Microsoft Defender for IoT Elevation of Privilege Vulnerability

...

Microsoft Defender Security Vulnerability

Microsoft Defender is a threat protection software from Microsoft USA. A security vulnerability exists in Microsoft Defender for IoT. An attacker can elevate privileges by exploiting the vulnerability...

Security Bulletin: Denial of service and security restrictions bypass might affect IBM Storage Defender – Resiliency Service

Summary IBM Storage Defender – Resiliency Service is vulnerable and can result in data confidentiality and service availabilty issues. The vulnerabilities have been addressed. CVE-2024-27351, CVE-2024-34064, CVE-2024-32879, CVE-2024-24786. Vulnerability Details CVEID:CVE-2024-24786 DESCRIPTION:...

Security Bulletin: Denial of service and password enumeration might affect IBM Storage Defender – Resiliency Service

Summary IBM Storage Defender – Resiliency Service is vulnerable and can result in data confidentiality and service availabilty issues. The vulnerabilities have been addressed. CVE-2023-45288, CVE-2024-25031, CVE-2024-38322, CVE-2024-33883. Vulnerability Details CVEID:CVE-2023-45288 DESCRIPTION:...

CVE-2024-38322

IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.4 agent username and password error response discrepancy exposes product to brute force enumeration. IBM X-Force ID: 294869...

CVE-2024-38322

IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.4 agent username and password error response discrepancy exposes product to brute force enumeration. IBM X-Force ID: 294869...

CVE-2024-25031

IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.4 uses an inadequate account lockout setting that could allow an attacker on the network to brute force account credentials. IBM X-Force ID: 281678...

CVE-2024-25031

IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.4 uses an inadequate account lockout setting that could allow an attacker on the network to brute force account credentials. IBM X-Force ID: 281678...

CVE-2024-38322 IBM Storage Defender information disclosure

IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.4 agent username and password error response discrepancy exposes product to brute force enumeration. IBM X-Force ID: 294869...

CVE-2024-38322 IBM Storage Defender information disclosure

IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.4 agent username and password error response discrepancy exposes product to brute force enumeration. IBM X-Force ID: 294869...

CVE-2024-38322

CVE-2024-38322 affects IBM Storage Defender – Resiliency Service, versions 2.0.0–2.0.4. The issue is an agent username/password error response discrepancy that can expose the product to brute‑force credential enumeration. Impact is described as potential data confidentiality impact; CVSS data pre...

CVE-2024-25031 IBM Storage Defender information disclosure

IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.4 uses an inadequate account lockout setting that could allow an attacker on the network to brute force account credentials. IBM X-Force ID: 281678...

CVE-2024-25031

CVE-2024-25031 affects IBM Storage Defender – Resiliency Service 2.0.0–2.0.4. The root cause is an inadequate account lockout setting that could allow an attacker over an adjacent network to brute‑force credentials. CVSSv3.1 metrics (AV:A, AC:L, PR:N, UI:N, S:U, C:H, I:N, A:N) indicate a base sco...

CVE-2024-25031 IBM Storage Defender information disclosure

IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.4 uses an inadequate account lockout setting that could allow an attacker on the network to brute force account credentials. IBM X-Force ID: 281678...

WordPress Defender plugin <= 4.7.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin Defender Security versions = 4.7.1...

WordPress Defender Security Plugin <= 4.7.1 is vulnerable to Broken Access Control

Software Defender Security Type Plugin Vulnerable versions = 4.7.1 Fixed in 4.7.3 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-37444 Patch priority Low CVSS severity Low 5.3 Developer WPMU DEV PSID 05e4faea13e8 Credits Rafie Muhammad Patchstack Required...

PT-2024-27943 · Ibm · Ibm Storage Defender - Resiliency Service

Name of the Vulnerable Software and Affected Versions: IBM Storage Defender - Resiliency Service versions 2.0.0 through 2.0.4 Description: The issue is related to an agent username and password error response discrepancy, which exposes the product to brute force enumeration. Recommendations: For...

June 28, 2024—KB5039304 (OS Build 26100.1000) Preview

June 28, 2024—KB5039304 OS Build 26100.1000 Preview For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types.Note Follow @WindowsUpdate to find out when new content is published to the Windows release health dashboar...

WordPress WPMU Defender plugin <= 3.3.2 - Broken Authentication vulnerability

Broken Authentication vulnerability discovered by Snicco Patchstack Alliance in WordPress Plugin Defender Security versions = 3.3.2...

WordPress Defender Security Plugin <= 3.3.2 is vulnerable to Broken Authentication

Software Defender Security Type Plugin Vulnerable versions = 3.3.2 Fixed in 3.3.3 OWASP Top 10 A2: Broken Authentication Classification Broken Authentication CVE CVE-2022-44581 Patch priority Low CVSS severity Low 5.3 Developer WPMU DEV PSID e5d5684810f0 Credits Snicco Required privilege...