The vulnerability of the application programming interface of the WordPress website management system allows a hacker to gain unauthorized access to protected information.

The vulnerability of the WordPress website content management system’s application interface is related to insufficient protection of sensitive data. Exploiting this vulnerability allows an attacker, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the Intel Data Center Manager SDK software lies in its lack of data protection mechanisms, allowing attackers to exploit their privileges.

The vulnerability of the Intel Data Center Manager SDK development tools is related to a flaw in the data protection mechanism. Exploiting this vulnerability can allow an attacker, operating remotely, to enhance their privileges...

The vulnerability of the Local Security Authority (LSA) service on Microsoft Windows operating systems, which allows a perpetrator to disclose protected information

The vulnerability of the Local Security Authority LSA service on Microsoft Windows operating systems is related to the lack of protection for service data. Exploiting this vulnerability can allow an attacker to disclose protected information...

The vulnerability of the IBM QRadar WinCollect Agent’s event forwarding mechanism, related to insufficient protection of operational data, allows attackers to gain unauthorized access to protected information.

The vulnerability of the event forwarding mechanism in IBM QRadar WinCollect Agent is related to insufficient protection for operational data. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

ID Theft Service Resold Access to USInfoSearch Data

One of the cybercrime undergrounds more active sellers of Social Security numbers, background and credit reports has been pulling data from hacked accounts at the U.S. consumer data broker USinfoSearch, KrebsOnSecurity has learned. Since at least February 2023, a service advertised on Telegram...

IBM Security Guardium 安全漏洞

IBM Security Guardium is a suite of platforms from International Business Machines IBM that provide data protection capabilities. The platform includes features such as custom UI, report management and streamlined audit process building. A CSV injection vulnerability exists in IBM Security Guardi...

CVE-2023-42000

Arcserve UDP prior to 9.2 contains a path traversal vulnerability in com.ca.arcflash.ui.server.servlet.FileHandlingServlet.doUpload. An unauthenticated remote attacker can exploit it to upload arbitrary files to any location on the file system where the UDP agent is installed...

CVE-2023-41998

Arcserve UDP prior to 9.2 contained a vulnerability in the com.ca.arcflash.rps.webservice.RPSService4CPMImpl interface. A routine exists that allows an attacker to upload and execute arbitrary files...

Arcserve Unified Data Protection Security Vulnerability

Arcserve Unified Data Protection is Arcserve's all-in-one data and ransomware protection solution. A security vulnerability exists in Arcserve Unified Data Protection versions prior to 9.2 that stems from routines that allow an attacker to upload and execute arbitrary files...

PT-2023-28210 · Ca · Arcserve Udp

Name of the Vulnerable Software and Affected Versions: Arcserve UDP versions prior to 9.2 Description: The issue allows an unauthenticated remote attacker to exploit a path traversal vulnerability in the com.ca.arcflash.ui.server.servlet.FileHandlingServlet.doUpload function to upload arbitrary...

Arcserve Unified Data Protection Security Vulnerability

Arcserve Unified Data Protection is Arcserve's all-in-one data and ransomware protection solution. A security vulnerability exists in Arcserve Unified Data Protection prior to version 9.2 that stems from the presence of an authentication bypass, whereby an unauthenticated, remote attacker could...

Dell PowerProtect Data Manager Authorization Issues Vulnerability (CNVD-2024-3761184)

Dell PowerProtect Data Manager PPDM is a data protection solution from Dell USA. The product supports features such as data backup, virtual machine backup and database protection. An authorization issue vulnerability exists in Dell PowerProtect Data Manager version 19.14 and prior versions, which...

Digital Guardian Agent Security Vulnerability

Digital Guardian Agent is a widely used data protection platform for cloud environments from US-based Digital Guardian. Discovers, categorizes and controls the movement of data across endpoints, networks and clouds. A security vulnerability exists in Fortra Digital Guardian Agent prior to version...

The vulnerability of the IsUNCPath method in Microsoft Exchange Server servers allows attackers to perform spoofing attacks.

The vulnerability of the IsUNCPath method in Microsoft Exchange Server’s mail server is related to insufficient protection of service data during NTLM authentication. Exploiting this vulnerability allows a malicious actor to perform spoofing attacks remotely...

The vulnerability of the NTFS file system in Windows operating systems allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the NTFS file system in Windows operating systems is related to insufficient protection of operational data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

Why less is more: 10 steps to secure customer data

In an advisory aimed at the protection of customers’ personal data, the Australian Cyber Security Centre ACSC has emphasized that businesses should only collect personal data from customers that they need in order to operate effectively. While that may seem like kicking in an open door, it’s real...

Fortinet FortiMail Authentication Error Vulnerability

Fortinet FortiMail is a set of e-mail security gateway products of the U.S. Fita Fortinet. The product provides e-mail security and data protection features. An authentication error vulnerability exists in Fortinet FortiMail that stems from improperly limiting excessive authentication attempts. A...

The vulnerability of the Hyper-V hardware virtualization system for Windows operating systems allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Hyper-V hardware virtualization technology for Windows operating systems is related to insufficient protection of sensitive data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

The vulnerability of the Apache Airflow network software lies in the insufficient protection of operational data, allowing attackers to gain unauthorized access to protected information.

The vulnerability of the Apache Airflow network software is related to insufficient protection of operational data. Exploiting this vulnerability allows a malicious actor, operating remotely, to gain unauthorized access to protected information...

Microsoft Excel Security Feature Bypass Vulnerability (CNVD-2024-02715)

Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A security feature bypass vulnerability exists in Microsoft Excel, which can be exploited by an attacker to bypass security features and impact confidentiality, integrity, and availability...