The vulnerability of Cloudflare WARP’s VPN service for Android lies in the lack of protection for service-related data. This allows attackers to access confidential information and arbitrary application functions.

The vulnerability of Cloudflare WARP, a VPN service for Android, relates to the lack of protection for service-related data. Exploiting this vulnerability could allow attackers to access confidential information and arbitrary application functions...

PT-2023-5653 · Apple · Ipados +4

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 13.6 macOS versions prior to 12.7 tvOS versions prior to 17 watchOS versions prior to 10 iOS versions prior to 17 iPadOS versions prior to 17 macOS versions prior to 14 Description: The issue is related to insufficient...

The vulnerability of the onHostEmulationData() function in Android operating systems allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the onHostEmulationData function in Android operating systems is related to insufficient protection for service data. Exploiting this vulnerability can allow attackers to gain unauthorized access to protected information...

The vulnerability of the stack protection function in the GNU Compiler Collection (GCC), various programming languages, allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the stack protection function in the GNU Compiler Collection GCC for various programming languages is related to a violation of the data protection mechanism. Exploiting this vulnerability allows an attacker to compromise the confidentiality, integrity, and accessibility of t...

Moderate: Red Hat Security Advisory: OpenShift API for Data Protection (OADP) 1.1.6 security and bug fix update

OpenShift API for Data Protection OADP 1.1.6 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

The vulnerability of the FortiSIEM security management system, related to insufficient protection of operational data, allows attackers to gain unauthorized access to protected information.

The vulnerability of the FortiSIEM security management system is related to insufficient protection of operational data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information by sending specially crafted HTTP requests...

The vulnerability of the IBM Aspera Faspex file-sharing application lies in the lack of protection for the transmitted data, allowing a perpetrator to access confidential information.

The vulnerability of the IBM Aspera Faspex file-sharing application lies in the lack of protection for the transmitted data. Exploiting this vulnerability could allow a malicious actor to gain access to confidential information...

The vulnerability of the server management interface for Fortinet FortiClient Enterprise Management Server programs allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the server management interface for Fortinet FortiClient Enterprise Management Server EMS is related to insufficient protection of operational data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the graphical interface of FortiWeb web applications allows attackers to bypass security restrictions and execute arbitrary code.

The vulnerability of the graphical interface of FortiWeb web applications is related to a breach of data protection mechanisms. Exploiting this vulnerability allows an attacker to bypass security restrictions and execute arbitrary code by sending specially crafted HTTP requests remotely...

TikTok Faces Massive €345 Million Fine Over Child Data Violations in E.U.

The Irish Data Protection Commission DPC slapped TikTok with a €345 million about $368 million fine for violating the European Union's General Data Protection Regulation GDPR in relation to its handling of children's data. The investigation, initiated in September 2021, examined how the popular...

The vulnerability of the Microsoft Outlook email client, related to insufficient protection of operational data, allows attackers to gain unauthorized access to protected information.

The vulnerability of the Microsoft Outlook email client is related to insufficient protection for administrative data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the Windows operating system’s kernel allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Windows operating system’s kernel is related to insufficient protection of sensitive data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

The vulnerability of the TCP/IP protocol implementation in Windows operating systems allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the TCP/IP protocol implementation in Windows operating systems is related to insufficient protection of sensitive data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

The vulnerability of Microsoft Word text editors, which allows attackers to disclose protected information

The vulnerability of Microsoft Word relates to the lack of protection for operational data. Exploiting this vulnerability can allow an attacker to disclose protected information...

The vulnerability of the DHCP server service for Windows operating systems allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the DHCP server service for Windows operating systems is related to insufficient protection of service-related data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the Crucible code-checking tool and the Fisheye code-searching tool lies in the insufficient protection of operational data, allowing unauthorized access by attackers to protected information.

The vulnerability of the Crucible code-checking tool and the Fisheye code-searching tool is related to insufficient protection for service data. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

The vulnerability of Microsoft Excel editors, related to insufficient protection of sensitive data, allows attackers to gain unauthorized access to protected information.

The vulnerability of Microsoft Excel spreadsheet editors is related to insufficient protection of operational data. Exploiting this vulnerability can allow attackers to gain unauthorized access to protected information by opening a specially created file...

The vulnerability of the Clario antivirus software client’s VPN client relates to the lack of protection for transmitted data. This allows a hacker to send arbitrary IP traffic as plain text beyond the VPN tunnel.

The vulnerability of the Clario antivirus software’s VPN client lies in the lack of protection for transmitted data. Exploiting this vulnerability allows a malicious actor to send arbitrary IP traffic as plain text outside the VPN tunnel...

PT-2023-5064 · Microsoft · Windows Dhcp Server Service +1

Name of the Vulnerable Software and Affected Versions: Windows DHCP Server Service affected versions not specified Description: The vulnerability is related to insufficient protection of service data in the Windows DHCP Server Service, which can be exploited by a remote attacker to gain...

PT-2023-5137 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue concerns insufficient protection of internal data in the Windows kernel, potentially allowing unauthorized access to sensitive information. There is no information provided about...