Lucene search
K

4197 matches found

NCSC
NCSC
•added 2020/10/08 12:0 a.m.•6 views

Vulnerability fixed in Cisco Webex Teams for Windows

Cisco has fixed a vulnerability in the Windows client of Cisco Webex Teams. The vulnerability allows a local, authenticated malicious person to execute arbitrary code execute under privileges of other local users. This requires a malicious DLL file must be placed in a specific location of the fil...

8.4CVSS7.2AI score0.00593EPSS
Exploits0
NCSC
NCSC
•added 2020/10/07 12:0 a.m.•6 views

Vulnerabilities fixed in Samsung Mobile

Samsung has fixed several vulnerabilities in its Android distribution. The vulnerabilities allow a malicious person whether remote or otherwise may be able to launch attacks that lead to the following categories of damage: Denial-of-server DoS. Remote code execution User rights Access to sensitiv...

9.8CVSS6.1AI score0.01891EPSS
Exploits0
NCSC
NCSC
•added 2020/10/07 12:0 a.m.•29 views

Vulnerabilities fixed in GitLab

Several vulnerabilities have been fixed in GitLab. The vulnerabilities potentially allow a malicious person to launch attacks execute attacks that result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Remote code execution User Rights Access to sensitive da...

8.8CVSS7.2AI score0.02112EPSS
Exploits3
NCSC
NCSC
•added 2020/10/07 12:0 a.m.•12 views

Vulnerability found in WildFly OpenSSL

A vulnerability has been found in WildFly OpenSSL. A unauthenticated remote malicious party can exploit the vulnerability potentially exploit it to cause a denial-of-service. Red Hat has not yet made updates available that fix the vulnerability. For more information on the vulnerability, see:...

7.5CVSS6.6AI score0.02183EPSS
Exploits0
NCSC
NCSC
•added 2020/10/07 12:0 a.m.•4 views

Vulnerabilities fixed in Google Chrome

Google has fixed several vulnerabilities in Chrome. The vulnerabilities potentially enable a remote malicious person to able to launch attacks that result in the following categories of damage: Denial-of-Service DoS Remote code execution User Rights Access to sensitive data As usual, Google has...

8.8CVSS7.4AI score0.02553EPSS
Exploits4
NCSC
NCSC
•added 2020/10/07 12:0 a.m.•9 views

Vulnerabilities fixed in Oracle Unbreakable Enterprise Kernel

Oracle has fixed vulnerabilities in the Oracle Unbreakable Enterprise kernel. The vulnerabilities allow a malicious potentially able to launch attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution User rights Access to sensitiv...

10CVSS6.9AI score0.16523EPSS
Exploits16
NCSC
NCSC
•added 2020/10/06 12:0 a.m.•7 views

Vulnerabilities fixed in Android

Several vulnerabilities have been fixed in Google Android. The vulnerabilities allow a malicious person remote or otherwise potentially able to carry out attacks leading to the following categories of damage: Remote code execution User rights. Access to sensitive data Access to system data...

10CVSS7.4AI score0.28338EPSS
Exploits2
NCSC
NCSC
•added 2020/10/06 12:0 a.m.•5 views

Vulnerability fixed in IBM Security Access Manager

IBM has fixed a vulnerability in IBM Security Access Manager. A malicious party could exploit the vulnerability to execute a Cross-Site Scripting XSS attack. Such an attack can result in the execution of arbitrary script code in the browser used to visit the application. IBM has released updates ...

6.1CVSS6.2AI score0.0073EPSS
Exploits0
NCSC
NCSC
•added 2020/10/02 12:0 a.m.•42 views

Vulnerabilities fixed in GitLab

Vulnerabilities have been fixed in GitLab. The vulnerabilities allow a malicious person to perform attacks that lead to the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Manipulation of data Circumvention of authentication Circumventing security measures Remote...

7.5CVSS6.8AI score0.02112EPSS
Exploits1
NCSC
NCSC
•added 2020/10/02 12:0 a.m.•3 views

Vulnerability fixed in PowerDNS

A vulnerability has been fixed in PowerDNS. The vulnerability allows an authenticated malicious person with access to the control panel or the REST API to gain access to system data. obtain. PowerDNS has released updates to fix the vulnerability. More information can be found on the page below:...

4.3CVSS6.8AI score0.02592EPSS
Exploits0
NCSC
NCSC
•added 2020/10/02 12:0 a.m.•8 views

Vulnerabilities fixed in openSUSE

Vulnerabilities have been fixed in openSUSE kernel. The vulnerabilities allow a malicious person to carry out attacks execute attacks that lead to the following categories of damage: Denial-of-Service DoS. Circumvention of security measure Access to system data Increased user privileges -= OpenSU...

7.8CVSS6.9AI score0.00492EPSS
Exploits0
NCSC
NCSC
•added 2020/10/02 12:0 a.m.•5 views

Vulnerabilities fixed in PowerDNS

Vulnerabilities have been fixed in PowerDNS. The vulnerabilities enable an unauthenticated remote malicious agent to cause a denial-of-service and to potentially execute arbitrary code to execute under the user's privileges. This applies only to installations compiled with...

9.8CVSS7.2AI score0.04412EPSS
Exploits0
NCSC
NCSC
•added 2020/10/01 12:0 a.m.•3 views

Vulnerability fixed I IBM WebSphere Application Server

IBM has fixed a vulnerability in WebSpere Application Server. The vulnerability allows an unauthenticated malicious person remotely able to obtain system data. IBM categorizes this vulnerability according to the CVSSv3 method with a score of 5.3. IBM has released updates to fix the vulnerability...

7.5CVSS6.7AI score0.02041EPSS
Exploits0
NCSC
NCSC
•added 2020/10/01 12:0 a.m.•7 views

Vulnerability fixed in Trend Micro Anti-virus

A vulnerability has been fixed in Trend Micro Anti-Virus for Mac. The vulnerability allows a malicious person to obtain elevated privileges. Trend Micro has released updates to fix the vulnerability. fix. More information can be found on the page below:...

7.8CVSS6.5AI score0.00621EPSS
Exploits0
NCSC
NCSC
•added 2020/10/01 12:0 a.m.•7 views

Vulnerability fixed in Red Hat Satellite

A vulnerability has been fixed in Red Hat Satellite. The vulnerability allows a local malicious person to obtain sensitive data by reading the temporary memory. This vulnerability is exploitable only if an installation of Satellite via RPM an installation of Satellite has taken place. -= Red Hat ...

8.8CVSS6.5AI score0.00315EPSS
Exploits0
NCSC
NCSC
•added 2020/10/01 12:0 a.m.•6 views

Vulnerability fixed in FortiOS

A vulnerability has been fixed in FortiOS. The vulnerability allows an authenticated malicious party the ability to cause a denial-of-service denial-of-service. Fortinet has released updates to fix the vulnerability. More information can be found on the page below:...

6.5CVSS6.5AI score0.01566EPSS
Exploits0
NCSC
NCSC
•added 2020/09/30 12:0 a.m.•3 views

Vulnerability fixed in NetworkManager security

A vulnerability has been fixed in NetworkManager. The vulnerability allows a locally authenticated malicious party to opportunity to bypass 802.1X authentication allowing network sessions are set up without encryption. -= Red Hat =- Red Hat has made updates available for Red Hat Enterprise Linux ...

4.3CVSS6.6AI score0.00983EPSS
Exploits0
NCSC
NCSC
•added 2020/09/30 12:0 a.m.•3 views

Vulnerabilities fixed in Red Hat kernel

Red Hat has fixed vulnerabilities in its kernel. The vulnerabilities enable a locally authenticated malicious agent to the opportunity to cause a denial-of-service and to obtain elevated permissions. -= Red Hat =- Red Hat has made updates available for Red Hat Enterprise Linux 7. You can install...

9.3CVSS8.4AI score0.05111EPSS
Exploits1
NCSC
NCSC
•added 2020/09/30 12:0 a.m.•3 views

Vulnerability fixed in IBM Tivoli Netcool/Impact

A vulnerability has been fixed in IBM Tivoli Netcool/Impact. The vulnerability allows a malicious party to access sensitive data. IBM has released updates to fix the vulnerability. More information can be found on the pages below: https://www.ibm.com/support/pages/node/6339051...

6.6AI score
Exploits0
NCSC
NCSC
•added 2020/09/30 12:0 a.m.•7 views

Vulnerability fixed in Dell SonicWall

A vulnerability has been fixed in Dell SonicWall. It involves a domain name collision vulnerability. The web interface of SonicWall makes it possible for an attacker to obtain information about domain names used on an organization's internal network. organization. The attacker can register a foun...

5.3CVSS6.4AI score0.00919EPSS
Exploits0
NCSC
NCSC
•added 2020/09/30 12:0 a.m.•4 views

Vulnerabilities fixed in Red Hat ipa

Vulnerabilities have been fixed in Red Hat ipa. The vulnerabilities allow an unauthenticated malicious person to execute arbitrary code on the victim's browser. To do this, the malicious party must trick the victim into following a rogue hyper-link to follow. In addition, the vulnerabilities enab...

6.9CVSS7.5AI score0.99019EPSS
Exploits14
NCSC
NCSC
•added 2020/09/29 12:0 a.m.•5 views

Vulnerabilities fixed in Foxit Reader and Foxit PhantomPDF

Vulnerabilities have been fixed in Foxit Reader and Foxit PhantomPDF. The vulnerabilities allow a malicious party to perform attacks that result in the following categories of damage: Denial-of-Service DoS Remote code execution User Rights Access to system data Increased user privileges Foxit has...

7.5AI score
Exploits0
NCSC
NCSC
•added 2020/09/29 12:0 a.m.•5 views

Vulnerability fixed in Trend Micro OfficeScan

A vulnerability has been fixed in Trend Micro OfficeScan. The vulnerability allows a malicious party to obtain elevated permissions and execute arbitrary code under the user's privileges. Trend Micro has released updates to fix the vulnerability. fix. More information can be found on the page...

7.8CVSS7.5AI score0.00776EPSS
Exploits0
NCSC
NCSC
•added 2020/09/29 12:0 a.m.•5 views

Vulnerabilities fixed in Trend Micro products

A vulnerability has been fixed in Trend Micro products. The vulnerability allows a locally authenticated malicious person to able to delete arbitrary files under SYSTEM privileges. delete. Trend Micro has released updates to fix the vulnerability. fix. More information can be found on the page...

6.3CVSS6.5AI score0.00298EPSS
Exploits0
NCSC
NCSC
•added 2020/09/29 12:0 a.m.•3 views

Vulnerabilities fixed in MediaWiki

Vulnerabilities have been fixed in MediaWiki. The vulnerabilities allow a malicious person to perform attacks that lead to the following categories of damage: Cross-Site Scripting XSS. Circumvention of security measure Remote code execution User Rights Access to system data MediaWiki has released...

9.8CVSS6.8AI score0.04098EPSS
Exploits1
NCSC
NCSC
•added 2020/09/25 12:0 a.m.•7 views

Vulnerabilities fixed in FortiOS

Vulnerabilities have been fixed in FortiOS. The vulnerabilities allow an authenticated remote malicious agent to opportunity to cause a denial-of-service via an SSL VPN. To exploit the vulnerability, a number of non-standard settings must have been made. FortiNet categorizes these vulnerabilities...

8.8CVSS6.6AI score0.00862EPSS
Exploits0
NCSC
NCSC
•added 2020/09/25 12:0 a.m.•9 views

Vulnerabilities fixed in Cisco IOS and IOS XE

Vulnerabilities have been fixed in Cisco IOS and IOS XE. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS. Manipulation of data Bypassing authentication Circumvention of security measure Remot...

9.1CVSS7.5AI score0.02226EPSS
Exploits0
NCSC
NCSC
•added 2020/09/25 12:0 a.m.•2 views

Vulnerabilities fixed in Thunderbird

Vulnerabilities have been fixed in Thunderbird. The vulnerabilities allow a remote malicious person to execute arbitrary code execute with user privileges and spoof the origin of downloads. spoofing. Mozilla has released updates to fix the vulnerabilities. More information can be found on the pag...

8.8CVSS7.1AI score0.01961EPSS
Exploits0
NCSC
NCSC
•added 2020/09/25 12:0 a.m.•3 views

Vulnerability fixed in Sophos SG UTM

A vulnerability has been fixed in Sophos SG UTM. The vulnerability allows a remote malicious person to execute arbitrary code execute arbitrary code with user privileges. It is good practice to access the management interface to be exposed on a local network to which only administrators have acce...

10CVSS7.4AI score0.96693EPSS
Exploits9
NCSC
NCSC
•added 2020/09/25 12:0 a.m.•6 views

Vulnerability fixed in F5 BIG-IP and BIG-IQ

A vulnerability has been fixed in F5 BIG-IP and BIG-IQ products. The vulnerability allows a malicious party to launch attacks execute attacks that lead to a denial-of-service DoS. F5 has released updates to fix the vulnerability. More information can be found on the page below:...

7.5CVSS6.7AI score0.01092EPSS
Exploits0
NCSC
NCSC
•added 2020/09/25 12:0 a.m.•3 views

Vulnerabilities fixed in macOS

Vulnerabilities have been fixed in macOS. The vulnerabilities allow a malicious person to carry out attacks that result in the following categories of damage: Denial-of-Service DoS Remote code execution User Rights Access to sensitive data Access to system data -= Apple =- Apple has made updates...

9.3CVSS7.4AI score0.02539EPSS
Exploits0
NCSC
NCSC
•added 2020/09/25 12:0 a.m.•6 views

Vulnerabilities fixed in Cisco Aironet

Vulnerabilities have been fixed in Cisco Aironet. The vulnerabilities allow a malicious party to launch attacks that lead to a denial-of-service DoS. After a successful attack, the affected device recover itself. Cisco has released updates to fix the vulnerabilities. More information can be found...

8.6CVSS6.7AI score0.01415EPSS
Exploits0
NCSC
NCSC
•added 2020/09/24 12:0 a.m.•5 views

Vulnerabilities fixed in Trend Micro products

Trend Micro has fixed vulnerabilities in several products. The vulnerabilities allow a remote malicious person to able to install a rogue update. This is made possible by an SSL server-certification-validation vulnerability combined with another vulnerability. Trend Micro makes little information...

7.5CVSS6.8AI score0.01772EPSS
Exploits0
NCSC
NCSC
•added 2020/09/24 12:0 a.m.•7 views

Vulnerabilities fixed in Pulse Secure

Vulnerabilities have been fixed in Pulse Secure. The vulnerabilities allow a malicious person to launch attacks that lead to the following categories of damage: Cross-Site Scripting XSS. Remote code execution User Rights Access to system data Pulse Secure has released updates to address the...

7.2CVSS6.8AI score0.90759EPSS
Exploits2
NCSC
NCSC
•added 2020/09/23 12:0 a.m.•4 views

Vulnerabilities fixed in Firefox and Firefox ESR

Vulnerabilities have been fixed in Firefox and Firefox ESR. The vulnerabilities allow a malicious party to carry out attacks execute attacks that lead to the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Remote code execution User Rights Spoofing Mozilla has...

8.8CVSS6.8AI score0.01961EPSS
Exploits0
NCSC
NCSC
•added 2020/09/23 12:0 a.m.•3 views

Vulnerabilities fixed in Xen

Xen developers have fixed vulnerabilities in the hypervisor. The vulnerability with reference CVE-2020-25604 makes it possible for a local malicious person who can migrate timers between vCPU-s to cause a denial-of-service. The vulnerability with attribute CVE-2020-25595 allows a local malicious...

7.8CVSS6.4AI score0.00373EPSS
Exploits0
NCSC
NCSC
•added 2020/09/23 12:0 a.m.•3 views

Vulnerabilities fixed in libxml2

Vulnerabilities have been fixed in libxml2. The vulnerabilities allow a malicious party to perform a denial-of-service DoS execution. The developers of libxml12 categorize these vulnerabilities according to the CVSSv3 method with a highest score of 7.5. FreeBSD has released updates to fix the...

7.5CVSS8.6AI score0.07627EPSS
Exploits1
NCSC
NCSC
•added 2020/09/23 12:0 a.m.•5 views

Vulnerability fixed in Ruby on Rails

A vulnerability has been fixed in Ruby on Rails. The vulnerability allows an unauthenticated malicious person to execute arbitrary code on the victim's browser. To do this, the malicious party must trick the victim into following a rogue hyper-link to follow. Rails developers have released update...

6.1CVSS7.2AI score0.02372EPSS
Exploits0
NCSC
NCSC
•added 2020/09/22 12:0 a.m.•9 views

Vulnerability fixed in Spring Framework

There is a vulnerability in the Spring Framework that enables a Reflected File Download RFD attack. This vulnerability has already been patched NCSC-2015-0888, but researchers have found a way to bypass the mitigation. Pivotal has released new versions of the Spring Framework in which the...

9.6CVSS8.5AI score0.10736EPSS
Exploits2
NCSC
NCSC
•added 2020/09/22 12:0 a.m.•8 views

Vulnerability fixed in IBM Aspera Shares

IBM has fixed a vulnerability in Aspera Shares. The vulnerability is known as Cross-Site Scripting. The vulnerability allows a remote malicious person to execute arbitrary code in the victim's browser. To do so, the malicious party must induce the victim to follow a rogue hyper-link to follow. IB...

6.1CVSS7.2AI score0.0073EPSS
Exploits0
NCSC
NCSC
•added 2020/09/22 12:0 a.m.•2 views

Vulnerability fixed in Websphere Application Server

A vulnerability has been fixed in Websphere Application Server. The vulnerability allows a remote malicious person using a so-called XML-External-Entity-Injection attack to obtain obtain system data. IBM has released updates to fix the vulnerability. More information can be found on the page belo...

7.5CVSS6.8AI score0.02839EPSS
Exploits0
NCSC
NCSC
•added 2020/09/22 12:0 a.m.•6 views

Vulnerabilities fixed in FortiAnalyzer

Fortinet has fixed vulnerabilities in FortiAnalyzer. The vulnerability allows a remote attacker to execute arbitrary code under user privileges. Fortinet has released updates to address the vulnerabilities. fix. More information can be found on the page below:...

8.8CVSS7.4AI score0.02276EPSS
Exploits0
NCSC
NCSC
•added 2020/09/22 12:0 a.m.•9 views

Vulnerabilities fixed in Ubuntu kernel

Vulnerabilities have been fixed in Ubuntu's kernel. The vulnerabilities allow a malicious person to carry out attacks execute attacks that lead to the following categories of damage: Denial-of-Service DoS Circumvention of security measure Access to system data Increased user privileges Canonical...

8.2CVSS6.6AI score0.05271EPSS
Exploits1
NCSC
NCSC
•added 2020/09/22 12:0 a.m.•2 views

Vulnerabilities fixed in Google Chrome

Vulnerabilities have been fixed in Google Chrome. The vulnerabilities allow a malicious person to launch attacks that lead to the following categories of damage: Denial-of-Service DoS Circumvention of security measure Possible Code execution User rights Access to system data Google has made littl...

9.6CVSS6.9AI score0.02948EPSS
Exploits6
NCSC
NCSC
•added 2020/09/21 12:0 a.m.•5 views

Vulnerabilities fixed in Citrix Application Delivery Controller, Gateway and SD-WAN WANOP appliance

Citrix has fixed several vulnerabilities in Netscaler products. The vulnerabilities allow a malicious party to perform attacks that result in the following categories of damage: Denial-of-Service DoS Circumvention of security measure Increased user privileges To perform the denial-of-service atta...

8.8CVSS6.9AI score0.01555EPSS
Exploits0
NCSC
NCSC
•added 2020/09/21 12:0 a.m.•5 views

Vulnerability fixed in MISP

A vulnerability has been fixed in MISP. The vulnerability allows an authenticated remote malicious person to be able to delete MISP events delete. CIRCL has released updates to fix the vulnerability. More information can be found on the page below:...

7.5CVSS6.5AI score0.01221EPSS
Exploits0
NCSC
NCSC
•added 2020/09/21 12:0 a.m.•9 views

Vulnerabilities fixed in Jira

Vulnerabilities have been fixed in Jira Server and Data Center. The vulnerabilities allow a malicious party to obtain sensitive data and to launch a denial-of-service attack. execute. Atlassian has released updates to address the vulnerabilities. fixes. More information can be found on the pages...

6.5CVSS6.7AI score0.76042EPSS
Exploits1
NCSC
NCSC
•added 2020/09/21 12:0 a.m.•4 views

Vulnerabilities fixed in VirtualBox

Vulnerabilities have been fixed in Oracle VirtualBox. The vulnerabilities allow a malicious party to perform attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Code execution Administrator/Root privileges Access to sensitive data...

8.2CVSS6.8AI score0.00565EPSS
Exploits0
NCSC
NCSC
•added 2020/09/21 12:0 a.m.•6 views

Vulnerability fixed in FortiManager and FortiAnalyzer

Fortinet has fixed a vulnerability in FortiManager and FortiAnalyzer. The vulnerability allows a malicious party to perform perform a Cross Site Scripting attack. Fortinet has released updates to fix the vulnerability. More information can be found on the page below:...

6.1CVSS6.2AI score0.00801EPSS
Exploits0
NCSC
NCSC
•added 2020/09/18 12:0 a.m.•8 views

Vulnerabilities fixed in Android

Vulnerabilities have been fixed in Android 11. The vulnerabilities allow a malicious person to carry out attacks execute attacks that lead to the following categories of damage: Denial-of-Service DoS. Bypassing authentication. Remote code execution User Rights Accessing sensitive data Access to...

9.8CVSS7.6AI score0.00988EPSS
Exploits1
Total number of security vulnerabilities4197