CVE-2024-0799

An authentication bypass vulnerability exists in Arcserve Unified Data Protection 9.2 and 8.1 in the edge-app-base-webui.jar!com.ca.arcserve.edge.app.base.ui.server.EdgeLoginServiceImpl.doLogin function within wizardLogin...

CVE-2024-0801

A denial of service vulnerability exists in Arcserve Unified Data Protection 9.2 and 8.1 in ASNative.dll...

CVE-2024-0800

A path traversal vulnerability exists in Arcserve Unified Data Protection 9.2 and 8.1 in edge-app-base-webui.jar!com.ca.arcserve.edge.app.base.ui.server.servlet.ImportNodeServlet...

⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [3 February]

This week, our news radar shows that every new tech idea comes with its own challenges. A hot AI tool is under close watch, law enforcement is shutting down online spots that help cybercriminals, and teams are busy fixing software bugs that could let attackers in. From better locks on our devices...

ROS-20250203-06

A vulnerability in the LibreOffice office suite is related to insufficient protection of proprietary data. Exploitation of the vulnerability could allow an attacker to disclose confidential information LibreOffice office suite vulnerability is related to incorrect path name restriction to a...

The vulnerability of component B/A of the IBM Storage Protect (formerly IBM Spectrum Protect) software data protection platform allows a intruder to gain unauthorized access to protected information.

The vulnerability of component B/A of the IBM Storage Protect formerly IBM Spectrum Protect software data protection platform lies in the use of cryptographic algorithms that contain vulnerabilities. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain...

CVE-2024-12184

CVE-2024-12184 affects the WordPress plugin WordPress Contact Forms by Cimatti. It exposes an unauthorized data access flaw caused by a missing capability check in accua_forms_download_submitted_file() that applies to all versions up to 1.9.4, enabling unauthenticated attackers to download other ...

PT-2025-23814 · Ооо 'Солидсофт' · Solidwall Waf

Уязвимость средства межсетевого экранирования SolidWall WAF связана с недостаточной защитой служебных данных. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, получить несанкционированный доступ к защищаемой информации...

Advisory ROSA-SA-2025-2666

software: postgresql 15.4 WASP: ROSA-CHROME packageevrstring: postgresql-15.4 CVE-ID: CVE-2023-5868 BDU-ID: 2023-07905 CVE-Crit: MEDIUM. CVE-DESC.: A vulnerability in the PostgreSQL database management system is related to the lack of service data protection in function calls with aggregation...

Important: Red Hat Security Advisory: OpenShift API for Data Protection (OADP) 1.4.2 security and bug fix update

OpenShift API for Data Protection OADP 1.4.2 is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

The vulnerability of IBM Concert Software’s artificial intelligence-based automation tools lies in the insufficient protection of sensitive data. This allows attackers to gain unauthorized access to protected information.

The vulnerability of IBM Concert Software’s artificial intelligence-based automation tools stems from insufficient protection of operational data due to the use of incompatible policies. Exploiting this vulnerability can allow unauthorized actors to gain unauthorized access to protected informati...

CVE-2025-24108

An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15.3. An app may be able to access protected user data...

CVE-2025-24092

This issue was addressed with improved data protection. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma 14.7.3. An app may be able to read sensitive location information...

CVE-2025-24092

This issue was addressed with improved data protection. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma 14.7.3. An app may be able to read sensitive location information...

CVE-2025-24103

This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3. An app may be able to access protected user data...

CVE-2024-54547

The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.2, macOS Sonoma 14.7.2, macOS Ventura 13.7.2. An app may be able to access protected user data...

CVE-2024-37526

IBM Watson Query on Cloud Pak for Data IBM Data Virtualization 1.8, 2.0, 2.1, 2.2, and 3.0.0 could allow an authenticated user to obtain sensitive information from objects published using Watson Query due to an improper data protection mechanism...

CVE-2024-37526

IBM Watson Query on Cloud Pak for Data IBM Data Virtualization 1.8, 2.0, 2.1, 2.2, and 3.0.0 could allow an authenticated user to obtain sensitive information from objects published using Watson Query due to an improper data protection mechanism...

CVE-2024-37526 IBM Watson Query on Cloud Pak for Data information disclosure

IBM Watson Query on Cloud Pak for Data IBM Data Virtualization 1.8, 2.0, 2.1, 2.2, and 3.0.0 could allow an authenticated user to obtain sensitive information from objects published using Watson Query due to an improper data protection mechanism...

CVE-2024-37526

The CVE-2024-37526 entry concerns IBM Watson Query on Cloud Pak for Data (IBM Data Virtualization) up to version 3.0.0. Affected products publish objects to catalogs where only the first N columns are governed (N = 100 in older CPD versions; 1000 in CPD 5.0.0), due to an improper data protection ...