The vulnerability of the audit log of the Cisco Duo Authentication Proxy, which allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Cisco Duo Authentication Proxy audit log relates to insufficient protection of sensitive data. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information...

The vulnerability of Adobe Experience Manager’s content and media data management system, which stems from the lack of measures taken to protect the website structure, allows attackers to carry out cross-site scripting attacks.

The vulnerability of Adobe Experience Manager’s content and media data management system exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...

Shell component vulnerability: The Admin/InnoDB Cluster of the Oracle MySQL Server database management system, which allows attackers to gain full control over the application.

Shell component vulnerability: The Admin/InnoDB Cluster of the Oracle MySQL Server database management system is vulnerable due to insufficient protection for operational data. Exploiting this vulnerability could allow an attacker to gain full control over the application using the MySQL protocol...

The vulnerability in the web interface of the Aruba Networks ClearPass Policy Manager allows a attacker to execute XSS attacks.

The vulnerability in the web interface of the Aruba Networks ClearPass Policy Manager exists due to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability could allow a malicious actor to carry out XSS attacks remotely...

The vulnerability of the Zabbix universal monitoring system, related to the lack of measures taken to protect the website structure, allows attackers to compromise data integrity.

The vulnerability of the Zabbix universal monitoring system is related to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability could allow a malicious actor to compromise the integrity of the data...

The vulnerability of the application software interface for microprogrammed control devices in AMI MegaRAC allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the application software interface for AMI MegaRAC controllers is related to insufficient protection of operational data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

The vulnerability of Mozilla Firefox, Firefox ESR, and the Mozilla Thunderbird email client relates to insufficient protection of sensitive data. This allows attackers to circumvent security restrictions and gain unauthorized access to protected information.

The vulnerabilities of Mozilla Firefox, Firefox ESR, and the Mozilla Thunderbird email client are related to insufficient protection of sensitive data. Exploiting these vulnerabilities allows a malicious actor to bypass security restrictions and gain unauthorized access to protected information b...

The vulnerability of Adobe Experience Manager’s content and media data management system, which stems from the lack of measures taken to protect the website structure, allows attackers to perform cross-site scripting attacks.

The vulnerability of Adobe Experience Manager’s content and media data management system exists due to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks using a specially created link...

The vulnerability of the Moodle course management system arises from the lack of measures taken to protect the website structure. This allows attackers to carry out attacks using cross-site scripting (XSS).

The vulnerability of the Moodle course management system exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out attacks using cross-site scripting XSS...

The vulnerability of the endpoint protection module of the Anti-Ransomware analysis tool for network traffic, network detection, and response of the Cortex XDR Agent on Windows operating systems allows attackers to gain unauthorized access to protected information.

The vulnerability of the endpoint protection module of the Anti-Ransomware analysis tool for network traffic, network detection, and response of the Cortex XDR Agent on Windows operating systems is related to insufficient protection of operational data. Exploiting this vulnerability can allow...

The vulnerability of FortiOS operating systems, related to the lack of measures taken to protect the website structure, allows attackers to execute cross-site scripting attacks.

The vulnerability of FortiOS operating systems is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks through the IPS and WAF logs...

CVE-2022-38465

A vulnerability has been identified in SIMATIC Drive Controller family All versions V2.9.2, SIMATIC ET 200SP Open Controller CPU 1515SP PC incl. SIPLUS variants All versions, SIMATIC ET 200SP Open Controller CPU 1515SP PC2 incl. SIPLUS variants All versions V21.9, SIMATIC S7-1200 CPU family incl...

The vulnerability of the devMode debugging mode implementation in the Apache Struts software platform allows attackers to perform cross-site scripting attacks.

The vulnerability of the devMode debugging mode implementation in the Apache Struts software platform is related to the lack of measures taken to protect the web page structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

The vulnerability of the Personalization module of SmartVista CardGen, which exists due to the lack of measures taken to protect the website structure, allows a attacker to execute XSS attacks.

The vulnerability of the Personalization module of SmartVista CardGen exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...

The vulnerabilities of the Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition (SME) systems, along with the integrated messaging system Cisco Unity Connection, stem from insufficient protection of operational data. This allows attackers to gain unauthorized access to protected information.

The vulnerabilities of the Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition SME systems, as well as the integrated messaging system Cisco Unity Connection, are related to insufficient protection of operational data. Exploiting these...

The vulnerability of the administrator.cfc component in the ColdFusio software interface allows a hacker to bypass security restrictions or execute arbitrary code.

The vulnerability of the administrator.cfc component in the ColdFusion software interface is related to insufficient protection of sensitive data. Exploiting this vulnerability allows an attacker to bypass security restrictions or execute arbitrary code...

The vulnerability of the Scripting component of the Java Runtime Environment and the Java Development Kit, which allows attackers to influence the integrity, accessibility, and confidentiality of protected information.

The vulnerability of the Scripting component of the Java Runtime Environment and the Java Development Kit application development tools is related to insufficient protection of operational data. Exploiting this vulnerability can allow an attacker to influence the integrity, accessibility, and...

The vulnerability of the Authenticated Code Module (ACM) in Intel microprogramming system BIOS allows a hacker to enhance their privileges.

The vulnerability of the Authenticated Code Module ACM in Intel microprogramming system BIOS is related to insufficient protection of sensitive data. Exploiting this vulnerability can allow attackers to enhance their privileges...

The vulnerability of the Intel Setup and Configuration Software (SCS) data collection tool, as well as the configuration tools for the Intel Management Engine BIOS Extension and the Intel Active Management Technology implementation, related to insufficient protection of registration data, allows a perpetrator to disclose protected information.

The vulnerability of the Intel Setup and Configuration Software SCS data collection tool, as well as the configuration tools for the Intel Management Engine BIOS Extension and the Intel Active Management Technology implementation, is related to insufficient protection of registration data...

PT-2022-7670 · Realtek · Realtek Rtsuer Driver

Name of the Vulnerable Software and Affected Versions: Realtek RtsPer driver for PCIe Card Reader versions prior to 10.0.22000.21355 Realtek RtsUer driver for USB Card Reader versions prior to 10.0.22000.31274 Description: The issue is related to insufficient protection of registration data in th...