The vulnerability of the IBM Guardium Data Protection platform regarding data security, related to the leakage of information in error messages, allows attackers to disclose protected information.

The vulnerability of the IBM Guardium Data Protection platform relates to the leakage of information in error messages. Exploiting this vulnerability could allow a malicious actor, operating remotely, to disclose the protected information...

The vulnerability of the Device Admin App operating system ctrlX OS allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Device Admin App on the ctrlX OS platform is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information by sending specially crafted HTTP requests...

The vulnerability of the MongoDB database management system, related to access control errors, allows attackers to gain unauthorized access to protected information.

The vulnerability of the MongoDB database management system is related to access control errors. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the multi-media library Ffmpeg, related to reading data beyond the buffer boundary in memory, allows a intruder to gain unauthorized access to protected information.

The vulnerability of the FFmpeg multimedia library relates to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

The vulnerability of Siemens Scalance LPE9403 industrial switches’ microprogramming software lies in the improper assignment of permissions for critical resources, allowing attackers to enhance their privileges and gain unauthorized access to protected information.

The vulnerability of Siemens Scalance LPE9403 industrial switches’ microprogramming software is related to the improper assignment of permissions for critical resources. Exploiting this vulnerability can allow attackers to enhance their privileges and gain unauthorized access to protected...

The vulnerability of the Front End User Registration (sr_feuser_register) extension of the TYPO3 content management system allows a hacker to gain unauthorized access to protected information.

The vulnerability of the Front End User Registration srfeuserregister extension of the TYPO3 content management system is related to the use of a insecure direct link to an object IDOR. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...

The vulnerability of the femanager extension of the TYPO3 content management system allows a hacker to gain unauthorized access to protected information.

The vulnerability of the femanager extension of the TYPO3 content management system is related to the use of insecure direct links to objects. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the Backup Plus (ns_backup) extension of the TYPO3 content management system allows a hacker to gain unauthorized access to protected information.

The vulnerability of the Backup Plus nsbackup extension of the TYPO3 content management system is related to errors in the access control for saved backup files and configurations. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...

CVE-2024-27871

A path handling issue was addressed with improved validation. This issue is fixed in iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6. An app may be able to access protected user data...

CVE-2023-21493

Improper access control vulnerability in SemShareFileProvider prior to SMR May-2023 Release 1 allows local attackers to access protected data...

CVE-2023-21453

Improper input validation vulnerability in SoftSim TA prior to SMR Mar-2023 Release 1 allows local attackers access to protected data...

The vulnerability of the microprogramming software of APOGEE PXC and TALON TC lies in the insufficiently secure data encryption, allowing attackers to gain unauthorized access to protected information.

The vulnerability of the microprogramming software of APOGEE PXC and TALON TC is related to insufficiently secure data encryption. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the /goform/openSchedWifi component in the microprogramming software for Tenda TX3, which stems from copying buffers without checking the size of the input data, allows attackers to compromise the accessibility of protected information.

The vulnerability of the /goform/openSchedWifi component in the microprogramming-based routing software Tenda TX3 lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow an attacker to compromise the accessibility of protected...

CVE-2022-20280

In MMSProvider, there is a possible read of protected data due to improper input validationSQL injection. This could lead to local information disclosure of sms/mms data with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

CVE-2020-0372

In ActivityManager, there is a possible access to protected data due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID:...

The vulnerability of the Branch Prediction Unit (BPU) in Intel Core Ultra microprogramming systems allows attackers to disclose protected information.

The vulnerability of the Branch Prediction Unit BPU in Intel Core Ultra microprogrammed software processors is related to incorrect initialization of resources. Exploiting this vulnerability can allow attackers to disclose protected information...

The vulnerability of the ColdFusion software platform arises from incorrect restrictions on path names to restricted catalogs. This allows attackers to circumvent security restrictions and gain unauthorized access to protected information.

The vulnerability of the ColdFusion software platform is related to incorrect restrictions on the path name to the restricted directory. Exploiting this vulnerability allows an attacker to bypass security restrictions and gain unauthorized access to protected information...

The vulnerability of the Command Line Interface (CLI) of the Cisco Application Policy Infrastructure Controller, which allows a attacker to disclose protected information

The vulnerability of the Command Line Interface CLI of the Cisco Application Policy Infrastructure Controller management tool is related to improper cross-border deletion of critical data. Exploiting this vulnerability can allow an attacker to disclose protected information...

The vulnerability of Adobe After Effects’ video and dynamic image editing software lies in its ability to read data beyond the buffer limit in memory. This allows attackers to gain unauthorized access to protected information and circumvent the ASLR protection mechanism.

The vulnerability of Adobe After Effects’ video and dynamic image editing software relates to reading beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information and bypass the ASLR protection mechanism...

The vulnerability of the ColdFusion software platform, related to deficiencies in the authentication mechanism, allows attackers to gain unauthorized access to protected information.

The vulnerability of the ColdFusion software platform is related to deficiencies in the authentication mechanism. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...