webkitgtk: An app may be able to access sensitive user data

A flaw was found in WebKitGTK. Processing or loading malicious web content can allow an app to access sensitive user data due to improper data protection...

webkitgtk: An app may be able to access sensitive user data

A flaw was found in WebKitGTK. Processing or loading malicious web content can allow an app to access sensitive user data due to improper data protection...

webkitgtk: An app may be able to access sensitive user data

A flaw was found in WebKitGTK. Processing or loading malicious web content can allow an app to access sensitive user data due to improper data protection...

Arcserve Unified Data Protection - Authentication Bypass

An authentication bypass vulnerability exists in Arcserve Unified Data Protection 9.2 and 8.1 in the edge-app-base-webui.jar!com.ca.arcserve.edge.app.base.ui.server.EdgeLoginServiceImpl.doLogin function within wizardLogin. id: CVE-2024-0799 info: name: Arcserve Unified Data Protection -...

webkitgtk: An app may be able to access sensitive user data

A flaw was found in WebKitGTK. Processing or loading malicious web content can allow an app to access sensitive user data due to improper data protection...

WordPress WP DSGVO Tools (GDPR) plugin <= 3.1.39 - Missing Authorization to Unauthenticated Sensitive Personal Data Disclosure vulnerability

Missing Authorization to Unauthenticated Sensitive Personal Data Disclosure vulnerability discovered by kalomba - KAPENTEST in WordPress Plugin WP DSGVO Tools GDPR versions = 3.1.39...

Important: Red Hat Security Advisory: Red Hat OpenShift API for Data Protection

A new version of OpenShift API for Data Protection OADP is now available. OpenShift API for Data Protection OADP enables you to back up and restore application resources, persistent volume data, and internal container images to external backup storage. OADP enables both file system-based and...

webkitgtk: An app may be able to access sensitive user data

A flaw was found in WebKitGTK. Processing or loading malicious web content can allow an app to access sensitive user data due to improper data protection...

webkitgtk: An app may be able to access sensitive user data

A flaw was found in WebKitGTK. Processing or loading malicious web content can allow an app to access sensitive user data due to improper data protection...

ROS-20260610-73-0008

The vulnerability in Thunderbird is related to a flaw in the data protection mechanism. Exploiting this vulnerability allows an attacker who operates remotely to circumvent existing security restrictions...

ROS-20260609-73-0037

The vulnerability in Thunderbird is related to a behavior that varies depending on the type of implementation. Exploiting this vulnerability allows an attacker who operates remotely to compromise the confidentiality, integrity, and accessibility of the protected information...

ROS-20260609-73-0034

The vulnerability in Thunderbird is related to the lack of protection for service data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

State of Agentic AI Security and Governance

An OWASP white paper analyzing the security, governance, and risk management considerations surrounding agentic AI systems, including autonomous decision-making, tool access, prompt injection, data protection, and organizational oversight. This is version 2.01...

CVE-2026-1272

IBM Guardium Data Protection 12.0, 12.1, and 12.2 is vulnerable to Security Misconfiguration vulnerability in the user access control panel...

CVE-2026-1274

IBM Guardium Data Protection 12.0, 12.1, and 12.2 is vulnerable to a Bypass Business Logic vulnerability in the access management control panel...

CVE-2026-4917

IBM Guardium Data Protection 12.1 could allow an administrative user to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences /../ to write arbitrary files on the system...

CVE-2026-4919

IBM Guardium Data Protection 12.1 is vulnerable to cross-site scripting. This vulnerability allows an administrative user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...

CVE-2026-3535

The DSGVO Google Web Fonts GDPR plugin for WordPress is vulnerable to arbitrary file upload due to missing file type validation in the DSGVOGWPdownloadGoogleFonts function in all versions up to, and including, 1.1. The function is exposed via a wpajaxnopriv hook, requiring no authentication. It...

CVE-2026-42517

This vulnerability exists in e-Sushrut due to the use of reversible Base64 encoding for protecting sensitive data. An authenticated attacker could exploit this vulnerability by decoding and manipulating Base64-encoded parameters in the request URL to gain unauthorized access to sensitive...

Mimecast Incydr 安全漏洞

Mimecast Incydr is a cloud-native internal risk management and data protection platform developed by Mimecast Corporation in the United States. Versions of Mimecast Incydr prior to version 2.6.0 contained security vulnerabilities that could lead to arbitrary file access...