The vulnerability of the crosvm component in the Google Chrome browser allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the crosvm component in Google Chrome relates to insufficient protection of service data. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

The vulnerability of the Microsoft Dynamics 365 resource planning software lies in the insufficient protection of operational data, allowing an attacker to gain unauthorized access to protected information.

The vulnerability of the Microsoft Dynamics 365 resource planning software is related to insufficient protection for operational data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

SUSE-SU-2023:4047-1 Security update for glibc

This update for glibc fixes the following issues: Security issue fixed: - CVE-2023-4813: Fixed a potential use-after-free in gaihinet bsc1215286, BZ 28931 Other changes: - Added GB18030-2022 charmap jscPED-4908, BZ 30243 - Run vismain only if linker supports protected data symbol bsc1215505...

The vulnerability of backup and data recovery software on computers and servers with Acronis Agent allows attackers to gain unauthorized access to protected information.

Acronis Agent’s backup and recovery software for computers and servers involves exposing protected information. Exploiting this vulnerability can allow attackers to gain unauthorized access to protected information...

PT-2023-5940

Name of the Vulnerable Software and Affected Versions Microsoft WordPad affected versions not specified Description The vulnerability in Microsoft WordPad is related to the disclosure of NTLM hashes, which can be exploited by attackers to obtain sensitive information. This issue can affect the...

The vulnerability of the Safari browser on the macOS operating system allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Safari browser on the macOS operating system is related to security configuration errors. Exploiting this vulnerability can allow a malicious actor, acting remotely, to gain unauthorized access to protected information...

The vulnerability of backup and data recovery software on computers and servers with Acronis Agent, related to authentication errors, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of backup and data recovery software on computers and servers with Acronis Agent is related to authentication errors. Exploiting this vulnerability can allow attackers to gain unauthorized access to protected information...

The vulnerability of the Jenkins NodeJS plugin, related to errors in processing user credentials in the build log, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Jenkins NodeJS plugin is related to errors in processing user credentials in the build log. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to protected information...

The vulnerability of the Zephyr real-time operating system’s Bluetooth protocol implementation allows a intruder to gain unauthorized access to protected information.

The vulnerability of the Zephyr real-time operating system’s Bluetooth protocol implementation is related to errors in representing certain functions. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the libxslt library in iPadOS, tvOS, iOS, watchOS, and macOS allows attackers to gain unauthorized access to protected information.

The vulnerability of the libxslt library in iPadOS, tvOS, iOS, watchOS, and macOS relates to insufficient protection of sensitive data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information remotely...

The vulnerability of the PDF-XChange PDF document viewing and editing program, related to out-of-memory reading, allows attackers to disclose protected information.

The vulnerability of the PDF document viewing and editing software PDF-XChange is related to reading beyond the memory limit. Exploiting this vulnerability can allow an attacker to disclose protected information using a specially created TIF file...

The vulnerability of the “copySessionFolder” command implementation in the software for creating/distributing content by LG Simple Editor allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the copySessionFolder command in the software for creating/distributing content in LG Simple Editor is related to an incorrect limitation on the path name of the restricted directory. Exploiting this vulnerability could allow a malicious actor to compromise the confidentialit...

CVE-2023-41979

A race condition was addressed with improved locking. This issue is fixed in macOS Sonoma 14. An app may be able to modify protected parts of the file system...

CVE-2023-41073

An authorization issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.6, tvOS 17, iOS 16.7 and iPadOS 16.7, macOS Monterey 12.7, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to access protected user data...

PT-2023-8478 · Apple · Apple Macos

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 14 Description: The issue is related to errors in security settings of the App Sandbox technology in the macOS operating system, which may allow an attacker to exit the isolated software environment and disclose...

The vulnerability of the 3Scale Admin Portal’s API interface management software lies in its ability to disclose information through browser caching, allowing an attacker to expose protected information.

The vulnerability of the 3Scale Admin Portal’s API interfaces relates to the disclosure of information through browser caching. Exploiting this vulnerability could allow an attacker to disclose protected information...

The vulnerability of the CharDistributionAnalysis::HandleOneChar function in the NotePad++ text editor allows a hacker to gain unauthorized access to protected information.

The vulnerability of the CharDistributionAnalysis::HandleOneChar function in the NotePad++ text editor is related to the execution of operations outside the buffer’s boundaries in memory. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...

PT-2023-8420 · Apple · Applemobilefileintegrity +4

Name of the Vulnerable Software and Affected Versions: AppleMobileFileIntegrity versions prior to macOS Sonoma 14 Safari versions prior to iOS 17 Safari versions prior to iPadOS 17 Description: The issue is related to errors in processing permissions in the AppleMobileFileIntegrity component of t...

The vulnerability of TP-LINK’s TL-ER5120G router software, related to deficiencies in authentication procedures, allows attackers to gain unauthorized access to protected information.

The vulnerability of TP-LINK’s TL-ER5120G router microprogramming software is related to deficiencies in authentication procedures. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the onHostEmulationData() function in Android operating systems allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the onHostEmulationData function in Android operating systems is related to insufficient protection for service data. Exploiting this vulnerability can allow attackers to gain unauthorized access to protected information...