Microsoft Edge browser’s vulnerability, related to insufficient protection of service data, allows attackers to gain unauthorized access to protected information.

The vulnerability of Microsoft Edge relates to insufficient protection of service data. Exploiting this vulnerability can allow a remote attacker to gain unauthorized access to protected information...

The vulnerability of the `createPendingIntent` function in the CredentialManagerUi.java file in the Android operating system, which allows a hacker to disclose protected information

The vulnerability of the createPendingIntent function in the CredentialManagerUi.java file of the Android operating system is related to the lack of protection for service data. Exploiting this vulnerability could allow a perpetrator to disclose protected information...

The vulnerability of the Hazelcast data analysis platform lies in the insufficient protection of registration data, which allows attackers to disclose protected information.

The vulnerability of the Hazelcast data analysis platform lies in the insufficient protection of registration data. Exploiting this vulnerability could allow a malicious actor to disclose the protected information...

The vulnerability of the tracker-miners package in the GNOME environment of Linux operating systems allows a hacker to circumvent the restrictions of a isolated software environment.

The vulnerability of the tracker-miners package in the GNOME environment of Linux operating systems is related to a violation of data protection mechanisms. Exploiting this vulnerability allows an attacker to circumvent the restrictions of a isolated software environment...

The vulnerability of the mod_webdav.so module of the Wi-Fi router software by ASUS RT-AX92U allows a hacker to gain access to protected information.

The vulnerability of the modwebdav.so module in the ASUS RT-AX92U Wi-Fi router software lies in the lack of protection for sensitive data. Exploiting this vulnerability could allow an attacker to gain access to protected information...

New Microsoft Purview features use AI to help secure and govern all your data

In the past few years, we have witnessed how digital and cloud transformation has accelerated the growth of data. With more and more customers moving to the cloud, and with the rise of hybrid work, data usage has moved beyond the traditional borders of business. Data is now stored in multiple clo...

2024 Predictions for Cybersecurity: The Rise of AI Brings New Challenges

The emergence of generative AI has put new resources in the hands of both attackers and defenders, and in 2024, Imperva believes the technology will have an even greater impact. Understanding how attackers are leveraging the technology will be critical for organizations seeking to keep...

Dell DM5500 Cross-Site Scripting Vulnerability

The Dell DM5500 is an integrated solution from Dell, Inc. It provides industry-leading deduplication, data protection solutions and multi-cloud capabilities. The Dell DM5500 suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escapin...

Dell DM5500 Path Traversal Vulnerability

The Dell DM5500 is an integrated solution from Dell, Inc. It provides industry-leading deduplication, data protection solutions and multi-cloud capabilities. The Dell DM5500 suffers from a path traversal vulnerability that stems from a failure to properly filter special elements in the path of a...

Dell DM5500 Authentication Error Vulnerability

The Dell DM5500 is an integrated solution from Dell, Inc. It provides industry-leading deduplication, data protection solutions and multi-cloud capabilities. The Dell DM5500 suffers from an Authentication Error vulnerability that originates from incorrect authentication of the system and can be...

Dell DM5500 Elevation of Privilege Vulnerability

The Dell DM5500 is an integrated solution from Dell, Inc. It provides industry-leading deduplication, data protection solutions and multi-cloud capabilities. The Dell DM5500 suffers from an elevation of privilege vulnerability that can be exploited by an attacker to escape a restricted shell and...

Dell DM5500 Buffer Overflow Vulnerability

The Dell DM5500 is an integrated solution from Dell, Inc. It provides industry-leading deduplication, data protection solutions and multi-cloud capabilities. The Dell DM5500 suffers from a buffer overflow vulnerability that originates from a boundary error when processing untrusted input in PPOE,...

Dell DM5500 Operating System Command Injection Vulnerability

The Dell DM5500 is an integrated solution from Dell, Inc. It provides industry-leading deduplication, data protection solutions and multi-cloud capabilities. The Dell DM5500 suffers from an operating system command injection vulnerability that stems from a failure to properly filter construct...

PT-2023-9592 · Oracle +1 · Virtualbox +1

Name of the Vulnerable Software and Affected Versions: Oracle VM VirtualBox versions prior to 7.0.22 Oracle VM VirtualBox versions prior to 7.1.2 Description: The issue is related to insufficient protection of internal data in the Core component of Oracle VM VirtualBox, allowing a high-privileged...

PT-2023-9637 · Oracle · Oracle Weblogic Server

Name of the Vulnerable Software and Affected Versions: Oracle WebLogic Server versions 12.2.1.4.0 through 14.1.1.0.0 Description: The issue is related to insufficient protection of internal data in the Oracle WebLogic Server Core component. This can be exploited by a remote attacker to gain...

The vulnerability of the PowerStation network load balancing system, related to insufficient protection of operational data, allows a intruder to gain unauthorized access to protected information, execute arbitrary code, or cause a service failure.

The vulnerability of the PowerStation network load balancing system is related to the lack of authentication for critical functions, resulting from insufficient protection of operational data. Exploiting this vulnerability can allow a malicious actor to gain unauthorized access to protected...

The vulnerability of the FortiSIEM security management system, related to insufficient protection of operational data, allows attackers to gain unauthorized access to protected information.

The vulnerability of the FortiSIEM security management system is related to insufficient protection of operational data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

The vulnerability of Microprogramming Software for Intel® Optane(TM) solid-state drives lies in the lack of protection for mission-critical data, allowing attackers to exploit this weakness to disclose confidential information.

The vulnerability of microprogrammed Intel® OptaneTM solid-state drives lies in the lack of protection for mission-critical data. Exploiting this vulnerability could allow attackers to disclose sensitive information that is protected by security measures...

Meta sued over forcing users to pay to stop tracking

Meta is required to get users’ consent in Europe in order to show them targeted ads. For this reason, Meta has to provide European users with a way to opt out of behavioral advertising or face fines totalling $100,000 a day. Behavioral advertising are ads tailored to someone’s browsing habits and...

IBM Security Guardium CSV Injection Vulnerability (CNVD-2023-9528503)

IBM Security Guardium is a suite of platforms from International Business Machines IBM that provide data protection capabilities. The platform includes features such as custom UI, report management and streamlined audit process building. A CSV injection vulnerability exists in IBM Security Guardi...