21 matches found
EUVD-2014-4547
Malware in sbrugna...
CVE-2025-24221
This issue was addressed with improved data access restriction. This issue is fixed in visionOS 2.4, iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6. Sensitive keychain data may be accessible from an iOS backup...
Apple iOS和Apple iPadOS 安全漏洞
Apple iOS and Apple iPadOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices, and Apple iPadOS is an operating system for iPad tablets. A security vulnerability exists in Apple iOS and Apple iPadOS that stems from insufficiently restricted data access, which...
PT-2023-21688 · Unknown · Newspicks App
Name of the Vulnerable Software and Affected Versions: NewsPicks App for Android versions 10.4.5 and earlier NewsPicks App for iOS versions 10.4.2 and earlier Description: The issue is related to hard-coded credentials in the NewsPicks App, which may allow a local attacker to analyze data in the...
IBM WebSphere Application Server Liberty Information Disclosure Vulnerability (CNVD-2022-63368)
IBM WebSphere Application Server Liberty is a Java application server from IBM built on top of the Open Liberty project. IBM WebSphere Application Server Liberty is vulnerable to an information disclosure vulnerability that originates when The vulnerability stems from the fact that when...
Elasticsearch 信息泄露漏洞
Elasticsearch is a set of Dutch Elasticsearch company built on Lucene open source distributed RESTful search engine . The product is mainly used in cloud computing and supports data indexing using JSON over HTTP. Elasticsearch There is an information disclosure vulnerability that can be exploited...
Red Hat Directory Server Information Disclosure Vulnerability
Red Hat Directory Server is a commercial Linux directory server from Red Hat, Inc. An information disclosure vulnerability exists in Red Hat Directory Server, which can be exploited by an attacker to bypass data access restrictions via the Red Hat Directory Server's DN bindings in order to obtain...
PostgreSQL Security Vulnerabilities
PostgreSQL is a free object-relational database management system organized by Postgresql. The system supports most of the SQL standards and provides many other features such as foreign keys, triggers, views, and so on. A security vulnerability exists in PostgreSQL, which can be exploited by an...
F5 BIG-IP Security Bypass Vulnerability
F5 BIG-IP is an application delivery platform from F5 USA that integrates network traffic management, application security management, load balancing and other functions. A security bypass vulnerability exists in F5 BIG-IP, which can be exploited by an attacker to obtain sensitive information by...
F5 BIG-IP Access Control Error Vulnerability (CNVD-2020-51797)
F5 BIG-IP is an application delivery platform from F5 Inc. that integrates network traffic management, application security management, load balancing, etc. Configuration utility is one of the configuration utilities. A security vulnerability exists in F5 BIG-IP. The vulnerability originates from...
Fortinet FortiManager Access Restriction Bypass Vulnerability
Fortinet FortiManager is a centralized network security management platform from Fortinet. The platform supports centralized management of any number of Fortinet devices, and can group devices into different management domains ADOM to further simplify the deployment and management of multi-device...
CVE-2016-2498
CVE-2016-2498 affects the Qualcomm Wi‑Fi driver in Android on Nexus 7 (2013) devices, prior to 2016-06-01, enabling a crafted application to bypass data access restrictions and potentially disclose data. The vulnerability is documented as an information-disclosure issue tied to the Wi‑Fi driver. ...
FBI Wants Biometric Database Exempt From Privacy Rules
Civil liberties and privacy groups are petitioning the U.S. government for more time to fight the FBI’s request to exempt itself from lawsuits related to its warehouse of an estimated 100 million biometric records if it’s found in violation of the federal Privacy Act of 1974. At issue is the...
Authorization
EMC Documentum Content Server before 6.7SP1 P32, 6.7SP2 before P25, 7.0 before P19, 7.1 before P16, and 7.2 before P02 does not properly check authorization for subgroups of privileged groups, which allows remote authenticated sysadmins to gain super-user privileges, and bypass intended...
CVE-2015-1889
The Big SQL component in IBM InfoSphere BigInsights 3.0 through 3.0.0.2 allows remote authenticated users to bypass intended HDFS data-access restrictions via 1 a crafted CREATE HADOOP TABLE statement referencing the data of an arbitrary user or 2 an import of a certain Hive table definition with...
Design/Logic Flaw
The Big SQL component in IBM InfoSphere BigInsights 3.0 through 3.0.0.2 allows remote authenticated users to bypass intended HDFS data-access restrictions via 1 a crafted CREATE HADOOP TABLE statement referencing the data of an arbitrary user or 2 an import of a certain Hive table definition with...
CVE-2015-1889
IBM InfoSphere BigInsights Big SQL component (versions 3.0–3.0.0.2) contains an unauthorized HDFS data-access bypass vulnerability. A remote authenticated user can exploit via (1) a crafted CREATE HADOOP TABLE statement referencing another user’s data or (2) importing a Hive table definition with...
CVE-2015-1889
The Big SQL component in IBM InfoSphere BigInsights 3.0 through 3.0.0.2 allows remote authenticated users to bypass intended HDFS data-access restrictions via 1 a crafted CREATE HADOOP TABLE statement referencing the data of an arbitrary user or 2 an import of a certain Hive table definition with...
Design/Logic Flaw
The IBM WebSphere DataPower XC10 appliance 2.1 and 2.5 before FP4 allows remote authenticated users to bypass intended grid-data access restrictions via unspecified vectors...
CVE-2014-4622
EMC Documentum Content Server before 6.7 SP2 P17, 7.0 through P15, and 7.1 before P08 does not properly check authorization for subgroups of privileged groups, which allows remote authenticated sysadmins to gain super-user privileges, and bypass intended restrictions on data access and server...