1175 matches found
CVE-2023-28373
A flaw exists in FlashArray Purity whereby an array administrator by configuring an external key manager can affect the availability of data on the system including snapshots protected by SafeMode...
CVE-2023-28373
A flaw exists in FlashArray Purity whereby an array administrator by configuring an external key manager can affect the availability of data on the system including snapshots protected by SafeMode...
Code injection
A flaw exists in FlashArray Purity whereby an array administrator by configuring an external key manager can affect the availability of data on the system including snapshots protected by SafeMode...
Pure Storage FlashBlade Security Vulnerability
Pure Storage FlashBlade is a consolidated storage platform for file and object workloads from U.S.-based Pure Storage. A security vulnerability exists in FlashBlade Purity OE version 4.1.0 that originates when an array administrator affects the availability of data on the system, including...
The vulnerability of the delete.php script (located at general/hr/manage/staff_title_evaluation/delete.php) within the Tongda OA automation tool for business processes, which allows an attacker to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the delete.php script located at general/hr/manage/stafftitleevaluation/delete.php within the Tongda OA automation tool relates to the failure to protect the SQL query structure during the processing of the EVALUATIONID parameter. Exploiting this vulnerability allows an...
CVE-2023-31042
A flaw exists in FlashBlade Purity whereby an authenticated user with access to FlashBlade’s object store protocol can impact the availability of the system’s data access and replication protocols...
CVE-2023-28373
CVE-2023-28373 describes a flaw in FlashArray Purity where an array administrator configuring an external key manager can affect data availability, including SafeMode-protected snapshots. The connected documents confirm the impact on availability but do not specify exploit details or a confirmed ...
CVE-2023-28373 FlashArray SafeMode Immutable Vulnerability
A flaw exists in FlashArray Purity whereby an array administrator by configuring an external key manager can affect the availability of data on the system including snapshots protected by SafeMode...
CVE-2023-28373 FlashArray SafeMode Immutable Vulnerability
A flaw exists in FlashArray Purity whereby an array administrator by configuring an external key manager can affect the availability of data on the system including snapshots protected by SafeMode...
The vulnerability of the SetWifiDownSettings function in the D-Link DIR-823G router’s microprogramming software allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the SetWifiDownSettings function in the D-Link DIR-823G router’s microprogramming system is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the...
The vulnerability of microprogramming software for controlling and monitoring air consumption in pneumatic systems such as Festo MSE6-C2M, MSE6-D2M, and MSE6-E2M allows a intruder to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of microprogramming software for controlling and monitoring air consumption in pneumatic systems such as Festo MSE6-C2M, MSE6-D2M, and MSE6-E2M is related to the presence of undocumented configuration commands. Exploiting this vulnerability could allow a malicious actor to...
PT-2023-15401 · Ekorccp +1 · Ekorccp +1
Name of the Vulnerable Software and Affected Versions: ekorCCP and ekorRCI affected versions not specified Description: The issue is related to a lack of device control over web requests in ekorCCP and ekorRCI, allowing an attacker to create customized requests to execute malicious actions when a...
The vulnerability in the profiles/audio/avrcp.c component of the BlueZ software package allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the profiles/audio/avrcp.c component in the BlueZ software package is related to insufficient protection of service data. Exploiting this vulnerability could allow an attacker, operating remotely, to compromise the confidentiality, integrity, and accessibility of the protecte...
The vulnerability of the nft_verdict_dump() function in the net/netfilter/nf_tables_api.c module of the Linux kernel’s netfilter component allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the nftverdictdump function in the net/netfilter/nftablesapi.c module of the Linux kernel’s netfilter component is related to the reutilization of previously freed memory due to concurrent access to resources. Exploiting this vulnerability could allow an attacker to compromis...
The vulnerability of the xenvif_get_requests() function in the drivers/net/xen-netback/netback.c module of the Xen kernel in the Linux operating system allows a attacker to compromise the integrity, confidentiality, and accessibility of the protected information.
The vulnerability of the xenvifgetrequests function in the drivers/net/xen-netback/netback.c module of the Xen kernel in the Linux operating system is related to accessing memory beyond the allocated buffer. Exploiting this vulnerability could allow an attacker to compromise the integrity,...
PT-2023-6779 · Аврора · Аврора
Name of the Vulnerable Software and Affected Versions: Аврора affected versions not specified Description: The issue is related to a flaw in the notification mechanism of the Аврора operating system, specifically concerning insufficient permission control for applications sending notifications...
The vulnerability of the software for creating and managing graphical interfaces for user applications on industrial computers (iPC) and personal computers (PC/AT) – GP-Pro EX WinGP – arises from the operation of operations beyond the buffer in memory. This vulnerability allows an attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of software for creating and managing graphical interfaces for user applications on industrial computers iPC and personal computers PC/AT like GP-Pro EX WinGP lies in the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an...
The vulnerability of the Apache Airflow Hive Provider, a network software tool, stems from insufficient validation of input data. This vulnerability allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the Apache Airflow Hive Provider network software exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to compromise the confidentiality, integrity, and accessibility of protected information...
The vulnerability of the SAP Web Dispatcher, a database management system for SAP HANA, allows an attacker to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of SAP Web Dispatcher, a database management system from SAP HANA, is related to logical errors in memory management. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of protected information...
The vulnerability of the Envoy proxy server stems from a lack of mechanisms for encoding or filtering output data, allowing attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the Envoy proxy server is related to the lack of mechanisms for encoding or filtering output data. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of the protected information...