The vulnerability of the software for working with reports and data in the web environment of SAP Business Explorer’s BEx Web Java Runtime Export Web Service lies in errors in the processing of XML requests. This vulnerability allows attackers to compromise the confidentiality and accessibility of protected information.

The vulnerability of the software for working with reports and data in the web environment of SAP Business Explorer’s BEx Web Java Runtime Export Web Service is related to errors in processing XML requests. Exploiting this vulnerability can allow an attacker to compromise the confidentiality and...

The vulnerability of the Setting Handler component in the Git-based software platform, which is used for collaborative code development on GitLab, allows a malicious individual to gain unauthorized access to protected information.

The vulnerability of the Setting Handler component in the Git-based software platform, which is used for collaborative code development on GitLab, is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain...

The vulnerability of TeamViewer’s software for remote control of computers allows unauthorized access to protected information.

The vulnerability of TeamViewer’s remote control software relates to improper control over the synchronization function of the clipboard. Exploiting this vulnerability can allow an intruder operating remotely to gain unauthorized access to protected information...

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2020, and Adobe Acrobat Reader 2020/2024 involve memory usage after decompression, allowing attackers to disclose protected information.

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2020, and Adobe Acrobat Reader 2020/2024 are related to the use of memory after deallocation. Exploiting these vulnerabilities can allow attackers to...

CVE-2024-34644

Improper access control in item selection related in Dressroom prior to SMR Sep-2024 Release 1 allows local attackers to access protected data. User interaction is required for triggering this vulnerability...

CVE-2024-34643

Improper access control in key input related function in Dressroom prior to SMR Sep-2024 Release 1 allows local attackers to access protected data. User interaction is required for triggering this vulnerability...

CVE-2024-34644

Improper access control in item selection related in Dressroom prior to SMR Sep-2024 Release 1 allows local attackers to access protected data. User interaction is required for triggering this vulnerability...

CVE-2024-34644

Improper access control in item selection related in Dressroom prior to SMR Sep-2024 Release 1 allows local attackers to access protected data. User interaction is required for triggering this vulnerability...

CVE-2024-34644

The CVE-2024-34644 entry concerns Samsung ClothingDressroom (Dressroom) on Samsung Mobile devices. Affected component: Dressroom prior to SMR Sep-2024 Release 1. Root cause: improper access control in the item selection flow, enabling local attackers to access protected data. Conditions: user int...

CVE-2024-34643

Improper access control in key input related function in Dressroom prior to SMR Sep-2024 Release 1 allows local attackers to access protected data. User interaction is required for triggering this vulnerability...

CVE-2024-34643

Improper access control in key input related function in Dressroom prior to SMR Sep-2024 Release 1 allows local attackers to access protected data. User interaction is required for triggering this vulnerability...

PT-2024-26063 · Dressroom · Dressroom

Name of the Vulnerable Software and Affected Versions: Dressroom versions prior to SMR Sep-2024 Release 1 Description: The issue is related to improper access control in item selection, allowing local attackers to access protected data. User interaction is required to trigger this issue. There is...

PT-2024-26062 · Dressroom · Dressroom

Name of the Vulnerable Software and Affected Versions: Dressroom versions prior to SMR Sep-2024 Release 1 Description: The issue is related to improper access control in a key input related function, allowing local attackers to access protected data. User interaction is required to trigger this...

The vulnerability of the Calibre electronic library’s software lies in the incorrect limitation of the path name to the restricted-access catalog, which allows attackers to disclose protected information.

The vulnerability of the Calibre electronic library software is related to an incorrect limitation on the path name to the restricted-access catalog. Exploiting this vulnerability could allow a malicious actor to disclose the protected information...

The vulnerability of SolarWinds IT infrastructure management software’s Web Help Desk system, related to the use of pre-installed user accounts, allows a hacker to disclose and alter sensitive information that is protected by the system.

The vulnerability of SolarWinds IT infrastructure management software’s Web Help Desk component is related to the use of pre-installed user accounts. Exploiting this vulnerability could allow an attacker to disclose and modify the protected information...

The vulnerability of the exacqVision Client and exacqVision Server software is related to insufficiently secure data encryption. This allows unauthorized access to protected information.

The vulnerability of the exacqVision Client and exacqVision Server software is related to insufficiently secure data encryption. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the NSS encryption component in Mozilla Firefox and Firefox ESR browsers allows attackers to gain access to protected information.

The vulnerability of the CKMCHACHA20 font set in Mozilla Firefox and Firefox ESR browsers is related to the possibility of buffer overflow in dynamic memory. Exploiting this vulnerability can allow a malicious actor to gain access to protected information through a call to PK11Encrypt...

The vulnerability of the application software interface of the CloudStack software platform for managing virtual machine environments allows a attacker to compromise the confidentiality of the protected information.

The vulnerability of the application software interface of the CloudStack software platform for managing virtual machine environments is related to insufficient protection of operational data. Exploiting this vulnerability could allow an attacker to compromise the confidentiality of the protected...

The vulnerability of the dbgfs_target_ids_write() function in the dbgfs component of the Linux operating system’s kernel allows a attacker to disclose protected information.

The vulnerability of the dbgfstargetidswrite function in the dbgfs component of the Linux operating system’s kernel is related to the issue of targetids being written multiple times without the monitoring and termination of DAMON. The number of references does not decrease, and memory for the...

The vulnerability of the User Management component of the Oracle iStore system, which is used for creating, managing, and personalizing online stores. This vulnerability exists in the Oracle E-Business Suite, a business automation system that allows attackers to gain unauthorized access to protected information.

The vulnerability of the User Management component of the Oracle iStore system, which is used for creating, managing, and personalizing online stores, and of the Oracle E-Business Suite system, which is used for automating business operations, is related to insufficient validation of input data...