4665 matches found
The vulnerability of the recovery environment in Dell SupportAssist OS Recovery, due to insufficient protection of operational data, allows a perpetrator to disclose protected information.
The vulnerability of the recovery environment in Dell SupportAssist OS Recovery is related to insufficient protection for operational data. Exploiting this vulnerability can allow attackers to disclose protected information...
CVE-2025-36020
IBM Guardium Data Protection could allow a remote attacker to obtain sensitive information due to cleartext transmission of sensitive credential information...
CVE-2025-36020
IBM Guardium Data Protection could allow a remote attacker to obtain sensitive information due to cleartext transmission of sensitive credential information...
CVE-2025-36020
IBM Guardium Data Protection could allow a remote attacker to obtain sensitive information due to cleartext transmission of sensitive credential information...
CVE-2025-36020
CVE-2025-36020 affects IBM Guardium Data Protection. According to the connected IBM bulletin, the issue enables information disclosure due to cleartext transmission of sensitive credential information. Affected versions are IBM Guardium Data Protection 11.5, 12.0, and 12.1. The bulletin recommend...
The vulnerability of the Find My function in macOS and iPadOS systems allows a perpetrator to disclose protected information.
The vulnerability of the Find My function in macOS and iPadOS is related to insufficient protection of service data. Exploiting this vulnerability can allow attackers to disclose sensitive information...
PT-2025-32176 · Ibm · Guardium Data Protection
Name of the Vulnerable Software and Affected Versions: IBM Guardium Data Protection affected versions not specified Description: IBM Guardium Data Protection may allow a remote attacker to obtain sensitive information due to the cleartext transmission of sensitive credential information...
IBM Guardium Data Protection 安全漏洞
IBM Guardium Data Protection is a comprehensive data security platform from International Business Machines IBM. A security vulnerability exists in IBM Guardium Data Protection that stems from the explicit transmission of sensitive credential information, which could lead to information disclosur...
Security Bulletin: IBM Guardium Data Protection is affected by a RHEL7 Kernel vulnerability (CVE-2024-36971)
Summary IBM Guardium Data Protection has addressed this vulnerability in an update. Vulnerability Details CVEID:CVE-2024-36971 DESCRIPTION: In the Linux kernel, the following vulnerability has been resolved: net: fix dstnegativeadvice race dstnegativeadvice does not enforce proper RCU rules when...
Security Bulletin: IBM Guardium Data Protection is affected by multiple Tomcat vulnerabilities (CVE-2025-24813, CVE-2024-50379)
Summary IBM Guardium Data Protection has addressed these vulnerabilities in an update. Vulnerability Details CVEID:CVE-2025-24813 DESCRIPTION: Path Equivalence: 'file.Name' Internal Dot leading to Remote Code Execution and/or Information disclosure and/or malicious content added to uploaded files...
Security Bulletin: IBM Guardium Data Protection is affected by a Privilege Escalation vulnerability (CVE-2025-3473)
Summary IBM Guardium Data Protection has addressed this vulnerability in an update. Vulnerability Details CVEID:CVE-2025-3473 DESCRIPTION: IBM Security Guardium could allow a local privileged user to escalate their privileges to root due to insecure inherited permissions created by the program...
The vulnerability of microprogrammed software in HP Color LaserJet MFP multifunctional printers, related to insufficient protection of operational data, allows attackers to gain unauthorized access to protected information.
The vulnerability of microprogrammed software in HP Color LaserJet MFP multifunctional printers is related to insufficient protection for the local address book’s service data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...
OpenSearch unauthorized data access on fields protected by field level security if field is a member of an object
Impact OpenSearch versions 2.19.2 and earlier improperly apply Field Level Security FLS rules on fields which are not at the top level of the source document tree i.e., which are members of a JSON object. If an FLS exclusion rule like object is applied to an object valued attribute in a source...
GHSA-RRMM-WQ7Q-H4V5 OpenSearch unauthorized data access on fields protected by field masking for fields of type ip, geo_point, geo_shape, xy_point, xy_shape
Impact OpenSearch versions 2.19.2 and earlier improperly apply field masking rules on fields of the types ip, geopoint, geoshape, xypoint, xyshape. While the content of these fields is properly redacted in the source document returned by search operations, the original unredacted values remain...
3 Key Areas to Focus on When You're Evaluating AI Security
...
CVE-2025-43245
A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to access protected user data...
CVE-2025-43198
This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7. An app may be able to access protected user data...
CVE-2025-43260
This issue was addressed with improved data protection. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7. An app may be able to hijack entitlements granted to other privileged apps...
CVE-2025-43206
A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to access protected user data...
The vulnerability of the WebContentFilter filter in macOS operating systems allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the WebContentFilter filter in macOS operating systems is related to insufficient protection of service data. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of protected information...