The vulnerability of the implementation of the AMD Secure Processor (ASP) microprogramming software for AMD processors allows a perpetrator to influence the integrity of the protected information.

The vulnerability of the AMD Secure Processor ASP microprogramming software for AMD processors lies in insufficient data validation during the translation of input/output addresses. Exploiting this vulnerability could allow a malicious actor to influence the integrity of the protected information...

The vulnerability of the AMD Secure Encrypted Virtualization (SEV) implementation, a micro-software solution for AMD processors, allows attackers to disclose protected information.

The vulnerability of the AMD Secure Encrypted Virtualization SEV technology, a micro-software solution for AMD processors, arises from the execution of operations beyond the buffer in memory due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to...

SUSE CVE-2018-5132

The Find API for WebExtensions can search some privileged pages, such as "about:debugging", if these pages are open in a tab. This could allow a malicious WebExtension to search for otherwise protected data if a user has it open. This vulnerability affects Firefox 59...

SUSE CVE-2022-25368

Spectre BHB is a variant of Spectre-v2 in which malicious code uses the shared branch history stored in the CPU BHB to influence mispredicted branches in the victim's hardware context. Speculation caused by these mispredicted branches can then potentially be used to cause cache allocation, which...

PT-2023-1461 · Microsoft · Http.Sys +1

Name of the Vulnerable Software and Affected Versions: Windows HTTP.sys affected versions not specified Description: The issue is related to an information disclosure vulnerability in the HTTP.sys driver of Windows operating systems. This vulnerability can allow an attacker to gain unauthorized...

The vulnerability of the Openstack Cinder block storage service lies in its reliance on files and directories accessible from external parties, allowing an attacker to expose protected information.

The vulnerability of the Openstack Cinder block storage service is related to the use of files and directories accessible to external parties. Exploiting this vulnerability could allow a malicious actor, operating remotely, to disclose the protected information...

The vulnerability of the Cargo package manager in the Rust programming language, which allows attackers to compromise the integrity of the protected information

The vulnerability of the Cargo package manager in the Rust programming language is related to incorrect verification of the cryptographic signature. Exploiting this vulnerability allows a malicious actor to influence the integrity of the protected information via the SSH protocol...

The vulnerability of the Edge AutoFill Protection() function in the Microsoft Edge browser allows a perpetrator to disclose protected information.

The vulnerability of the Edge AutoFill Protection function in the Microsoft Edge browser is related to security configuration errors. Exploiting this vulnerability can allow a malicious actor to disclose protected information through a specially created link...

The vulnerability of the Installation sub-component of the Oracle Collaborative Planning component of the Oracle E-Business Suite, a business automation system, allows an attacker to gain access to modify, add, or delete protected data.

The vulnerability of the Installation sub-component of the Oracle Collaborative Planning component in the Oracle E-Business Suite enterprise automation system is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to modify,...

The vulnerability of the Javautils sub-component of Oracle Application DBA systems, which is used in Oracle E-Business Suite, allows attackers to modify, add, or delete protected data.

The vulnerability of the Javautils sub-component of Oracle Application DBA systems, which is part of the Oracle E-Business Suite, is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain access to modify, add, or delete protected data...

The vulnerability of the Panel Processor component in the Oracle PeopleSoft Enterprise PeopleTools business application suite allows a malicious individual to gain unauthorized access to protected data or to modify, add, or delete protected data.

The vulnerability of the Panel Processor component in the Oracle PeopleSoft Enterprise PeopleTools business application suite is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected data or to modify, add, o...

The vulnerability of the Pocket Outlook Sync (PocketPC) component of the Oracle Sales for Handhelds module in the Oracle E-Business Suite allows a perpetrator to access, modify, add, or delete protected data.

The vulnerability of the Pocket Outlook Sync PocketPC component of the Oracle Sales for Handhelds component in the Oracle E-Business Suite automation system is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker operating remotely to modify, add, ...

The vulnerability of the Marketing Administration component of the Oracle Marketing marketing platform allows a perpetrator to access, modify, add, or delete protected data. This component is part of the Oracle E-Business Suite, which serves as an automation tool for business activities.

The vulnerability of the Marketing Administration component of the Oracle Marketing marketing platform, a part of the Oracle E-Business Suite, involves insufficient validation of input data. Exploiting this vulnerability could allow an attacker to modify, add, or delete protected data...

The vulnerability of the Point-to-Point Protocol (PPP) implementation in Windows operating systems allows a intruder to gain unauthorized access to protected information.

The vulnerability of the Point-to-Point Protocol PPP implementation in Windows operating systems is related to insufficient protection of sensitive data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

The vulnerability of the Core Components of the Oracle Sales Offline sales management tool, a system for automating business operations within the Oracle E-Business Suite, allows an attacker to access, modify, add, or delete protected data.

The vulnerability of the Core Components of the Oracle Sales Offline sales management tool, a part of the Oracle E-Business Suite, is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to modify, add, or delete protected data remotely...

The vulnerability of the PDF document viewing program Foxit PDF Reader (formerly Foxit Reader) and the PDF file editing program Foxit PDF Editor (formerly Foxit PhantomPDF) lies in the fact that operations are performed outside the buffer in memory, allowing an intruder to gain unauthorized access to protected information.

The vulnerability of the PDF document viewing program Foxit PDF Reader formerly Foxit Reader and the PDF file editing program Foxit PDF Editor formerly Foxit PhantomPDF is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow an attacker to...

The vulnerability of the Jenkins Tuleap Git Branch Source Plugin, related to deficiencies in authentication procedures, allows attackers to gain unauthorized access to protected information.

The vulnerability of the Jenkins Tuleap Git Branch Source Plugin is related to deficiencies in the authentication process when processing the /tuleap-hook/ endpoint. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected informati...

The vulnerability of the Word97Import200.dll library in Corel WordPerfect, a text document creation and editing program, allows attackers to disclose protected information.

The vulnerability of the Word97Import200.dll library, which is part of the Corel WordPerfect text document creation and editing software, relates to reading beyond the buffer boundaries. Exploiting this vulnerability can allow attackers to disclose protected information through a specially create...

PT-2023-1230 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to a cryptographic information disclosure in Windows operating systems, allowing an attacker to disclose protected information. This could enable an attacker to gain...

The vulnerability of the IPPP82.FLT module of the Corel Presentations presentation preparation and viewing software allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the IPPP82.FLT module in the Corel Presentations preparation and presentation software relates to reading data beyond the buffer boundaries. Exploiting this vulnerability can allow attackers to gain unauthorized access to protected information using a specially crafted PPT fi...