Lucene search
K

4197 matches found

NCSC
NCSC
•added 2020/08/11 12:0 a.m.•28 views

Vulnerabilities fixed in SAP Netweaver

SAP has fixed several vulnerabilities in SAP Netweaver. These vulnerabilities allow malicious actors to remotely bypass authentication, execute arbitrary code, conduct a cross-site scripting attack, upload files and view sensitive information. SAP has released updates to address these...

9CVSS7AI score0.018EPSS
Exploits0
NCSC
NCSC
•added 2020/08/11 12:0 a.m.•4 views

Vulnerability fixed in SAP S/4 HANA

SAP has fixed a vulnerability in SAP S/4 HANA. By exploiting this vulnerability, a malicious person with user privileges remotely bypass authentication and make data make data inaccessible. SAP has made an update available to fix the vulnerability fix, see for more information:...

4.3CVSS7AI score0.0056EPSS
Exploits0
NCSC
NCSC
•added 2020/08/11 12:0 a.m.•6 views

Vulnerability fixed in TeamViewer

A vulnerability has been fixed in TeamViewer. The vulnerability allows an unauthenticated remote malicious party to opportunity to cause TeamViewer to send out an NTLM request. The malicious party to do this must induce the victim to visit a rogue website. The NTLM request can be captured by the...

8.8CVSS6.9AI score0.25895EPSS
Exploits2
NCSC
NCSC
•added 2020/08/11 12:0 a.m.•7 views

Vulnerabilities fixed in Microsoft Developer Tools

Microsoft has fixed several vulnerabilities. A malicious remote user could potentially exploit the vulnerabilities to execute arbitrary execute arbitrary code, to gain elevated privileges or to perform a denial-of-service DoS attack. Below is a summary of the various vulnerabilities described by...

9.3CVSS7.5AI score0.06561EPSS
Exploits0
NCSC
NCSC
•added 2020/08/11 12:0 a.m.•7 views

Vulnerabilities fixed in GitLab

Vulnerabilities have been fixed in Gitlab. The vulnerabilities allow a malicious person to perform attacks that lead to the following categories of damage: Cross-Site Request Forgery XSRF. Cross-Site Scripting XSS Denial-of-Service DoS. Circumvention of authentication Circumvention of security...

9.8CVSS6.8AI score0.42741EPSS
Exploits11
NCSC
NCSC
•added 2020/08/11 12:0 a.m.•5 views

Vulnerabilities fixed in Google Chrome

Google has fixed several vulnerabilities in Chrome. Little little substantive information made publicly available. The most vulnerabilities allow a malicious party to launch a denial-of-service attack. Google has released updates to fix the vulnerabilities in Chrome. For more information, see:...

9.3CVSS6.8AI score0.29292EPSS
Exploits1
NCSC
NCSC
•added 2020/08/11 12:0 a.m.•55 views

Vulnerabilities fixed in Siemens products

Siemens has fixed vulnerabilities in several products. The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Remote code execution Administrator/Root privileges Siemens...

9.8CVSS7.7AI score0.98745EPSS
Exploits11
NCSC
NCSC
•added 2020/08/10 12:0 a.m.•4 views

Vulnerability fixed in Avaya IP Office Manager

A vulnerability has been fixed in Avaya IP Office Manager. The vulnerability allows an unauthenticated malicious person with access to the network to obtain sensitive data. Avaya has released updates to fix the vulnerability. More information can be found on the page below:...

7.5CVSS6.5AI score0.01195EPSS
Exploits0
NCSC
NCSC
•added 2020/08/10 12:0 a.m.•7 views

Vulnerabilities fixed in Apache HTTP Server

Vulnerabilities have been fixed in Apache HTTP Server. The vulnerabilities allow a malicious party to perform attacks execute attacks that result in the following categories of damage: Denial of Service Apache has made updates available to address the vulnerabilities. fixes. More information can ...

7.5CVSS7.7AI score0.89744EPSS
Exploits2
NCSC
NCSC
•added 2020/08/10 12:0 a.m.•3 views

Vulnerability fixed in PostgreSQL jdbc driver

A vulnerability has been fixed in the PostgreSQL jdbc driver for Java. The so-called XML external-entity vulnerability XXE allows a locally authenticated malicious person to execute arbitrary code execute arbitrary code under database privileges. -= Red Hat =- Red Hat has made updates available f...

7.7CVSS7.5AI score0.04094EPSS
Exploits0
NCSC
NCSC
•added 2020/08/07 12:0 a.m.•7 views

Vulnerabilities fixed in openSUSE kernel

Vulnerabilities have been fixed in the kernel of openSUSE Leap 15.1. The vulnerabilities allow a malicious person to launch attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS. Circumvention of security measure Access to system data Increased user...

9.8CVSS7.2AI score0.12651EPSS
Exploits6
NCSC
NCSC
•added 2020/08/06 12:0 a.m.•4 views

Vulnerabilities fixed in Cisco AnyConnect Secure Mobility Client

Vulnerabilities have been fixed in Cisco AnyConnect Secure Mobility Client for Windows. The vulnerabilities allow a local malicious person with valid Windows login credentials to perform attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS. Data...

7.8CVSS7.5AI score0.10049EPSS
Exploits5
NCSC
NCSC
•added 2020/08/06 12:0 a.m.•4 views

Vulnerabilities fixed in Python

Vulnerabilities have been fixed in Python. The vulnerabilities among other things allow an unauthenticated remote malicious person to remotely capable of causing a denial of service. Python has released updates to fix the vulnerabilities. More information can be found on the pages below:...

7.5CVSS6AI score0.12826EPSS
Exploits1
NCSC
NCSC
•added 2020/08/04 12:0 a.m.•7 views

Vulnerabilities fixed in GRUB2

Researchers have found multiple vulnerabilities in GRUB2. The vulnerability with reference CVE-2020-10713 has been named "Boothole." assigned. This vulnerability allows a malicious person with physical access to the system or a malicious person with administrator privileges able to execute...

8.2CVSS7.9AI score0.01588EPSS
Exploits1
NCSC
NCSC
•added 2020/07/29 12:0 a.m.•5 views

Vulnerabilities fixed in MySQL Server

Ubuntu has fixed several vulnerabilities in MySQL. An authenticated remote malicious person could exploit the vulnerabilities potentially exploit them to cause a denial-of-service or obtain read and write access to data stored in MySQL databases stored. -= Ubuntu =- Canonical has made updates...

7.2CVSS6.7AI score0.02692EPSS
Exploits0
NCSC
NCSC
•added 2020/07/28 12:0 a.m.•3 views

Vulnerabilities fixed in Google Chrome

Google has fixed several vulnerabilities in Chrome. Little little substantive information made publicly available. It is possible that a malicious party could exploit the vulnerabilities to execute arbitrary code with user privileges or for causing a denial-of-service on the Web browser. Google h...

8.8CVSS7.3AI score0.22868EPSS
Exploits0
NCSC
NCSC
•added 2020/07/24 12:0 a.m.•4 views

Vulnerability fixed in Kubernetes

A vulnerability has been fixed in Kubernetes. The vulnerability allows an authenticated malicious person with root privileges on a node to gain elevated privileges on other nodes running in the same cluster running. With these elevated rights to take over pods on the affected nodes. When multiple...

6.8CVSS9.2AI score0.061EPSS
Exploits3
NCSC
NCSC
•added 2020/07/23 12:0 a.m.•8 views

Fixed vulnerability in Citrix Workspace (formerly Citrix Receiver)

A vulnerability has been fixed in the automatic update service of the Citrix Workspace app for Windows that could result in increased user privileges. Citrix has made an update available to fix the vulnerability. fix. For more information, see the following page:...

8.8CVSS6.8AI score0.02062EPSS
Exploits0
NCSC
NCSC
•added 2020/07/21 12:0 a.m.•3 views

Vulnerabilities fixed in ClamAV

Vulnerabilities have been fixed in ClamAV. The vulnerabilities allow a malicious person to cause a denial-of-service cause. ClamAV has released updates to fix the vulnerabilities. More information can be found on the pages below: https://blog.clamav.net/2020/07...

7.5CVSS6.6AI score0.05063EPSS
Exploits0
NCSC
NCSC
•added 2020/07/17 12:0 a.m.•2 views

Vulnerabilities fixed in IBM Spectrum Protect

Vulnerabilities have been fixed in IBM Spectrum Protect. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS. Remote code execution Administrator/Root privileges IBM has released updates to fix t...

8.6CVSS8.4AI score0.0399EPSS
Exploits2
NCSC
NCSC
•added 2020/07/16 12:0 a.m.•6 views

Vulnerabilities fixed in Jenkins

Several vulnerabilities have been fixed in Jenkins. A malicious user could potentially exploit the vulnerabilities to perform a Cross-Site Scripting XSS attack. A such an attack can lead to the execution of arbitrary script code in the browser used to visit the application. Jenkins developers hav...

8.8CVSS6.5AI score0.01433EPSS
Exploits0
NCSC
NCSC
•added 2020/07/16 12:0 a.m.•6 views

Vulnerabilities fixed in Apple macOS

Apple has fixed several vulnerabilities in Mac OS. A malicious party can exploit the vulnerabilities to launch attacks that lead to the following categories of damage: Denial-of-Service DoS. Remote code execution Administrator/Root privileges Access to sensitive data -= Apple =- Apple has made...

10CVSS7.4AI score0.08036EPSS
Exploits3
NCSC
NCSC
•added 2020/07/16 12:0 a.m.•10 views

Multiple vulnerabilities fixed in Apple iOS and iPadOS

Apple has fixed several vulnerabilities in iOS and iPadOS. A malicious party could potentially exploit the vulnerabilities for attacks that could lead to the following types of damage: Denial-of-Service DoS. Remote code execution User rights Access to sensitive data -= Apple =- Apple has made...

10CVSS7.2AI score0.08036EPSS
Exploits3
NCSC
NCSC
•added 2020/07/16 12:0 a.m.•6 views

Multiple vulnerabilities fixed in Apple Safari

Apple has fixed several vulnerabilities in Safari. A malicious party can exploit the vulnerabilities to perform attacks that can lead to the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Circumvention of security measure. Remote code execution User Rights -= Appl...

9.8CVSS6.8AI score0.04316EPSS
Exploits1
NCSC
NCSC
•added 2020/07/15 12:0 a.m.•8 views

Vulnerabilities fixed in Apache Tomcat

Several vulnerabilities have been fixed in Apache Tomcat. A malicious party could potentially exploit the vulnerabilities to cause a Denial-of-Service on the Tomcat server. To do this the malicious party must send specially crafted HTTP or WebSocket traffic to the vulnerable server. The developer...

7.5CVSS8.8AI score0.87553EPSS
Exploits1
NCSC
NCSC
•added 2020/07/15 12:0 a.m.•10 views

Vulnerabilities fixed in Oracle Java SE

Oracle has fixed vulnerabilities in Oracle Java SE. A malicious party could exploit the vulnerabilities to execute arbitrary code or for causing a denial-of-service. ------------------.------.------------------------------------- | CVE ID | CVSS | Vector |...

8.3CVSS7.2AI score0.05166EPSS
Exploits0
NCSC
NCSC
•added 2020/07/14 12:0 a.m.•9 views

Serious vulnerabilities fixed in SAP Netweaver

SAP has fixed several vulnerabilities in SAP Netweaver products. The vulnerabilities allow malicious parties to gain access to sensitive data, or possibly even the execute arbitrary commands that could take over the entire underlying system can be taken over. The vulnerability with reference...

10CVSS7.4AI score0.94719EPSS
Exploits7
NCSC
NCSC
•added 2020/07/14 12:0 a.m.•12 views

Large number of linux vulnerabilities in SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP

Siemens has published a large number of vulnerabilities in the Linux subsystem of the SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP. Malicious parties can exploit the vulnerabilities to cause various types of damage, the most important of which are: Execution of arbitrary code with privileges of the...

10CVSS7.2AI score0.98745EPSS
Exploits95
NCSC
NCSC
•added 2020/07/07 12:0 a.m.•6 views

Vulnerabilities fixed in MobileIron

MobileIron has fixed multiple vulnerabilities in MobileIron Core and Sentry. The vulnerabilities allow a malicious party to execute attacks that result in the following categories of damage: Bypassing authentication Remote code execution Accessing sensitive data MobileIron has made little...

9.8CVSS7AI score0.99737EPSS
Exploits4
NCSC
NCSC
•added 2020/07/03 12:0 a.m.•5 views

Vulnerabilities fixed in Samba

Several vulnerabilities have been fixed in Samba. The vulnerabilities are in the way Samba processes LDAP information and allows a malicious party to cause a denial-of-service cause or potentially execute arbitrary code with the rights of the application. -= Ubuntu =- Canonical has made updates...

7.8CVSS7.8AI score0.03874EPSS
Exploits0
NCSC
NCSC
•added 2020/06/29 12:0 a.m.•3 views

Vulnerability fixed in Squid

A vulnerability has been fixed in Squid. The vulnerability allows a malicious party to bypass a security measure. Incomplete input validation makes it possible for a malicious person to possible to perform a Request Smuggling or Poisoning attack on the HTTP cache execute. The vulnerability with...

9.9CVSS6.6AI score0.05706EPSS
Exploits0
NCSC
NCSC
•added 2020/06/26 12:0 a.m.•5 views

Vulnerability fixed in Apache Tomcat

A vulnerability has been fixed in Apache Tomcat. A malicious party could potentially exploit the vulnerability to cause a Denial-of-Service on the Tomcat server. To do this the malicious party needs to send a specially crafted HTTP/2 request to the server. This request causes an increased CPU loa...

7.5CVSS7AI score0.26699EPSS
Exploits0
NCSC
NCSC
•added 2020/06/24 12:0 a.m.•2 views

Vulnerabilities fixed in cURL

GNU has fixed vulnerabilities in cURL. The vulnerabilities allow a remote malicious person to obtain sensitive to obtain data and to potentially corrupt a file. GNU has released updates to fix the vulnerabilities. More information can be found on the pages below: CVE-2020-8169:...

7.8CVSS6.9AI score0.03427EPSS
Exploits2
NCSC
NCSC
•added 2020/06/24 12:0 a.m.•3 views

Vulnerability fixed in ntpd

A vulnerability has been fixed in the ntp client daemon. The vulnerability allows an unauthenticated remote malicious person able to perform a denial-of-service attack. The developers of ntpd have released updates to fix the vulnerability. More information can be found on the pages below:...

7.5CVSS6.8AI score0.04071EPSS
Exploits0
NCSC
NCSC
•added 2020/06/18 12:0 a.m.•3 views

Vulnerability fixed in Drupal

Drupal has fixed a vulnerability in the Form API of the Drupal Core. The vulnerability allows a remote malicious party to able to perform a Cross-Site Request Forgery attack XSRF. A successful attack could thereby lead to consequential damage such as the obtaining sensitive data from a domain to...

8.8CVSS6.8AI score0.00695EPSS
Exploits0
NCSC
NCSC
•added 2020/06/18 12:0 a.m.•6 views

Vulnerability fixed in Pulse Secure Client for Windows

A vulnerability has been fixed in Pulse Secure Client for Windows. The vulnerability allows a locally authenticated malicious party the ability to obtain elevated SYSTEM privileges. obtain. Security researcher Red Timmy Security has published a write-up regarding the vulnerability published at:...

7CVSS6.5AI score0.00793EPSS
Exploits3
NCSC
NCSC
•added 2020/06/17 12:0 a.m.•4 views

Vulnerability fixed in VLC

VideoLan has fixed a vulnerability in VLC Media Player. The vulnerability allows an unauthenticated remote malicious person able to cause a denial-of-service, and potentially execute arbitrary code with privileges of the affected user. To do so, the malicious party must entice the victim to open ...

7.8CVSS7.4AI score0.02391EPSS
Exploits0
NCSC
NCSC
•added 2020/06/17 12:0 a.m.•7 views

Vulnerabilities fixed in libexif

Several vulnerabilities have been fixed in libexif. A local malicious party could potentially exploit the vulnerabilities to gain access to sensitive information or obtain of elevated privileges on the vulnerable system. In addition, a remote malicious party could potentially exploit the...

9.1CVSS6.8AI score0.04262EPSS
Exploits0
NCSC
NCSC
•added 2020/06/10 12:0 a.m.•8 views

Vulnerabilities fixed in Intel products

Intel has fixed vulnerabilities in Intel Converged Security and Manageability Engine CSME, Intel Server Platform Services SPS, Intel Trusted Execution Engine TXE, Intel Active Management Technology AMT, Intel Standard Manageability ISM and Intel Dynamic Application Loader DAL. The above products...

9.8CVSS6.7AI score0.03536EPSS
Exploits0
NCSC
NCSC
•added 2020/05/27 12:0 a.m.•7 views

Multiple vulnerabilities fixed in macOS

Apple has fixed several vulnerabilities in macOS. The vulnerabilities allow a malicious person remote or otherwise to perform able to launch attacks that result in the following categories of damage: Denial-of-Service DoS Circumvention of security measure Remote code execution Administrator/Root...

9.3CVSS7.4AI score0.09219EPSS
Exploits6
NCSC
NCSC
•added 2020/05/27 12:0 a.m.•4 views

Multiple vulnerabilities fixed in Drupal

Several vulnerabilities have been fixed in Drupal core. The vulnerabilities are located in jQuery and allow a malicious able to perform a Cross-Site Scripting XSS attack. This potentially allows the malicious party to execute code under the user's privileges. For the vulnerabilities in jQuery, we...

6.9CVSS7AI score0.99019EPSS
Exploits11
NCSC
NCSC
•added 2020/05/26 12:0 a.m.•3 views

Vulnerability fixed in Grafana

A vulnerability has been fixed in Grafana. The vulnerability allows a remote malicious person the ability to execute arbitrary code execute arbitrary code in the victim's browser. The malicious party must entice the victim to follow a rogue hyper-link to do so. Grafana has released updates to fix...

6.1CVSS7.8AI score0.0182EPSS
Exploits0
NCSC
NCSC
•added 2020/05/22 12:0 a.m.•2 views

Vulnerabilities fixed in qemu

Vulnerabilities have been fixed in QEMU. The vulnerabilities allow a malicious party the ability to cause a denial-of-service and potentially execute arbitrary code under privileges of the application. -= Ubuntu =- Canonical has made updates available for Ubuntu 16.04 LTS, 18.04 LTS, 19.10 and...

7.5CVSS7.7AI score0.02293EPSS
Exploits1
NCSC
NCSC
•added 2020/05/22 12:0 a.m.•10 views

Vulnerability fixed in Apache Tomcat

The developers of Apache Tomcat have fixed a vulnerability fixed that could potentially allow a remote malicious person to execute arbitrary code under the application's permissions. This is possible if: the malicious party has control of a file on the server; PersistenceManager is used in...

7CVSS9.3AI score0.56636EPSS
Exploits15
NCSC
NCSC
•added 2020/05/20 12:0 a.m.•2 views

Vulnerabilities fixed in BIND

BIND has fixed several vulnerabilities that could allow a malicious potentially capable of causing a denial-of-service DoS cause. A DoS attack exploiting the vulnerability with attribute CVE-2020-8617, targets DNS clients. The vulnerability with attribute CVE-2020-8616 involves a new method for...

8.6CVSS6.7AI score0.93422EPSS
Exploits6
NCSC
NCSC
•added 2020/05/19 12:0 a.m.•3 views

Vulnerabilities fixed in DPDK

Vulnerabilities have been fixed in the Dataplane Development Kit DPDK. The vulnerabilities allow a local malicious party to cause a denial-of-service, possibly resulting in the execution of arbitrary code under user privileges as a result. DPDK is a technology that handles the transport of data...

7.7CVSS6.9AI score0.02213EPSS
Exploits0
NCSC
NCSC
•added 2020/05/12 12:0 a.m.•8 views

Vulnerabilities fixed in Microsoft Windows

Microsoft has fixed several vulnerabilities in the basic components of Microsoft Windows. A malicious party could potentially exploit them to launch a denial-of-service attack, execute arbitrary code, gain elevated privileges or obtain sensitive data. The main vulnerabilities concern the Windows...

9.9CVSS7.5AI score0.52778EPSS
Exploits18
NCSC
NCSC
•added 2020/05/11 12:0 a.m.•5 views

Multiple vulnerabilities fixed in Squid

The developers of Squid have fixed several vulnerabilities in Squid proxy. An unauthenticated malicious person can exploit the remote vulnerabilities to exploit them to cause a denial-of-service cause, access sensitive data or execute arbitrary code with application privileges. For the...

9.8CVSS7.6AI score0.7179EPSS
Exploits0
NCSC
NCSC
•added 2020/05/09 12:0 a.m.•6 views

Vulnerabilities fixed in VMware vRealize Operations Manager

There are two vulnerabilities in VMware vRealize Operations Manager. These vulnerabilities, if exploited, can lead to the execute arbitrary code with administrator privileges on the Application Remote Collector ARC and all virtual systems on which an ARC Telegraph agent is installed. VMWare has...

9.8CVSS9.9AI score0.96405EPSS
Exploits25
NCSC
NCSC
•added 2020/05/07 12:0 a.m.•5 views

Vulnerabilities fixed in libvirt

Suse has made updates available to fix vulnerabilities fixes in libvirt. The vulnerabilities allow a remote malicious person remotely capable of causing a denial-of-service DoS. -= SUSE =- SUSE has made updates available to fix the vulnerability fix the vulnerability in SUSE 15. You can install...

6.5CVSS7.1AI score0.02363EPSS
Exploits1
Total number of security vulnerabilities4197