CVE-2026-39871

A path handling issue was addressed with improved logic. This issue is fixed in macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. An app may be able to observe unprotected user data...

HP Color LaserJet Exposure of Sensitive Information to an Unauthorized Actor (CVE-2005-2988)

HP LaserJet 2430, and possibly other printers that use Jetdirect controls, stores information about recently printed documents without proper protection, which could allow remote attackers to obtain sensitive information via SNMP. This plugin only works with Tenable.ot. Please visit...

CVE-2023-23522

A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Ventura 13.2.1. An app may be able to observe unprotected user data...

CVE-2025-24263

A privacy issue was addressed by moving sensitive data to a protected location. This issue is fixed in macOS Sequoia 15.4. An app may be able to observe unprotected user data...

CVE-2022-49737

In X.Org X server 20.11 through 21.1.16, when a client application uses easystroke for mouse gestures, the main thread modifies various data structures used by the input thread without acquiring a lock, aka a race condition. In particular, AttachDevice in dix/devices.c does not acquire an input...

The vulnerability of Acronis Cyber Protect 16’s data protection software lies in its use of an unprotected communication channel for data transmission, allowing attackers to gain unauthorized access to confidential information.

The vulnerability of Acronis Cyber Protect 16 data protection software lies in the use of an unprotected communication channel for data transmission. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to confidential information...

ROS-20240529-01

Vulnerability in the Lightweight HTTP Server component of the Oracle Java SE software platform and virtual machine Oracle GraalVM Enterprise Edition is related to unrestricted resource allocation. Exploitation exploitation of the vulnerability could allow a remote attacker to cause a denial of...

The vulnerability of the Siemens RUGGEDCOM CROSSBOW access control system, related to the lack of protection for operational data, allows a intruder to gain unauthorized access to confidential information.

The vulnerability of the Siemens RUGGEDCOM CROSSBOW access control system lies in the lack of protection for operational data. Exploiting this vulnerability could allow an intruder, operating remotely, to gain unauthorized access to confidential information...

The vulnerability of the microprogrammed software of the MELSEC iQ-R Series Safety CPU and Series SIL2 Process CPU modules, which stems from the lack of protection for operational data, allows unauthorized access by intruders to the protected information.

The vulnerability of the microprogrammed software of MELSEC iQ-R Series Safety CPUs and Series SIL2 Process CPUs is related to the lack of protection for operational data. Exploiting this vulnerability can allow an unauthorized person to gain unauthorized access to protected information...

The vulnerability of the Pandora FMS monitoring and management system, related to the lack of protection for operational data, allows attackers to load backup copies of the database.

The vulnerability of the Pandora FMS monitoring and management system lies in the lack of protection for operational data. Exploiting this vulnerability allows a malicious actor to remotely load backup copies of the database...

The vulnerability of the bitrixsetup.php component of the 1C-Bitrix web project management system allows a malicious individual to gain unauthorized access to read files on the operating system.

The vulnerability of the bitrixsetup.php component of the 1C-Bitrix web project management system is related to the lack of protection for operational data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to read files in the operating system...

The vulnerability of the Core Image component in operating systems such as macOS, iOS, and iPadOS allows a malicious individual to gain unauthorized access to edited photographs stored in a temporal catalog.

The vulnerability of the Core Image component in macOS, iOS, and iPadOS stems from the lack of protection for service data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to edited photos stored in the temporary catalog...

PT-2024-1240 · Splunk · Splunk Enterprise

Name of the Vulnerable Software and Affected Versions: Splunk Enterprise versions prior to 9.0.8 Description: The issue is related to the Splunk RapidDiag utility, which discloses server responses from external applications in a log file due to insufficient protection of registration data. This...

The vulnerability of the command-line interface (CLI) of the Microsoft Azure platform, which allows a hacker to gain access to user credentials

The vulnerability of the Command Line Interface CLI of the Microsoft Azure platform is related to the lack of protection for operational data. Exploiting this vulnerability can allow a malicious actor to gain access to user credentials remotely...

Database Mess Up: 7TB of Healthcare Data Leak Affects 12 Million Patients

By Deeba Ahmed Yet another day, more unprotected data left in the Cloud without password or security measures. This is a post from HackRead.com Read the original post: Database Mess Up: 7TB of Healthcare Data Leak Affects 12 Million Patients...

The vulnerability of the Core component of the WebLogic Server software allows a perpetrator to gain access to protected information.

The vulnerability of the Core component of the WebLogic Server software is related to the lack of protection for operational data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to protected information...

The vulnerability of Microsoft Visual Studio, a software development tool, and the .NET platform lies in the lack of protection for service data, which allows attackers to gain access to confidential information.

The vulnerability of the Microsoft Visual Studio software and the .NET Core software platform is related to the lack of protection for sensitive data. Exploiting this vulnerability can allow attackers to access confidential information...

PT-2023-6058 · Microsoft · Windows Deployment Services +1

Name of the Vulnerable Software and Affected Versions: Windows Deployment Services affected versions not specified Description: The issue is related to a lack of protection for service data in Windows Deployment Services, which can be exploited by a remote attacker to disclose protected...

PT-2023-5977 · Microsoft · Windows Remote Desktop Gateway +1

Name of the Vulnerable Software and Affected Versions: Windows Remote Desktop Gateway RD Gateway affected versions not specified Description: The issue is related to a lack of protection for service data in Windows Remote Desktop Gateway RD Gateway, which can be exploited by a remote attacker to...

The vulnerability of the IBM Robotic Process Automation software lies in the lack of protection for operational data, which allows attackers to disclose sensitive information.

The vulnerability of the IBM Robotic Process Automation software lies in the lack of protection for operational data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to disclose the protected information...