Microsoft Edge Information Disclosure Vulnerability (CNVD-2019-10456)

Microsoft Edge is a web browser from the American company Microsoft that comes with systems after Windows 10. An information disclosure vulnerability exists in Microsoft Edge that originates from errors such as configuration during operation of a networked system or product. An unauthorized...

IBM InfoSphere Information Server Information Disclosure Vulnerability (CNVD-2020-17612)

IBM InfoSphere Information Server is a set of data integration platforms from IBM in the United States. The platform can be used to integrate data information obtained from various sources. An information disclosure vulnerability exists in IBM InfoSphere Information Server, which arises from erro...

The vulnerability of the authentication function of the Cisco NX-OS network operating system for Cisco Nexus 9000 switches allows a hacker to escalate their privileges.

The vulnerability of the authentication function of the Cisco NX-OS network operating system for Cisco Nexus 9000 series switches is related to configuration errors. Exploiting this vulnerability can allow attackers to increase their privileges...

The vulnerability of the Device Guard component of the Windows operating system allows a hacker to inject arbitrary code into a Windows PowerShell session.

The vulnerability of the Device Guard component in the Windows operating system is related to security configuration errors. Exploiting this vulnerability could allow a local attacker to inject arbitrary code into the Windows PowerShell session...

Vulnerability of the Server:Security:Privileges component of the MySQL database management system, which allows a hacker to cause a service failure

The vulnerability of the Server:Security:Privileges component of the MySQL database management system is related to security configuration errors. Exploiting this vulnerability may allow a malicious actor to cause service interruptions by modifying system data remotely...

The vulnerability of the DetectEngineContentInspection component in the Suricata intrusion detection and prevention system allows a intruder to trigger a service failure.

The vulnerability of the DetectEngineContentInspection component in the Suricata intrusion detection and prevention system is related to security configuration errors. Exploiting this vulnerability allows a malicious actor to trigger a service failure by using specially crafted network traffic,...

Authentication fails using SSH keys since 2.3.5

Neither the Pagent agent or OpenSSH is working to authenticate since I upgraded. Switching SSH services makes no difference. If I go to the command line, using ssh -i identfile I have no issues authenticating to any system. Other symptoms include the terminal not going to the repository but using...

Google to Ditch Public Key Pinning in Chrome

Google said that in an upcoming version of Chrome it will deprecate the browser’s support for HTTP public key pinning. Instead, it will adopt the “safer” more flexible solution of Expect-CT headers. HTTP public key pinning HPKP is a browser security measure that protects against an SSL certificat...

The vulnerability of the Android CAF-release operating system, related to security configuration errors, allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the Android CAF-release operating system is related to security configuration errors. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of protected information by having the UE component respond to the...

The vulnerability of the configuration of the autonomous configuration device for visualization and control systems called “U.motion Builder” arises from system configuration errors, allowing a perpetrator to execute arbitrary code.

The vulnerability of the configuration of the autonomous configuration tool for the “smart home” visualization and control system, U.motion Builder, exists due to a processing error in the system’s configuration parameters. Exploiting this vulnerability allows an attacker who operates locally to...

The vulnerabilities in programs for viewing and editing PDF files such as Adobe Reader, Adobe Acrobat, Adobe Acrobat Document Cloud, and Adobe Reader Document Cloud allow attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the DLL library of OCR plugins for programs that read and edit PDF files, such as Adobe Reader, Adobe Acrobat, Adobe Acrobat Document Cloud, and Adobe Reader Document Cloud, is related to security configuration errors. Exploiting this vulnerability can allow a malicious actor...

The vulnerability of the Mac OS X operating system and the iOS operating system allows attackers to obtain confidential information.

The vulnerability of the CFNetwork Proxies component in the Mac OS X and iOS operating systems is related to security configuration errors. Exploiting this vulnerability can allow a malicious actor to obtain confidential information remotely...

The vulnerabilities in iOS and Mac OS X operating systems allow attackers to carry out “man-in-the-middle” attacks.

The vulnerability of the IDS-Connectivity component for iOS and Mac OS X is related to security configuration errors. Exploiting this vulnerability allows a malicious actor to carry out a “man-in-the-middle” attack by using notifications regarding network connection changes...

The vulnerability of the iOS operating system, which allows a hacker to bypass the sandbox protection mechanism

The vulnerability of the WebSheet component in the iOS operating system is related to security configuration errors. Exploiting this vulnerability allows a malicious actor to bypass the sandbox protection mechanisms using undefined vectors...

The vulnerability of the Android operating system allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the Ultimate Edition software for the Android operating system is related to security configuration errors. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of protected information through specially crafte...

The vulnerability of the Java Platform software platform allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of components in the Java Platform software framework is related to security configuration errors. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of protected information through network packets...

The vulnerability of the Libraries component of the Java Platform allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Libraries component of the Java Platform software platform is related to security configuration errors. Exploiting this vulnerability can allow a malicious actor, operating remotely, to compromise the confidentiality, integrity, and accessibility of protected information...

Vulnerability of the Java Platform software platform, allowing attackers to modify data

The vulnerability of the Java Platform’s networking components is related to security configuration errors. Exploiting this vulnerability allows a malicious actor, operating remotely, to gain access to modify, add, or delete data using network packets...

The vulnerability of Google Chrome browser allows a violator to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of Google Chrome is related to security configuration errors. Exploiting this vulnerability can allow a malicious actor, operating remotely, to compromise the confidentiality, integrity, and accessibility of protected information through a specially created HTML page...

The vulnerability of the Mac OS X operating system, which allows a hacker to bypass the Taint-mode security mechanism

The vulnerability of the Perl component of the Mac OS X operating system is related to security configuration errors. Exploiting this vulnerability allows a local attacker to bypass the Taint-mode protection mechanism by using a specially created environment variable...