Dell PowerProtect Data Manager Operating System Command Injection Vulnerability

Dell PowerProtect Data Manager PPDM is a set of data protection solutions from Dell USA. The product supports features such as data backup, virtual machine backup and database protection. An operating system command injection vulnerability exists in Dell PowerProtect Data Manager version 19.15 an...

The vulnerability of the LdapSettings.get_ldap_info component of the Dell Data Protection Search system allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the LdapSettings.getldapinfo component in the Dell Data Protection Search system exposes it to data leaks from various sources. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

The vulnerability of the Internet Shortcut Files Security function in Windows operating systems allows attackers to circumvent existing security restrictions.

The vulnerability of the Internet Shortcut Files Security function in Windows operating systems is related to a violation of data protection mechanisms. Exploiting this vulnerability allows an attacker, operating remotely, to circumvent existing security restrictions by allowing the user to open ...

The vulnerability of the software used for creating, monitoring, and orchestrating data processing scripts in Airflow lies in the lack of protection for operational data, allowing attackers to obtain confidential information.

The vulnerability of the software used for creating, monitoring, and orchestrating data processing scripts in Airflow is related to the lack of protection for operational data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to expose sensitive information, provided...

The vulnerability of the software used for creating, monitoring, and orchestrating data processing scripts in Airflow lies in the lack of protection for operational data, allowing attackers to gain access to and read this data.

The vulnerability of the software used for creating, monitoring, and orchestrating data processing scripts in Airflow is related to the lack of protection for operational data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain read access to data...

The vulnerability of the N-able PassPortal data management tool, related to insufficient protection of registration data, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the N-able PassPortal data management tool is related to insufficient protection for registration data. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...

PT-2024-1957 · Microsoft · Windows Dns +1

Name of the Vulnerable Software and Affected Versions: Windows DNS affected versions not specified Description: The issue is related to a lack of protection for service data in the Windows DNS service, which can be exploited to disclose protected information or cause a denial of service. This can...

PT-2024-1668 · Microsoft · Skype For Business

Name of the Vulnerable Software and Affected Versions: Skype for Business affected versions not specified Description: The issue is related to insufficient protection of sensitive data due to incorrect access restriction, potentially allowing a remote attacker to gain unauthorized access to...

PT-2024-1883 · Microsoft · Teams For Android

Name of the Vulnerable Software and Affected Versions: Microsoft Teams for Android affected versions not specified Description: The issue is related to insufficient protection of service data in Microsoft Teams for Android, which can allow an attacker to gain unauthorized access to protected...

PT-2024-3883 · Sap · Sap Netweaver Application Server Abap

Name of the Vulnerable Software and Affected Versions: SAP NetWeaver Application Server ABAP versions KERNEL 7.53 through KERNEL 7.94 SAP NetWeaver Application Server ABAP version KRNL64UC 7.53 Description: The issue is related to insufficient protection of internal data in the SAP NetWeaver...

The vulnerability of the Console component of the Artica Pandora FMS monitoring and management system allows a perpetrator to gain unauthorized access to protected information and elevate their privileges to the level of an administrator.

The vulnerability of the Console component of the Artica Pandora FMS monitoring and management system relates to insufficient protection of registration data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information and...

CVE-2024-0596 Awesome Support – WordPress HelpDesk & Support Plugin <= 6.1.7 - Missing Authorization via editor_html()

The Awesome Support – WordPress HelpDesk & Support Plugin plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the editorhtml function in all versions up to, and including, 6.1.7. This makes it possible for authenticated attackers, with...

The vulnerability of the LearnDash plugin’s interface in the WordPress content management system allows a hacker to gain unauthorized access to protected information.

The vulnerability of the LearnDash plugin’s interface in the WordPress content management system is related to insufficient protection of operational data during the processing of the sfwd-question and ld-exam endpoints. Exploiting this vulnerability can allow an attacker, operating remotely, to...

CVE-2024-24836

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Audrasjb GDPR Data Request Form allows Stored XSS.This issue affects GDPR Data Request Form: from n/a through 1.6...

PT-2024-20603 · Unknown · Audrasjb Gdpr Data Request Form

Name of the Vulnerable Software and Affected Versions: Audrasjb GDPR Data Request Form versions n/a through 1.6 Description: The issue is related to improper neutralization of input during web page generation, which allows stored cross-site scripting XSS. This means that an attacker can inject...

CVE-2024-22433

Dell Data Protection Search 19.2.0 and above contain an exposed password opportunity in plain text when using LdapSettings.getldapinfo in DP Search. A remote unauthorized unauthenticated attacker could potentially exploit this vulnerability leading to a loss of Confidentiality, Integrity,...

CVE-2024-22433

Dell Data Protection Search 19.2.0 and above contain an exposed password opportunity in plain text when using LdapSettings.getldapinfo in DP Search. A remote unauthorized unauthenticated attacker could potentially exploit this vulnerability leading to a loss of Confidentiality, Integrity,...

Design/Logic Flaw

Dell Data Protection Search 19.2.0 and above contain an exposed password opportunity in plain text when using LdapSettings.getldapinfo in DP Search. A remote unauthorized unauthenticated attacker could potentially exploit this vulnerability leading to a loss of Confidentiality, Integrity,...

Dell Data Protection Search Security Vulnerability

Dell Data Protection Search is a search tool in the Data Protection suite from Dell USA. A security vulnerability exists in Dell Data Protection Search version 19.2.0 and later versions that originates from exposing passwords in plain text...

The vulnerability of the OpenSSH package on the macOS operating system, which allows a hacker to gain unauthorized access to SSH password credentials

The vulnerability of the OpenSSH package for the macOS operating system is related to the lack of protection for service data. Exploiting this vulnerability can allow a hacker to gain unauthorized access to SSH password credentials...