4179 matches found
Vulnerability fixed in IBM Tivoli Netcool/Impact
A vulnerability has been fixed in IBM Tivoli Netcool/Impact. The vulnerability allows a malicious party to access sensitive data. IBM has released updates to fix the vulnerability. More information can be found on the pages below: https://www.ibm.com/support/pages/node/6339051...
Vulnerabilities fixed in Red Hat ipa
Vulnerabilities have been fixed in Red Hat ipa. The vulnerabilities allow an unauthenticated malicious person to execute arbitrary code on the victim's browser. To do this, the malicious party must trick the victim into following a rogue hyper-link to follow. In addition, the vulnerabilities enab...
Vulnerabilities fixed in Red Hat kernel
Red Hat has fixed vulnerabilities in its kernel. The vulnerabilities enable a locally authenticated malicious agent to the opportunity to cause a denial-of-service and to obtain elevated permissions. -= Red Hat =- Red Hat has made updates available for Red Hat Enterprise Linux 7. You can install...
Vulnerabilities fixed in Foxit Reader and Foxit PhantomPDF
Vulnerabilities have been fixed in Foxit Reader and Foxit PhantomPDF. The vulnerabilities allow a malicious party to perform attacks that result in the following categories of damage: Denial-of-Service DoS Remote code execution User Rights Access to system data Increased user privileges Foxit has...
Vulnerability fixed in Trend Micro OfficeScan
A vulnerability has been fixed in Trend Micro OfficeScan. The vulnerability allows a malicious party to obtain elevated permissions and execute arbitrary code under the user's privileges. Trend Micro has released updates to fix the vulnerability. fix. More information can be found on the page...
Vulnerabilities fixed in MediaWiki
Vulnerabilities have been fixed in MediaWiki. The vulnerabilities allow a malicious person to perform attacks that lead to the following categories of damage: Cross-Site Scripting XSS. Circumvention of security measure Remote code execution User Rights Access to system data MediaWiki has released...
Vulnerabilities fixed in Trend Micro products
A vulnerability has been fixed in Trend Micro products. The vulnerability allows a locally authenticated malicious person to able to delete arbitrary files under SYSTEM privileges. delete. Trend Micro has released updates to fix the vulnerability. fix. More information can be found on the page...
Vulnerabilities fixed in macOS
Vulnerabilities have been fixed in macOS. The vulnerabilities allow a malicious person to carry out attacks that result in the following categories of damage: Denial-of-Service DoS Remote code execution User Rights Access to sensitive data Access to system data -= Apple =- Apple has made updates...
Vulnerabilities fixed in Cisco Aironet
Vulnerabilities have been fixed in Cisco Aironet. The vulnerabilities allow a malicious party to launch attacks that lead to a denial-of-service DoS. After a successful attack, the affected device recover itself. Cisco has released updates to fix the vulnerabilities. More information can be found...
Vulnerability fixed in Sophos SG UTM
A vulnerability has been fixed in Sophos SG UTM. The vulnerability allows a remote malicious person to execute arbitrary code execute arbitrary code with user privileges. It is good practice to access the management interface to be exposed on a local network to which only administrators have acce...
Vulnerabilities fixed in Cisco IOS and IOS XE
Vulnerabilities have been fixed in Cisco IOS and IOS XE. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS. Manipulation of data Bypassing authentication Circumvention of security measure Remot...
Vulnerabilities fixed in Thunderbird
Vulnerabilities have been fixed in Thunderbird. The vulnerabilities allow a remote malicious person to execute arbitrary code execute with user privileges and spoof the origin of downloads. spoofing. Mozilla has released updates to fix the vulnerabilities. More information can be found on the pag...
Vulnerability fixed in F5 BIG-IP and BIG-IQ
A vulnerability has been fixed in F5 BIG-IP and BIG-IQ products. The vulnerability allows a malicious party to launch attacks execute attacks that lead to a denial-of-service DoS. F5 has released updates to fix the vulnerability. More information can be found on the page below:...
Vulnerabilities fixed in FortiOS
Vulnerabilities have been fixed in FortiOS. The vulnerabilities allow an authenticated remote malicious agent to opportunity to cause a denial-of-service via an SSL VPN. To exploit the vulnerability, a number of non-standard settings must have been made. FortiNet categorizes these vulnerabilities...
Vulnerabilities fixed in Trend Micro products
Trend Micro has fixed vulnerabilities in several products. The vulnerabilities allow a remote malicious person to able to install a rogue update. This is made possible by an SSL server-certification-validation vulnerability combined with another vulnerability. Trend Micro makes little information...
Vulnerabilities fixed in Pulse Secure
Vulnerabilities have been fixed in Pulse Secure. The vulnerabilities allow a malicious person to launch attacks that lead to the following categories of damage: Cross-Site Scripting XSS. Remote code execution User Rights Access to system data Pulse Secure has released updates to address the...
Vulnerabilities fixed in libxml2
Vulnerabilities have been fixed in libxml2. The vulnerabilities allow a malicious party to perform a denial-of-service DoS execution. The developers of libxml12 categorize these vulnerabilities according to the CVSSv3 method with a highest score of 7.5. FreeBSD has released updates to fix the...
Vulnerabilities fixed in Firefox and Firefox ESR
Vulnerabilities have been fixed in Firefox and Firefox ESR. The vulnerabilities allow a malicious party to carry out attacks execute attacks that lead to the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Remote code execution User Rights Spoofing Mozilla has...
Vulnerabilities fixed in Xen
Xen developers have fixed vulnerabilities in the hypervisor. The vulnerability with reference CVE-2020-25604 makes it possible for a local malicious person who can migrate timers between vCPU-s to cause a denial-of-service. The vulnerability with attribute CVE-2020-25595 allows a local malicious...
Vulnerability fixed in Ruby on Rails
A vulnerability has been fixed in Ruby on Rails. The vulnerability allows an unauthenticated malicious person to execute arbitrary code on the victim's browser. To do this, the malicious party must trick the victim into following a rogue hyper-link to follow. Rails developers have released update...
Vulnerabilities fixed in FortiAnalyzer
Fortinet has fixed vulnerabilities in FortiAnalyzer. The vulnerability allows a remote attacker to execute arbitrary code under user privileges. Fortinet has released updates to address the vulnerabilities. fix. More information can be found on the page below:...
Vulnerability fixed in Websphere Application Server
A vulnerability has been fixed in Websphere Application Server. The vulnerability allows a remote malicious person using a so-called XML-External-Entity-Injection attack to obtain obtain system data. IBM has released updates to fix the vulnerability. More information can be found on the page belo...
Vulnerability fixed in Spring Framework
There is a vulnerability in the Spring Framework that enables a Reflected File Download RFD attack. This vulnerability has already been patched NCSC-2015-0888, but researchers have found a way to bypass the mitigation. Pivotal has released new versions of the Spring Framework in which the...
Vulnerability fixed in IBM Aspera Shares
IBM has fixed a vulnerability in Aspera Shares. The vulnerability is known as Cross-Site Scripting. The vulnerability allows a remote malicious person to execute arbitrary code in the victim's browser. To do so, the malicious party must induce the victim to follow a rogue hyper-link to follow. IB...
Vulnerabilities fixed in Google Chrome
Vulnerabilities have been fixed in Google Chrome. The vulnerabilities allow a malicious person to launch attacks that lead to the following categories of damage: Denial-of-Service DoS Circumvention of security measure Possible Code execution User rights Access to system data Google has made littl...
Vulnerabilities fixed in Ubuntu kernel
Vulnerabilities have been fixed in Ubuntu's kernel. The vulnerabilities allow a malicious person to carry out attacks execute attacks that lead to the following categories of damage: Denial-of-Service DoS Circumvention of security measure Access to system data Increased user privileges Canonical...
Vulnerability fixed in FortiManager and FortiAnalyzer
Fortinet has fixed a vulnerability in FortiManager and FortiAnalyzer. The vulnerability allows a malicious party to perform perform a Cross Site Scripting attack. Fortinet has released updates to fix the vulnerability. More information can be found on the page below:...
Vulnerability fixed in MISP
A vulnerability has been fixed in MISP. The vulnerability allows an authenticated remote malicious person to be able to delete MISP events delete. CIRCL has released updates to fix the vulnerability. More information can be found on the page below:...
Vulnerabilities fixed in Jira
Vulnerabilities have been fixed in Jira Server and Data Center. The vulnerabilities allow a malicious party to obtain sensitive data and to launch a denial-of-service attack. execute. Atlassian has released updates to address the vulnerabilities. fixes. More information can be found on the pages...
Vulnerabilities fixed in VirtualBox
Vulnerabilities have been fixed in Oracle VirtualBox. The vulnerabilities allow a malicious party to perform attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Code execution Administrator/Root privileges Access to sensitive data...
Vulnerabilities fixed in Citrix Application Delivery Controller, Gateway and SD-WAN WANOP appliance
Citrix has fixed several vulnerabilities in Netscaler products. The vulnerabilities allow a malicious party to perform attacks that result in the following categories of damage: Denial-of-Service DoS Circumvention of security measure Increased user privileges To perform the denial-of-service atta...
Vulnerability fixed in Samba
Ubuntu has fixed a vulnerability in Samba. The vulnerability potentially allows a malicious party to obtain domain administrator rights. The vulnerability with reference CVE-2020-1472 in Samba in that case should be exploited in conjunction with a vulnerable Microsoft domain controller to be...
Vulnerabilities fixed in Android
Vulnerabilities have been fixed in Android 11. The vulnerabilities allow a malicious person to carry out attacks execute attacks that lead to the following categories of damage: Denial-of-Service DoS. Bypassing authentication. Remote code execution User Rights Accessing sensitive data Access to...
Vulnerability fixed in Trend Micro ServerProtect
Trend Micro has fixed a vulnerability in ServerProtect for Linux. The vulnerability allows a remote malicious person to to execute arbitrary code under certain circumstances. Trend Micro rated the vulnerability with attribute CVE-2020-24561 with a CVSS score of 9.1. Trend Micro has released updat...
Vulnerability fixed in FortiOS
Fortinet has fixed a vulnerability in FortiOS. The vulnerability allows a malicious party to perform a Cross-Site Scripting XSS attack. The vulnerability arises from incorrect input validation when generating a Web page in the SSL VPN portal. Fortinet has released updates to fix the vulnerability...
Vulnerabilities fixed in Drupal
Vulnerabilities have been fixed in Drupal. The vulnerabilities allow a malicious person to perform attacks execute attacks that result in the following categories of damage: Cross-Site Scripting XSS. Bypassing authentication Accessing sensitive data The vulnerability with attribute CVE-2020-13668...
Vulnerabilities fixed in Apple iOS and iPadOS
Vulnerabilities have been fixed in Apple iOS and iPadOS. The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Circumvention of security measure. Remote code execution Us...
Vulnerabilities fixed in Apple Safari
Apple has fixed vulnerabilities in Safari. The vulnerabilities allow a malicious person to execute arbitrary code under the application's permissions. Apple has released updates to fix the vulnerabilities in Safari. For more information, see: https://support.apple.com/en-us/HT211845...
Vulnerability fixed in Acronis Cyber Backup
A vulnerability has been found in Acronis Cyber Backup. A malicious party can exploit the vulnerability to perform a Server-side request-forgery SSRF. This allows the attacker gains access to system data. Acronis has released updates to fix the vulnerability. See the page below for more...
Vulnerabilities fixed in VMware Workstation, Fusion and Horizon
Vulnerabilities have been fixed in VMware Workstation, Fusion and Horizon. The vulnerability with reference CVE-2020-3980 relates to VMware Fusion and allows a malicious party to obtain elevated user privileges. The remaining CVE characteristics enable a malicious person to cause a...
Vulnerabilities fixed in IBM Spectrum Protect
Vulnerabilities have been fixed in IBM Spectrum Protect. The vulnerabilities allow a malicious party to execute arbitrary code execute arbitrary code and gain access to system data. IBM has released updates to fix the vulnerabilities. More information can be found on the page below:...
Vulnerabilities fixed in Oracle Unbreakable Enterprise Kernel
Oracle has fixed several vulnerabilities in the Unbreakable Enterprise Kernel. A malicious party could potentially exploit them to cause a denial-of-service or to obtain elevated privileges on the vulnerable system. -= Oracle =- Oracle has made updates available for Oracle Linux 6. You can instal...
Vulnerability fixed in Red Hat JBoss Enterprise Application Platform
A vulnerability has been fixed in JBoss Enterprise Application Platform. The vulnerability allows a malicious party to launch a Denial-of-Service DoS attack. -= Red Hat =- Red Hat has made updates available. You can install these updates install using the command 'yum'. More information about the...
Vulnerabilities fixed in Oracle Unbreakable Enterprise Kernel
Oracle has fixed several vulnerabilities in the Unbreakable Enterprise Kernel. The vulnerabilities allow a malicious potentially able to launch attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Access to sensitive data Access to system data...
Vulnerabilities fixed in Samsung Mobile
Samsung has fixed several vulnerabilities in its Android distribution. The vulnerabilities allow a malicious person to able to perform attacks that result in the following categories of damage: Denial-of-Service DoS Remote code execution User Rights Access to sensitive data Access to system data...
Vulnerabilities fixed in McAfee Agent
Vulnerabilities have been fixed in McAfee Agent. The vulnerabilities allow a malicious party to launch attacks that result in the following categories of damage: Remote code execution Administrator/Root rights Remote code execution User rights Increased user privileges McAfee has released updates...
Vulnerability fixed in XWiki
The developers of XWiki have fixed a vulnerability. A malicious person with SCRIPT privileges could exploit the vulnerability to gain access to the server's Instance Manager and thereby create arbitrary Java objects. The developers have released updates to fix the vulnerability fix in XWiki 12.2....
Vulnerability fixed in WebSphere Application Server Admin Console
IBM has fixed a vulnerability in the WebSphere Application Server Admin Console. The attack that can exploit this vulnerability exploit is referred to as Cross-Site Scripting. The vulnerability allows an unauthenticated remote malicious person is able to execute arbitrary code in the browser of t...
Vulnerabilities fixed in Apache ActiveMQ
Apache has fixed vulnerabilities in Apache ActiveMQ. The vulnerabilities potentially allow a malicious party to impersonate pose as a legitimate server trusted by the user. This allows the malicious party to gain access to data sent by the victim was sent encrypted. The victim is under the...
Vulnerabilities fixed in Ansible
Vulnerabilities have been fixed in Ansible. The vulnerabilities allow a malicious party to gain access to sensitive and system data. Ansible has released updates to fix the vulnerabilities. More information can be found on the pages below: CVE-2020-1736:...