4665 matches found
CVE-2019-1692
A vulnerability in the web-based management interface of Cisco Application Policy Infrastructure Controller APIC Software could allow an unauthenticated, remote attacker to access sensitive system usage information. The vulnerability is due to a lack of proper data protection mechanisms for certa...
Hardcoded credentials
A vulnerability in the Trusted Platform Module TPM functionality of software for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure ACI mode could allow an unauthenticated, local attacker with physical access to view sensitive information on an affected device. The...
Code injection
A vulnerability in the web-based management interface of Cisco Application Policy Infrastructure Controller APIC Software could allow an unauthenticated, remote attacker to access sensitive system usage information. The vulnerability is due to a lack of proper data protection mechanisms for certa...
CVE-2019-1589
A vulnerability in the Trusted Platform Module TPM functionality of software for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure ACI mode could allow an unauthenticated, local attacker with physical access to view sensitive information on an affected device. The...
CVE-2019-1692 Cisco Application Policy Infrastructure Controller Web-Based Management Interface Usage Information Disclosure Vulnerability
A vulnerability in the web-based management interface of Cisco Application Policy Infrastructure Controller APIC Software could allow an unauthenticated, remote attacker to access sensitive system usage information. The vulnerability is due to a lack of proper data protection mechanisms for certa...
CVE-2019-1692 Cisco Application Policy Infrastructure Controller Web-Based Management Interface Usage Information Disclosure Vulnerability
A vulnerability in the web-based management interface of Cisco Application Policy Infrastructure Controller APIC Software could allow an unauthenticated, remote attacker to access sensitive system usage information. The vulnerability is due to a lack of proper data protection mechanisms for certa...
CVE-2019-1589
CVE-2019-1589 affects Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode, via the TPM functionality. The issue arises from inadequate protection of disk encryption keys used within device hard-drive partitions, enabling an unauthenticated, local attacker with...
Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Unmeasured Boot Vulnerability
A vulnerability in the Trusted Platform Module TPM functionality of software for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure ACI mode could allow an unauthenticated, local attacker with physical access to view sensitive information on an affected device. The...
The vulnerability of the PIA Core Technology component of the Oracle PeopleSoft Enterprise PeopleTools business application suite allows a hacker to gain unauthorized access to protected information.
The vulnerability of the PIA Core Technology component in the Oracle PeopleSoft Enterprise PeopleTools business application suite is related to access control deficiencies. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected data usi...
New York, Canada, Ireland Launch New Investigations Into Facebook Privacy Breaches
Facebook has a lot of problems, then there are a lot of problems for Facebook—and both are not going to end anytime sooner. Though Facebook has already set aside $5 billion from its revenue to cover a possible fine the company is expecting as a result of an FTC investigation over privacy...
Oversharing and safety in the age of social media
Many years ago, I worked with healthcare organizations to install infrastructure to support the modernization of their information systems. As I traversed hospitals – both in public and private sectors – I was often struck by one particular best practice: the privacy reminders were ubiquitous. If...
Consumers have few legal options for protecting privacy
There are no promises in the words, “We care about user privacy.” Yet, these words appear on privacy policy after privacy policy, serving as disingenuous banners to hide potentially invasive corporate practices, including clandestine data collection, sharing, and selling. This is no accident. It ...
Update Rollup 7 for System Center 2016 Data Protection Manager
Update Rollup 7 for System Center 2016 Data Protection Manager Introduction This article describes the issues that are fixed in Update Rollup 7 for Microsoft System Center 2016 Data Protection Manager. This article also contains the installation instructions for this update.Note Existing Data...
The vulnerability of the TCP/IP protocol implementation in the Windows operating system allows a perpetrator to compromise the confidentiality of the protected information.
The vulnerability of the TCP/IP protocol implementation in the Windows operating system is related to the lack of protection for service data. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality of protected information by using specially crafted fragmented IP...
Never Forget That You Are Being Watched
By David Balaban What data do Facebook, Google, and mobile apps collect, do mobile carriers listen to your calls? Read this post and find answers to these and other privacy questions as well as get tips on how to protect your personal data. It has become known that information about 257,000...
The vulnerability of the win32k component in Windows operating systems allows a hacker to gain unauthorized access to protected information.
The vulnerability of the win32k component in Windows operating systems is related to the lack of protection for service data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information through a specially created application...
Hackers Compromise Microsoft Support Agent to Access Outlook Email Accounts
If you have an account with Microsoft Outlook email service, there is a possibility that your account information has been compromised by an unknown hacker or group of hackers, Microsoft confirmed The Hacker News. Earlier this year, hackers managed to breach Microsoft's customer support portal an...
The vulnerability of the igdkm64.sys driver for Intel Graphics Drivers allows a hacker to disclose protected information.
The vulnerability of the igdkm64.sys driver for Intel Graphics Drivers is related to the lack of protection for service data. Exploiting this vulnerability can allow an attacker to disclose protected information...
The numerous vulnerabilities in the FortiOS operating system, related to the lack of protection for service data, allow attackers to disclose the protected information.
The multiple vulnerabilities of the FortiOS operating system are related to the lack of protection for service data. Exploiting these vulnerabilities can allow a malicious actor to disclose sensitive information by analyzing HTTP headers, certificates, and error messages...
What is personal information? In legal terms, it depends
In early March, cybersecurity professionals around the world filled the San Francisco Moscone Convention Center’s sprawling exhibition halls to discuss and learn about everything infosec, from public key encryption to incident response, and from machine learning to domestic abuse. It was RSA...