The vulnerability of the GlobalProtect SSL VPN implementation in the PAN-OS operating system allows a intruder to gain unauthorized access to protected information.

The vulnerability of the GlobalProtect SSL VPN implementation for the PAN-OS operating system is related to errors in the certificate authentication process. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the integration component of the Magento Commerce software development and management platform, related to authentication errors, allows attackers to gain unauthorized access to protected information.

The vulnerability of the integration component of the Magento Commerce software development and management platform is related to authentication errors. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information by using...

The vulnerability of the Bluetooth service for Windows operating systems allows a perpetrator to increase their privileges and gain unauthorized access to protected information.

The vulnerability of the Bluetooth service for Windows operating systems is related to authentication errors. Exploiting this vulnerability can allow an attacker to increase their privileges and gain unauthorized access to protected information...

The vulnerability of the Bluetooth service for Windows operating systems allows a perpetrator to increase their privileges and gain unauthorized access to protected information.

The vulnerability of the Bluetooth service for Windows operating systems is related to authentication errors. Exploiting this vulnerability can allow an attacker to increase their privileges and gain unauthorized access to protected information...

PT-2021-2949 · Adobe · Magento

Name of the Vulnerable Software and Affected Versions: Magento versions 2.4.1 and earlier Magento versions 2.4.0-p1 and earlier Magento versions 2.3.6 and earlier Description: The issue is related to an insecure direct object reference IDOR in the product module, which could lead to unauthorized...

The vulnerability of the device controller in the Cisco Data Center Network Manager system allows a intruder to compromise the integrity of data.

The vulnerability of the Data Center Network Manager DCNM of the Cisco Data Center Network system is related to errors in the authentication process. Exploiting this vulnerability could allow an attacker to compromise the integrity of data...

The vulnerability of the Istio network software, related to authentication errors, allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the Istio network software is related to authentication errors. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of the protected information...

The vulnerability of the network software tool Envoy, related to authentication errors, allows a hacker to gain access to protected information.

The vulnerability of the network software tool Envoy is related to authentication errors. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain access to protected information...

The vulnerabilities of PDF viewer programs such as Adobe Reader and Document Cloud, as well as PDF editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat, are related to authentication process errors, allowing attackers to execute arbitrary code.

The vulnerabilities of PDF viewer programs such as Adobe Reader and Document Cloud, as well as PDF editing programs like Adobe Acrobat and Document Cloud, are related to authentication process errors. Exploiting these vulnerabilities can allow a malicious actor to execute arbitrary code in the...

The vulnerability of the integration component of the Magento Commerce software development and management platform, related to authentication errors, allows attackers to gain unauthorized access to protected information and delete customer data through the REST API without authorization.

The vulnerability of the integration component of the Magento Commerce software for online store development and management is related to authentication errors. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information and delete customer data throug...

The vulnerability of the Inventory component of the Magento Commerce software platform for developing and managing online stores, related to authentication errors, allows attackers to compromise the confidentiality and integrity of the protected information.

The vulnerability of the Inventory component of the Magento Commerce software platform for developing and managing online stores is related to authentication errors, which allow attackers to compromise the confidentiality and integrity of protected information using the HTTP network protocol...

The vulnerability of the Inventory component of the Magento Commerce software platform for developing and managing online stores, related to authentication errors, allows attackers to compromise the integrity of the protected information.

The vulnerability of the Inventory component in the Magento Commerce software platform for developing and managing online stores is related to authentication errors. Exploiting this vulnerability can allow an attacker to compromise the integrity of the protected information...

The vulnerability of the integration component of the Magento Commerce software development and management platform, related to authentication errors, allows a malicious user to delete CMS pages via the REST API without authentication.

The vulnerability of the integration component of the Magento Commerce software for developing and managing online stores is related to authentication errors. Exploiting this vulnerability allows a malicious actor to delete CMS pages through the REST API without authentication...

The vulnerability of the “file transfer” component of the TIBCO Managed File Transfer Platform Server allows a perpetrator to modify any files they choose.

The vulnerability of the “file transfer” component of the TIBCO Managed File Transfer Platform Server is related to errors in the mechanism for processing authentication requests. Exploiting this vulnerability allows a malicious actor to modify arbitrary files remotely...

The vulnerability of the Microsoft Dynamics 365 Commerce e-commerce software, related to authentication errors, allows a hacker to increase their privileges.

The vulnerability of the Microsoft Dynamics 365 Commerce e-commerce software relates to authentication errors. Exploiting this vulnerability can allow an attacker to increase their privileges remotely...

The vulnerability of the Active Directory Federation Services (ADFS) for Windows operating systems allows a perpetrator to carry out spoofing attacks.

The vulnerability of the Active Directory Federation Services AD FS for Windows operating systems is related to authentication errors. Exploiting this vulnerability can allow a malicious actor to carry out spear-phishing attacks remotely...

PT-2020-3916 · Microsoft · Active Directory Federation Services +1

Name of the Vulnerable Software and Affected Versions: Active Directory Federation Services ADFS affected versions not specified Description: An elevation of privilege issue exists due to improper handling of multi-factor authentication requests by Active Directory Federation Services ADFS. This...

The vulnerability of the CloudForms Management Engine, a software platform for managing virtual environments, relates to authentication errors. This vulnerability allows an attacker to create existing or new users for access control based on roles and groups.

The vulnerability of the CloudForms Management Engine software platform for managing virtual environments is related to authentication errors. Exploiting this vulnerability allows a malicious actor to create existing or new users for access control based on roles and groups...

Vulnerability in the web interface for managing Cisco Small Business Smart and Managed Switches’ micro-programming software, allowing attackers to increase their privileges

The vulnerability in the web interface for managing Cisco Small Business Smart and Managed Switch microprogramming software is related to authentication errors. Exploiting this vulnerability can allow a malicious actor to gain increased privileges remotely...

The vulnerability of the monitoring tool for the virtual infrastructure vRealize Operations, related to authentication errors, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the monitoring tool for the vRealize Operations virtual infrastructure is related to authentication errors. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...