Introducing the Digital Footprint Portal

Digital security is about so much more than malware. That wasn’t always the case. When I started Malwarebytes more than 16 years ago, malware was the primary security concern—the annoying pop-ups, the fast-spreading viruses, the catastrophic worms—and throughout our company’s history, Malwarebyte...

The vulnerability of the SmartScreen security component for preventing phishing and malicious programs in Windows operating systems allows a perpetrator to execute arbitrary code.

The vulnerability of the SmartScreen security component against phishing and malicious programs in Windows operating systems is related to a violation of data protection mechanisms. Exploiting this vulnerability allows an attacker, operating remotely, to execute arbitrary code, provided that the...

PT-2024-2840 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to a security-feature bypass vulnerability in the implementation of the Secure Boot protocol in Windows operating systems. This vulnerability is associated with a data...

PT-2024-3551 · Fortinet · Fortios

Name of the Vulnerable Software and Affected Versions: Fortinet FortiOS versions 6.4.0 through 6.4.15 Fortinet FortiOS versions 7.0.0 through 7.0.15 Fortinet FortiOS versions 7.2.0 through 7.2.5 Fortinet FortiOS versions 7.4.0 through 7.4.1 Description: The issue is related to the exposure of...

PT-2024-2804 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to a security-feature bypass vulnerability in the implementation of the Secure Boot protocol in Windows operating systems. This vulnerability is associated with a...

PT-2024-2800 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to a security-feature bypass vulnerability in the implementation of the Secure Boot protocol in Windows operating systems. This vulnerability is associated with a data...

PT-2024-2805 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to a security feature bypass vulnerability in the implementation of the Secure Boot protocol in Windows operating systems. This vulnerability is associated with a...

PT-2024-2780 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to a security feature bypass vulnerability in the implementation of the Secure Boot protocol in Windows operating systems. This vulnerability is associated with a...

PT-2024-2810 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Microsoft Windows affected versions not specified Description: The issue is related to a security feature bypass vulnerability in the BitLocker data protection function of the Microsoft Windows operating system. This vulnerability is associat...

PT-2024-2972 · Sap · Sap Businessobject Business Intelligence Launch Pad

Name of the Vulnerable Software and Affected Versions: SAP BusinessObject Business Intelligence Launch Pad affected versions not specified Description: The issue is related to improper validation in SAP BusinessObject Business Intelligence Launch Pad, allowing an authenticated attacker to access...

ROS-20240408-11

A vulnerability in the HTTP Requests library of the Python Requests programming language is related to insufficient protection of service data. inadequate protection of proprietary data. Exploitation of the vulnerability could allow an attacker acting remotely, gain unauthorized access to protect...

The vulnerability of the package manager for Kubernetes Helm, related to the lack of protection for service data, allows a attacker to influence the confidentiality of information.

The vulnerability of the package manager for Kubernetes Helm is related to the lack of protection for service data. Exploiting this vulnerability allows a malicious actor to influence the confidentiality of sensitive information...

The vulnerability of the logging function of the Kibana data visualization service allows a perpetrator to disclose protected information.

The vulnerability of the logging function of the Kibana data visualization service is related to insufficient protection of registration data. Exploiting this vulnerability could allow a malicious actor, operating remotely, to disclose the protected information...

The vulnerability of the Codeium-Chrome plugin, related to the lack of protection for service data, allows a hacker to send arbitrary requests to the internal filling server on behalf of another user.

The vulnerability of Codeium-Chrome is related to the lack of protection for service data. Exploiting this vulnerability allows a malicious actor to send arbitrary requests to the internal filling server on behalf of another user...

ROS-20240403-14

A vulnerability in the Google Sheets data source of the Grafana monitoring and surveillance platform is related to the failure to handling error messages properly, potentially exposing the Google Sheet API key. Exploitation of the vulnerability could allow an attacker acting remotely to gain acce...

CVE-2024-31206

dectalk-tts is a Node package to interact with the aeiou Dectalk web API. In [email protected], network requests to the third-party API are sent over HTTP, which is unencrypted. Unencrypted traffic can be easily intercepted and modified by attackers. Anyone who uses the package could be the victi...

Security Bulletin: Multiple vulnerabilities in IBM Java, OpenSSL, and libcurl may affect IBM Storage Protect for Virtual Environments: Data Protection for VMware

Summary IBM Storage Protect for Virtual Environments: Data Protection for VMware can be affected by security flaws in IBM Java, OpenSSL, and libcurl. The flaws can lead to denial of service, bypass security restrictions, confidentiality impact, integrity impact, availability impact, and sensitive...

Security Bulletin: Multiple vulnerabilities in IBM Java, OpenSSL, and libcurl may affect IBM Storage Protect for Virtual Environments: Data Protection for Microsoft Hyper-V

Summary IBM Storage Protect for Virtual Environments: Data Protection for Microsoft Hyper-V can be affected by security flaws in IBM Java, OpenSSL, and libcurl. The flaws can lead to denial of service, bypass security restrictions, confidentiality impact, integrity impact, availability impact, an...

The vulnerability in Node.js’ follow-redirects module, related to insufficient protection of service data, allows attackers to gain unauthorized access to protected information.

The vulnerability of Node.js’s follow-redirect module is related to insufficient protection of service data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

The vulnerability in the archive extraction function of the WinRAR file archiver allows a hacker to bypass the Mark-Of-The-Web protection mechanism and potentially execute arbitrary code.

The vulnerability of the archive extraction function of the WinRAR file compressor is related to a flaw in the data protection mechanism. Exploiting this vulnerability allows an attacker to bypass the Mark-Of-The-Web protection mechanism and potentially execute arbitrary code...