136 matches found
CVE-2021-33334
The Dynamic Data Mapping module in Liferay Portal 7.0.0 through 7.3.2, and Liferay DXP 7.0 before fix pack 94, 7.1 before fix pack 19, and 7.2 before fix pack 6, does not properly check user permissions, which allows remote attackers with the forms "Access in Site Administration" permission to vi...
CVE-2021-33334
CVE-2021-33334 affects Liferay Portal 7.0.0–7.3.2 and Liferay DXP 7.0 (pre-fix pack 94), 7.1 (pre-fix pack 19), and 7.2 (pre-fix pack 6). The Dynamic Data Mapping module does not properly enforce user permissions, allowing remote attackers with the forms "Access in Site Administration" permission...
CVE-2021-33323
The Dynamic Data Mapping module in Liferay Portal 7.1.0 through 7.3.2, and Liferay DXP 7.1 before fix pack 19, and 7.2 before fix pack 7, autosaves form values for unauthenticated users, which allows remote attackers to view the autosaved values by viewing the form as an unauthenticated user...
CVE-2021-33323
The Dynamic Data Mapping module in Liferay Portal 7.1.0 through 7.3.2, and Liferay DXP 7.1 before fix pack 19, and 7.2 before fix pack 7, autosaves form values for unauthenticated users, which allows remote attackers to view the autosaved values by viewing the form as an unauthenticated user...
Design/Logic Flaw
The Dynamic Data Mapping module in Liferay Portal 7.1.0 through 7.3.2, and Liferay DXP 7.1 before fix pack 19, and 7.2 before fix pack 7, autosaves form values for unauthenticated users, which allows remote attackers to view the autosaved values by viewing the form as an unauthenticated user...
CVE-2021-33323
The Dynamic Data Mapping module in Liferay Portal 7.1.0 through 7.3.2, and Liferay DXP 7.1 before fix pack 19, and 7.2 before fix pack 7, autosaves form values for unauthenticated users, which allows remote attackers to view the autosaved values by viewing the form as an unauthenticated user...
CVE-2021-33323
The CVE-2021-33323 entry describes a vulnerability in the Dynamic Data Mapping module of Liferay Portal 7.1.0–7.3.2 and Liferay DXP 7.1 (before fix pack 19) and 7.2 (before fix pack 7), where autosaving of form values for unauthenticated users can be viewed by loading the form as an unauthenticat...
Liferay Portal 和 Liferay DXP 安全漏洞
Liferay Portal and Liferay DXP are both products of Liferay Inc.Liferay Portal is a J2EE-based portal solution. The solution uses technologies such as EJB as well as JMS and can be used as a Web publishing and sharing workspace, enterprise collaboration platform, social network, etc. Liferay DXP ...
AZL-6569 CVE-2021-3501 affecting package kernel for versions less than 5.10.78.1-1
A flaw was found in the Linux kernel in versions before 5.12. The value of internal.ndata, in the KVM API, is mapped to an array index, which can be updated by a user process at anytime which could lead to an out-of-bounds write. The highest threat from this vulnerability is to data integrity and...
Incorporating machine learning in data mapping for improved results
By Owais Sultan Data mapping is a process in which different bits of data are organized into a manageable as well as easy-to-comprehend system. This is a post from HackRead.com Read the original post: Incorporating machine learning in data mapping for improved results...
Manage, govern, and get more value out of your data with Azure Purview
Data is the currency of today’s economy. Data is being created faster than ever in more locations than organizations can track. In fact, IDC has predicted that global data will grow to more than 175 zettabytes by 2025. To put that into context, that’s 175 trillion 1GB USB drives. At the same time...
Customer data & marketing operations: Keeping your data safe on the journey to GDPR compliance
Emails. Web forms. Events. Oh my! These marketing tactics are all designed to gather, store, and evolve relationships with your prospects, customers, and partners. Often times, they are the first point of contact for your organization from the outside world—and they all feed into your marketing...
Faraday v2.7 - Collaborative Penetration Test and Vulnerability Management Platform
Faraday is the Integrated Multiuser Risk Environment you have alwasy been looking for! It maps and leverages all the data you generate in real time , letting you track and understand your audits. Our dashboard for CISOs and managers uncovers the risks and impacts and risks being assessed by the...
Professional Services for GDPR Compliance
The GDPR effective date is less than seven months away and the stakes are high. GDPR non-compliance penalties have the potential to be quite significant up to 79 times higher than existing guidelines, and GDPR applies to any organization of any size that collects or processes personal data...
National Exposure Index 2017
Today, Rapid7 is releasing the second National Exposure Index, our effort to quantify the exposure that nations are taking on by offering public services on the internet--not just the webservers like the one hosting this blog, but also unencrypted POP3, IMAPv4, telnet, database servers, SMB, and...
kernel: bio: integer overflow page count when mapping/copying user data
Multiple integer overflows in fs/bio.c in the Linux kernel before 2.6.36.2 allow local users to cause a denial of service system crash via a crafted device ioctl to a SCSI device...