PT-2023-7907 · Apple · Apple Macos

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 14.2 macOS Ventura versions prior to 13.6.3 macOS Monterey versions prior to 12.7.2 Description: A logic issue was addressed with improved checks, which may allow an app to access protected user data. The issue is...

PT-2023-8830 · WordPress · Podlove Web Player

Name of the Vulnerable Software and Affected Versions: Podlove Web Player versions through 5.7.3 Description: The issue is related to insufficient authorization procedures in the Podlove Web Player plugin for WordPress, allowing a remote attacker to impact the integrity and confidentiality of...

The vulnerability of the SCADA system EisBaer, related to the disclosure of information, allows a intruder to gain unauthorized access to the protected information.

The vulnerability of the SCADA system of EisBaer is related to the disclosure of information. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the Zoom video conferencing service, related to the unencrypted storage of critical information, allows attackers to gain access to protected data.

The vulnerability of the Zoom video conferencing service is related to the unencrypted storage of critical information. Exploiting this vulnerability could allow an attacker to gain access to protected data...

The vulnerability of backup and data recovery software on computers and servers with Acronis Agent, related to authentication errors, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of backup and data recovery software on computers and servers with Acronis Agent is related to authentication errors. Exploiting this vulnerability can allow attackers to gain unauthorized access to protected information...

The vulnerability of cloud-based software for creating and using Nextcloud storage solutions is related to improper access control, which allows attackers to gain unauthorized access to protected information.

The vulnerability of cloud-based software for creating and using Nextcloud storage solutions is related to improper access control. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the FortiTester software and hardware tools for diagnosing and auditing computer networks lies in the unencrypted storage of confidential information, which allows attackers to gain unauthorized access to protected data.

The vulnerability of the FortiTester software for diagnosing and auditing computer networks lies in the unencrypted storage of confidential information. Exploiting this vulnerability can allow an intruder to gain unauthorized access to the protected information...

The vulnerability of the Windows operating system’s kernel allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Windows operating system’s kernel is related to insufficient protection of sensitive data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

The vulnerability of the macOS operating system’s Shortcuts component, which allows a hacker to gain unauthorized access to protected information

The vulnerability of the macOS operating system’s Shortcuts component is related to lack of access control. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

The vulnerability of the Voice Memos component of the macOS operating system allows a intruder to gain unauthorized access to protected information.

The vulnerability of the Voice Memos component of the macOS operating system is related to access control deficiencies. Exploiting this vulnerability could allow a perpetrator to gain unauthorized access to protected information...

PT-2023-4381 · Microsoft · Windows Cryptographic Services +1

Name of the Vulnerable Software and Affected Versions: Windows Cryptographic Services affected versions not specified Description: The issue is related to a lack of protection for service data in the Windows Cryptographic Services, which can be exploited to disclose protected information. This...

The vulnerability of the Runtime Workbench component of the SAP NetWeaver Process Integration software, which allows attackers to compromise the confidentiality and accessibility of protected information.

The vulnerability of the Runtime Workbench RWB component of the SAP NetWeaver Process Integration software lies in the lack of authentication for a critical function. Exploiting this vulnerability allows an attacker to compromise the confidentiality and accessibility of protected information...

The vulnerability of the Magento Commerce software platform for developing and managing online stores, related to errors in XML request processing, allows attackers to gain unauthorized access to protected information.

The vulnerability of the Magento Commerce development and management software platform is related to errors in processing XML requests. Exploiting this vulnerability can allow a malicious actor to gain unauthorized access to protected information from a remote location...

The vulnerability of the Windows operating system’s kernel allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Windows operating system’s kernel is related to insufficient protection of sensitive data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

The vulnerability of the Zimbra Collaboration Suite’s corporate email management system lies in the use of certain JVM arguments within the mail server. This allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Zimbra Collaboration Suite email management system is related to the use of certain arguments in the Java Virtual Machine JVM used by the mail server. Exploiting this vulnerability could allow a malicious actor to compromise the confidentiality, integrity, and accessibili...

The vulnerability of the Web Server component of the Oracle BI Publisher software, which is used for creating reports, allows a hacker to disclose protected information.

The vulnerability of the Web Server component of the Oracle BI Publisher software exists due to insufficient verification of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to disclose sensitive information through HTTP requests...

The vulnerability of the software platforms for developing and managing Magento Open Source and Adobe Commerce online stores lies in errors in XML request processing, which allow attackers to gain unauthorized access to protected information.

The vulnerability of the Magento Open Source and Adobe Commerce software platforms for developing and managing online stores is related to errors in processing XML requests. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

The vulnerability of Adobe Dimension’s 3D design software relates to the use of memory after it is freed, allowing an attacker to gain unauthorized access to protected information.

The vulnerability of Adobe Dimension’s 3D design software relates to the use of memory after it is freed during the processing of USDZ files. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information through a specially created USDZ file...

The vulnerability of Adobe Dimension’s 3D design software relates to reading data beyond the buffer in memory, allowing an attacker to gain unauthorized access to protected information.

The vulnerability of Adobe Dimension’s 3D design software relates to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information through a specially created file...

The vulnerability of the PCL6 Class Printer driver for Windows operating systems allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the PCL6 Class Printer driver for Windows operating systems is related to insufficient protection of operational data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information remotely...