How to Find and Fix Risky Sharing in Google Drive

Every Google Workspace administrator knows how quickly Google Drive becomes a messy sprawl of loosely shared confidential information. This isn't anyone's fault; it's inevitable as your productivity suite is purposefully designed to enable real-time collaboration – both internally and externally...

IBM Security Guardium XML External Entity Injection Vulnerability (CNVD-2024-12704)

IBM Security Guardium is a suite of platforms from International Business Machines IBM that provide data protection capabilities. The platform includes features such as custom UI, report management and streamlined audit process building. IBM Security Guardium Key Lifecycle Manager suffers from an...

The vulnerability of the DNS server service in Windows operating systems allows a perpetrator to disclose protected information or cause service failures.

The vulnerability of the DNS server service in Windows operating systems is related to the lack of protection for service-related data. Exploiting this vulnerability can allow a attacker to disclose sensitive information or cause service failures...

From 500 to 5000 Employees - Securing 3rd Party App-Usage in Mid-Market Companies

A company's lifecycle stage, size, and state have a significant impact on its security needs, policies, and priorities. This is particularly true for modern mid-market companies that are either experiencing or have experienced rapid growth. As requirements and tasks continue to accumulate and...

The vulnerabilities of event monitoring platforms, threat detection systems, and security analytics tools from IBM QRadar Suite and IBM Cloud Pak for Security stem from insufficient protection of registration data, allowing attackers to access confidential information.

The vulnerabilities of event monitoring platforms, threat detection systems, and security analytics tools from IBM QRadar Suite and IBM Cloud Pak for Security are related to insufficient protection of registration data. Exploiting these vulnerabilities can allow attackers to access confidential...

The vulnerability of the Microsoft Edge browser’s Push Notification Service on Android operating systems allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Microsoft Edge browser’s Push Notification Service on Android operating systems is related to insufficient protection of service-related data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information through a specially...

The vulnerability of platformes for monitoring events, detecting threats, and conducting security analytics in IBM QRadar Suite and IBM Cloud Pak for Security lies in the insufficient protection of registration data, allowing attackers to access confidential information.

The vulnerabilities of event monitoring platforms, threat detection systems, and security analytics tools from IBM QRadar Suite and IBM Cloud Pak for Security are related to insufficient protection of registration data. Exploiting these vulnerabilities can allow attackers to access confidential...

The vulnerabilities of event monitoring platforms, threat detection systems, and security analytics tools from IBM QRadar Suite and IBM Cloud Pak for Security stem from insufficient protection of registration data, allowing attackers to access confidential information.

The vulnerabilities of event monitoring platforms, threat detection systems, and security analytics tools from IBM QRadar Suite and IBM Cloud Pak for Security are related to insufficient protection of registration data. Exploiting these vulnerabilities can allow attackers to access confidential...

The vulnerabilities of event monitoring platforms, threat detection systems, and security analytics tools from IBM QRadar Suite and IBM Cloud Pak for Security stem from insufficient protection of registration data, allowing attackers to access confidential information.

The vulnerabilities of event monitoring platforms, threat detection systems, and security analytics tools from IBM QRadar Suite and IBM Cloud Pak for Security are related to insufficient protection of registration data. Exploiting these vulnerabilities can allow attackers to access confidential...

data-protection.mpi-klsb.mpg.de Cross Site Scripting vulnerability OBB-3864387

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2024-1592

CVE-2024-1592 affects the Complianz – GDPR/CCPA Cookie Consent plugin for WordPress (up to version 6.5.6). The root cause is missing/incorrect nonce validation in process_delete() of class-DNSMPD.php, enabling CSRF without authentication. This allows unauthenticated attackers to delete GDPR data ...

IBM Security Guardium OS Command Injection Vulnerability (CNVD-2024-11735)

IBM Security Guardium is a suite of platforms from International Business Machines IBM that provide data protection capabilities. The platform includes features such as custom UI, report management and streamlined audit process building. An operating system command injection vulnerability exists ...

PT-2024-2071 · WordPress · The Complianz – Gdpr/Ccpa Cookie Consent

Name of the Vulnerable Software and Affected Versions: The Complianz – GDPR/CCPA Cookie Consent plugin for WordPress versions up to, and including, 6.5.6 Description: The issue is related to Cross-Site Request Forgery due to missing or incorrect nonce validation on the process delete function in...

IBM Security Guardium 代码问题漏洞

IBM Security Guardium is a suite of platforms from International Business Machines IBM that provide data protection capabilities. The platform includes features such as custom UI, report management and streamlined audit process building. IBM Security Guardium Key Lifecycle Manager suffers from an...

The vulnerability of Microsoft Teams’ corporate platform for Android, related to insufficient protection of sensitive data, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of Microsoft Teams’ corporate platform for Android is related to insufficient protection of sensitive data. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected information by downloading and running a specially created application...

The vulnerability of Microsoft Edge browser, related to the lack of protection for service data, allows attackers to disclose protected information.

The vulnerability of Microsoft Edge relates to the lack of protection for service data. Exploiting this vulnerability can allow a malicious actor to disclose the protected information remotely...

The vulnerability of Microsoft Edge browser, related to the lack of protection for service data, allows attackers to disclose protected information.

The vulnerability of Microsoft Edge relates to the lack of protection for service data. Exploiting this vulnerability can allow a malicious actor to disclose the protected information remotely...

The vulnerability of the Task Manager module of the VitalPBX unified communication system allows a hacker to execute arbitrary commands.

The vulnerability of the Task Manager module of the VitalPBX unified communication system is related to errors in access control due to insufficient protection of service data during script processing from the /var/lib/vitalpbx directory. Exploiting this vulnerability allows a remote attacker to...

The vulnerability of the WindowServer component of the macOS operating system, which allows a hacker to gain unauthorized access to the user’s screen.

The vulnerability of the WindowServer component of the macOS operating system is related to the lack of protection for service data. Exploiting this vulnerability can allow a malicious actor to gain unauthorized access to the user’s screen remotely...

The vulnerability of the NSOpenPanel component in the macOS operating system, which allows a hacker to disclose protected information

The vulnerability of the NSOpenPanel component in the macOS operating system is related to the lack of protection for service data. Exploiting this vulnerability can allow an attacker to disclose protected information...