The vulnerability of the document-oriented database management system MongoDB, related to authentication errors, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the document-oriented database management system MongoDB is related to authentication errors. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

The vulnerability of VMware Workspace One’s software lies in authentication process errors, which allow attackers to gain unauthorized access to protected information.

The vulnerability of VMware Workspace One software is related to errors in the certificate validation process. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the software update service for Cisco Webex Meetings Desktop App on Mac operating systems allows a perpetrator to execute arbitrary code.

The vulnerability of the software update service for the Cisco Webex Meetings Desktop App on Mac operating systems is related to authentication errors. Exploiting this vulnerability allows a malicious actor to execute arbitrary code via a specially created website...

docker-cli docker-engine security update

docker-cli 19.03.11-4 - added patch for registry list 19.03.11-3 - update to 19.03.11 for CVE-2020-13401 19.03.1-1.0.0 - update to 19.03.1 19.03-0.0.1 - update to 19.03 18.09.1-1.0.6 - disable kmem accounting for UEKR4 18.09.1-1.0.5 - apply e4931e664feac6fa8846f3f04268a0cc98822549, fixes...

The vulnerability of the words.protocols.jabber.xmlstream function in the Twisted networking framework allows a attacker to execute a “man-in-the-middle” attack.

The vulnerability of the words.protocols.jabber.xmlstream function in the Twisted networking framework is related to authentication errors. Exploiting this vulnerability could allow a remote attacker to execute a “man-in-the-middle” attack...

The vulnerability of the Cisco Unified Contact Center Express automation software, related to authentication errors, allows a perpetrator to trigger a service failure.

The vulnerability of the Cisco Unified Contact Center Express operator automation software is related to authentication errors. Exploiting this vulnerability can allow an attacker to cause service interruptions...

The vulnerability of the Kerberos protocol implementation in Cisco Adaptive Security Appliance (ASA) microprogramming software allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the Kerberos protocol implementation in Cisco Adaptive Security Appliance ASA microprogramming software is related to authentication errors. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of protected...

Microsoft security advisory: Updated support for Diffie-Hellman Key Exchange

Microsoft security advisory: Updated support for Diffie-Hellman Key Exchange Summary Microsoft has released a Microsoft security advisory about this issue for IT professionals. The security advisory contains additional security-related information. To learn more about the vulnerability, see...

The vulnerability of the Open Build Service software platform, related to authentication errors, allows attackers to circumvent existing security restrictions and execute a type of “man-in-the-middle” attack.

The vulnerability of the Open Build Service software platform is related to errors in verifying the authenticity of certificates. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions and execute a type of “man-in-the-middle” attack...

The vulnerability of the Grafana data representation web tool, related to authentication errors, allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Grafana data presentation web tool is related to authentication errors. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

The vulnerability of the STARTTLS component of the Keycloak identity and access management software lies in implementation errors related to authentication procedures. This allows attackers to escalate their privileges.

The vulnerability of the STARTTLS component of the Keycloak identity and access management software is related to implementation errors in authentication procedures. Exploiting this vulnerability can allow attackers to enhance their privileges remotely...

The vulnerability of the SAP NetWeaver software integration platform’s keystore service allows attackers to disclose protected information.

The vulnerability of the SAP NetWeaver software integration platform’s keystore service is related to authentication errors. Exploiting this vulnerability can allow a malicious actor to disclose protected information remotely...

The vulnerability of the Keycloak identity and access management software lies in implementation errors related to authentication procedures, which allow attackers to escalate their privileges.

The vulnerability of the Keycloak identity and access management software is related to errors in the implementation of authentication procedures. Exploiting this vulnerability can allow unauthorized actors to gain increased privileges...

The vulnerability of the Remote Desktop Web Access service in Windows operating systems allows a perpetrator to disclose protected information.

The vulnerability of the Remote Desktop Web Access service in Windows operating systems with authentication processing errors. Exploiting this vulnerability can allow a malicious actor to disclose protected information from a remote location...

The vulnerability of software for integrating SAP NetWeaver Process Integration corporate applications, related to authentication errors, allows attackers to increase their privileges.

The vulnerability of the software for integrating SAP NetWeaver Process Integration corporate applications is related to authentication errors. Exploiting this vulnerability can allow a malicious actor to enhance their privileges remotely...

Huawei routers’ vulnerabilities related to authentication errors allow attackers to execute arbitrary code and increase their privileges.

The vulnerability of Huawei routers is related to authentication errors. Exploiting this vulnerability allows a hacker to execute arbitrary code and increase their privileges...

The vulnerability of the FortiOS operating system, related to authentication errors, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the FortiOS operating system is related to authentication errors. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information, while pretending to be an LDAP server...

The vulnerability of the wan.htm component in D-Link DIR-600M N 150 Wi-Fi routers allows a intruder to gain unauthorized access to protected information and alter the configuration settings.

The vulnerability of the wan.htm component in D-Link DIR-600M N 150 Wi-Fi routers is related to authentication errors. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information and modify configuration settings...

A vulnerability in the isolation function of websites arises when using Blob URLs and the Google Chrome browser. This allows a perpetrator to gain unauthorized access to protected information.

The vulnerability in the isolation functionality of websites, which arises when using Blob URLs and the Google Chrome browser, is related to authentication errors. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information through...

The vulnerability of Microprogramming Software: Intel Converged Security and Manageability Engine (CSME), Intel Trusted Execution Engine (TXE), and Intel Dynamic Application Loader (DAL) is related to authentication errors, allowing attackers to escalate their privileges.

The vulnerabilities of Microprogramming Software: Intel Converged Security and Manageability Engine CSME, Intel Trusted Execution Engine TXE, and Intel Dynamic Application Loader DAL are related to authentication errors. Exploiting these vulnerabilities can allow attackers to enhance their...