The vulnerability in the implementation of the AES-GCM mode of the WebCrypto API interface of Mozilla Firefox allows a perpetrator to gain unauthorized access to protected information.

The vulnerability in the implementation of the AES-GCM mode of the WebCrypto API interface in Mozilla Firefox’s browser relates to the use of memory after deallocation. Exploiting this vulnerability could allow an attacker operating remotely to gain unauthorized access to protected information...

PT-2021-1829 · Microsoft · Windows Gdi +1

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to a component of the Windows operating system, specifically Windows GDI+, and is associated with shortcomings in security mechanisms. It may allow a remote attacker to...

PT-2021-1543 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows modem.sys Description: The issue exists due to insufficient input validation in the modem.sys component of the Windows operating system. This can allow an attacker to obtain unauthorized access to protected information. The...

The vulnerability of the KVM virtualization subsystem in the Linux operating system, related to the disclosure of information that allows a hacker to access protected data.

The vulnerability of the KVM virtualization subsystem in the Linux operating system is related to the disclosure of information. Exploiting this vulnerability can allow a remote attacker to gain access to protected information...

The vulnerability of the software for deploying and using the SNMP protocol Net-SNMP is related to the lack of a mechanism for managing privileges. This allows a perpetrator to gain access to protected information, compromise its integrity, and cause service failures.

The vulnerability of the software for deploying and using the SNMP protocol Net-SNMP is related to the lack of a mechanism for managing privileges. Exploiting this vulnerability can allow an attacker to gain access to protected information, compromise its integrity, and cause service failures...

The vulnerability of the X-server fly-dm, related to the bypassing of authentication due to a fundamental error, allows attackers to gain access to protected information, compromise its integrity, and cause service failures.

The vulnerability of the X-server fly-dm involves bypassing authentication due to a fundamental flaw. Exploiting this vulnerability allows an attacker who operates remotely to gain access to protected information, compromise its integrity, and cause service failures...

The vulnerability of the Web interface of the Cisco Data Center Network Manager system allows a perpetrator to gain access to protected information.

The vulnerability of the Web interface of the Cisco Data Center Network Manager system is related to access control errors. Exploiting this vulnerability could allow a malicious actor to gain access to protected information...

The vulnerability of Microsoft Edge browser for Android, related to insufficient validation of input data, allows attackers to gain access to protected information.

The vulnerability of Microsoft Edge browser for Android is related to insufficient validation of input data. Exploiting this vulnerability can allow a remote attacker to gain access to protected information...

The vulnerability of the Web interface of the Cisco Data Center Network Manager system allows a perpetrator to gain access to protected information.

The vulnerability of the Web interface of the Cisco Data Center Network Manager system is related to errors in privilege management. Exploiting this vulnerability can allow an attacker to gain access to protected information...

The vulnerability of the Web interface of the Cisco Data Center Network Manager system allows a perpetrator to gain access to protected information.

The vulnerability of the Web interface of the Cisco Data Center Network Manager system is related to errors in privilege management. Exploiting this vulnerability can allow an attacker to gain access to protected information...

The vulnerability of the authentication library for exchanging identification data according to the SAML2 standard, related to incorrect verification of the cryptographic signature of the data, allows a perpetrator to bypass the signature verification and gain access to protected information.

The vulnerability of the authentication library for exchanging identification data according to the SAML2 standard, implemented with PySAML2, is related to incorrect verification of the cryptographic signature of the data. Exploiting this vulnerability could allow a malicious actor to bypass the...

The vulnerability of the network software tool Envoy, related to insufficient verification of data authenticity, allows a hacker to gain access to protected information.

The vulnerability of the network software tool Envoy is related to insufficient verification of data authenticity. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain access to protected information...

The vulnerability of the web interface of the Cisco Vision Dynamic Signage Director system allows a perpetrator to access protected information.

The vulnerability of the Cisco Vision Dynamic Signage Director digital content management web interface is related to the lack of authentication for a critical function. Exploiting this vulnerability could allow an attacker to gain access to protected information...

The vulnerability lies in the implementation of the PrintData or PrintStats functions in the network traffic balancing system’s Keepalived component. This allows attackers to gain access to the protected information.

The vulnerability of the PrintData or PrintStats implementation in the network traffic balancing system of Keepalived lies in the lack of protection for service data when the MODE=“0666” mode is used. Exploiting this vulnerability can allow an attacker to gain access to the protected information...

The vulnerability of the command syntax analyzer in Cisco IOS and Cisco IOS XE operating systems allows a attacker to gain access to protected information.

The vulnerability of the command syntax analyzer in Cisco IOS and Cisco IOS XE operating systems is related to errors in processing input data. Exploiting this vulnerability can allow an attacker to gain access to protected information...

The vulnerability of the Adobe Reader text viewer, related to errors in restricting the path to the restricted catalog, allows a perpetrator to gain access to protected information within the context of the current user.

The vulnerability of the Adobe Reader text viewer is related to errors that occur when restricting access to the path to the restricted catalog. Exploiting this vulnerability can allow a malicious actor to gain access to protected information in the context of the current user...

The vulnerability of the installation component of the Cisco HyperFlex hyper-converged infrastructure allows a attacker to gain access to protected information.

The vulnerability of the Cisco HyperFlex hyper-converged infrastructure deployment component is related to data encryption errors. Exploiting this vulnerability may allow an attacker to gain access to protected information...

The vulnerability of the Node.js software platform is related to an error in handling HTTP headers. This error allows attackers to gain access to protected information or enhance their privileges.

The vulnerability of the Node.js software platform is related to an error in handling HTTP header names. Exploiting this vulnerability can allow a remote attacker to gain access to protected information or enhance their privileges...

PT-2020-5293 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to a security feature bypass in the implementation of the Kerberos protocol in the Windows operating system, which is associated with a violation of the data protection...

PT-2020-5216 · Microsoft · Sharepoint Foundation +1

Name of the Vulnerable Software and Affected Versions: Microsoft SharePoint Server affected versions not specified Microsoft SharePoint Enterprise Server affected versions not specified Microsoft SharePoint Foundation affected versions not specified Description: The issue is related to errors in...