Dell PowerProtect DD Access Control Error Vulnerability

Dell PowerProtect Data Domain Dell PowerProtect DD is a suite of hardware appliances for data protection, backup, storage, and deduplication from Dell, USA. An access control error vulnerability exists in Dell PowerProtect DD, which stems from the presence of an improper access control error that...

PT-2024-41143 · 7 Zip · 7-Zip

Name of the Vulnerable Software and Affected Versions: 7-Zip affected versions not specified Description: The issue is related to a flaw in the Mark-of-the-Web protection mechanism of 7-Zip, which can lead to data protection violations. Exploitation of this issue may allow an attacker to execute...

CISA, FBI, NSA, and International Partners Release Joint Advisory on 2023 Top Routinely Exploited Vulnerabilities

Today, the Cybersecurity and Infrastructure Security Agency CISA, the Federal Bureau of Investigation FBI, National Security Agency NSA, and international partners released joint Cybersecurity Advisory, 2023 Top Routinely Exploited Vulnerabilities. This advisory supplies details on the top Common...

The vulnerability of the jscript9legacy.dll library in the Antimalware Scan Interface (AMSI) component of Microsoft Windows operating systems allows a malicious actor to circumvent security restrictions.

The vulnerability of the jscript9legacy.dll library in the Antimalware Scan Interface AMSI component of Microsoft Windows operating systems is related to a flaw in the data protection mechanism. Exploiting this vulnerability could allow an attacker to circumvent security restrictions...

PT-2024-8159 · Microsoft · Windows Defender Application Control +1

Name of the Vulnerable Software and Affected Versions: Windows Defender Application Control WDAC affected versions not specified Description: The issue is related to a security feature bypass in Windows Defender Application Control WDAC that affects the data protection mechanism. This could allow...

PT-2024-8087 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Microsoft Windows affected versions not specified Description: The issue is related to a component of the Microsoft Windows operating system, specifically the Windows Package Library Manager, which has a flaw in its data protection mechanism...

The vulnerability of the command-line interface (CLI) of Juniper Networks Junos OS-based SRX routers allows a attacker to gain unauthorized access to protected information.

The vulnerability of the command-line interface CLI of Juniper Networks Junos OS routers of the SRX series relates to insufficient protection of operational data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

The vulnerability of component E1 in the IOT Orchestrator Security application of JD Edwards EnterpriseOne allows a attacker to disclose protected information.

The vulnerability of component E1 in the JD Edwards EnterpriseOne Orchestrator Security application relates to insufficient protection of operational data. Exploiting this vulnerability could allow an attacker, operating remotely, to disclose sensitive information using the HTTP protocol...

Data access governance: Who's got the keys to your data kingdom?

Learn how Wiz helps you govern who can access what data in your cloud and protect your critical data...

The vulnerability of the Core server component of Oracle WebLogic Server allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Core server component of Oracle WebLogic Server is related to insufficient protection of operational data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information using the T3/IIOP protocols...

Incorrect authorization vulnerability in OMRON Sysmac Studio

Overview Sysmac Studio provided by OMRON Corporation contains an incorrect authorization vulnerability CWE-863, CVE-2024-49501. OMRON Corporation reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC coordinated with OMRON Corporation for the JVN advisory...

CVE-2024-49501

Sysmac Studio provided by OMRON Corporation contains an incorrect authorization vulnerability. If this vulnerability is exploited, an attacker may access the program which is protected by Data Protection function...

CVE-2024-49501

Sysmac Studio provided by OMRON Corporation contains an incorrect authorization vulnerability. If this vulnerability is exploited, an attacker may access the program which is protected by Data Protection function...

CVE-2024-49501

Sysmac Studio from OMRON has an incorrect authorization vulnerability (CWE-863) that could allow an attacker to access programs protected by the Data Protection function. The CVE entry notes local, low-complexity access with no user interaction required, and a partial impact on data confidentiali...

CVE-2024-49501

Sysmac Studio provided by OMRON Corporation contains an incorrect authorization vulnerability. If this vulnerability is exploited, an attacker may access the program which is protected by Data Protection function...

OMRON Sysmac Studio 安全漏洞

Omron Sysmac Studio is a unique environment from Omron Japan that integrates logic, motion and drives, robotics, safety, visualization, sensing, and information technology into a single project, thereby reducing the learning curve and intraoperative software costs. A security vulnerability exists...

The vulnerability of the YouGile project management service, related to insufficient protection of operational data, allows a hacker to disclose the protected information.

The vulnerability of the YouGile project management service is related to insufficient protection of operational data. Exploiting this vulnerability could allow a malicious actor, operating remotely, to disclose the protected information...

The vulnerability of the YouGile project management service, related to insufficient protection of operational data, allows a hacker to disclose the protected information.

The vulnerability of the YouGile project management service is related to insufficient protection of operational data. Exploiting this vulnerability could allow a malicious actor, operating remotely, to disclose the protected information...

Advanced Browser Data Extraction for Chromium and Gecko Browsers

This post-exploitation module extracts sensitive browser data from both Chromium-based and Gecko-based browsers on the target system. It supports the decryption of passwords and cookies using Windows Data Protection API DPAPI and can extract additional data such as browsing history, keyword searc...

How To Create a Complete GitHub Backup

The issue of GitHub data protection is increasingly discussed among developers on platforms like Reddit, X, and HackerNews.…...