The vulnerability of Huawei FusionCube’s supervisor, related to incorrect restrictions on the path name to the restricted access catalog, allows a intruder to disclose protected information.

The vulnerability of Huawei FusionCube relates to an incorrect limitation on the path name to the restricted access catalog. Exploiting this vulnerability can allow a malicious actor, operating remotely, to disclose protected information through a specially crafted HTTP request...

The vulnerability of Adobe Illustrator’s graphic editor, related to reading data beyond the buffer in memory, allows attackers to exploit this to disclose protected information.

The vulnerability of Adobe Illustrator graphic editor is related to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to disclose protected information using a specially created file...

The vulnerability of the libxrdp_send_to_channel() function on the XRDP server allows a hacker to gain unauthorized access to protected information.

The vulnerability of the libxrdpsendtochannel function on the XRDP server is related to reading beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the Windows Graphics component in Windows operating systems allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Windows Graphics component in Windows operating systems is related to insufficient protection of operational data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

The vulnerability of the ImageConversion.api file in programs for viewing and editing PDF files in Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, and Adobe Acrobat Reader Document Cloud 2017 arises from reading data beyond the buffer in memory. This allows attackers to disclose protected information.

The vulnerability of the ImageConversion.api file in programs for viewing and editing PDF files in Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, and Adobe Acrobat Reader Document Cloud 2017 is related to reading data outside of the buffer in memory...

The vulnerability of the Windows DPAPI component of the Windows operating system allows attackers to disclose protected information.

The vulnerability of the Windows DPAPI component in the Windows operating system is related to the lack of protection for service data. Exploiting this vulnerability can allow an attacker to disclose protected information...

The vulnerability in the web interface of the Cisco Identity Services Engine (ISE) management platform allows a perpetrator to gain unauthorized access to protected information.

The vulnerability in the web interface of the Cisco Identity Services Engine ISE management platform is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the Network Policy Server (NPS) on Windows operating systems allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Network Policy Server NPS operating system in Windows is related to insufficient protection of service data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the web interface of the security and assessment system, as well as the Nessus tool for assessing vulnerabilities, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the web interface of security systems and the Nessus vulnerability assessment tool is related to deficiencies in access control. Exploiting this vulnerability allows an attacker, operating remotely, to gain unauthorized access to protected information through embedded debuggi...

The vulnerability of the vector graphics editor CorelDRAW Graphics Suite (formerly CorelDRAW) lies in the ability to read data beyond the buffer boundaries in memory, allowing attackers to gain unauthorized access to protected information.

The vulnerability of the CorelDRAW Graphics Suite formerly CorelDRAW graphic editor relates to reading beyond the buffer boundaries in memory during the syntax analysis of JP2 files. Exploiting this vulnerability can allow attackers to gain unauthorized access to protected information by opening ...

PT-2022-5639 · Microsoft · 365 Apps For Enterprise +2

Name of the Vulnerable Software and Affected Versions: Microsoft Excel affected versions not specified Microsoft Office affected versions not specified Microsoft 365 Apps for Enterprise affected versions not specified Description: The issue is related to errors in security settings, allowing an...

The vulnerability of the IBM CICS TX Standard application server, related to data encryption errors, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the IBM CICS TX Standard application server is related to data encryption errors. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information remotely...

The vulnerability in the implementation of browser import functions by Google Chrome and Microsoft Edge allows attackers to disclose protected information.

The vulnerability of the browser import function implementations in Google Chrome and Microsoft Edge is related to the use of memory after it is freed. Exploiting this vulnerability can allow a malicious actor to disclose sensitive information through a specially created web page...

The vulnerability of Google Chrome’s storage mechanism allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of Google Chrome’s storage mechanism is related to writing beyond the buffer boundaries. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of the protected information through a specially crafted HTML page...

PT-2022-7234 · Apple · Apple Macos

Name of the Vulnerable Software and Affected Versions: macOS versions prior to Ventura 13 Description: The issue is related to insufficient access control in the APFS component of the macOS operating system. Exploitation of this issue may allow an attacker to disclose protected information. An ap...

The vulnerability of Xen hypervisors, related to insufficient validation of input data, allows attackers to gain unauthorized access to protected information.

The vulnerability of Xen hypervisors is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

The vulnerability of the Notifications component of the Google Chrome browser allows a perpetrator to compromise the integrity of the protected information.

The vulnerability of the Notifications component of the Google Chrome browser relates to the use of memory after it is freed. Exploiting this vulnerability could allow a malicious actor to compromise the integrity of the protected information...

The vulnerability of Adobe InDesign’s computer layout automation tool, related to reading beyond the buffer in memory, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of Adobe InDesign’s computer layout automation tool is related to reading data beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information by opening a specially created file...

The vulnerability of the Special:ChangeContentModel function in the software for implementing a hypertext environment like MediaWiki allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Special:ChangeContentModel function in the MediaWiki software, which is used to implement the hypertext environment, is related to security configuration errors. Exploiting this vulnerability could allow a malicious actor to compromise the confidentiality, integrity, and...

The vulnerability of Firefox browser for iOS, related to authentication errors, allows a hacker to gain unauthorized access to protected information.

The vulnerability of Firefox browser for iOS is related to authentication errors. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...