The vulnerability of the central server of the VMware Connection server in the virtualization system of VMware Horizon allows a hacker to gain unauthorized access to protected information.

The vulnerability of the central server of the VMware Connection server in the VMware Horizon workstation virtualization system is related to the lack of protection for operational data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to...

The vulnerability of the Dell EMC Avamar Server backup system and the DELL EMC Integrated Data Protection system lies in the lack of protection for operational data, allowing attackers to obtain the SSL/TLS connection private keys.

The vulnerability of the Dell EMC Avamar Server backup system and the DELL EMC Integrated Data Protection Appliance lies in the lack of protection for operational data. Exploiting this vulnerability could allow a malicious actor to obtain the SSL/TLS connection secrets...

The vulnerability of the Team Foundation Server and Azure DevOps Server software development tools lies in the lack of protection for service data. This allows attackers to execute arbitrary code and compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of Team Foundation Server and Azure DevOps Server software lies in the lack of protection for operational data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely, thereby compromising the confidentiality, integrity, and accessibility of...

The vulnerability of the Data Exchange Layer Platform, a messaging application between applications, and the Threat Intelligence Exchange Server, related to the lack of protection for operational data, allows access to confidential information.

The vulnerability of the Data Exchange Layer Platform, a messaging application between applications, and the Threat Intelligence Exchange Server, a threat protection system, is related to the lack of protection for operational data. Exploiting this vulnerability can allow attackers to gain access...

The vulnerability of the Cisco Connected Mobile Experiences software lies in the lack of protection for operational data, which allows an attacker to gain access to protected information.

The vulnerability of the Cisco Connected Mobile Experiences software lies in the lack of protection for sensitive data. Exploiting this vulnerability could allow an attacker to gain access to protected information by sending HTTP GET requests to the vulnerable device...

The vulnerability of the Microsoft Office software package lies in the lack of protection for operational data, which allows attackers to gain access to protected information.

The vulnerability of the Microsoft Office suite is related to the lack of protection for operational data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain access to protected information through a specially created file...

The vulnerability of D-Link’s microprogrammed software-based router web interfaces, related to the lack of protection for service data, allows attackers to disclose the protected information.

The vulnerability of the web interface of D-Link microprogrammed software routers lies in the lack of protection for operational data. Exploiting this vulnerability allows a malicious actor to disclose sensitive information through a specially crafted SNMP request...

The vulnerability of D-Link’s microprogrammed software-based router web interfaces, related to the lack of protection for service data, allows attackers to disclose the protected information.

The vulnerability of the web interface of D-Link microprogramming software routers is related to the lack of protection for operational data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to disclose the protected information...

The vulnerability of the Microsoft Office suite lies in the lack of protection for operational data, which allows attackers to read arbitrary files.

The vulnerability of the Microsoft Office suite is related to the lack of protection for operational data. Exploiting this vulnerability allows a malicious actor to read arbitrary files using a specially created file...

The vulnerability of D-Link’s microprogrammed software-based router web interfaces, related to the lack of protection for service data, allows attackers to disclose the protected information.

The vulnerability of the web interface of D-Link microprogramming software routers is related to the lack of protection for operational data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to disclose the protected information...

The vulnerability of the Sandbox Protection Mechanism component of the software suite for processing, transforming, and generating Ghostscript documents allows a perpetrator to circumvent the protective mechanism of the isolated software environment and disclose the protected information.

The vulnerability of the Sandbox Protection Mechanism, a component of the software for processing, transforming, and generating documents with Ghostscript, is related to the lack of protection for operational data. Exploiting this vulnerability allows an intruder, operating locally, to circumvent...

Security Bulletin: Multiple Security Issues in IBM Tealeaf Customer Experience PCA.

Summary BlueZ is vulnerable to a denial of service, caused by a buffer over-read issue. By using a specially-crafted dump file, an attacker could exploit this vulnerability to cause the application to crash. IBM Tealeaf Customer Experience PCA could allow a remote attacker under unusual...

Security Bulletin: Multiple Security Issues in IBM Tealeaf Customer Experience on Cloud Network Capture Add-On

Summary BlueZ is vulnerable to a denial of service, caused by a buffer over-read issue. By using a specially-crafted dump file, an attacker could exploit this vulnerability to cause the application to crash. IBM Tealeaf contains hard-coded credentials. A remote attacker could exploit this...

Security Bulletin: IBM Tealeaf Customer Experience servers allow unauthenticated access (CVE-2015-4987)

Summary IBM Tealeaf Customer Experience servers allow access to operational data and less privileged operations without authentication. Vulnerability Details CVEID: CVE-2015-4987 DESCRIPTION: The IBM Tealeaf Customer Experience search and replay servers could allow an unauthenticated attacker to...

Design/Logic Flaw

IBM Tealeaf Customer Experience 8.7, 8.8, and 9.0.2 could allow a remote attacker under unusual circumstances to read operational data or TLS session state for any active sessions, cause denial of service, or bypass security. IBM X-Force ID: 113999...

CVE-2016-2983

IBM Tealeaf Customer Experience 8.7, 8.8, and 9.0.2 could allow a remote attacker under unusual circumstances to read operational data or TLS session state for any active sessions, cause denial of service, or bypass security. IBM X-Force ID: 113999...

CVE-2016-2983

IBM Tealeaf Customer Experience 8.7, 8.8, and 9.0.2 could allow a remote attacker under unusual circumstances to read operational data or TLS session state for any active sessions, cause denial of service, or bypass security. IBM X-Force ID: 113999...

The vulnerability of the sane-backends package, related to insufficient protection of operational data, allows a perpetrator to breach data confidentiality.

The vulnerability of the sane-backends package is related to insufficient protection of operational data. Exploiting this vulnerability could allow a malicious actor, operating remotely, to compromise data confidentiality using the specially crafted SANENETCONTROLOPTION package...

The vulnerability of the IBM WebSphere Commerce, Commerce on Cloud, and WebSphere Commerce Developer software lies in data processing errors. This allows attackers to disclose sensitive information, perform actions on behalf of administrators, or cause service interruptions.

The vulnerability of the IBM WebSphere Commerce, Commerce on Cloud, and WebSphere Commerce Developer software platforms lies in the lack of protection for operational data. Exploiting this vulnerability can allow a malicious actor to disclose sensitive information, perform actions on behalf of...

The vulnerability of LiteSpeed web application server’s software lies in the lack of protection for operational data, allowing attackers to obtain confidential information.

The vulnerability of LiteSpeed web application server software lies in the lack of protection for service data. This allows attackers to access content from random memory segments such as random parts of HTTP requests sent to the server earlier. Exploiting this vulnerability can enable remote...