The vulnerability of the Splunk Enterprise platform’s SplunkD module for operational analytics allows a hacker to disclose protected information.

The vulnerability of the Splunk Enterprise platform for operational analysis involves insufficient protection for operational data. Exploiting this vulnerability can allow a malicious actor to disclose the protected information...

The vulnerability of the REST Provider Definition Response component in SAP system management software allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the REST Provider Definition Response component in SAP system management software is related to insufficient protection of operational data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the Human Resources component of the PeopleSoft Enterprise HCM personnel management platform allows a hacker to gain unauthorized access to protected information.

The vulnerability of the Human Resources component of the PeopleSoft Enterprise HCM personnel management platform exists due to insufficient verification of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the Git-based software platform for collaborative code development on GitLab stems from insufficient protection of operational data. This allows attackers to gain access to read, modify, or delete data.

The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to insufficient protection of operational data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain read, modify, or delete access to data...

The vulnerability of Acronis Cyber Protect 16’s data protection software lies in its ability to bypass authentication by using a user-controlled key. This allows attackers to increase their privileges.

The vulnerability of Acronis Cyber Protect 16 data protection software lies in the ability to bypass authentication by using a user-controlled key. Exploiting this vulnerability allows a malicious actor to enhance their privileges remotely...

The vulnerability of the MatrixClient.sendSharedHistoryKeys function in the development tools for JavaScript and TypeScript matrix-js-sdk allows a hacker to bypass authentication procedures and gain unauthorized access to protected information.

The vulnerability of the MatrixClient.sendSharedHistoryKeys function in the JavaScript and TypeScript matrix-js-sdk development tools is related to insufficient protection of sensitive data. Exploiting this vulnerability could allow an attacker to bypass authentication procedures and gain...

CVE-2024-44222

This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. An app may be able to read sensitive location information...

The vulnerability of the 1C-Bitrix website content management system, related to insufficient protection of registration data, allows a hacker to gain access to the domain controller’s account information.

The vulnerability of the 1C-Bitrix website content management system is related to insufficient protection of registration data. Exploiting this vulnerability can allow a malicious actor to gain access to the account information of the domain controller...

The vulnerability of the 1C-Bitrix website content management system, related to insufficient protection of registration data, allows a hacker to gain access to authentication data from the SMTP server.

The vulnerability of the 1C-Bitrix website content management system is related to insufficient protection of registration data. Exploiting this vulnerability can allow a malicious actor to gain access to authentication data from the SMTP server...

Irish Watchdog Imposes Record €310 Million Fine on LinkedIn for GDPR Violations

The Irish data protection watchdog on Thursday fined LinkedIn €310 million $335 million for violating the privacy of its users by conducting behavioral analyses of personal data for targeted advertising. "The inquiry examined LinkedIn's processing of personal data for the purposes of behavioral...

The vulnerability of the corporate version of the GitHub Enterprise Server, related to insufficient protection of service data, allows attackers to carry out phishing attacks.

The vulnerability of the corporate version of the GitHub Enterprise Server is related to insufficient protection of sensitive data. Exploiting this vulnerability could allow a malicious actor to carry out phishing attacks using malicious SVG files and URL links...

Pinterest tracks users without consent, alleges complaint

Pinterest has received a complaint from privacy watchdog noyb None of your business over the unsolicited tracking of its users. Pinterest allows you to pin images to virtual pinboards; useful for interior design, recipe ideas, party inspiration, and much more. It started as a virtual replacement...

The vulnerability of VMware NSX network virtualization platform, related to the lack of security measures for website structures, allows attackers to gain unauthorized access to protected information.

The vulnerability of VMware NSX network virtualization platform is related to the lack of security measures for the website structure. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information by replacing the URL address...

The vulnerability of the Jenkins automation server, related to the lack of protection for service data, allows a perpetrator to gain unauthorized access to confidential information.

The vulnerability of the Jenkins automation server lies in the lack of protection for service data. Exploiting this vulnerability allows a malicious actor, operating remotely, to gain unauthorized access to confidential information within the system...

Vulnerability of the MySQL Server component: The Telemetry feature of the MySQL Server management system allows a hacker to gain unauthorized access to protected information.

The vulnerability of the MySQL Server component relates to insufficient protection of operational data due to incorrect validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information using the MySQL network...

Security Bulletin: IBM Watson Query (Data Virtualization) does not govern all of the columns of a published object

Summary IBM Watson Query Data Virtualization on Cloud Pak for Data integrates with IBM Knowledge Catalog IKC - formerly Watson Knowledge Catalog WKC - to enforce data protection rules on governed objects. When you publish objects from Watson Query to catalogs or projects, only the first n where...

THN Cybersecurity Recap: Top Threats, Tools and News (Oct 14 - Oct 20)

Hi there! Here's your quick update on the latest in cybersecurity. Hackers are using new tricks to break into systems we thought were secure—like finding hidden doors in locked houses. But the good news? Security experts are fighting back with smarter tools to keep data safe. Some big companies...

The Ultimate DSPM Guide: Webinar on Building a Strong Data Security Posture

Picture your company's data as a vast, complex jigsaw puzzle—scattered across clouds, devices, and networks. Some pieces are hidden, some misplaced, and others might even be missing entirely. Keeping your data secure in today's fast-evolving landscape can feel like an impossible challenge. But...

The vulnerability of the df_v1_7_get_hbm_channel_number() function in the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the dfv17gethbmchannelnumber function in the Linux operating system is related to reading memory beyond the allocated buffer. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

The vulnerability of the SAP Commerce Cloud e-commerce platform, related to insufficient protection of sensitive data, allows attackers to disclose protected information.

The vulnerability of the SAP Commerce Cloud e-commerce platform is related to insufficient protection for operational data. Exploiting this vulnerability could allow a malicious actor to disclose the protected information...