PT-2023-6379 · Oracle · Oracle Weblogic Server

Name of the Vulnerable Software and Affected Versions: Oracle WebLogic Server versions 12.2.1.4.0 through 14.1.1.0.0 Description: The issue is related to a lack of protection for internal data in the Core component of Oracle WebLogic Server, allowing an unauthenticated attacker with network acces...

The vulnerability of software platforms for developing and managing Magento Open Source and Adobe Commerce online stores lies in the insufficient protection of sensitive data. This allows attackers to gain unauthorized access to protected information or cause service failures.

The vulnerability of the software platforms for developing and managing Magento Open Source and Adobe Commerce online stores is related to insufficient protection of sensitive data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information or cause...

PT-2023-6372 · Advantech · Advantech Webaccess

Name of the Vulnerable Software and Affected Versions: Advantech WebAccess version 9.1.3 Description: The issue is related to an exposure of sensitive information to an unauthorized actor, which could lead to the leakage of user credentials. This is due to a lack of protection for service data...

The vulnerability of the Safari browser in operating systems such as watchOS, iPadOS, macOS, and iOS allows attackers to disclose sensitive information that is protected by these systems.

The vulnerability of the Safari browser in operating systems such as watchOS, iPadOS, macOS, and iOS is related to the lack of protection for service data. Exploiting this vulnerability can allow attackers to disclose sensitive information that should be protected...

The vulnerability of the Microsoft Dynamics 365 resource planning software lies in the insufficient protection of operational data, allowing an attacker to gain unauthorized access to protected information.

The vulnerability of the Microsoft Dynamics 365 resource planning software is related to insufficient protection for operational data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the FortiGuest software for managing network guest users stems from insufficient protection of registration data, allowing attackers to obtain confidential information.

The vulnerability of the FortiGuest software for managing network guest users is related to insufficient protection of registration data. Exploiting this vulnerability can allow an attacker to obtain confidential information...

How to use DSF Collections & Index Patterns – A Tutorial

In conventional terminology, Imperva Data Security Fabric DSF is a database system, replete with a GUI interface for aggregation pipeline building, workflow orchestration, extensible scripting Playbooks, and self-service data discovery Kibana-based Discover. Imperva DSF is purpose-built for data...

The vulnerability of the Microsoft Dynamics 365 resource planning software lies in the insufficient protection of operational data, allowing an attacker to gain unauthorized access to protected information.

The vulnerability of the Microsoft Dynamics 365 resource planning software is related to insufficient protection for operational data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

The vulnerability in the implementation of the TCP/IP protocol stack for Windows operating systems allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the TCP/IP protocol stack implementation in Windows operating systems is related to insufficient protection of operational data. Exploiting this vulnerability can allow a remote attacker to gain unauthorized access to protected information...

How to Guard Your Data from Exposure in ChatGPT

ChatGPT has transformed the way businesses generate textual content, which can potentially result in a quantum leap in productivity. However, Generative AI innovation also introduces a new dimension of data exposure risk, when employees inadvertently type or paste sensitive business data into...

Security Bulletin: Vulnerabilities in Expat (AKA libexpat) affect IBM Storage Protect for Virtual Environments: Data Protection for VMware (CVE-2022-23852, CVE-2022-23990)

Summary IBM Storage Protect for Virtual Environments: Data Protection for VMware can be affected by vulnerabilities in the Expat library. The vulnerabilities can lead to execution of arbitrary code, as described by the CVEs in the "Vulnerability Details" section. The vulnerabilities have been...

IBM Security Guardium Information Disclosure Vulnerability (CNVD-2023-97700)

IBM Security Guardium is a suite of platforms from International Business Machines IBM that provide data protection capabilities. The platform includes features such as custom UI, report management and streamlined audit process building. IBM Security Guardium suffers from an information disclosur...

The vulnerability of Milesight UR5X, UR32L, UR32, UR35, and UR41 router microprogramming systems lies in the insufficient protection of service data, allowing attackers to gain unauthorized access to protected information.

The vulnerability of Milesight UR5X, UR32L, UR32, UR35, and UR41 router microprogramming systems is related to insufficient protection of service data. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to protected information...

The vulnerability of the Microsoft Visual Studio software development tool, related to insufficient protection of sensitive data, allows attackers to disclose protected information.

The vulnerability of the Microsoft Visual Studio software relates to insufficient protection of sensitive data. Exploiting this vulnerability can allow a malicious actor to disclose protected information remotely...

The vulnerability of the Microsoft Visual Studio software development tool, related to insufficient protection of sensitive data, allows attackers to disclose protected information.

The vulnerability of the Microsoft Visual Studio software development tool is related to insufficient protection of sensitive data. Exploiting this vulnerability can allow attackers to disclose confidential information...

The software for connecting to remote QVPN Device Clients for Windows is vulnerable, allowing a perpetrator to gain unauthorized access to protected information.

The vulnerability of the software for connecting to remote QVPN Device Clients for Windows is related to insufficient protection for registration data. Exploiting this vulnerability can allow a malicious individual to gain unauthorized access to protected information...

The vulnerability of DEXMA DEXGate software for managing energy consumption and monitoring energy efficiency in buildings and industrial facilities lies in the lack of protection for operational data, allowing attackers to disclose confidential information.

The vulnerability of the software for managing energy consumption and monitoring energy efficiency in buildings and industrial facilities, such as DEXMA DEXGate, is related to the lack of protection for operational data. Exploiting this vulnerability could allow a malicious actor to disclose the...

PT-2023-5959 · Microsoft · Dynamics 365

Name of the Vulnerable Software and Affected Versions: Microsoft Dynamics 365 affected versions not specified Description: The issue is related to insufficient protection of service data in Microsoft Dynamics 365, which can be exploited by a remote attacker to gain unauthorized access to protecte...

PT-2023-6059 · Microsoft · Windows Power Management Service +1

Name of the Vulnerable Software and Affected Versions: Windows Power Management Service affected versions not specified Description: The issue is related to a lack of protection for service data in the Windows Power Management Service, which can be exploited to disclose protected information. Thi...

PT-2023-5976 · Microsoft · Dynamics 365

Name of the Vulnerable Software and Affected Versions: Microsoft Dynamics 365 On-Premises affected versions not specified Description: The issue is related to insufficient protection of service data in Microsoft Dynamics 365, which can allow a remote attacker to gain unauthorized access to...