The vulnerability of the Agile Integration Services component of the Oracle Agile PLM Framework’s product lifecycle management software allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the Agile Integration Services component of the Oracle Agile PLM Framework’s product lifecycle management software exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and...

The vulnerability of the software platform interface for managing network infrastructure, Versa Director, allows a perpetrator to disclose protected information.

The vulnerability of the software platform interface for managing network infrastructure Versa Director is related to the lack of authenticity verification for a critical function. Exploiting this vulnerability can allow an attacker, operating remotely, to disclose sensitive information by sendin...

Vulnerability of automation tools for business processes in SAP Business Workflow and SAP Flexible Workflow systems: The ability to bypass authentication by using a user-controlled key allows unauthorized users to gain unauthorized access to protected information.

Vulnerability of tools for automating business processes in SAP: SAP Business Workflow and SAP Flexible Workflow involve bypassing authentication by using a user-controlled key. Exploiting this vulnerability can allow an intruder operating remotely to gain unauthorized access to protected...

The vulnerability of the Boost library in the Mercedes-Benz MBUX multimedia system, related to the manipulation of the zero pointer, allows a intruder to compromise the accessibility of protected information.

The vulnerability of the Boost library in the Mercedes-Benz MBUX multimedia system is related to a pointer assignment error. Exploiting this vulnerability could allow an attacker to compromise the accessibility of the protected information...

The vulnerability of the BitLocker component of the Windows operating system, which allows a hacker to disclose protected information

The vulnerability of the BitLocker component of the Windows operating system is related to a rollback to a less secure state. Exploiting this vulnerability can allow an attacker to disclose protected information...

The vulnerability of the Session Token Handler component of the software platform based on Git for collaborative code development on GitLab allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Session Token Handler component in the Git-based software development platform, which is used for collaborative code development on GitLab, is related to context switching errors during privilege handling. Exploiting this vulnerability can allow an attacker, operating...

The vulnerability of the graphical interface of the Fortinet FortiManager software, a centralized device management system, allows a malicious individual to gain unauthorized access to protected information.

The vulnerability of the graphical interface of the Fortinet FortiManager device management software is related to the lack of authentication for a critical function. Exploiting this vulnerability allows an attacker operating remotely to gain unauthorized access to protected information...

The vulnerability of the Elasticsearch search system, related to incorrect authorization, allows a perpetrator to gain access to protected information.

The vulnerability of the Elasticsearch search engine is related to incorrect authentication. Exploiting this vulnerability can allow a malicious actor to gain access to protected information...

The vulnerability of the Wiki History Diff component of the Git-based software platform for collaborative code development on GitLab allows a hacker to gain unauthorized access to protected information.

The vulnerability of the Wiki History Diff component in the Git-based software platform for collaborative code development on GitLab is related to deficiencies in the authentication mechanism. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access t...

The vulnerability of software solutions that support the closing, consolidation, and reporting processes of IBM Cognos Controller and IBM Controller lies in the lack of a mechanism for generating error reports. This allows attackers to gain unauthorized access to protected information.

The vulnerabilities of the software solutions that support the closing, consolidation, and reporting processes of IBM Cognos Controller and IBM Controller are related to deficiencies in the mechanism for generating error reports. Exploiting these vulnerabilities can allow unauthorized actors to...

The vulnerability of the REST Views module in the Drupal CMS system, related to insufficient protection of operational data, allows attackers to gain unauthorized access to protected information.

The vulnerability of the REST Views module in the Drupal CMS system is related to insufficient protection of operational data. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the Ivanti EPM endpoint management software lies in the improper restriction of path names in the catalog, which allows a malicious actor to gain unauthorized access to protected information.

The vulnerability of the Ivanti EPM endpoint management software is related to incorrect restrictions on path names in the catalog. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to protected information...

The vulnerability of the Dell VxRail hyper-converged infrastructure, related to the unencrypted storage of critical information, allows a intruder to disclose protected data.

The vulnerability of the Dell VxRail hyper-converged infrastructure is related to the unencrypted storage of critical information. Exploiting this vulnerability could allow an attacker to disclose the protected data...

The vulnerability of software solutions that support the closing, consolidation, and reporting processes of IBM Cognos Controller and IBM Controller lies in the lack of a mechanism for generating error reports. This allows attackers to gain unauthorized access to protected information.

The vulnerabilities of the software solutions that support the closing, consolidation, and reporting processes of IBM Cognos Controller and IBM Controller are related to deficiencies in the mechanism for generating error reports. Exploiting these vulnerabilities can allow unauthorized actors to...

PT-2025-1164 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to the Kerberos protocol implementation in Windows, which is associated with insufficient protection of service data. This can allow a remote attacker to disclose...

The vulnerability of the Container Storage Interface (CSI) component in the Nomad application orchestrator allows a attacker to influence the integrity of the protected information.

The vulnerability of the Container Storage Interface CSI component in the Nomad application orchestrator is related to improper authentication. Exploiting this vulnerability allows an attacker to influence the integrity of the protected information...

The vulnerability of the virtual learning environment Moodle, related to the disclosure of information that allows a intruder to gain unauthorized access to protected information

The vulnerability in the virtual learning environment Moodle is related to the disclosure of information. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the software for controlling the Geovision GV-ASManager system lies in the absence of an authentication procedure, which allows a intruder to disclose the protected information.

The vulnerability of the software for controlling the Geovision GV-ASManager access control system is related to the absence of an authentication process. Exploiting this vulnerability could allow a malicious actor, operating remotely, to disclose the protected information...

The vulnerability of the MQTT broker in the Ruijie Reyee OS operating system allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the MQTT broker in the Ruijie Reyee OS operating system is related to the lack of measures taken to neutralize substitution or matching symbols. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the I-O Data Device UD-LT1 and UD-LT1/EX router microprogramming software lies in the improper assignment of permissions for critical resources, allowing a perpetrator to gain unauthorized access to protected information.

The vulnerability of the I-O Data Device UD-LT1 and UD-LT1/EX router microprogramming software is related to the improper assignment of permissions for critical resources. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to protected information...