CVE-2025-20305

Cisco ISE (web-based management interface) contains an information-disclosure vulnerability where certain files lack proper data protection, enabling an authenticated, read-only administrator to view passwords normally hidden to that role. Impact is limited to confidentiality (viewing sensitive c...

The vulnerability of the NTLM protocol implementation in the backup and recovery software for remote and cloud-based Veeam Service Provider Console (VSPC) users allows a hacker to bypass authentication procedures and gain unauthorized access to protected information.

The vulnerability of the NTLM protocol implementation in the backup and recovery software for remote and cloud-based Veeam Service Provider Consoles is related to insufficient protection of service data. Exploiting this vulnerability allows a malicious actor to bypass authentication procedures an...

The vulnerability of the SCADA system MasterSCADA, related to deficiencies in data protection, allows a intruder to gain access to the project configuration file.

The vulnerability of the SCADA system MasterSCADA is related to deficiencies in data protection. Exploiting this vulnerability can allow an intruder to gain unauthorized access to the project configuration file by rewriting the password hash value...

The vulnerability of software for developing and executing applications in the ABAP language on the SAP NetWeaver Application Server ABAP platform lies in the insufficient protection of operational data, which allows attackers to disclose confidential information.

The vulnerabilities of the software used for developing and executing applications in the ABAP language of SAP NetWeaver Application Server are related to insufficient protection of operational data. Exploiting these vulnerabilities can allow attackers to disclose sensitive information...

The vulnerability of Microsoft Bing Search’s search engine on the iOS operating system allows attackers to carry out spoofing attacks.

The vulnerability of Microsoft Bing Search’s search engine on the iOS operating system is related to a violation of data protection mechanisms. Exploiting this vulnerability allows an attacker to perform spear-phishing attacks remotely...

The vulnerability of Microsoft SharePoint Server, SharePoint Foundation, and SharePoint Enterprise Server lies in their security vulnerabilities related to data protection, which allows attackers to gain unauthorized access to protected information.

The vulnerability of Microsoft SharePoint Server, SharePoint Foundation, and SharePoint Enterprise Server relates to deficiencies in data protection. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

The vulnerability of the Network Address Translation (NAT) technology implementation in Windows operating systems allows a hacker to induce a service failure.

The vulnerability of the Network Address Translation NAT technology implementation in Windows operating systems is related to security flaws in service data protection. Exploiting this vulnerability can allow an attacker to cause service failures remotely...

The vulnerability of the File Store Service, a component of the Service Fabric application, allows a perpetrator to escalate their privileges.

The vulnerability of the File Store Service of the Service Fabric application is related to the lack of protection for service data. Exploiting this vulnerability allows a malicious actor to enhance their privileges by modifying the configuration file and connecting to SMB or SCP ports...