The end looms for Meta's behavioural advertising in Europe

The EU is going toe to toe with Meta once more, with the social network giant conceding defeat yet again. After having taken Meta to task for various privacy violations and data breaches, Meta is now having to provide European users with a way to opt out of behavioural advertising. The threat of...

Microsoft Flags Growing Cybersecurity Concerns for Major Sporting Events

Microsoft is warning of the threat malicious cyber actors pose to stadium operations, noting that the cyber risk surface of live sporting events is "rapidly expanding." "Information on athletic performance, competitive advantage, and personal information is a lucrative target," the company said i...

CVE-2023-39144

Element55 KnowMore appliances version 21 and older was discovered to store passwords in plaintext...

PT-2023-4281 · Vmware · Vmware Horizon Server

Name of the Vulnerable Software and Affected Versions: VMware Horizon Server affected versions not specified Description: The issue is related to insufficient protection of service data, which may allow a remote attacker to gain unauthorized access to confidential information. A malicious actor...

The vulnerability of the The Message Display Tool (MDT) software component, used for integrating corporate applications in SAP NetWeaver Process Integration, allows a perpetrator to disclose protected information.

The vulnerability of the The Message Display Tool MDT software component, used for integrating corporate applications in SAP NetWeaver Process Integration, is related to the lack of protection for operational data. Exploiting this vulnerability could allow a malicious actor to disclose sensitive...

The vulnerability of the aws-sigv4 library for collecting, processing, and transmitting metrics allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the aws-sigv4 library, which is responsible for collecting, processing, and transmitting metrics related to Vector, stems from insufficient protection of registration data during the processing of the awssigv4::SigningParams structure. Exploiting this vulnerability can allow...

Important: Red Hat Security Advisory: OpenShift API for Data Protection (OADP) 1.0.11 security and bug fix update

OpenShift API for Data Protection OADP 1.0.11 is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

CVE-2023-35983

This issue was addressed with improved data protection. This issue is fixed in macOS Monterey 12.6.8, macOS Ventura 13.5, macOS Big Sur 11.7.9. An app may be able to modify protected parts of the file system...

Design/Logic Flaw

This issue was addressed with improved data protection. This issue is fixed in macOS Monterey 12.6.8, macOS Ventura 13.5, macOS Big Sur 11.7.9. An app may be able to modify protected parts of the file system...

CVE-2023-35983

This issue was addressed with improved data protection. This issue is fixed in macOS Monterey 12.6.8, macOS Ventura 13.5, macOS Big Sur 11.7.9. An app may be able to modify protected parts of the file system...

CVE-2023-35983

This issue was addressed with improved data protection. This issue is fixed in macOS Monterey 12.6.8, macOS Ventura 13.5, macOS Big Sur 11.7.9. An app may be able to modify protected parts of the file system...

CVE-2023-35983

CVE-2023-35983 concerns a macOS data-protection issue where an app may modify protected parts of the file system. The entry states this was addressed with improved data protection and is fixed in macOS Monterey 12.6.8, macOS Ventura 13.5, and macOS Big Sur 11.7.9. The NVD description notes the vu...

The vulnerability of the PostScript Printer Driver (Pscript) and PCL6 Class Printer operating systems for Windows allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the PostScript Printer Driver Pscript and PCL6 Class Printer operating systems for Windows is related to insufficient protection of operational data. Exploiting this vulnerability can allow an intruder to gain unauthorized access to protected information...

The vulnerability of the PostScript Printer Driver (Pscript) and PCL6 Class Printer operating systems for Windows allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the PostScript Printer Driver Pscript and PCL6 Class Printer operating systems for Windows is related to insufficient protection of operational data. Exploiting this vulnerability can allow an intruder to gain unauthorized access to protected information...

The vulnerability of the DirectMusic component in Windows operating systems allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the DirectMusic component in Windows operating systems is related to insufficient protection of service data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

The vulnerability of the Windows Cryptographic component in Windows operating systems allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Windows Cryptographic component in Windows operating systems is related to insufficient protection of sensitive data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

CVE-2023-34235 Leaking sensitive user information still possible by filtering on private with prefix fields

Strapi is an open-source headless content management system. Prior to version 4.10.8, it is possible to leak private fields if one is using the tnumber prefix. Knex query allows users to change the default prefix. For example, if someone changes the prefix to be the same as it was before or to...

PT-2023-4126 · Zkteco · Zkteco Bioaccess Ivs

Name of the Vulnerable Software and Affected Versions: ZKTeco BioAccess IVS version 3.3.1 Description: The issue is related to insufficient protection of service data in the ZKTeco BioAccess IVS web platform, which can be exploited by remote attackers to gain unauthorized access to sensitive...

The vulnerability of the microprogramming software of the Elenos ETG150 transmitter allows a intruder to gain unauthorized access to the protected information.

The vulnerability of the microprogramming software of the Elenos ETG150 transmitter is related to insufficient protection of operational data. Exploiting this vulnerability could allow an intruder, operating remotely, to gain unauthorized access to the protected information...

Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Unmeasured Boot (CVE-2019-1589)

A vulnerability in the Trusted Platform Module TPM functionality of software for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure ACI mode could allow an unauthenticated, local attacker with physical access to view sensitive information on an affected device. The...