4197 matches found
Vulnerability fixed in Cisco Webex Teams for Windows
Cisco has fixed a vulnerability in the Windows client of Cisco Webex Teams. The vulnerability allows a local, authenticated malicious person to execute arbitrary code execute under privileges of other local users. This requires a malicious DLL file must be placed in a specific location of the fil...
Vulnerabilities fixed in Samsung Mobile
Samsung has fixed several vulnerabilities in its Android distribution. The vulnerabilities allow a malicious person whether remote or otherwise may be able to launch attacks that lead to the following categories of damage: Denial-of-server DoS. Remote code execution User rights Access to sensitiv...
Vulnerabilities fixed in GitLab
Several vulnerabilities have been fixed in GitLab. The vulnerabilities potentially allow a malicious person to launch attacks execute attacks that result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Remote code execution User Rights Access to sensitive da...
Vulnerability found in WildFly OpenSSL
A vulnerability has been found in WildFly OpenSSL. A unauthenticated remote malicious party can exploit the vulnerability potentially exploit it to cause a denial-of-service. Red Hat has not yet made updates available that fix the vulnerability. For more information on the vulnerability, see:...
Vulnerabilities fixed in Google Chrome
Google has fixed several vulnerabilities in Chrome. The vulnerabilities potentially enable a remote malicious person to able to launch attacks that result in the following categories of damage: Denial-of-Service DoS Remote code execution User Rights Access to sensitive data As usual, Google has...
Vulnerabilities fixed in Oracle Unbreakable Enterprise Kernel
Oracle has fixed vulnerabilities in the Oracle Unbreakable Enterprise kernel. The vulnerabilities allow a malicious potentially able to launch attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution User rights Access to sensitiv...
Vulnerabilities fixed in Android
Several vulnerabilities have been fixed in Google Android. The vulnerabilities allow a malicious person remote or otherwise potentially able to carry out attacks leading to the following categories of damage: Remote code execution User rights. Access to sensitive data Access to system data...
Vulnerability fixed in IBM Security Access Manager
IBM has fixed a vulnerability in IBM Security Access Manager. A malicious party could exploit the vulnerability to execute a Cross-Site Scripting XSS attack. Such an attack can result in the execution of arbitrary script code in the browser used to visit the application. IBM has released updates ...
Vulnerabilities fixed in GitLab
Vulnerabilities have been fixed in GitLab. The vulnerabilities allow a malicious person to perform attacks that lead to the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Manipulation of data Circumvention of authentication Circumventing security measures Remote...
Vulnerability fixed in PowerDNS
A vulnerability has been fixed in PowerDNS. The vulnerability allows an authenticated malicious person with access to the control panel or the REST API to gain access to system data. obtain. PowerDNS has released updates to fix the vulnerability. More information can be found on the page below:...
Vulnerabilities fixed in openSUSE
Vulnerabilities have been fixed in openSUSE kernel. The vulnerabilities allow a malicious person to carry out attacks execute attacks that lead to the following categories of damage: Denial-of-Service DoS. Circumvention of security measure Access to system data Increased user privileges -= OpenSU...
Vulnerabilities fixed in PowerDNS
Vulnerabilities have been fixed in PowerDNS. The vulnerabilities enable an unauthenticated remote malicious agent to cause a denial-of-service and to potentially execute arbitrary code to execute under the user's privileges. This applies only to installations compiled with...
Vulnerability fixed I IBM WebSphere Application Server
IBM has fixed a vulnerability in WebSpere Application Server. The vulnerability allows an unauthenticated malicious person remotely able to obtain system data. IBM categorizes this vulnerability according to the CVSSv3 method with a score of 5.3. IBM has released updates to fix the vulnerability...
Vulnerability fixed in Trend Micro Anti-virus
A vulnerability has been fixed in Trend Micro Anti-Virus for Mac. The vulnerability allows a malicious person to obtain elevated privileges. Trend Micro has released updates to fix the vulnerability. fix. More information can be found on the page below:...
Vulnerability fixed in Red Hat Satellite
A vulnerability has been fixed in Red Hat Satellite. The vulnerability allows a local malicious person to obtain sensitive data by reading the temporary memory. This vulnerability is exploitable only if an installation of Satellite via RPM an installation of Satellite has taken place. -= Red Hat ...
Vulnerability fixed in FortiOS
A vulnerability has been fixed in FortiOS. The vulnerability allows an authenticated malicious party the ability to cause a denial-of-service denial-of-service. Fortinet has released updates to fix the vulnerability. More information can be found on the page below:...
Vulnerability fixed in NetworkManager security
A vulnerability has been fixed in NetworkManager. The vulnerability allows a locally authenticated malicious party to opportunity to bypass 802.1X authentication allowing network sessions are set up without encryption. -= Red Hat =- Red Hat has made updates available for Red Hat Enterprise Linux ...
Vulnerabilities fixed in Red Hat kernel
Red Hat has fixed vulnerabilities in its kernel. The vulnerabilities enable a locally authenticated malicious agent to the opportunity to cause a denial-of-service and to obtain elevated permissions. -= Red Hat =- Red Hat has made updates available for Red Hat Enterprise Linux 7. You can install...
Vulnerability fixed in IBM Tivoli Netcool/Impact
A vulnerability has been fixed in IBM Tivoli Netcool/Impact. The vulnerability allows a malicious party to access sensitive data. IBM has released updates to fix the vulnerability. More information can be found on the pages below: https://www.ibm.com/support/pages/node/6339051...
Vulnerability fixed in Dell SonicWall
A vulnerability has been fixed in Dell SonicWall. It involves a domain name collision vulnerability. The web interface of SonicWall makes it possible for an attacker to obtain information about domain names used on an organization's internal network. organization. The attacker can register a foun...
Vulnerabilities fixed in Red Hat ipa
Vulnerabilities have been fixed in Red Hat ipa. The vulnerabilities allow an unauthenticated malicious person to execute arbitrary code on the victim's browser. To do this, the malicious party must trick the victim into following a rogue hyper-link to follow. In addition, the vulnerabilities enab...
Vulnerabilities fixed in Foxit Reader and Foxit PhantomPDF
Vulnerabilities have been fixed in Foxit Reader and Foxit PhantomPDF. The vulnerabilities allow a malicious party to perform attacks that result in the following categories of damage: Denial-of-Service DoS Remote code execution User Rights Access to system data Increased user privileges Foxit has...
Vulnerability fixed in Trend Micro OfficeScan
A vulnerability has been fixed in Trend Micro OfficeScan. The vulnerability allows a malicious party to obtain elevated permissions and execute arbitrary code under the user's privileges. Trend Micro has released updates to fix the vulnerability. fix. More information can be found on the page...
Vulnerabilities fixed in Trend Micro products
A vulnerability has been fixed in Trend Micro products. The vulnerability allows a locally authenticated malicious person to able to delete arbitrary files under SYSTEM privileges. delete. Trend Micro has released updates to fix the vulnerability. fix. More information can be found on the page...
Vulnerabilities fixed in MediaWiki
Vulnerabilities have been fixed in MediaWiki. The vulnerabilities allow a malicious person to perform attacks that lead to the following categories of damage: Cross-Site Scripting XSS. Circumvention of security measure Remote code execution User Rights Access to system data MediaWiki has released...
Vulnerabilities fixed in FortiOS
Vulnerabilities have been fixed in FortiOS. The vulnerabilities allow an authenticated remote malicious agent to opportunity to cause a denial-of-service via an SSL VPN. To exploit the vulnerability, a number of non-standard settings must have been made. FortiNet categorizes these vulnerabilities...
Vulnerabilities fixed in Cisco IOS and IOS XE
Vulnerabilities have been fixed in Cisco IOS and IOS XE. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS. Manipulation of data Bypassing authentication Circumvention of security measure Remot...
Vulnerabilities fixed in Thunderbird
Vulnerabilities have been fixed in Thunderbird. The vulnerabilities allow a remote malicious person to execute arbitrary code execute with user privileges and spoof the origin of downloads. spoofing. Mozilla has released updates to fix the vulnerabilities. More information can be found on the pag...
Vulnerability fixed in Sophos SG UTM
A vulnerability has been fixed in Sophos SG UTM. The vulnerability allows a remote malicious person to execute arbitrary code execute arbitrary code with user privileges. It is good practice to access the management interface to be exposed on a local network to which only administrators have acce...
Vulnerability fixed in F5 BIG-IP and BIG-IQ
A vulnerability has been fixed in F5 BIG-IP and BIG-IQ products. The vulnerability allows a malicious party to launch attacks execute attacks that lead to a denial-of-service DoS. F5 has released updates to fix the vulnerability. More information can be found on the page below:...
Vulnerabilities fixed in macOS
Vulnerabilities have been fixed in macOS. The vulnerabilities allow a malicious person to carry out attacks that result in the following categories of damage: Denial-of-Service DoS Remote code execution User Rights Access to sensitive data Access to system data -= Apple =- Apple has made updates...
Vulnerabilities fixed in Cisco Aironet
Vulnerabilities have been fixed in Cisco Aironet. The vulnerabilities allow a malicious party to launch attacks that lead to a denial-of-service DoS. After a successful attack, the affected device recover itself. Cisco has released updates to fix the vulnerabilities. More information can be found...
Vulnerabilities fixed in Trend Micro products
Trend Micro has fixed vulnerabilities in several products. The vulnerabilities allow a remote malicious person to able to install a rogue update. This is made possible by an SSL server-certification-validation vulnerability combined with another vulnerability. Trend Micro makes little information...
Vulnerabilities fixed in Pulse Secure
Vulnerabilities have been fixed in Pulse Secure. The vulnerabilities allow a malicious person to launch attacks that lead to the following categories of damage: Cross-Site Scripting XSS. Remote code execution User Rights Access to system data Pulse Secure has released updates to address the...
Vulnerabilities fixed in Firefox and Firefox ESR
Vulnerabilities have been fixed in Firefox and Firefox ESR. The vulnerabilities allow a malicious party to carry out attacks execute attacks that lead to the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Remote code execution User Rights Spoofing Mozilla has...
Vulnerabilities fixed in Xen
Xen developers have fixed vulnerabilities in the hypervisor. The vulnerability with reference CVE-2020-25604 makes it possible for a local malicious person who can migrate timers between vCPU-s to cause a denial-of-service. The vulnerability with attribute CVE-2020-25595 allows a local malicious...
Vulnerabilities fixed in libxml2
Vulnerabilities have been fixed in libxml2. The vulnerabilities allow a malicious party to perform a denial-of-service DoS execution. The developers of libxml12 categorize these vulnerabilities according to the CVSSv3 method with a highest score of 7.5. FreeBSD has released updates to fix the...
Vulnerability fixed in Ruby on Rails
A vulnerability has been fixed in Ruby on Rails. The vulnerability allows an unauthenticated malicious person to execute arbitrary code on the victim's browser. To do this, the malicious party must trick the victim into following a rogue hyper-link to follow. Rails developers have released update...
Vulnerability fixed in Spring Framework
There is a vulnerability in the Spring Framework that enables a Reflected File Download RFD attack. This vulnerability has already been patched NCSC-2015-0888, but researchers have found a way to bypass the mitigation. Pivotal has released new versions of the Spring Framework in which the...
Vulnerability fixed in IBM Aspera Shares
IBM has fixed a vulnerability in Aspera Shares. The vulnerability is known as Cross-Site Scripting. The vulnerability allows a remote malicious person to execute arbitrary code in the victim's browser. To do so, the malicious party must induce the victim to follow a rogue hyper-link to follow. IB...
Vulnerability fixed in Websphere Application Server
A vulnerability has been fixed in Websphere Application Server. The vulnerability allows a remote malicious person using a so-called XML-External-Entity-Injection attack to obtain obtain system data. IBM has released updates to fix the vulnerability. More information can be found on the page belo...
Vulnerabilities fixed in FortiAnalyzer
Fortinet has fixed vulnerabilities in FortiAnalyzer. The vulnerability allows a remote attacker to execute arbitrary code under user privileges. Fortinet has released updates to address the vulnerabilities. fix. More information can be found on the page below:...
Vulnerabilities fixed in Ubuntu kernel
Vulnerabilities have been fixed in Ubuntu's kernel. The vulnerabilities allow a malicious person to carry out attacks execute attacks that lead to the following categories of damage: Denial-of-Service DoS Circumvention of security measure Access to system data Increased user privileges Canonical...
Vulnerabilities fixed in Google Chrome
Vulnerabilities have been fixed in Google Chrome. The vulnerabilities allow a malicious person to launch attacks that lead to the following categories of damage: Denial-of-Service DoS Circumvention of security measure Possible Code execution User rights Access to system data Google has made littl...
Vulnerabilities fixed in Citrix Application Delivery Controller, Gateway and SD-WAN WANOP appliance
Citrix has fixed several vulnerabilities in Netscaler products. The vulnerabilities allow a malicious party to perform attacks that result in the following categories of damage: Denial-of-Service DoS Circumvention of security measure Increased user privileges To perform the denial-of-service atta...
Vulnerability fixed in MISP
A vulnerability has been fixed in MISP. The vulnerability allows an authenticated remote malicious person to be able to delete MISP events delete. CIRCL has released updates to fix the vulnerability. More information can be found on the page below:...
Vulnerabilities fixed in Jira
Vulnerabilities have been fixed in Jira Server and Data Center. The vulnerabilities allow a malicious party to obtain sensitive data and to launch a denial-of-service attack. execute. Atlassian has released updates to address the vulnerabilities. fixes. More information can be found on the pages...
Vulnerabilities fixed in VirtualBox
Vulnerabilities have been fixed in Oracle VirtualBox. The vulnerabilities allow a malicious party to perform attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Code execution Administrator/Root privileges Access to sensitive data...
Vulnerability fixed in FortiManager and FortiAnalyzer
Fortinet has fixed a vulnerability in FortiManager and FortiAnalyzer. The vulnerability allows a malicious party to perform perform a Cross Site Scripting attack. Fortinet has released updates to fix the vulnerability. More information can be found on the page below:...
Vulnerabilities fixed in Android
Vulnerabilities have been fixed in Android 11. The vulnerabilities allow a malicious person to carry out attacks execute attacks that lead to the following categories of damage: Denial-of-Service DoS. Bypassing authentication. Remote code execution User Rights Accessing sensitive data Access to...