Lucene search
K

859 matches found

Positive Technologies
Positive Technologies
added 2023/08/25 12:0 a.m.4 views

PT-2023-6970 · Microsoft · Exchange Server

Name of the Vulnerable Software and Affected Versions: Microsoft Exchange Server affected versions not specified Description: The issue is related to insufficient protection of service data during NTLM authentication, specifically with the IsUNCPath method. This can allow a remote attacker to...

8CVSS9.1AI score0.86588EPSS
Exploits0References10
BDU FSTEC
BDU FSTEC
added 2023/08/17 12:0 a.m.6 views

The vulnerability of the Windows Group Policy component of the operating system allows attackers to disclose sensitive information that is protected by this mechanism.

The vulnerability of the Windows Group Policy component of the operating system is related to the lack of protection for service data. Exploiting this vulnerability can allow an attacker to disclose protected information...

5.5CVSS6.6AI score0.00623EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2023/08/17 12:0 a.m.6 views

The vulnerability of the Windows Wireless Wide Area Network Service (WwanSvc) allows a hacker to compromise the protected information.

The vulnerability of the Windows Wireless Wide Area Network Service WwanSvc operating system is related to the lack of protection for service-related data. Exploiting this vulnerability can allow an attacker to disclose protected information...

5.5CVSS7.3AI score0.01627EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2023/08/17 12:0 a.m.7 views

The vulnerability of the Cryptographic Services in the Windows operating system allows a perpetrator to disclose protected information.

The vulnerability of the Cryptographic Services in the Windows operating system is related to the lack of protection for service-related data. Exploiting this vulnerability could allow a perpetrator to disclose the protected information...

5.5CVSS7.3AI score0.01963EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2023/08/17 12:0 a.m.8 views

The vulnerability of the Cryptographic Services in the Windows operating system allows a perpetrator to disclose protected information.

The vulnerability of the Cryptographic Services in the Windows operating system is related to the lack of protection for service-related data. Exploiting this vulnerability can allow a perpetrator to disclose the protected information...

5.5CVSS7.3AI score0.01627EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/08/15 12:0 a.m.2 views

PT-2023-9213 · Qnap · Qnap Ts-X41

Name of the Vulnerable Software and Affected Versions: QNAP TS-X41 affected versions not specified Description: The issue is related to a lack of protection for service data in the QNAP TS-X41 network storage. It allows a remote attacker to identify an existing user in the system. Recommendations...

7.8CVSS6.9AI score
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2023/08/11 12:0 a.m.7 views

The vulnerability of AMD’s microprogramming software lies in the lack of protection for service data, which allows attackers to access the memory contents of other users’ processes.

The vulnerability of AMD’s microprogrammed software lies in the lack of protection for system data. Exploiting this vulnerability can allow attackers to access the memory contents of other users’ processes...

4.7CVSS6.5AI score0.0616EPSS
Exploits1References20Affected Software8
Positive Technologies
Positive Technologies
added 2023/08/08 12:0 a.m.1 views

PT-2023-4331 · Microsoft · Message Queuing +1

Name of the Vulnerable Software and Affected Versions: Microsoft Message Queuing affected versions not specified Description: The issue is related to insufficient protection of service data in Microsoft Message Queuing MSMQ in Windows operating systems. This can allow a remote attacker to obtain...

7.8CVSS8.9AI score0.02742EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2023/08/08 12:0 a.m.3 views

PT-2023-4384 · Microsoft · Message Queuing +1

Name of the Vulnerable Software and Affected Versions: Microsoft Message Queuing affected versions not specified Description: The issue is related to a lack of protection for service data in the Windows operating system's message queuing component. Exploitation of this issue may allow an attacker...

7.5CVSS9.2AI score0.01542EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2023/08/08 12:0 a.m.2 views

PT-2023-4382 · Microsoft · Windows Cryptographic Services +1

Name of the Vulnerable Software and Affected Versions: Windows Cryptographic Services affected versions not specified Description: The issue is related to a lack of protection for service data in the Windows Cryptographic Services, which can be exploited to disclose protected information. This...

7.5CVSS9AI score0.01627EPSS
Exploits0References8
OSV
OSV
added 2023/07/29 11:5 a.m.3 views

OESA-2023-1443 curl security update

cURL is a computer software project providing a library libcurl and command-line tool curl for transferring data using various protocols. Security Fixes: libcurl can be told to save cookie, HSTS and/or alt-svc data to files. When doing this, it called stat followed by fopen in a way that made it...

6.8AI score
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2023/07/27 12:0 a.m.6 views

The vulnerability of the Windows Print Spooler daemon in the Windows operating system allows a hacker to exploit it to disclose protected information.

The vulnerability of the Windows Print Spooler daemon in the Windows operating system is related to the lack of protection for service data. Exploiting this vulnerability can allow an attacker to disclose protected information...

7.8CVSS7.3AI score0.01575EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2023/07/26 12:0 a.m.7 views

The vulnerability of the DirectMusic component in Windows operating systems allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the DirectMusic component in Windows operating systems is related to insufficient protection of service data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

6.2CVSS6.6AI score0.00502EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2023/07/26 12:0 a.m.7 views

The vulnerability of the Windows CDP component of the Windows operating system allows attackers to disclose sensitive information that is protected by this component.

The vulnerability of the Windows CDP component of the Windows operating system is related to the lack of protection for service data. Exploiting this vulnerability can allow an attacker to disclose protected information...

5.5CVSS6.6AI score0.00513EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2023/07/20 12:0 a.m.9 views

The vulnerability of the Jenkins server plugin “Dimensions” in automation tools stems from insufficient protection of service data, allowing attackers to gain unauthorized access to protected information.

The vulnerability of the Jenkins server plugin “Dimensions” relates to insufficient protection of service data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

4.3CVSS6.1AI score0.0083EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/07/18 12:0 a.m.5 views

The vulnerability of the VP9 video compression extension lies in its insufficient protection of service data, allowing attackers to gain unauthorized access to protected information.

The vulnerability of the VP9 video compression extension lies in the insufficient protection of service data. Exploiting this vulnerability can allow attackers to gain unauthorized access to protected information by downloading a specially created malicious file...

5.5CVSS6.6AI score0.00735EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/07/13 12:0 a.m.6 views

The vulnerability in the implementation of the Bluetooth Classic protocol, as specified in the Bluetooth Core Specification, allows a perpetrator to disclose protected information.

The vulnerability of the Bluetooth Classic protocol implementation, as described in the Bluetooth Core Specification, is related to insufficient protection of service data. Exploiting this vulnerability can allow a malicious actor to disclose the protected information...

4.3CVSS5.5AI score0.00409EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2023/07/11 12:0 a.m.3 views

PT-2023-3870 · Microsoft · Windows Print Spooler +1

Name of the Vulnerable Software and Affected Versions: Windows Print Spooler affected versions not specified Description: The issue is related to a lack of protection for service data in the Windows Print Spooler. Exploitation of this issue may allow an attacker to disclose protected information...

7.8CVSS9.2AI score0.01575EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2023/07/05 12:0 a.m.5 views

PT-2023-5717 · Aruba · Arubaos

Name of the Vulnerable Software and Affected Versions: ArubaOS affected versions not specified Description: The issue is related to the ArubaOS command line interface, where vulnerabilities exist that allow an authenticated attacker to access sensitive information. Successful exploitation could...

6.8CVSS6.4AI score0.00456EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2023/06/19 12:0 a.m.6 views

The vulnerability of the Windows Installer component on Windows operating systems allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Windows Installer component in Windows operating systems is related to insufficient protection of service data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

5.5CVSS6.6AI score0.00668EPSS
Exploits0References3
Rows per page
Query Builder