PT-2021-2639 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to errors in handling objects in memory within the Windows Event Tracing service, which can allow an attacker to gain unauthorized access to protected information. This...

PT-2021-2636 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to errors in handling memory objects in the implementation of the Microsoft Server Message Block SMB network protocol in Windows operating systems. This can allow a...

PT-2021-2724 · Microsoft · Office +4

Name of the Vulnerable Software and Affected Versions: Microsoft Office versions affected versions not specified Microsoft Office Web Apps Server versions affected versions not specified Microsoft Excel versions affected versions not specified Microsoft 365 Apps for Enterprise versions affected...

The vulnerability of the Titan M security module for Android operating systems allows a hacker to gain unauthorized access to protected information.

The vulnerability of the Titan M security module’s kernel in Android operating systems is related to initialization errors. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

The vulnerability in the kernel/bpf/verifier.c file of the Linux operating system allows a hacker to gain unauthorized access to protected information.

The vulnerability in the kernel/bpf/verifier.c file of the Linux operating system is related to the disclosure of information due to discrepancies. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

The vulnerability of the Citrix XenMobile Server, a system for managing corporate mobile devices, stems from the lack of protective measures for the SQL query structure. This allows attackers to gain unauthorized access to protected information.

The vulnerability of the Citrix XenMobile Server, a system for managing corporate mobile devices, is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected informatio...

The vulnerability in the vManage web interface of the software-defined Cisco SD-WAN network allows a malicious individual to gain unauthorized access to protected information.

The vulnerability of the vManage web interface of the Cisco SD-WAN software-defined network is related to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

The vulnerability of Google Chrome’s user interface allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Google Chrome browser user interface is related to errors in cryptographic transformations. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

The vulnerability in the vManage web interface of the software-defined Cisco SD-WAN network allows a malicious individual to gain unauthorized access to protected information.

The vulnerability of the vManage web interface of the Cisco SD-WAN software-defined network is related to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the configuration of Siemens SICAM integrated web-server microprogramming software for remote terminals allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the configuration of the integrated web-server microprogramming software for Siemens SICAM remote terminals is related to insufficient data protection. Exploiting this vulnerability can allow an intruder operating remotely to gain unauthorized access to protected information...

The vulnerability of the Netlify domain controller, related to improperly configured DNS records, allows attackers to intercept cookie files, bypass Content Security Policy (CSP) security policies, Cross-Origin Resource Sharing (CORS) mechanisms, and gain unauthorized access to protected information.

The vulnerability of the Netlify domain controller implementation is related to improperly configured DNS records. Exploiting this vulnerability allows a malicious actor to intercept cookie files, bypass security mechanisms like CSP, Cross-Origin Resource Sharing CORS, and gain unauthorized acces...

The vulnerability in the implementation of window.webkit in Firefox’s web browser for the iOS operating system allows a perpetrator to gain unauthorized access to protected information.

The vulnerability in the Firefox web browser’s window.webkit implementation for the iOS operating system relates to the disclosure of the SECURITYTOKEN token. Exploiting this vulnerability can allow an attacker, working remotely, to gain unauthorized access to protected information...

The vulnerability in the function of autoar-extractor.c library in gnome-autoar allows a perpetrator to disclose protected information.

The vulnerability in the function of the autoar-extractor.c library in the gnome-autoar library is related to an incorrect definition of the reference before accessing the file. Exploiting this vulnerability could allow an attacker to disclose protected information...

The vulnerability in the implementation of the ISN generator of the protocol stack used in Contiki OS and uIP allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the ISN generator implementation used in the Contiki OS and uIP is related to the use of insufficiently random values. Exploiting this vulnerability could allow an attacker operating remotely to gain unauthorized access to protected information...

The vulnerability of the implementation of the ISN generator in the protocols used by uC/OS and uC/TCP-IP allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the ISN generator implementation in the uC/OS and uC/TCP-IP protocols is related to the use of insufficiently random values. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to protected information...

The vulnerability of the Web Server Plugin component of the Oracle Access Manager software, which allows attackers to create, delete, or modify access rights to protected information, or gain read-only access to data.

The vulnerability of the Web Server Plugin component of the Oracle Access Manager software component of the Oracle Fusion Middleware platform is related to the lack of protection for operational data. Exploiting this vulnerability could allow an attacker to create, delete, or modify access rights...

The vulnerability of Google Chrome’s Tab Groups component allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of Google Chrome’s Tab Groups component is related to writing beyond the buffer limit. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

The vulnerability of the order formatting module of the Magento Commerce software platform, which is used for developing and managing online stores, allows a malicious actor to gain unauthorized access to protected information.

The vulnerability of the order processing module of the Magento Commerce software platform for developing and managing online stores is related to deficiencies in the authentication mechanism. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized...

The vulnerability of the Go programming language, related to incorrect calculations, allows attackers to disclose protected information and compromise the integrity of that information.

The vulnerability in the crypto/elliptic/p224.go programming language is related to incorrect calculations. Exploiting this vulnerability can allow a remote attacker to disclose protected information and compromise the integrity of that information...

The vulnerability of the user API module of the software platform for developing and managing online stores Magento Commerce allows a hacker to gain unauthorized access to protected information.

The vulnerability of the user API module of the Magento Commerce software development and management platform is related to deficiencies in the authentication mechanism. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected information...