572 matches found
CVE-2023-23542
A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. An app may be able to access user-sensitive data...
CVE-2023-23537
CVE-2023-23537 affects Apple platforms via a privacy issue where log entries could reveal sensitive location data. The vulnerability is fixed by Apple in: macOS Ventura 13.3, iOS 16.4/iPadOS 16.4, iOS 15.7.4/iPadOS 15.7.4, watchOS 9.4, and macOS Big Sur 11.7.5. Root cause (as described) is improv...
CVE-2023-27928
The CVE-2023-27928 vulnerability concerns a privacy issue where private data redaction for log entries was insufficient, potentially allowing an app to access information about a user’s contacts. Affected products and versions include: macOS Big Sur 11.7.5; macOS Ventura 13.3; iOS 15.7.4 and iOS ...
PT-2023-19019 · Apple · Ios +3
Name of the Vulnerable Software and Affected Versions: macOS versions prior to 13.3 macOS Big Sur versions prior to 11.7.5 iOS versions prior to 16.4 iOS versions prior to 15.7.4 iPadOS versions prior to 16.4 iPadOS versions prior to 15.7.4 watchOS versions prior to 9.4 Description: A privacy iss...
About the security content of iOS 16.4 and iPadOS 16.4
About the security content of iOS 16.4 and iPadOS 16.4 This document describes the security content of iOS 16.4 and iPadOS 16.4. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches ...
PT-2023-19025 · Apple · Macos Ventura +3
Name of the Vulnerable Software and Affected Versions: macOS versions prior to 13.3 macOS Monterey versions prior to 12.6.4 macOS Big Sur versions prior to 11.7.5 Description: A privacy issue was addressed with improved private data redaction for log entries, which may allow an app to access...
About the security content of macOS Ventura 13.3
About the security content of macOS Ventura 13.3 This document describes the security content of macOS Ventura 13.3. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases...
CVE-2023-23505
A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Monterey 12.6.3, macOS Ventura 13.2, watchOS 9.3, macOS Big Sur 11.7.3, iOS 15.7.3 and iPadOS 15.7.3, iOS 16.3 and iPadOS 16.3. An app may be able to access information about a user’s...
CVE-2023-23505
A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Monterey 12.6.3, macOS Ventura 13.2, watchOS 9.3, macOS Big Sur 11.7.3, iOS 15.7.3 and iPadOS 15.7.3, iOS 16.3 and iPadOS 16.3. An app may be able to access information about a user’s...
CVE-2023-23505
A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Monterey 12.6.3, macOS Ventura 13.2, watchOS 9.3, macOS Big Sur 11.7.3, iOS 15.7.3 and iPadOS 15.7.3, iOS 16.3 and iPadOS 16.3. An app may be able to access information about a user’s...
CVE-2023-23505
CVE-2023-23505 describes a privacy issue where an app could access information about a user’s contacts due to insufficient private data redaction in log entries. Affected products include Apple platforms: macOS Monterey 12.6.3, macOS Ventura 13.2, macOS Big Sur 11.7.3, watchOS 9.3, iOS 15.7.3 and...
Oracle Database Server for Windows (Jan 2023 CPU)
The versions of Oracle Database Server installed on the remote host are affected by multiple vulnerabilities as referenced in the January 2023 CPU advisory. - Vulnerability in the Oracle Data Provider for .NET component of Oracle Database Server. Supported versions that are affected are 19c and...
Oracle Database Server for Unix (Jan 2023 CPU)
The versions of Oracle Database Server installed on the remote host are affected by multiple vulnerabilities as referenced in the January 2023 CPU advisory. - Vulnerability in the Oracle Database - Machine Learning for Python Python component of Oracle Database Server. The supported version that ...
CVE-2023-21827
Vulnerability in the Oracle Database Data Redaction component of Oracle Database Server. Supported versions that are affected are 19c and 21c. Easily exploitable vulnerability allows low privileged attacker having Create Session privilege with network access via Oracle Net to compromise Oracle...
CVE-2023-21827
Vulnerability in the Oracle Database Data Redaction component of Oracle Database Server. Supported versions that are affected are 19c and 21c. Easily exploitable vulnerability allows low privileged attacker having Create Session privilege with network access via Oracle Net to compromise Oracle...
Design/Logic Flaw
Vulnerability in the Oracle Database Data Redaction component of Oracle Database Server. Supported versions that are affected are 19c and 21c. Easily exploitable vulnerability allows low privileged attacker having Create Session privilege with network access via Oracle Net to compromise Oracle...
CVE-2023-21827
The CVE-2023-21827 entry describes a vulnerability in the Oracle Database Data Redaction component affecting Oracle Database Server 19c and 21c. The flaw allows a low-privileged attacker with Create Session privilege and network access via Oracle Net to read a subset of Data Redaction data. The a...
Oracle DBMS_REDACT Dynamic Data Masking Bypass Vulnerability
Proof of concept overview on how the DBMSREDACT Dynamic Data Masking security feature in Oracle can be bypassed. Affected versions include 19c and 21c. Title: ByPassing DBMSREDACT Dynamic Data Masking security feature in Oracle database system Product: Database Manufacturer: Oracle Affected...
Oracle DBMS_REDACT Dynamic Data Masking Bypass
Title: ByPassing DBMSREDACT Dynamic Data Masking security feature in Oracle database system Product: Database Manufacturer: Oracle Affected Versions: 19c,21c Tested Versions: 19c,21c CVE Reference: N/A Author of Advisory: Emad Al-Mousa Overview: DBMSREDACT package provides an interface to Oracle...
Security Bulletin: InfoSphere Guardium Data Redaction Java API Documentation Frame Injection Vulnerability (CVE-2013-1571)
Abstract Java API Documentation contains a frame injection vulnerability. Content VULNERABILITY DETAILS: CVEID: CVE-2013-1571 DESCRIPTION: HTML documentation generated by the Javadoc tool contains a security vulnerability. The vulnerability allows an attacker to craft a malicious link to the...