The vulnerability of the CloudForms Management Engine, a software platform for managing virtual environments, relates to authentication errors. This vulnerability allows an attacker to create existing or new users for access control based on roles and groups.

The vulnerability of the CloudForms Management Engine software platform for managing virtual environments is related to authentication errors. Exploiting this vulnerability allows a malicious actor to create existing or new users for access control based on roles and groups...

The vulnerability of the monitoring tool for the virtual infrastructure vRealize Operations, related to authentication errors, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the monitoring tool for the vRealize Operations virtual infrastructure is related to authentication errors. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

The vulnerability of VMware Workspace One’s software lies in authentication process errors, which allow attackers to gain unauthorized access to protected information.

The vulnerability of VMware Workspace One software is related to errors in the certificate validation process. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information...

Vulnerability in the web interface for managing Cisco Small Business Smart and Managed Switches’ micro-programming software, allowing attackers to increase their privileges

The vulnerability in the web interface for managing Cisco Small Business Smart and Managed Switch microprogramming software is related to authentication errors. Exploiting this vulnerability can allow a malicious actor to gain increased privileges remotely...

The vulnerability of the document-oriented database management system MongoDB, related to authentication errors, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the document-oriented database management system MongoDB is related to authentication errors. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the software update service for Cisco Webex Meetings Desktop App on Mac operating systems allows a perpetrator to execute arbitrary code.

The vulnerability of the software update service for the Cisco Webex Meetings Desktop App on Mac operating systems is related to authentication errors. Exploiting this vulnerability allows a malicious actor to execute arbitrary code via a specially created website...

docker-cli docker-engine security update

docker-cli 19.03.11-4 - added patch for registry list 19.03.11-3 - update to 19.03.11 for CVE-2020-13401 19.03.1-1.0.0 - update to 19.03.1 19.03-0.0.1 - update to 19.03 18.09.1-1.0.6 - disable kmem accounting for UEKR4 18.09.1-1.0.5 - apply e4931e664feac6fa8846f3f04268a0cc98822549, fixes...

The vulnerability of the words.protocols.jabber.xmlstream function in the Twisted networking framework allows a attacker to execute a “man-in-the-middle” attack.

The vulnerability of the words.protocols.jabber.xmlstream function in the Twisted networking framework is related to authentication errors. Exploiting this vulnerability could allow a remote attacker to execute a “man-in-the-middle” attack...

The vulnerability of the Cisco Unified Contact Center Express automation software, related to authentication errors, allows a perpetrator to trigger a service failure.

The vulnerability of the Cisco Unified Contact Center Express operator automation software is related to authentication errors. Exploiting this vulnerability can allow an attacker to cause service interruptions...

The vulnerability of the Kerberos protocol implementation in Cisco Adaptive Security Appliance (ASA) microprogramming software allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the Kerberos protocol implementation in Cisco Adaptive Security Appliance ASA microprogramming software is related to authentication errors. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of protected...

Microsoft security advisory: Updated support for Diffie-Hellman Key Exchange

Microsoft security advisory: Updated support for Diffie-Hellman Key Exchange Summary Microsoft has released a Microsoft security advisory about this issue for IT professionals. The security advisory contains additional security-related information. To learn more about the vulnerability, see...

The vulnerability of the Grafana data representation web tool, related to authentication errors, allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Grafana data presentation web tool is related to authentication errors. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

The vulnerability of the Open Build Service software platform, related to authentication errors, allows attackers to circumvent existing security restrictions and execute a type of “man-in-the-middle” attack.

The vulnerability of the Open Build Service software platform is related to errors in verifying the authenticity of certificates. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions and execute a type of “man-in-the-middle” attack...

The vulnerability of the STARTTLS component of the Keycloak identity and access management software lies in implementation errors related to authentication procedures. This allows attackers to escalate their privileges.

The vulnerability of the STARTTLS component of the Keycloak identity and access management software is related to implementation errors in authentication procedures. Exploiting this vulnerability can allow attackers to enhance their privileges remotely...

The vulnerability of the SAP NetWeaver software integration platform’s keystore service allows attackers to disclose protected information.

The vulnerability of the SAP NetWeaver software integration platform’s keystore service is related to authentication errors. Exploiting this vulnerability can allow a malicious actor to disclose protected information remotely...

The vulnerability of the Keycloak identity and access management software lies in implementation errors related to authentication procedures, which allow attackers to escalate their privileges.

The vulnerability of the Keycloak identity and access management software is related to errors in the implementation of authentication procedures. Exploiting this vulnerability can allow unauthorized actors to gain increased privileges...

The vulnerability of the Remote Desktop Web Access service in Windows operating systems allows a perpetrator to disclose protected information.

The vulnerability of the Remote Desktop Web Access service in Windows operating systems with authentication processing errors. Exploiting this vulnerability can allow a malicious actor to disclose protected information from a remote location...

The vulnerability of software for integrating SAP NetWeaver Process Integration corporate applications, related to authentication errors, allows attackers to increase their privileges.

The vulnerability of the software for integrating SAP NetWeaver Process Integration corporate applications is related to authentication errors. Exploiting this vulnerability can allow a malicious actor to enhance their privileges remotely...

Huawei routers’ vulnerabilities related to authentication errors allow attackers to execute arbitrary code and increase their privileges.

The vulnerability of Huawei routers is related to authentication errors. Exploiting this vulnerability allows a hacker to execute arbitrary code and increase their privileges...

The vulnerability of the wan.htm component in D-Link DIR-600M N 150 Wi-Fi routers allows a intruder to gain unauthorized access to protected information and alter the configuration settings.

The vulnerability of the wan.htm component in D-Link DIR-600M N 150 Wi-Fi routers is related to authentication errors. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information and modify configuration settings...