ROS-20260401-73-0049

Vulnerability in zabbix7-lts related to a flaw in the authorization mechanism. Exploitation of the vulnerability may allow a remote intruder to gain unauthorized access to protected information...

The vulnerability of the microprogrammed Ethernet module software WISE-4010LAN, WISE-4050LAN, and WISE-4060LAN lies in the unencrypted storage of critical information, allowing attackers to gain unauthorized access to protected data.

The vulnerability of the microprogrammed Ethernet module software WISE-4010LAN, WISE-4050LAN, and WISE-4060LAN is related to the unencrypted storage of critical information. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected informati...

The vulnerability of the Apache InLong data integration platform, related to deficiencies in the deserialization mechanism, allows attackers to gain unauthorized access to protected information.

The vulnerability of the Apache InLong data integration platform is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability allows a malicious actor, operating remotely, to gain unauthorized access to protected information by sending specially crafted data...

The vulnerability of the CORS mechanism in browsers such as Mozilla Firefox, Firefox ESR, and the email client Thunderbird allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the CORS mechanism in Mozilla Firefox, Firefox ESR, and the email client Thunderbird is related to the lack of verification of the reliability of data sources or messages. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

Vulnerability of the hclgeFetchRegPfReg() function in the drivers/net/ethernet/hisilicon/hns3/hns3pf/hclgeRegs.c module – Linux kernel’s Ethernet adapter support driver, which allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

Vulnerability of the hclgeFetchRegPfReg function in the drivers/net/ethernet/hisilicon/hns3/hns3pf/hclgeRegCs.c module – The Linux kernel’s Ethernet adapter support driver has a vulnerability related to buffer overflow attacks. Exploiting this vulnerability could allow attackers to compromise the...

The vulnerability of the read() and write() functions in the amdpgu driver of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the read and write functions in the drivers/gpu/drm/amd/display/modules/hdcp/hdcpddc.c file, a driver for AMD GPU, in the Linux operating system is related to incorrect index calculations. Exploiting this vulnerability could allow an attacker to compromise the confidentiality...

The vulnerability of the YAQL component in the interface for managing service configurations in the OpenStack Murano cloud platform, related to the lack of protection for service data, allows a attacker to disclose the protected information.

The vulnerability of the YAQL component in the interface for managing service configurations in the OpenStack Murano cloud platform is related to the lack of protection for operational data. Exploiting this vulnerability can allow an attacker, operating remotely, to disclose the protected...

The vulnerability of the formWifiWpsStart function (/goform/WifiWpsStart) in the Tenda AC7 router software allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the formWifiWpsStart function /goform/WifiWpsStart in the Tenda AC7 router software is related to buffer overflow in the stack. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of protected information through...

The vulnerability of the software used for creating, monitoring, and orchestrating data processing scenarios in Airflow, related to the disclosure of protected information, allows attackers to reveal the configuration of arbitrary tasks.

The vulnerability of the software used for creating, monitoring, and orchestrating data processing scenarios in Airflow is related to the exposure of protected information. Exploiting this vulnerability can allow an attacker, operating remotely, to disclose the configuration of arbitrary tasks...

The vulnerability of Windows operating system-based Cryptographic Services allows attackers to disclose protected information.

The vulnerability of Windows operating system-based Cryptographic Services is related to deficiencies in access control mechanisms. Exploiting this vulnerability can allow attackers to disclose protected information...

The vulnerability of the software used for creating, monitoring, and orchestrating data processing scripts in Airflow, related to the disclosure of protected information, allows attackers to gain unauthorized access to protected information.

The vulnerability of the software used for creating, monitoring, and orchestrating data processing scripts in Airflow is related to the exposure of protected information. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected...

The vulnerability of the glGetProgramiv function in Mozilla Firefox, Firefox ESR, and the Thunderbird email client allows a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the glGetProgramv function in Mozilla Firefox, Firefox ESR, and the email client Thunderbird relates to the execution of operations outside of the buffer in memory. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and...

The vulnerability of the Windows Hyper-V hardware virtualization system allows attackers to disclose protected information.

The vulnerability of the Windows Hyper-V hardware virtualization system is related to the lack of protection for mission-critical data. Exploiting this vulnerability can allow an attacker to disclose sensitive information that should be protected...

The vulnerability of the kvm_steal_time_set_preempted() function in the arch/x86/kvm/x86.c module of the Linux operating system allows a hacker to gain access to protected information.

The vulnerability of the kvmstealtimesetpreempted function in the arch/x86/kvm/x86.c module of the Linux operating system’s kernel is related to incorrect status messages for virtual processors. Exploiting this vulnerability could allow an attacker to gain access to protected information...

The vulnerability of the SAML implementation for the application’s single-input module of the Mendix software development and application testing platform allows a perpetrator to gain access to protected information.

The vulnerability of the SAML implementation for application single-sign-on in the Mendix software development and application testing platform relates to insufficient protection of the web page structure. Exploiting this vulnerability could allow a malicious actor to gain access to protected...

The vulnerability of the User Portal component of the SFOS operating system’s network interface layer, specifically the Sophos Firewall (previously called Sophos XG Firewall), allows a intruder to gain unauthorized access to protected information.

The vulnerability of the User Portal component of the SFOS operating system’s Sophos Firewall formerly Sophos XG Firewall is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access...

The vulnerability of the timelib_meridian() function in the PHP programming language allows a attacker to compromise the confidentiality of sensitive information.

The vulnerability of the timelibmeridian function in the PHP programming language is related to the exposure of protected information. Exploiting this vulnerability could allow an attacker to compromise the confidentiality of sensitive information...

The vulnerability in the `ext/standard/link_win32.c` component of the PHP interpreter allows a perpetrator to compromise data confidentiality.

The vulnerability of the ext/standard/linkwin32.c component of the PHP interpreter involves exposing protected information. Exploiting this vulnerability could allow a malicious actor to compromise data confidentiality remotely...

The vulnerability in the implementation of the WebShare component for Google Chrome allows a hacker to disclose protected information.

The vulnerability of the WebShare component of the Google Chrome browser is related to improperly implemented security checks for standard elements. Exploiting this vulnerability can allow a malicious actor, operating remotely, to expose protected information through a specially created web page...

The vulnerability of the wp_die() function in the WordPress content management system, related to the disclosure of protected information, allows a hacker to execute arbitrary code.

The vulnerability of the wpdie function in the WordPress content management system involves exposing protected information. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...