Astra Linux - уязвимость в intel-microcode

Observable timing discrepancy in some IntelR Processors may allow an authenticated user to potentially enable information disclosure via local access...

CVE-2025-22172

Jira Align is vulnerable to an authorization issue. A low-privilege user can access unexpected endpoints that disclose a small amount of sensitive information. For example, a low-level user was able to read external reports without the required permission...

PT-2024-37362 · Rockwell Automation · Arena

Name of the Vulnerable Software and Affected Versions: Rockwell Automation Arena Input Analyzer affected versions not specified Description: A memory corruption issue exists when parsing DFT files, allowing local threat actors to disclose information and execute arbitrary code by opening a...

Intel Processors 输入验证错误漏洞

Intel Processors is a U.S. Intel Corporation's provides for interpreting computer instructions and processing data in computer software. An input validation error vulnerability exists in Intel Processors, which can be exploited by a privileged attacker to conduct an information disclosure or deni...

PT-2024-6243 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows versions prior to the fixed version Description: The issue is related to an uninitialized pointer in the Windows Networking service, which can be exploited by a remote attacker to disclose protected information. This can potentially...

kernel: AMD: Cross-Thread Return Address Predictions

A flaw was found in HW. When SMT is enabled, certain AMD processors may speculatively execute instructions using a target from the sibling thread after an SMT mode switch, potentially resulting in information disclosure...

JTEKT ELECTRONICS OnSinView2 Buffer Error Vulnerability

JTEKT ELECTRONICS OnSinView2 is an application from JTEKT ELECTRONICS, Inc. A security vulnerability exists in JTEKT ELECTRONICS OnSinView2 version 2.0.1 and prior versions, which stems from an improperly restricted operation within a memory buffer. The vulnerability can be exploited by an attack...

Multiple vulnerabilities in Cybozu Garoon

Overview Cybozu Garoon provided by Cybozu, Inc. contains multiple vulnerabilities listed below. CyVDB-2909 Operation restriction bypass in multiple applications CWE-285 - CVE-2022-30602 CyVDB-3042 Information disclosure in multiple applications CWE-200 - CVE-2022-29512 CyVDB-3111 Improper input...

CVE-2022-20809

Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS could allow an authenticated, remote attacker to write files or disclose sensitive information on an affected device. For more information about...

CVE-2022-20806

Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS could allow an authenticated, remote attacker to write files or disclose sensitive information on an affected device. For more information about...

Cisco Prime Infrastructure server backup sensitive information disclosure vulnerability

Cisco Prime Infrastructure is an enterprise network management solution. A security vulnerability in the handling of GET requests by the Cisco Prime Infrastructure server backup allows remote attackers to exploit the vulnerability to submit a special request that could obtain sensitive informatio...