CVE-2024-21971

Improper input validation in AMD Crash Defender could allow an attacker to provide the Windows® system process ID to a kernel-mode driver, resulting in an operating system crash, potentially leading to denial of service...

CVE-2024-21971

Improper input validation in AMD Crash Defender could allow an attacker to provide the Windows® system process ID to a kernel-mode driver, resulting in an operating system crash, potentially leading to denial of service...

CVE-2024-21971

Summary : CVE-2024-21971 is described as an improper input validation vulnerability in AMD Crash Defender that could let an attacker pass the Windows system process ID to a kernel-mode driver, potentially crash the OS and cause denial of service. Affected context (from provided documents) : AMD C...

PT-2025-6417 · Amd +1 · Amd Crash Defender +1

Name of the Vulnerable Software and Affected Versions: AMD Crash Defender affected versions not specified Description: The issue is related to improper input validation in AMD Crash Defender, which could allow an attacker to provide the Windows system process ID to a kernel-mode driver. This coul...

The vulnerability of the Defender Sensor component of the IBM Storage Defender Data Resiliency Service (DRS) protection tool allows a attacker to execute a “man-in-the-middle” type attack.

The vulnerability of the Defender Sensor component of the IBM Storage Defender Data Resiliency Service DRS protection tool is related to improper data encryption. Exploiting this vulnerability could allow a malicious actor to execute a “man-in-the-middle” type attack...

CVE-2024-38325

IBM Storage Defender 2.0.0 through 2.0.7 on-prem defender-sensor-cmd CLI could allow a remote attacker to obtain sensitive information, caused by sending network requests over an insecure channel. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle...

CVE-2024-38325

IBM Storage Defender 2.0.0 through 2.0.7 on-prem defender-sensor-cmd CLI could allow a remote attacker to obtain sensitive information, caused by sending network requests over an insecure channel. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle...

CVE-2024-38325 IBM Storage Defender information disclosure

IBM Storage Defender 2.0.0 through 2.0.7 on-prem defender-sensor-cmd CLI could allow a remote attacker to obtain sensitive information, caused by sending network requests over an insecure channel. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle...

CVE-2024-38325

IBM Storage Defender on‑prem Defender Sensor CLI (versions 2.0.0–2.0.7) may disclose sensitive information due to requests sent over an insecure channel, enabling MITM exposure. Root cause: insecure network handling in defender-sensor-cmd. Impact: potential information disclosure. Affected produc...

CVE-2024-38325 IBM Storage Defender information disclosure

IBM Storage Defender 2.0.0 through 2.0.7 on-prem defender-sensor-cmd CLI could allow a remote attacker to obtain sensitive information, caused by sending network requests over an insecure channel. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle...

IBM Storage Defender 安全漏洞

IBM Storage Defender is a solution from International Business Machines IBM that provides end-to-end data resiliency. A security vulnerability exists in IBM Storage Defender that originates from sending network requests over an insecure channel...

IBM Storage Defender Plaintext Transfer Vulnerability

IBM Storage Defender is a solution from International Business Machines IBM that provides end-to-end data resiliency. A plaintext transfer vulnerability exists in IBM Storage Defender versions 2.0.0 through 2.0.9, which stems from the presence of keys stored in plaintext and can be exploited by a...

IBM Storage Defender Trust Management Issues Vulnerability

IBM Storage Defender is a solution from International Business Machines IBM that provides end-to-end data resiliency. A trust management issue vulnerability exists in IBM Storage Defender versions 2.0.0 through 2.0.9, which stems from the resiliency service not properly validating certificates, a...

Microsoft Windows Defender Authorization Issues Vulnerability

Microsoft Windows Defender is a suite of antivirus software that comes with Windows systems from the American company Microsoft. Microsoft Windows Defender suffers from an authorization issue vulnerability that arises from improper authorization of an index containing sensitive information in a...

The vulnerability of the Global Search technology implemented by Microsoft Defender for Endpoint on the Microsoft Windows operating system allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Microsoft Defender for Endpoint operating system’s Global Search technology is related to deficiencies in the indexing mechanism. Exploiting this vulnerability can allow an attacker, working remotely, to gain unauthorized access to protected information...

CVE-2024-52361

IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.9 stores user credentials in plain text which can be read by an authenticated user with access to the pod...

CVE-2024-47119

IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.9 does not properly validate a certificate which could allow an attacker to spoof a trusted entity by interfering in the communication path between the host and client...

CVE-2024-52361

IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.9 stores user credentials in plain text which can be read by an authenticated user with access to the pod...

CVE-2024-47119

IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.9 does not properly validate a certificate which could allow an attacker to spoof a trusted entity by interfering in the communication path between the host and client...

CVE-2023-50956

IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.9 could allow a privileged user to obtain highly sensitive user credentials from secret keys that are stored in clear text...