The vulnerability of Java Secure Socket Extension (JSSE) and IBMJCEPlus, components of the IBM SDK Java Technology development environment, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of Java Secure Socket Extension JSSE and IBMJCEPlus, part of the IBM SDK Java Technology development tools, is related to the use of cryptographic algorithms that contain vulnerabilities. Exploiting this vulnerability could allow an attacker, operating remotely, to gain...

The vulnerability of the ILIAS learning management system and support process, which stems from an incorrect restriction on the path to the restricted access catalog, allows a perpetrator to disclose protected information.

The vulnerability of the ILIAS learning management system and support process exists due to an incorrect restriction on the path name to the restricted access catalog. Exploiting this vulnerability could allow a malicious actor, operating remotely, to disclose protected information through...

The vulnerability in the bitrix/modules/main/tools.php component of the Bitrix24 business management service allows a malicious individual to gain unauthorized access to protected information and execute arbitrary JavaScript code.

The vulnerability of the bitrix/modules/main/tools.php component of the Bitrix24 business management service is related to initialization errors. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information and execute arbitrary...

The vulnerability of the update download section for software solutions in the Spectrum Virtualize virtualization technology allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the update download section for Spectrum Virtualize software relates to insufficient protection of operational data during the download process. Exploiting this vulnerability allows an attacker to gain unauthorized access to protected information by using the “satask...

The vulnerability of the Profiles component in the Google Chrome browser allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Profiles component in Google Chrome browser relates to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information through a specially created web page...

The vulnerability of the Apache Santuario XML Security for Java platform, related to the disclosure of information through registration files, allows attackers to disclose the protected information.

The vulnerability of the Apache Santuario XML Security platform for securing XML standards is related to the disclosure of information through registration files. Exploiting this vulnerability can allow a malicious actor to disclose the protected information...

The vulnerability of the EisBaer SCADA system, related to the storage of passwords in an unencrypted form, allows a intruder to expose the protected information and compromise the system.

The vulnerability of the EisBaer SCADA system is related to the storage of passwords in an unencrypted form. Exploiting this vulnerability can allow a perpetrator to disclose protected information and compromise the system...

PT-2023-6644 · Google +3 · Google Chrome +3

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 119.0.6045.105 Description: The issue is related to a use after free in Reading Mode, which could allow a remote attacker to potentially exploit heap corruption via specific UI gestures if a user is convinced t...

The vulnerability of the EisBaer SCADA system, related to the improper assignment of permissions for critical resources, allows a intruder to gain unauthorized access to protected information.

The vulnerability of the SCADA system of EisBaer is related to the improper assignment of permissions for critical resources. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the EisBaer SCADA system, which stems from the use of a strictly encrypted cryptographic key, allows attackers to gain unauthorized access to protected information.

The vulnerability of the EisBaer SCADA system is related to the use of a strictly encrypted cryptographic key. Exploiting this vulnerability could allow an intruder to gain unauthorized access to protected information...

The vulnerability of the SCADA system EisBaer, related to the disclosure of information, allows a intruder to gain unauthorized access to the protected information.

The vulnerability of the SCADA system of EisBaer is related to the disclosure of information. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the Jenkins Multibranch Scan Webhook Trigger Plugin, related to the disclosure of information, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Jenkins Multibranch Scan Webhook Trigger Plugin is related to the disclosure of information. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected information...

The vulnerability of the Zoom video conferencing service, related to the unencrypted storage of critical information, allows attackers to gain access to protected data.

The vulnerability of the Zoom video conferencing service is related to the unencrypted storage of critical information. Exploiting this vulnerability could allow an attacker to gain access to protected data...

The vulnerability of the Events & Notifications sub-component of the PeopleSoft Enterprise CC Common Application Objects component of the Oracle PeopleSoft Products allows a malicious individual to gain unauthorized access to protected information.

The vulnerability of the Events & Notifications sub-component of the PeopleSoft Enterprise CC Common Application Objects component in the Oracle PeopleSoft Products suite of business applications is related to insufficient validation of input data. Exploiting this vulnerability may allow an...

CVE-2023-41077

An app may be able to access protected user data. This issue is fixed in macOS Sonoma 14, macOS Ventura 13.6.1. The issue was addressed with improved checks...

PT-2023-8348 · Apple · Ios +2

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 14.1 iOS versions prior to 17.1 iPadOS versions prior to 17.1 Description: A privacy issue is related to insufficient protection of registration data in the Contacts component of iOS, macOS, and iPadOS operating system...

The vulnerabilities of PDF viewing and editing programs like Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, and Adobe Acrobat 2020/Adobe Acrobat Reader 2020 involve reading data beyond the buffer in memory, allowing attackers to disclose protected information.

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2020, and Adobe Acrobat Reader 2020 are related to reading data beyond the buffer in memory. Exploiting these vulnerabilities can allow attackers to...

The vulnerability in the web interface of the Connectize G6 AC2100 router’s software allows a hacker to disclose protected information.

The vulnerability in the web interface of the Connectize G6 AC2100 router software exists due to the failure to address the special elements used in the operating system command. Exploiting this vulnerability can allow a malicious actor to disclose sensitive information...

Vulnerability of the Server component: Security: Encryption of the Oracle MySQL Server database management system, due to improper access control, allows attackers to gain access to protected information.

The vulnerability of the Oracle MySQL Server component related to security: encryption involves a lack of protection for operational data. Exploiting this vulnerability can allow an attacker operating remotely to gain access to protected information...

The vulnerability of Titan SFTP and Titan MFT NextGen server software lies in improper default permissions, allowing unauthorized access by attackers to protected information.

The vulnerability of the Titan SFTP and Titan MFT NextGen server software lies in incorrect default permissions. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information...