Lucene search
+L

400 matches found

BDU FSTEC
BDU FSTEC
added 2023/12/21 12:0 a.m.8 views

The vulnerability of the application access control library in the SAP XS Advanced sap/xssec development, integration, and application extension platform in the SAP Business Technology Platform (BTP) environment arises from insecure management of privileges. This allows attackers to escalate their privileges.

The vulnerability of the application access control library in the SAP XS Advanced sap/xssec development, integration, and application extension platform in the SAP Business Technology Platform BTP environment is related to insecure management of privileges. Exploiting this vulnerability can allo...

9.4CVSS7.7AI score0.01085EPSS
Exploits0References6Affected Software1
Microsoft Malware Protection
Microsoft Malware Protection
added 2023/12/19 5:0 p.m.24 views

How Strata Identity and Microsoft Entra ID solve identity challenges in mergers and acquisitions

This blog post is part of the Microsoft Intelligent Security Association guest blog series. Learn more about MISA. Along with every merger and acquisition between two companies comes the need to combine and strengthen their IT infrastructure. In particular, there is an immediate and profound impa...

7.3AI score
Exploits0
UbuntuCve
UbuntuCve
added 2023/12/14 12:0 a.m.27 views

CVE-2023-49345

Temporary data passed between application components by Budgie Extras Takeabreak applet could potentially be viewed or manipulated. The data is stored in a location that is accessible to any user who has local access to the system. Attackers may pre-create and control this file to present false...

7.8CVSS7AI score0.00303EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/12/11 12:0 a.m.6 views

Apple macOS Ventura Security Vulnerability

Apple macOS Ventura is a desktop operating system from Apple Inc. in the United States. A security vulnerability exists in Apple macOS Ventura version 13.6.3, which stems from an application that may be able to access sensitive user data...

5.5CVSS4.5AI score0.00256EPSS
Exploits0References4
NVD
NVD
added 2023/12/08 3:15 p.m.25 views

CVE-2023-49443

DoraCMS v2.1.8 was discovered to re-use the same code for verification of valid usernames and passwords. This vulnerability allows attackers to gain access to the application via a bruteforce attack...

9.8CVSS0.00815EPSS
Exploits1References1
Microsoft Secure
Microsoft Secure
added 2023/12/05 5:0 p.m.39 views

Microsoft Incident Response lessons on preventing cloud identity compromise

Microsoft observed a surge in cyberattacks targeting identities in 2023, with attempted password-based attacks increasing by more than tenfold in the first quarter of 2023 compared to the same period in 2022. Threat actors leverage compromised identities to achieve a significant level of access t...

7.1AI score
Exploits0
CNNVD
CNNVD
added 2023/10/25 12:0 a.m.5 views

Apple macOS Log Information Disclosure Vulnerability

Apple macOS is a specialized operating system developed by Apple Inc. for Mac computers. A security vulnerability exists in Apple macOS Sonoma version 14.1, which stems from an application that may be able to access sensitive user data...

5.5CVSS6.4AI score0.00376EPSS
Exploits0References18
Prion
Prion
added 2023/10/19 7:15 p.m.21 views

Information disclosure

The affected product is vulnerable to a cleartext transmission of sensitive information vulnerability, which may allow an attacker with access to the network, where clients have access to the DexGate server, could capture traffic. The attacker can later us the information within it to access the...

4.3CVSS6.7AI score0.00241EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/10/19 6:8 p.m.34 views

CVE-2023-41088 Cleartext Transmission of Sensitive Information in DEXMA DEXGate

The affected product is vulnerable to a cleartext transmission of sensitive information vulnerability, which may allow an attacker with access to the network, where clients have access to the DexGate server, could capture traffic. The attacker can later us the information within it to access the...

6.3CVSS6.4AI score0.00241EPSS
Exploits0References1
Citrix
Citrix
added 2023/09/28 12:0 a.m.13 views

Login using Okta shows the message "It doesn't look like you have any apps/desktops"

When Okta authentication is used to login for Citrix Cloud, user don't see application or desktop. Instead they get the message: "It doesn't look like you have any apps/desktops"...

7.3AI score
Exploits0
Citrix
Citrix
added 2023/09/14 12:0 a.m.10 views

Workspace error "Your account cannot be added using this mail address" or "Cannot contact store"

When attempting to add account with NetScaler Gateway FQDN on Windows Workspace, users encounter below error message: "Your account cannot be added using this email address." Or "Your apps are not available at this time. Please try again in few minutes or contact your help desk with this...

7AI score
Exploits0
OSV
OSV
added 2023/09/11 9:15 p.m.9 views

CVE-2023-35683

In bindSelection of DatabaseUtils.java, there is a possible way to access files from other applications due to SQL injection. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

5.5CVSS6AI score0.00173EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/07/24 12:0 a.m.5 views

Apple macOS Ventura 安全漏洞

Apple macOS Ventura is a desktop operating system by Apple Inc. A security vulnerability exists in Apple macOS Ventura, which originates from an application that may be able to modify protected portions of the file system...

5.5CVSS6.4AI score0.00199EPSS
Exploits0References7
Cvelist
Cvelist
added 2023/07/19 2:22 p.m.33 views

CVE-2023-3638 GeoVision GV-ADR2701 Improper Authentication

In GeoVision GV-ADR2701 cameras, an attacker could edit the login response to access the web application...

9.8CVSS9.6AI score0.00583EPSS
Exploits0References1
Citrix
Citrix
added 2023/07/10 12:0 a.m.6 views

ADC LB VIP sending Reset with code 9872

1. Application was being accessed through the LB vServer and it was not loading 2.nstrace taken on the ADC showedRST flag:0x014 sent by VIP to the client in response to almost every GET request sent by the client. 3. ADC was sending RST with window size 9872 which means Websocket upgrade request...

7AI score
Exploits0
CNNVD
CNNVD
added 2023/06/28 12:0 a.m.4 views

Apple macOS Ventura 安全漏洞

Apple macOS Ventura is a desktop operating system from Apple Inc. in the United States. A security vulnerability exists in Apple macOS Ventura that originates from an application that may be able to modify protected portions of the file system...

5.5CVSS6.8AI score0.0025EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/05/18 12:0 a.m.6 views

Apple macOS Ventura 安全漏洞

Apple macOS Ventura is a desktop operating system from Apple Inc. in the United States. A security vulnerability exists in Apple macOS Ventura version 13.4, which stems from an application that may be able to modify protected portions of the file system...

5.5CVSS6.4AI score0.00261EPSS
Exploits0References6
CNNVD
CNNVD
added 2023/05/18 12:0 a.m.8 views

Apple macOS Ventura 安全漏洞

Apple macOS Ventura is a desktop operating system from Apple Inc. in the United States. A security vulnerability exists in Apple macOS Ventura version 13.4, which stems from an application that may be able to read sensitive location information...

5.5CVSS5.7AI score0.00251EPSS
Exploits0References6
CNVD
CNVD
added 2023/05/17 12:0 a.m.46 views

OpenEMR Access Control Error Vulnerability (CNVD-2023-40910)

OpenEMR is an open source medical management system from the OpenEMR community. The system can be used for medical practice management, electronic medical records, prescription writing and medical billing requests. An Access Control Error vulnerability exists in OpenEMR versions prior to 7.0.1,...

8.8CVSS6.6AI score0.0061EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2023/05/17 12:0 a.m.9 views

PT-2023-2925

Name of the Vulnerable Software and Affected Versions Weaver e-cology versions up to 9.0 Description A problematic vulnerability was found in the RequestInfoByXml function of the API component, leading to xml external entity reference. This issue is related to incorrect restriction of XML links t...

8.8CVSS6AI score0.00984EPSS
Exploits1References9
Rows per page
Query Builder