The vulnerability of the CMSimple content management system’s link validation function allows attackers to perform SSRF attacks.

The vulnerability of the CMSimple content management system’s link validation function is related to insufficient protection of operational data. Exploiting this vulnerability could allow a malicious actor to carry out an SSRF attack remotely...

The vulnerability of the Advanced Varnish CMS system’s Drupal module, related to insufficient protection of operational data, allows attackers to bypass security restrictions and execute a Forceful Browsing attack.

The vulnerability of the Advanced Varnish CMS system, Drupal, is related to insufficient protection of operational data. Exploiting this vulnerability allows a malicious actor to bypass security restrictions and execute a Forceful Browsing attack...

The vulnerability of IBM Concert Software’s artificial intelligence-based automation tools lies in the insufficient protection of sensitive data. This allows attackers to gain unauthorized access to protected information.

The vulnerability of IBM Concert Software’s artificial intelligence-based automation tools stems from insufficient protection of operational data due to the use of incompatible policies. Exploiting this vulnerability can allow unauthorized actors to gain unauthorized access to protected informati...

The vulnerability of SAP NetWeaver AS ABAP and SAP ABAP Platform integration platforms, related to insufficient protection of operational data, allows attackers to gain unauthorized access to protected information.

The vulnerability of SAP NetWeaver AS ABAP and SAP ABAP Platform integration platforms is related to insufficient protection of operational data. Exploiting this vulnerability can allow unauthorized actors to gain unauthorized access to protected information...

The vulnerability of the LibreOffice office software package, related to insufficient protection of sensitive data, allows a perpetrator to disclose confidential information.

The vulnerability of the LibreOffice office software package is related to insufficient protection of operational data. Exploiting this vulnerability could allow an attacker to disclose confidential information...

The vulnerability of the REST Views module in the Drupal CMS system, related to insufficient protection of operational data, allows attackers to gain unauthorized access to protected information.

The vulnerability of the REST Views module in the Drupal CMS system is related to insufficient protection of operational data. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the command-line interface (CLI) of Juniper Networks Junos OS, which allows a hacker to gain unauthorized access to protected information

The vulnerability of the command-line interface CLI of Juniper Networks Junos OS is related to insufficient protection of operational data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

The vulnerability of the backup and data recovery software for Veeam Service Provider Console (VSPC) users on remote and cloud-based clients stems from insufficient protection of operational data, allowing attackers to exploit this weakness to disclose sensitive information.

The vulnerability of the backup and data restoration software for Veeam Service Provider Console VSPC for remote and cloud-based customers is related to insufficient protection of operational data. Exploiting this vulnerability could allow a malicious actor to disclose sensitive information by...

The vulnerability of the Naumen Service Management Platform’s automation system, related to insufficient protection of operational data, allows a hacker to obtain user credentials.

The vulnerability of the Naumen Service Management Platform, related to insufficient protection of operational data. Exploiting this vulnerability can allow a malicious actor to obtain user credentials...

CVE-2024-42450

The Versa Director uses PostgreSQL Postgres to store operational and configuration data. It is also needed for High Availability function of the Versa Director. The default configuration has a common password across all instances of Versa Director. By default, Versa Director configures Postgres t...

The vulnerability in the web interface of the Cisco Unified Communications Manager IM & Presence Service allows a perpetrator to access confidential information.

The vulnerability of the Web interface for managing the Cisco Unified Communications Manager IM & Presence Service Unified CM IM&P is related to insufficient protection of operational data. Exploiting this vulnerability could allow a malicious actor to gain access to confidential information...

The vulnerability of the system monitoring application for industrial PCs from Harmony Industrial PC series, namely HMIBMO/HMIBMI/HMIPSO/HMIBMP/HMIBMU/HMIPSP/HMIPEP, arises from the lack of protection for operational data. This allows attackers to expose account information.

The vulnerability of the system monitoring application in Harmony Industrial PCs of the HMIBMO/HMIBMI/HMIPSO/HMIBMP/HMIBMU/HMIPSP/HMIPEP series is related to the lack of protection for operational data. Exploiting this vulnerability can allow a malicious actor to access user accounts remotely...

The vulnerability of the command-line interface (CLI) of Juniper Networks Junos OS-based SRX routers allows a attacker to gain unauthorized access to protected information.

The vulnerability of the command-line interface CLI of Juniper Networks Junos OS routers of the SRX series relates to insufficient protection of operational data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

The vulnerability of D-Link DIR-823G router’s microprogramming software, related to insufficient protection of operational data, allows unauthorized access to protected information.

The vulnerability of D-Link DIR-823G router microprogramming software is related to insufficient protection for operational data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

The vulnerability of component E1 in the IOT Orchestrator Security application of JD Edwards EnterpriseOne allows a attacker to disclose protected information.

The vulnerability of component E1 in the JD Edwards EnterpriseOne Orchestrator Security application relates to insufficient protection of operational data. Exploiting this vulnerability could allow an attacker, operating remotely, to disclose sensitive information using the HTTP protocol...

The vulnerability of the YouGile project management service, related to insufficient protection of operational data, allows a hacker to disclose the protected information.

The vulnerability of the YouGile project management service is related to insufficient protection of operational data. Exploiting this vulnerability could allow a malicious actor, operating remotely, to disclose the protected information...

The vulnerability of the REST Provider Definition Response component in SAP system management software allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the REST Provider Definition Response component in SAP system management software is related to insufficient protection of operational data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the Splunk Enterprise platform’s SplunkD module for operational analytics allows a hacker to disclose protected information.

The vulnerability of the Splunk Enterprise platform for operational analysis involves insufficient protection for operational data. Exploiting this vulnerability can allow a malicious actor to disclose the protected information...

The vulnerability of the SIMATIC Reader software for editing and managing projects and documents allows a perpetrator to influence the confidentiality of the protected information.

The vulnerability of the SIMATIC Reader software for editing and managing projects and documents is related to the lack of protection for operational data. Exploiting this vulnerability could allow an attacker, operating remotely, to compromise the confidentiality of the protected information...

The vulnerability of the software for centralized device management in Fortinet FortiManager allows a hacker to disclose protected information.

The vulnerability of the software for centralized device management in Fortinet FortiManager lies in the lack of protection for operational data. Exploiting this vulnerability can allow attackers to disclose sensitive information through generated HTTP requests...