Apple Unpatched VPN Bypass Bug Impacts iOS 13, Warn Researchers

An unpatched bug in the latest version of Apple’s iOS is blocking virtual private network VPN applications from cloaking some private data transmitted between a device and the servers they are requesting data from. While the bug remains unpatched, Apple is suggesting steps users can take to reduc...

The vulnerability of the web interface of Moxa OnCell G3100-HSPA series cellular IP switches allows a intruder to gain unauthorized access to protected information.

The vulnerability of the web interface of Moxa OnCell G3100-HSPA series cellular IP switches lies in the insufficient protection of sensitive data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information from a remote location...

The vulnerability of the Media Foundation component in Windows operating systems, which allows a hacker to disclose protected information

The vulnerability of the Media Foundation component in Windows operating systems is related to the lack of protection for service data. Exploiting this vulnerability can allow an attacker to disclose sensitive information through a specially created application...

The vulnerability of the JavaScript script handler ChakraCore in the Microsoft Edge browser, which allows a hacker to exploit it to disclose protected information

The vulnerability of the JavaScript script handler ChakraCore in the Microsoft Edge browser is related to the lack of protection for service data. Exploiting this vulnerability can allow a malicious actor to disclose protected information remotely...

Update Rollup 9 for System Center 2016 Data Protection Manager

Update Rollup 9 for System Center 2016 Data Protection Manager Introduction This article describes the issues that are fixed in Update Rollup 9 for Microsoft System Center 2016 Data Protection Manager. This article also contains the installation instructions for this update.Note Existing Data...

Dell EMC Data Protection Advisor OS Command Execution Vulnerability

Dell EMC Data Protection Advisor is a data protection management solution from Dell Dell. The product supports data backup, data recovery and data replication management. A security vulnerability exists in the REST API in Dell EMC Data Protection Advisor. An attacker could exploit this...

Dell EMC Data Protection Advisor Code Injection Vulnerability

Dell EMC Data Protection Advisor is a data protection management solution from Dell Dell. The product supports data backup, data recovery and data replication management. A code injection vulnerability exists in the REST API in Dell EMC Data Protection Advisor. A remote attacker could leverage th...

Dell Data Protection Centra Trust Management Issues Vulnerability

Dell Data Protection Central is a suite of data protection solutions from Dell USA. The product provides single sign-on, dashboards, and system monitoring. A trust management issue vulnerability exists in Dell Data Protection Central. A remote attacker could exploit this vulnerability by obtainin...

CVE-2019-3762

Data Protection Central versions 1.0, 1.0.1, 18.1, 18.2, and 19.1 contains an Improper Certificate Chain of Trust Vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability by obtaining a CA signed certificate from Data Protection Central to impersonate a valid...

CVE-2019-3762

Data Protection Central versions 1.0, 1.0.1, 18.1, 18.2, and 19.1 contains an Improper Certificate Chain of Trust Vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability by obtaining a CA signed certificate from Data Protection Central to impersonate a valid...

CVE-2019-18581

Dell EMC Data Protection Advisor versions 6.3, 6.4, 6.5, 18.2 versions prior to patch 83, and 19.1 versions prior to patch 71 contain a server missing authorization vulnerability in the REST API. A remote authenticated malicious user with administrative privileges may potentially exploit this...

CVE-2019-18582

Dell EMC Data Protection Advisor versions 6.3, 6.4, 6.5, 18.2 versions prior to patch 83, and 19.1 versions prior to patch 71 contain a server-side template injection vulnerability in the REST API. A remote authenticated malicious user with administrative privileges may potentially exploit this...

CVE-2019-18581

Dell EMC Data Protection Advisor versions 6.3, 6.4, 6.5, 18.2 versions prior to patch 83, and 19.1 versions prior to patch 71 contain a server missing authorization vulnerability in the REST API. A remote authenticated malicious user with administrative privileges may potentially exploit this...

CVE-2019-18582

Dell EMC Data Protection Advisor versions 6.3, 6.4, 6.5, 18.2 versions prior to patch 83, and 19.1 versions prior to patch 71 contain a server-side template injection vulnerability in the REST API. A remote authenticated malicious user with administrative privileges may potentially exploit this...

Input validation

Data Protection Central versions 1.0, 1.0.1, 18.1, 18.2, and 19.1 contains an Improper Certificate Chain of Trust Vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability by obtaining a CA signed certificate from Data Protection Central to impersonate a valid...

Authorization

Dell EMC Data Protection Advisor versions 6.3, 6.4, 6.5, 18.2 versions prior to patch 83, and 19.1 versions prior to patch 71 contain a server missing authorization vulnerability in the REST API. A remote authenticated malicious user with administrative privileges may potentially exploit this...

Sql injection

Dell EMC Data Protection Advisor versions 6.3, 6.4, 6.5, 18.2 versions prior to patch 83, and 19.1 versions prior to patch 71 contain a server-side template injection vulnerability in the REST API. A remote authenticated malicious user with administrative privileges may potentially exploit this...

CVE-2019-3762

Affected product/versions: Dell EMC Data Protection Central 1.0, 1.0.1, 18.1, 18.2, 19.1. Root cause: Improper certificate chain of trust. Impact: Unauthenticated remote attacker could obtain a CA-signed certificate to impersonate a valid system and compromise data integrity. Remediation/public f...

CVE-2019-3762

Data Protection Central versions 1.0, 1.0.1, 18.1, 18.2, and 19.1 contains an Improper Certificate Chain of Trust Vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability by obtaining a CA signed certificate from Data Protection Central to impersonate a valid...

CVE-2019-18582

Dell EMC Data Protection Advisor (DPA) REST API versions 6.3/6.4/6.5, 18.2 before patch 83, and 19.1 before patch 71 are affected by a server-side template injection vulnerability. A remote authenticated attacker with admin privileges can inject scripts via the report generation feature, potentia...