180 matches found
The vulnerability of the information system openSIS, related to the failure to protect the SQL query structure, allows a perpetrator to execute arbitrary SQL queries.
The vulnerability of the information system openSIS is related to the failure to implement measures to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries using the index.php USERNAME parameter...
VulnCheck KEV: CVE-2019-1003029
Jenkins Script Security Plugin contains a protection mechanism failure, allowing an attacker to bypass the sandbox...
The vulnerability of the Sylius e-commerce software platform, related to the lack of protection for operational data, allows attackers to disclose sensitive information that should be protected.
The vulnerability of the Sylius e-commerce software lies in the lack of protection for operational data. Exploiting this vulnerability could allow a malicious actor to disclose the protected information...
The vulnerability of the HPE OneView IT infrastructure management system against VMware vCenter (OV4VC) arises from the lack of protective measures for the website structure. This allows attackers to execute cross-site scripting attacks.
The vulnerability of the HPE OneView IT infrastructure management system against VMware vCenter OV4VC is related to the lack of protective measures for the website structure. Exploiting this vulnerability could allow a malicious actor to perform cross-site scripting attacks remotely...
CVE-2020-12288
Protection mechanism failure in some IntelR ThunderboltTM controllers may allow an authenticated user to potentially enable denial of service via local access...
CVE-2020-12288
Protection mechanism failure in some IntelR ThunderboltTM controllers may allow an authenticated user to potentially enable denial of service via local access...
CVE-2020-24515
Protection mechanism failure in some IntelR RealSenseTM IDs may allow an unauthenticated user to potentially enable escalation of privilege via physical access...
CVE-2021-30169
The sensitive information of webcam device is not properly protected. Remote attackers can unauthentically grant user’s credential...
CVE-2020-12318
Protection mechanism failure in some IntelR PROSet/Wireless WiFi products before version 21.110 may allow an authenticated user to potentially enable escalation of privilege via local access...
The vulnerability in the net/bluetooth/a2mp.c component of Linux operating systems allows a hacker to gain unauthorized access to protected information.
The vulnerability of the net/bluetooth/a2mp.c component in Linux operating systems is related to the lack of protection for service data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information using specially crafted AMP packe...
The vulnerability of the SAP Business One resource management system, related to the lack of protection for operational data, allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the SAP Business One resource management system is related to the lack of protection for operational data. Exploiting this vulnerability can allow attackers to gain unauthorized access to protected information...
The vulnerability of the “INSERT ... ON CONFLICT DO UPDATE” command implementation in the PostgreSQL database management system allows a hacker to gain unauthorized access to protected information.
The vulnerability of the “INSERT ... ON CONFLICT DO UPDATE” command in the PostgreSQL database management system is related to the lack of protection for operational data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...
Medtronic Valleylab FT10 and Valleylab LS10 Energy Platform Information Disclosure Vulnerability
The Medtronic Valleylab FT10 and Valleylab LS10 Energy Platform are both Medtronic power devices for the medical industry. The information disclosure vulnerability in Medtronic Valleylab FT10 VLFT10GEN version 2.1.0 and earlier, version 2.0.3 and earlier, and Valleylab LS10 Energy Platform...
Google Android Unauthorized Operation Vulnerability (CNVD-2017-11467)
Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA. A security vulnerability exists in Android, which stems from the program's failure to protect a memory region during the boot process. An attacker could exploit the vulnerability ...
The vulnerability of the Mac OS X operating system, which allows a perpetrator to obtain confidential information
The vulnerability of the iBooks component in the Mac OS X operating system is related to the lack of protection for service data. Exploiting this vulnerability allows a malicious actor to obtain confidential information through a URL in the iBooks file...
The vulnerability of the Kernel Samepage Merging (KSM) component in the Linux operating system allows a hacker to influence the confidentiality of information.
The vulnerability of the Linux operating system’s Kernel Samepage Merging KSM component is related to the lack of protection for service data when the ASLR mechanism is used. Exploiting this vulnerability allows a local attacker to partially compromise the confidentiality of information through a...
The vulnerability of the Android operating system, which allows a perpetrator to obtain confidential information or bypass security mechanisms
The vulnerability of the libstagefright library in the Android operating system is related to the lack of protection for service data. Exploiting this vulnerability can allow a malicious actor, acting remotely, to obtain confidential information or bypass security mechanisms...
DEBIAN-CVE-2015-3197
ssl/s2srvr.c in OpenSSL 1.0.1 before 1.0.1r and 1.0.2 before 1.0.2f does not prevent use of disabled ciphers, which makes it easier for man-in-the-middle attackers to defeat cryptographic protection mechanisms by performing computations on SSLv2 traffic, related to the getclientmasterkey and...
CVE-2000-0793
Norton AntiVirus 5.00.01C with the Novell Netware client does not properly restart the auto-protection service after the first user has logged off of the system...
Norton Antivirus Protection Disabled under Novell Netware
Problem: Even with auto-protection enabled, Norton Antivirus fails to restart when users login to any workstation which has been logged off at least once. Systems Affected/Tested: Norton AntiVirus 5.00.01C under Windows 95/98 with Novell Netware Client 3.1.0.0 Description: Auto-protection is a...