The vulnerability in the vManage web interface of the software-defined Cisco SD-WAN network allows a malicious individual to gain unauthorized access to protected information.

The vulnerability in the vManage web interface of the Cisco SD-WAN software-defined network is related to authentication process errors. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information by sending specially crafted HTTP requests...

The vulnerability of the Core component of the Oracle VM VirtualBox software allows a hacker to gain unauthorized access to protected information.

The vulnerability of the Core component of the Oracle VM VirtualBox software is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

The vulnerability of the Recovery component of the Oracle Database Server system allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Recovery component of the Oracle Database Server system is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information using the Oracle Net protocol...

The vulnerability of the Database Vault component of the Oracle Database Server system allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Database Vault component of the Oracle Database Server database management system is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information using the Oracle...

PT-2021-3101 · Microsoft · Sharepoint Server +1

Name of the Vulnerable Software and Affected Versions: Microsoft SharePoint Server affected versions not specified Description: The issue is related to insufficient protection of service data in Microsoft SharePoint Server, which can be exploited by a remote attacker to gain unauthorized access t...

PT-2021-3151 · Microsoft · Windows Remote Desktop Protocol +1

Name of the Vulnerable Software and Affected Versions: Windows Remote Desktop Protocol RDP affected versions not specified Description: The issue is related to a buffer overflow in memory, which can be exploited by a remote attacker to gain unauthorized access to protected information. This can...

The vulnerability of the Core component of the Oracle VM VirtualBox software allows a hacker to gain unauthorized access to protected information.

The vulnerability of the Core component of the Oracle VM VirtualBox software lies in insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

The vulnerability in the web interface for supporting Web MIDI devices allows attackers to compromise the confidentiality of protected information. This vulnerability is present in browsers like Google Chrome and Microsoft Edge.

The vulnerability in web interfaces for supporting Web MIDI devices, such as Google Chrome and Microsoft Edge browsers, is related to the use of memory after it is freed. Exploiting this vulnerability could allow a remote attacker to compromise the confidentiality of protected information through...

The vulnerability of the Windows Codecs Library, a library used for processing media content on Microsoft Windows operating systems, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Windows Codecs Library, used for processing media content on Microsoft Windows operating systems, is related to insufficient protection of sensitive data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

The vulnerability of the navigation components in Google Chrome and Microsoft Edge allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of Google Chrome and Microsoft Edge browsers’ navigation components is related to improperly implemented security checks for standard elements. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information through a...

The vulnerability of the “Network” panel display on Google Chrome and Microsoft Edge browsers allows a malicious individual to gain unauthorized access to protected information.

The vulnerability of the “Network” panel display in Google Chrome and Microsoft Edge is related to improperly implemented security checks for standard elements. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information through a...

The vulnerability of the Windows Event Tracing service allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Windows Event Tracing service is related to errors in object handling in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

The vulnerability of Huawei Mate 30 and Huawei Mate 30 Pro mobile phone microprogramming systems, related to security mechanism errors, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the microprogramming software in Huawei Mate 30 and Huawei Mate 30 Pro devices is related to security mechanism flaws. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information...

PT-2021-2774 · Oracle +2 · Virtualbox +2

Name of the Vulnerable Software and Affected Versions: Oracle VM VirtualBox versions prior to 6.1.20 Description: The issue is related to insufficient input validation in the Core component of Oracle VM VirtualBox. This can allow an attacker to gain unauthorized access to protected information. T...

The vulnerability of the Mozilla Firefox browser, related to resource management errors, allows a hacker to gain unauthorized access to protected information.

The vulnerability of the Mozilla Firefox browser is related to resource management errors. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the Windows Installer component on Microsoft Windows operating systems allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Windows Installer component in Microsoft Windows operating systems is related to insufficient protection of service data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

Cross-site Request Forgery (CSRF)

trestle-auth is vulnerable to cross-site request forgery. An attacker is able to create a form that will bypass Rails' built-in CSRF protection when submitted by a victim with a trestle-auth admin session, allowing to alter protected data, including admin account credentials...

Design/Logic Flaw

trestle-auth is an authentication plugin for the Trestle admin framework. A vulnerability in trestle-auth versions 0.4.0 and 0.4.1 allows an attacker to create a form that will bypass Rails' built-in CSRF protection when submitted by a victim with a trestle-auth admin session. This potentially...

PT-2021-2639 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to errors in handling objects in memory within the Windows Event Tracing service, which can allow an attacker to gain unauthorized access to protected information. This...

PT-2021-2636 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to errors in handling memory objects in the implementation of the Microsoft Server Message Block SMB network protocol in Windows operating systems. This can allow a...