The vulnerability of the `ksmbd_verify_smb_message()` function in the `fs/smb/server/smb_common.c` file of the KSMBD file system of the Linux operating system allows a attacker to access protected information or cause service failures.

The vulnerability of the ksmbdverifysmbmessage function in the fs/smb/server/smbcommon.c file of the KSMBD file system in the Linux operating system is related to the lack of control over the request identifier. Exploiting this vulnerability could allow a remote attacker to access protected...

The vulnerabilities of the APIkit components, the HTTP connector, and the OAuth2 Provider integrated into the API Gateway environment of the Mule Runtime, allow attackers to gain unauthorized access to protected information.

The vulnerabilities of the APIkit components, the HTTP connector, and the OAuth2 Provider integrated into the API Gateway environment of Mule Runtime Mule are related to errors in processing the relative path to the restricted directory. Exploiting these vulnerabilities can allow an attacker to...

The vulnerability of the IOSurfaceAccelerator component in iOS, iPadOS, watchOS, and tvOS operating systems allows attackers to gain access to protected information.

The vulnerability of the IOSurfaceAccelerator component in iOS, iPadOS, watchOS, and tvOS operating systems is related to reading data beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to access protected information...

The vulnerability of the cross-platform software development framework Qt, related to the transmission of protected information in unencrypted form, allows attackers to compromise data integrity.

The vulnerability of the cross-platform software development framework Qt is related to the transfer of protected information in unencrypted form. Exploiting this vulnerability allows a malicious actor to compromise data integrity remotely...

The vulnerability of the System Settings component in iOS, iPadOS, watchOS, tvOS, and macOS allows attackers to compromise the integrity of protected information.

The vulnerability of the System Settings component in iOS, iPadOS, watchOS, tvOS, and macOS is related to state management errors. Exploiting this vulnerability can allow an attacker to compromise the integrity of protected information...

The vulnerability of the udf_close_lvid() function in the fs/udf/super.c module of the Linux operating system allows a attacker to compromise the accessibility of protected information.

The vulnerability of the udfcloselvid function in the fs/udf/super.c module of the Linux operating system is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the accessibility of protected information...

The vulnerability of the kernel of Linux and Android embedded chips from Qualcomm allows attackers to gain unauthorized access to protected information.

The vulnerability of the kernel of Linux and Android embedded chips from Qualcomm is related to insufficient protection of sensitive data during execution and branch prediction. Exploiting this vulnerability can allow attackers to gain unauthorized access to protected information...

The vulnerability in the implementation of the Bluetooth Classic protocol, as specified in the Bluetooth Core Specification, allows a perpetrator to disclose protected information.

The vulnerability of the Bluetooth Classic protocol implementation, as described in the Bluetooth Core Specification, is related to insufficient protection of service data. Exploiting this vulnerability can allow a malicious actor to disclose the protected information...

PT-2023-3865 · Microsoft · Windows Cdp User Components +1

Name of the Vulnerable Software and Affected Versions: Windows CDP User Components affected versions not specified Description: The issue is related to a lack of protection for service data in the Windows CDP component of the Windows operating system. This can allow an attacker to disclose...

The vulnerability of the application development environment for ISaGRAF programmable logic controllers allows attackers to access password information stored in an unencrypted form, thereby enabling them to compromise the protected data.

The vulnerability in the development environment for ISaGRAF Runtime Rockwell Automation applications relates to the storage of passwords in an unencrypted form. Exploiting this vulnerability could allow a hacker to disclose the protected information...

The vulnerability of the Magento Commerce software platform for developing and managing online stores relates to the disclosure of information, which allows a malicious actor to gain unauthorized access to protected data.

The vulnerability of the Magento Commerce software platform for developing and managing online stores is related to the exposure of information. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the Apache OpenMeetings video conferencing software, related to insufficient comparison, allows a intruder to gain unauthorized access to protected information.

The vulnerability of Apache OpenMeetings video conferencing software is related to insufficient comparison. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the Magento Commerce software platform for developing and managing online stores, related to improper authentication procedures, allows attackers to bypass existing security restrictions.

The vulnerability of the Magento Commerce development and management software platform is related to improper authentication procedures. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions and gain unauthorized access to protected information...

The vulnerability of Hirschmann Network Management Industrial HiVision software, related to privilege management errors, allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of Hirschmann Network Management Industrial HiVision software is related to privilege management errors. Exploiting this vulnerability allows an attacker to compromise the confidentiality, integrity, and accessibility of protected information...

The vulnerability of the Magento Commerce software platform for developing and managing online stores, related to errors in XML request processing, allows attackers to gain unauthorized access to protected information.

The vulnerability of the Magento Commerce development and management software platform is related to errors in processing XML requests. Exploiting this vulnerability can allow a malicious actor to gain unauthorized access to protected information from a remote location...

The vulnerability of the Windows operating system’s kernel allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Windows operating system’s kernel is related to insufficient protection of sensitive data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

The vulnerability of the ABB eSOMS software for managing production processes, related to errors in processing requests, allows a perpetrator to disclose protected information.

The vulnerability of the ABB eSOMS software for managing production processes is related to errors in processing requests. Exploiting this vulnerability can allow a malicious actor, operating remotely, to disclose sensitive information that is protected by the system...

The vulnerability of the LaunchServices service in operating systems such as MacOS, iOS, iPadOS, and watchOS allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the LaunchServices service in operating systems such as MacOS, iOS, iPadOS, and watchOS is related to security configuration errors. Exploiting this vulnerability can allow attackers to compromise the confidentiality, integrity, and accessibility of protected information...

The vulnerability of Hitachi Vantara Pentaho Business Analytics Server’s server lies in improper authorization, which allows attackers to disclose protected information.

The vulnerability of Hitachi Vantara Pentaho Business Analytics Server relates to improper authentication. Exploiting this vulnerability can allow a malicious actor to disclose protected information remotely...

The vulnerability of Trend Micro Apex One and Apex One as a Service, web-based antivirus software consoles, allows attackers to gain unauthorized access to protected information.

The vulnerability of Trend Micro Apex One and Apex One as a Service web antivirus software programs is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information by connecting to port 434...