41 matches found
The vulnerability of the ImageConversion.api file in programs for viewing and editing PDF files in Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, and Adobe Acrobat Reader Document Cloud 2017 arises from reading data beyond the buffer in memory. This allows attackers to disclose protected information.
The vulnerability of the ImageConversion.api file in programs for viewing and editing PDF files in Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, and Adobe Acrobat Reader Document Cloud 2017 is related to reading data outside of the buffer in memory...
The vulnerability of the Windows DPAPI component of the Windows operating system allows attackers to disclose protected information.
The vulnerability of the Windows DPAPI component in the Windows operating system is related to the lack of protection for service data. Exploiting this vulnerability can allow an attacker to disclose protected information...
PT-2022-5780 · Microsoft · Network Device Enrollment Service +1
Name of the Vulnerable Software and Affected Versions: Network Device Enrollment Service NDES affected versions not specified Description: The issue is related to errors in security settings, allowing a remote attacker to bypass existing security restrictions and disclose protected information. I...
The vulnerability of the BIOS microprogramming system of Intel processors allows attackers to disclose protected information.
The vulnerability of the BIOS microprogramming system of Intel processors is related to access control deficiencies. Exploiting this vulnerability can allow an attacker to disclose protected information...
The vulnerability of the Extensions API for Microsoft Edge and Google Chrome browsers allows a perpetrator to disclose protected information.
The vulnerability of the Extensions API for Microsoft Edge and Google Chrome is related to improperly implemented security checks for standard elements. Exploiting this vulnerability can allow a malicious actor to disclose sensitive information through a specially created web page...
PT-2022-3850 · Microsoft · Azure Site Recovery
Name of the Vulnerable Software and Affected Versions: Azure Site Recovery affected versions not specified Description: The issue is related to insufficient access controls in Azure Site Recovery, specifically in the context of VMWare to Azure recovery. It may allow a remote attacker to disclose...
The vulnerability of the File System API interfaces in Google Chrome and Microsoft Edge browsers allows attackers to disclose protected information.
The vulnerability of the File System API interfaces in Google Chrome and Microsoft Edge is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to disclose protected information through a specially created web page...
The vulnerability of the Yandex Browser’s Safe WiFi technology, which allows a hacker to expose protected information.
The vulnerability of the Safe WiFi technology of the Yandex Browser is related to resource release errors. Exploiting this vulnerability can allow a remote attacker to disclose protected information...
The vulnerability of the scsi_ioctl function in the Linux operating system’s kernel allows a hacker to disclose protected information.
The vulnerability of the scsiioctl function drivers/scsi/scsiioctl.c in the Linux operating system is related to the lack of protection for service data. Exploiting this vulnerability can allow an attacker to disclose the protected information...
The vulnerability of the Google Chrome browser’s Navigation function, which allows a hacker to disclose protected information
The vulnerability of the Google Chrome browser’s Navigation function is related to improperly implemented security checks for standard elements. Exploiting this vulnerability can allow a malicious actor, operating remotely, to disclose protected information through a specially created web page...
The vulnerability of the Remote Desktop Protocol Client protocol on the Microsoft Windows operating system, which allows a hacker to disclose protected information
The vulnerability of the Remote Desktop Protocol Client on the Microsoft Windows operating system is related to the disclosure of information in the erroneous data field. Exploiting this vulnerability allows a malicious actor to disclose the protected information from a remote location...
The vulnerability of the Microsoft Visual Basic development environment and the Microsoft Office suite relates to the disclosure of information in the error-prone data area, allowing the disclosure of protected information.
The vulnerability of the Microsoft Visual Basic development environment and the Microsoft Office suite is related to the disclosure of sensitive information in error-prone data areas. Exploiting this vulnerability can allow attackers to disclose protected information...
The vulnerability of the RBR50 router software, the RBS50 router software, and the RBK50 router software relates to the disclosure of protected information, allowing a perpetrator to execute arbitrary commands and gain access to protected information.
The vulnerabilities of the RBR50 router software, the RBS50 router software, and the RBK50 router software are related to the disclosure of protected information. Exploiting these vulnerabilities can allow an attacker to execute arbitrary commands and gain access to protected information...
A vulnerability in the web access function of the microprogramming software used in Cisco IP Phones 7800 and Cisco IP Phones 8800 allows a perpetrator to disclose protected information.
The vulnerability in the web access function of Cisco IP Phones 7800 and Cisco IP Phones 8800 is related to the lack of protection for service data. Exploiting this vulnerability can allow a malicious actor to disclose sensitive information by sending specially crafted requests to the vulnerable...
The vulnerability of the i2c_ddc functions in the QEMU hardware emulation software allows a hacker to disclose protected information.
The vulnerability of the i2cddc function hw/i2c/i2c-ddc.c in the QEMU hardware emulation software is related to reading data beyond the buffer limit 128 bytes of stack memory. Exploiting this vulnerability can allow an attacker to disclose sensitive information that is protected by security...
The vulnerability of the Windows Cryptography Next Generation (CNG) service for Windows operating systems, which allows a hacker to compromise and disclose protected information
The vulnerability of the Windows Cryptography Next Generation CNG service on Windows operating systems is related to errors in memory object handling. Exploiting this vulnerability can allow an attacker to disclose sensitive information through a specially created application...
The vulnerability of Microprogramming Software: Intel Converged Security and Manageability Engine (CSME), Intel Trusted Execution Engine (TXE), and Intel Dynamic Application Loader (DAL) arises from insufficient validation of input data, allowing attackers to disclose protected information.
The vulnerability of Microprogramming Software: Intel Converged Security and Manageability Engine CSME, Intel Trusted Execution Engine TXE, and Intel Dynamic Application Loader DAL is related to insufficient verification of input data. Exploiting this vulnerability can allow attackers to disclose...
The vulnerability of the Windows Graphics component of the Windows operating system allows attackers to disclose protected information.
The vulnerability of the Windows Graphics component of the Windows operating system is related to errors in object handling in memory. Exploiting this vulnerability can allow an attacker to disclose sensitive information through a specially created application...
The vulnerability in the web interface for managing Cisco Video Surveillance Manager allows a perpetrator to disclose protected information.
The vulnerability in the web interface for managing Cisco Video Surveillance Manager exists due to an incorrect restriction on the path to the restricted catalog. Exploiting this vulnerability could allow a malicious actor to disclose protected information by sending specially crafted requests...
The vulnerability of the Gentoo Linux operating system allows a malicious individual to compromise the integrity of protected information.
The vulnerability in the portage package of the Gentoo Linux operating system up to version 2.1.3.11 can lead to the compromise of protected information. This vulnerability can be exploited locally...