4686 matches found
Arcserve Unified Data Protection - Authentication Bypass
An authentication bypass vulnerability exists in Arcserve Unified Data Protection 9.2 and 8.1 in the edge-app-base-webui.jar!com.ca.arcserve.edge.app.base.ui.server.EdgeLoginServiceImpl.doLogin function within wizardLogin. id: CVE-2024-0799 info: name: Arcserve Unified Data Protection -...
CVE-2026-12955
The CVE-2026-12955 entry describes a vulnerability in the GDPR Cookie Consent plugin for WordPress (versions up to 4.3.6) where missing capability checks and nonce verification in the gdpr_cookie_consent_ajax_save_schedule_scan() function (wp_ajax_gcc_save_schedule_scan) allow authenticated users...
CVE-2026-14475 Cookie Banner for GDPR / CCPA <= 4.3.6 - Authenticated (Administrator+) SQL Injection via 'scan_id' Parameter
The Cookie Banner for GDPR / CCPA – WPLP Cookie Consent plugin for WordPress is vulnerable to generic SQL Injection via the 'scanid' parameter in all versions up to, and including, 4.3.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing...
WordPress Cookie Banner for GDPR / CCPA – WPLP Cookie Consent plugin <= 4.3.6 - Authenticated (Administrator+) SQL Injection vulnerability
Authenticated Administrator+ SQL Injection vulnerability discovered by PRISM in WordPress Plugin WP Cookie Notice for GDPR, CCPA & ePrivacy Consent versions = 4.3.6...
WordPress Cookie Banner for GDPR / CCPA – WPLP Cookie Consent plugin <= 4.3.6 - Missing Authorization to Authenticated (Subscriber+) Scan Schedule Modification vulnerability
Missing Authorization to Authenticated Subscriber+ Scan Schedule Modification vulnerability discovered by PRISM in WordPress Plugin WP Cookie Notice for GDPR, CCPA & ePrivacy Consent versions = 4.3.6...
EUVD-2026-42562
The DSGVO All in one for WP plugin for WordPress is vulnerable to Missing Authorization in all versions up to and including 4.9. This is due to the dsgvoresetpolicyservicefunc function lacking both capability checks and nonce verification while processing user-supplied parameters to reset plugin...
Important: Red Hat Security Advisory: Red Hat OpenShift API for Data Protection
A new version of OpenShift API for Data Protection OADP is now available. OpenShift API for Data Protection OADP enables you to back up and restore application resources, persistent volume data, and internal container images to external backup storage. OADP enables both file system-based and...
webkitgtk: An app may be able to access sensitive user data
A flaw was found in WebKitGTK. Processing or loading malicious web content can allow an app to access sensitive user data due to improper data protection...
webkitgtk: An app may be able to access sensitive user data
A flaw was found in WebKitGTK. Processing or loading malicious web content can allow an app to access sensitive user data due to improper data protection...
webkitgtk: An app may be able to access sensitive user data
A flaw was found in WebKitGTK. Processing or loading malicious web content can allow an app to access sensitive user data due to improper data protection...
webkitgtk: An app may be able to access sensitive user data
A flaw was found in WebKitGTK. Processing or loading malicious web content can allow an app to access sensitive user data due to improper data protection...
webkitgtk: An app may be able to access sensitive user data
A flaw was found in WebKitGTK. Processing or loading malicious web content can allow an app to access sensitive user data due to improper data protection...
WordPress WP DSGVO Tools (GDPR) plugin <= 3.1.39 - Missing Authorization to Unauthenticated Sensitive Personal Data Disclosure vulnerability
Missing Authorization to Unauthenticated Sensitive Personal Data Disclosure vulnerability discovered by kalomba - KAPENTEST in WordPress Plugin WP DSGVO Tools GDPR versions = 3.1.39...
Important: Red Hat Security Advisory: Red Hat OpenShift API for Data Protection
A new version of OpenShift API for Data Protection OADP is now available. OpenShift API for Data Protection OADP enables you to back up and restore application resources, persistent volume data, and internal container images to external backup storage. OADP enables both file system-based and...
webkitgtk: An app may be able to access sensitive user data
A flaw was found in WebKitGTK. Processing or loading malicious web content can allow an app to access sensitive user data due to improper data protection...
webkitgtk: An app may be able to access sensitive user data
A flaw was found in WebKitGTK. Processing or loading malicious web content can allow an app to access sensitive user data due to improper data protection...
ROS-20260610-73-0008
The vulnerability in Thunderbird is related to a flaw in the data protection mechanism. Exploiting this vulnerability allows an attacker who operates remotely to circumvent existing security restrictions...
ROS-20260609-73-0034
The vulnerability in Thunderbird is related to the lack of protection for service data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...
ROS-20260609-73-0037
The vulnerability in Thunderbird is related to a behavior that varies depending on the type of implementation. Exploiting this vulnerability allows an attacker who operates remotely to compromise the confidentiality, integrity, and accessibility of the protected information...
State of Agentic AI Security and Governance
An OWASP white paper analyzing the security, governance, and risk management considerations surrounding agentic AI systems, including autonomous decision-making, tool access, prompt injection, data protection, and organizational oversight. This is version 2.01...