. An unauthenticated malicious person at remote user could potentially exploit the vulnerability to cause a Denial-of-Service attack. To do this, rogue network traffic should be sent to the vulnerable device. Only...

7.5CVSS6.9AI score0.0124EPSS
Exploits0
NCSC
NCSC
•added 2020/10/15 12:0 a.m.•5 views

Vulnerability fixed in Rapid7 Nexpose

Rapid7 has fixed a vulnerability in Nexpose. The vulnerability potentially allows a local malicious person to perform a SQL injection attack that could access gain access to sensitive data or manipulate data. Rapid7 has released updates to fix the vulnerability in Nexpose 6.6.49. For more...

8.1CVSS6.9AI score0.01137EPSS
Exploits0
NCSC
NCSC
•added 2020/10/15 12:0 a.m.•12 views

Vulnerability fixed in Sonicwall

Due to a vulnerability in SonicOS, a remote malicious party can cause a Denial of Service DoS and potentially execute arbitrary code execute arbitrary code by sending a malicious request to the firewall. SonicWall has released updates to address the vulnerability. fix. For more information, see:...

9.8CVSS7.8AI score0.26869EPSS
Exploits0
NCSC
NCSC
•added 2020/10/15 12:0 a.m.•6 views

Vulnerabilities fixed in Juniper Junos OS

Juniper Networks has fixed several vulnerabilities in Junos OS. A malicious person, whether remotely authenticated or not, could potentially exploit these vulnerabilities to carry out attacks leading to the following categories of damage: Cross-Site Scripting XSS. Denial-of-Service DoS...

10CVSS7.9AI score0.98745EPSS
Exploits13
NCSC
NCSC
•added 2020/10/15 12:0 a.m.•12 views

Multiple vulnerabilities fixed in McAfee ePolicy Orchestrator

McAfee has fixed multiple vulnerabilities in McAfee ePolicy Orchestrator. The vulnerabilities allow a malicious party whether or not unauthenticated malicious person may be able to launch attacks execute attacks that result in the following categories of damage: Cross-Site Scripting XSS...

7.5CVSS8.2AI score0.87553EPSS
Exploits16
NCSC
NCSC
•added 2020/10/15 12:0 a.m.•5 views

Vulnerabilities fixed in IBM Security Access Manager

IBM has fixed multiple vulnerabilities in IBM Security Access Manager. The vulnerabilities potentially enable a malicious person to able to launch attacks that result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Manipulation of data Circumvention of...

9.8CVSS7.4AI score0.18671EPSS
Exploits6
NCSC
NCSC
•added 2020/10/14 12:0 a.m.•2 views

Vulnerability fixed in Adobe Flash Player

Adobe has fixed a vulnerability in Adobe Flash Player. A malicious party could potentially exploit the vulnerability to execute arbitrary code under user privileges. There few substantive details about the vulnerability have been made publicly made available. Adobe has released updates to fix the...

9.3CVSS7.5AI score0.04427EPSS
Exploits0
NCSC
NCSC
•added 2020/10/14 12:0 a.m.•6 views

Vulnerability fixed in IBM Security Access Manager

IBM has fixed a vulnerability in IBM Security Access Manager in which sessions are not deleted after a user is logged out. A malicious party could potentially reuse the session of a logged out user thereby potentially reuse it and thus gain elevated rights to the vulnerable system. IBM has releas...

6.3CVSS6.7AI score0.00562EPSS
Exploits0
NCSC
NCSC
•added 2020/10/14 12:0 a.m.•8 views

Vulnerabilities fixed in Citrix Gateway Plug-in for Windows

Citrix has fixed two vulnerabilities in the Citrix Gateway Plug-in for Windows. By exploiting these vulnerabilities could potentially gain elevated privileges acquire elevated privileges on the vulnerable system. Citrix has released updates to fix the vulnerabilities. For more information, see:...

9.8CVSS7.1AI score0.01634EPSS
Exploits0
NCSC
NCSC
•added 2020/10/14 12:0 a.m.•5 views

Vulnerability fixed in IBM MQ

IBM has fixed a vulnerability in IBM MQ. A local, authenticated malicious party could potentially exploit it to gain access to log files containing information about the system. IBM has released updates to fix the vulnerability. For more information, see:...

5.9CVSS6.8AI score0.00286EPSS
Exploits0
NCSC
NCSC
•added 2020/10/14 12:0 a.m.•5 views

Vulnerability fixed in Blackberry Unified Endpoint Management

Blackberry has fixed a vulnerability in Blackberry Unified Endpoint Management UEM. A malicious party with network access to the UEM server could potentially exploit the vulnerability to cause a denial-of-service exploit on UEM Core. Blackberry has released updates to fix the vulnerability fix in...

5.5CVSS6.8AI score0.00275EPSS
Exploits0
NCSC
NCSC
•added 2020/10/14 12:0 a.m.•2 views

Vulnerabilities fixed in BIND

Several vulnerabilities have been fixed in BIND. A unauthenticated remote malicious person could potentially exploit them to cause a denial-of-service of the DNS service. cause. To do this, rogue network traffic should be sent to the BIND server. -= SUSE =- SUSE has made updates available to fix...

8.6CVSS7.1AI score0.93422EPSS
Exploits6
NCSC
NCSC
•added 2020/10/13 12:0 a.m.•12 views

Vulnerabilities fixed in Acronis Cyber Backup and True Image

Acronis has fixed multiple vulnerabilities in Cyber Backup and True Image. A local malicious party could potentially exploit them to execute arbitrary code under SYSTEM privileges. To do this, a rogue file must be placed in a specific folder on the file system. Acronis has released updates to fix...

7.8CVSS7.7AI score0.00498EPSS
Exploits0
NCSC
NCSC
•added 2020/10/13 12:0 a.m.•9 views

Vulnerabilities fixed in SUSE

Several vulnerabilities have been fixed in SUSE Linux Enterprise. The vulnerabilities potentially enable a local malicious person to execute attacks that result in the following categories of damage: Denial-of-Service DoS. Circumvention of security measure Accessing sensitive data Access to syste...

7.8CVSS6.7AI score0.00492EPSS
Exploits0
NCSC
NCSC
•added 2020/10/13 12:0 a.m.•5 views

Vulnerabilities fixed in Microsoft Windows

Microsoft fixes multiple vulnerabilities in Windows. A malicious party could potentially exploit the vulnerabilities to execute arbitrary code, to obtain elevated privileges, gain access to sensitive data, launch a denial-of-service attack, or to bypass a security measure. The vulnerability with...

9.3CVSS7.5AI score0.13348EPSS
Exploits12
NCSC
NCSC
•added 2020/10/13 12:0 a.m.•5 views

Vulnerability fixed in Microsoft Exchange Server

Microsoft has fixed a vulnerability that could allow an authenticated malicious party potentially able to gain access to sensitive systems. Microsoft Exchange Server: |---------------|------|-------------------------------------| | CVE ID | CVSS | Impact |...

7.1CVSS6.2AI score0.0273EPSS
Exploits0
NCSC
NCSC
•added 2020/10/13 12:0 a.m.•73 views

Vulnerabilities fixed in SAP

Several vulnerabilities have been fixed in various SAP products. SAP has identified two of these vulnerabilities as urgent. The first of these two vulnerabilities is located in SAP Solution Manager and has a CVSS score of 10.0 CVE-2020-6364. A unauthenticated remote malicious agent could...

10CVSS7.2AI score0.61736EPSS
Exploits3
NCSC
NCSC
•added 2020/10/13 12:0 a.m.•17 views

Vulnerabilities fixed in Microsoft Office products

Microsoft fixes multiple vulnerabilities in Microsoft Office and Sharepoint products. A malicious party could potentially exploit them to execute arbitrary code, to obtain elevated permissions, to gain access to sensitive data obtain access to sensitive data, to conduct a denial-of-service attack...

9.3CVSS6.9AI score0.70894EPSS
Exploits6
NCSC
NCSC
•added 2020/10/13 12:0 a.m.•5 views

Vulnerabilities fixed in Microsoft Dynamics

Microsoft fixes multiple vulnerabilities in Microsoft Dynamics products. The vulnerability in Microsoft Dynamics with the attribute CVE-2020-16943 allows a malicious person to access sensitive data. The vulnerabilities with the attributes CVE-2020-16956 and CVE-2020-16978 enable a remote maliciou...

6.5CVSS6.6AI score0.01432EPSS
Exploits0
NCSC
NCSC
•added 2020/10/13 12:0 a.m.•7 views

Vulnerabilities fixed in Siemens Ruggedcom and Scalance

Siemens has fixed multiple vulnerabilities in several Ruggedcom and Scalance products. A remote malicious person could potentially exploit the vulnerabilities to cause a denial-of-service of dnsmasq or execute arbitrary code. To do this requires sending malicious network traffic to the vulnerable...

9.8CVSS8.4AI score0.98745EPSS
Exploits21
NCSC
NCSC
•added 2020/10/13 12:0 a.m.•5 views

Vulnerabilities fixed in Microsoft Developer Tools

Microsoft has fixed several vulnerabilities. A malicious remote user could potentially exploit the vulnerabilities to execute arbitrary execute arbitrary code, bypass security measures or access gain access to sensitive data. Information about the vulnerability with reference CVE-2020-16937 is...

9.3CVSS7AI score0.03352EPSS
Exploits0
NCSC
NCSC
•added 2020/10/12 12:0 a.m.•4 views

Vulnerability fixed in IBM Db2

IBM has fixed a vulnerability in Db2 and Db2 Connect. A unauthenticated remote malicious party can exploit the vulnerability potentially exploit it to cause a denial-of-service. IBM has released updates to fix the vulnerability. For more information, see:...

7.5CVSS6.8AI score0.0241EPSS
Exploits0
NCSC
NCSC
•added 2020/10/12 12:0 a.m.•4 views

Vulnerabilities fixed in phpMyAdmin

Two vulnerabilities have been fixed in phpMyAdmin. A remote malicious party could exploit the vulnerabilities to execute an SQL injection or Cross-Site Scripting XSS attack. To exploit the XSS vulnerability, the malicious party must create a persuade phpMyAdmin user to open a rogue URL. XSS can...

9.8CVSS7AI score0.67081EPSS
Exploits1
NCSC
NCSC
•added 2020/10/12 12:0 a.m.•3 views

Vulnerability fixed in SPICE

A vulnerability has been fixed in SPICE. A malicious party could vulnerability potentially exploit it to cause a denial-of-service cause or execute arbitrary code. -= Debian =- Debian has made updates of spice available for Debian 10.0 Buster to fix the vulnerability. You can install the custom...

6.6CVSS7AI score0.02656EPSS
Exploits0
NCSC
NCSC
•added 2020/10/12 12:0 a.m.•3 views

Vulnerabilities fixed in openSUSE

Vulnerabilities have been fixed in the OpenSUSE kernel. The vulnerabilities potentially enable a malicious person to launch attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Circumvention of security measure Access to system data Increased user...

7.8CVSS6.6AI score0.03292EPSS
Exploits1
NCSC
NCSC
•added 2020/10/12 12:0 a.m.•4 views

Vulnerability fixed in JIRA

Atlassian has fixed a vulnerability in JIRA. A malicious party could exploit the vulnerability to perform a Cross-Site Scripting XSS attack. Such an attack can lead to the execution of arbitrary script code in the browser with which the application is visited. Atlassian has released updates to fi...

5.4CVSS6.3AI score0.00944EPSS
Exploits0
NCSC
NCSC
•added 2020/10/09 12:0 a.m.•4 views

Vulnerabilities fixed in IBM Security Access Manager

IBM has fixed multiple vulnerabilities in IBM Security Access Manager. A malicious party could potentially exploit the vulnerabilities to obtain information about the system. Little substantive information about the vulnerabilities has been made publicly available. IBM has released updates to fix...

5.3CVSS6.7AI score0.00456EPSS
Exploits0
NCSC
NCSC
•added 2020/10/09 12:0 a.m.•5 views

Vulnerability fixed in IBM Informix

IBM has fixed a vulnerability in Informix. A local malicious party could potentially exploit the vulnerability to execute arbitrary code under the privileges of the informix user. IBM has released updates to fix the vulnerability in Informix Dynamic Server. For more information, see:...

7.8CVSS7.3AI score0.00366EPSS
Exploits0
NCSC
NCSC
•added 2020/10/08 12:0 a.m.•4 views

Vulnerabilities fixed in Cisco StarOS for ASR 5000 Series routers

Cisco has fixed multiple vulnerabilities in StarOS for ASR 5000 Series routers. A local malicious person with limited administrator privileges could potentially exploit the vulnerabilities to execute arbitrary code under root privileges. Cisco has released updates to fix the vulnerabilities in...

7.2CVSS7.5AI score0.00387EPSS
Exploits0
NCSC
NCSC
•added 2020/10/08 12:0 a.m.•5 views

Vulnerabilities fixed in Arista EOS

Arista has fixed several vulnerabilities in EOS. The vulnerabilities allow a malicious party to perform a Denial-of-Service DoS exploit. To do this, malicious network traffic to the device. Arista has released updates to fix the vulnerabilities. For more information, see: CVE-2020-15897:...

7.5CVSS7AI score0.01261EPSS
Exploits1
NCSC
NCSC
•added 2020/10/08 12:0 a.m.•5 views

Vulnerabilities fixed in Cisco Identity Services Engine

Cisco has fixed multiple vulnerabilities in Identity Services Engine ISE. The vulnerabilities allow a malicious person with limited administrator privileges be able to modify ISE configurations modify ISE configurations without having the required privileges or a Cross-Site Scripting XSS attack...

7.7CVSS6.5AI score0.00881EPSS
Exploits0
Total number of security vulnerabilities4197