The vulnerability of the Jenkins Buckminster Plugin is related to deficiencies in the authentication process, allowing attackers to gain unauthorized access to protected information.

The vulnerability of the Jenkins Buckminster Plugin is related to deficiencies in the authentication process. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the Jenkins Compuware Xpediter Code Coverage Plugin, related to deficiencies in authentication procedures, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Jenkins Compuware Xpediter Code Coverage Plugin is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the Jenkins OpenShift Deployer Plugin, related to deficiencies in authentication procedures, allows attackers to gain unauthorized access to protected information.

The vulnerability of the Jenkins Deployer Framework Plugin is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the Jenkins Coverity Plugin, related to deficiencies in authentication procedures, allows attackers to gain unauthorized access to protected information.

The vulnerability of the Jenkins Coverity Plugin is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

PT-2022-4115 · Microsoft · Exchange Server

Name of the Vulnerable Software and Affected Versions: Microsoft Exchange Server affected versions not specified Description: The issue is related to an information disclosure problem. It allows a remote attacker to gain unauthorized access to protected information. Recommendations: At the moment...

The vulnerability of the NVIDIA Virtual GPU Manager driver, which allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the NVIDIA Virtual GPU Manager driver relates to deficiencies in the authentication process. Exploiting this vulnerability can allow attackers to compromise the confidentiality, integrity, and accessibility of protected information...

The vulnerability of the Oracle WebCenter Content component of the Oracle Fusion Middleware software platform allows a perpetrator to disclose protected information or gain access to read, modify, add, or delete data.

The vulnerability of the Oracle WebCenter Content component of the Oracle Fusion Middleware software is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to disclose protected information or gain access to read, modify, add, or delete data...

The vulnerability of the sub-component of the Dynamo Application Framework within the component of the Oracle Commerce Platform of the e-commerce platform Oracle Commerce allows a perpetrator to disclose protected information.

The vulnerability of the sub-component of the Dynamo Application Framework within the Oracle Commerce Platform of the e-commerce platform Oracle Commerce is related to the disclosure of information. Exploiting this vulnerability could allow an attacker to disclose the protected information...

The vulnerability of the Group Membership Handler component in the Kubernetes authentication service provided by VMware Pinniped allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Group Membership Handler component in Kubernetes authentication services exists because measures to neutralize specific elements have not been taken. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of...

PT-2022-4038 · Jenkins · Jenkins Repository Connector Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Repository Connector Plugin versions 2.2.0 and earlier Description: The issue is related to insufficient authorization procedures in the Jenkins Repository Connector Plugin, allowing remote attackers with Overall/Read permission to...

The vulnerability of the disaster recovery tool for Azure Site Recovery and VMWare to Azure, related to access control deficiencies, allows attackers to expose the protected information.

The vulnerability of the disaster recovery tool for Azure virtual machines, Azure Site Recovery, and VMWare to Azure is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to expose the protected information...

The vulnerability of the disaster recovery tool for Azure Site Recovery and VMWare to Azure, related to access control deficiencies, allows attackers to expose the protected information.

The vulnerability of the disaster recovery tool for Azure virtual machines, Azure Site Recovery, and VMWare to Azure is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to expose the protected information...

The vulnerability of BitLocker’s data protection function in the Windows operating system allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of BitLocker’s data protection function in the Windows operating system is related to the exposure of information. Exploiting this vulnerability could allow an attacker to gain unauthorized access to the protected information...

The vulnerability of the WHATWG Fetch API interface for Node.js, related to errors in cookie handling, allows attackers to gain unauthorized access to protected information.

The vulnerability of the WHATWG Fetch API interface for Node.js’ cross-fetching mechanism is related to errors in cookie handling. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

The vulnerability of the Thunderbird email client, related to insufficient verification of data authenticity, allows attackers to gain unauthorized access to protected information.

The vulnerability of the Thunderbird email client stems from insufficient verification of data authenticity when the space character is used in the Braille table. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information by sendi...

The vulnerability of the search filter (ldbm_search.c) in the 389 Directory Server service allows a malicious individual to gain unauthorized access to protected information.

The vulnerability of the search filter in the 389 Directory Server service is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

CVE-2022-34757

A CWE-327: Use of a Broken or Risky Cryptographic Algorithm vulnerability exists where weak cipher suites can be used for the SSH connection between Easergy Pro software and the device, which may allow an attacker to observe protected communication details. Affected Products: Easergy P5 V01.401.1...

The vulnerability of the DA50N network switch’s web interface allows a intruder to gain unauthorized access to protected information.

The vulnerability of the DA50N network switch web interface is related to insufficient protection of registration data. Exploiting this vulnerability can allow an unauthorized attacker to gain unauthorized access to protected information...

PT-2022-3750 · Microsoft · Azure Site Recovery

Name of the Vulnerable Software and Affected Versions: Azure Site Recovery affected versions not specified Description: The issue is related to insufficient access controls in Azure Site Recovery, specifically in the VMWare to Azure component. This can allow a remote attacker to disclose protecte...

PT-2022-3850 · Microsoft · Azure Site Recovery

Name of the Vulnerable Software and Affected Versions: Azure Site Recovery affected versions not specified Description: The issue is related to insufficient access controls in Azure Site Recovery, specifically in the context of VMWare to Azure recovery. It may allow a remote attacker to disclose...