1068 matches found
CVE-2023-1246 Files or Directories Accessible to External Parties in Saysis Starcities
Files or Directories Accessible to External Parties vulnerability in Saysis Starcities allows Collect Data from Common Resource Locations. This issue affects Starcities: through 1.3...
CVEfixes-db
This repository is an offensive tool for collecting and processing CVE Common Vulnerabilities and Exposures data. It is a Python-based tool that collects CVE data from various sources, including the National Vulnerability Database NVD and GitHub, and stores it in a SQLite database. The tool is...
How Denmark’s Welfare State Became a Surveillance Nightmare
Once praised for its generous social safety net, the country now collects troves of data on welfare claimants...
CVE-2021-45478
Improper Handling of Parameters vulnerability in Bordam Information Technologies Library Automation System allows Collect Data as Provided by Users.This issue affects Library Automation System: before 19.2...
CVE-2021-45478
Improper Handling of Parameters vulnerability in Bordam Information Technologies Library Automation System allows Collect Data as Provided by Users. This issue affects Library Automation System: before 19.2...
CVE-2021-45477
Improper Handling of Parameters vulnerability in Bordam Information Technologies Library Automation System allows Collect Data as Provided by Users.This issue affects Library Automation System: before 19.2...
CVE-2021-45477
Improper Handling of Parameters vulnerability in Bordam Information Technologies Library Automation System allows Collect Data as Provided by Users. This issue affects Library Automation System: before 19.2...
Input validation
Improper Handling of Parameters vulnerability in Bordam Information Technologies Library Automation System allows Collect Data as Provided by Users.This issue affects Library Automation System: before 19.2...
CVE-2021-45478 IDOR in Yordam Library Automation System
Improper Handling of Parameters vulnerability in Bordam Information Technologies Library Automation System allows Collect Data as Provided by Users. This issue affects Library Automation System: before 19.2...
CVE-2021-45477
CVE-2021-45477 affects Bordam Information Technologies’ Library Automation System, with the vulnerability rooted in improper handling of parameters in the system prior to version 19.2. This leads to potential collection of data provided by users (confidentiality impact). Multiple connected source...
YORDAM University Library Automation System 安全漏洞
YORDAM University Library Automation System is a university library automation system from YORDAM. A security vulnerability exists in the YORDAM University Library Automation System prior to version 19.2, which stems from mishandling of the system's parameters and allows the collection of...
YORDAM University Library Automation System 安全漏洞
YORDAM University Library Automation System is a university library automation system from YORDAM. A security vulnerability exists in the YORDAM University Library Automation System prior to version 19.2, which stems from mishandling of the system's parameters and allows the collection of...
YORDAM University Library Automation System 跨站脚本漏洞
YORDAM University Library Automation System is a university library automation system from YORDAM. A security vulnerability exists in the YORDAM University Library Automation System prior to version 19.2, which stems from mishandling of the system's parameters and allows the collection of...
PT-2023-12559 · Bordam Information Technologies · Bordam Information Technologies Library Automation System
Name of the Vulnerable Software and Affected Versions: Bordam Information Technologies Library Automation System versions prior to 19.2 Description: The issue is related to improper handling of parameters, allowing data collection as provided by users. Recommendations: For versions prior to 19.2,...
PT-2023-12560 · Bordam Information Technologies · Bordam Information Technologies Library Automation System
Name of the Vulnerable Software and Affected Versions: Bordam Information Technologies Library Automation System versions prior to 19.2 Description: The issue is related to improper handling of parameters, allowing data collection as provided by users. Recommendations: For versions prior to 19.2,...
Banning TikTok
Congress is currently debating bills that would ban TikTok in the United States. We are here as technologists to tell you that this is a terrible idea and the side effects would be intolerable. Details matter. There are several ways Congress might ban TikTok, each with different efficacies and si...
Privilege Escalation
TimescaleDB is vulnerable to Privilege Escalation. TimescaleDB creates a telemetry job as a installation user. Telemetry data collection queries are not run with a set 'searchpath'. This allows an attacker to create and execute functions with telemetry job leading to privilege escalation...
Even Top-Ranked Android Apps in Google Play Store Provide Misleading Data Safety Labels
An investigation into data safety labels for Android apps available on the Google Play Store has uncovered "serious loopholes" that allow apps to provide misleading or outright false information. The study, conducted by the Mozilla Foundation as part of its Privacy Not Included initiative, compar...
Multilingual skimmer fingerprints 'secret shoppers' via Cloudflare endpoint API
One important aspect of data theft in criminal markets revolves around the authenticity of the data that is being resold. There are different services that exist to vet such things as credit card numbers so that buyers can purchase with confidence. Criminals are also very aware that anyone and in...
Citrix License Telemetry FAQ
General License Telemetry Questions What was announced? In mid-November 2024, Cloud Software Group made changes regarding license telemetry for on-premises customer-managed environments which use the Citrix License Server: Starting with License Server 11.17.2 Build 40000, the on-premises...