EUVD-2010-4501

Malware in sbrugna...

The vulnerability of Microsoft Exchange Server’s mail server, related to deficiencies in authentication procedures, allows attackers to escalate their privileges.

The vulnerability of Microsoft Exchange Server is related to deficiencies in authentication procedures. Exploiting this vulnerability can allow attackers to increase their privileges remotely...

The vulnerability of the Link Handler component in the Mozilla Firefox browser allows a hacker to circumvent existing security restrictions.

The vulnerability of the Link Handler component in the Mozilla Firefox browser is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions remotely...

The vulnerability of the Platform Security component of the Oracle Business Intelligence Enterprise Edition software platform allows a perpetrator to gain access to read, modify, and delete data.

The vulnerability of the Platform Security component of the Oracle Business Intelligence Enterprise Edition software is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to gain read, modify, and delete privileges on data...

The vulnerability of Microsoft SharePoint Server, Microsoft SharePoint Server Subscription Edition, and the Microsoft SharePoint Foundation software for electronic document management lies in authentication procedures that allow attackers to carry out spoofing attacks.

The vulnerability of Microsoft SharePoint Server, Microsoft SharePoint Server Subscription Edition, and the Microsoft SharePoint Foundation software relates to deficiencies in authentication procedures. Exploiting this vulnerability can allow attackers to carry out spear-phishing attacks remotely...

The vulnerability of the Remote Desktop Client for Windows operating systems, related to access control deficiencies, allows a perpetrator to execute arbitrary code.

The vulnerability of the Remote Desktop Client on Windows operating systems is related to lack of access control mechanisms. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

Drug cartel hacked cameras and phones to spy on FBI and identify witnesses

The "El Chapo" Mexican drug cartel snooped on FBI personnel through hacked cameras, and listened in on their phone calls to identify and kill potential witnesses, the US Department of Justice has said. And seven years on, the Bureau's defenses against this kind of surveillance are still inadequat...

The vulnerability in the web interface of the Cisco Identity Services Engine (ISE) management platform allows a attacker to execute XSS attacks.

The vulnerability in the web interface of the Cisco Identity Services Engine ISE management platform is related to deficiencies in the security measures used to protect the structure of web pages. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...

The vulnerability of the SolidWall WAF, related to security flaws, allows attackers to trigger a service failure.

The vulnerability of the SolidWall WAF lies in the deficiencies of its security mechanisms. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

The vulnerabilities of HashiCorp’s Vault and Vault Enterprise storage platforms, related to authentication mechanisms’ deficiencies, allow attackers to trigger service interruptions.

The vulnerability of the HashiCorp Vault and Vault Enterprise archiving platforms relates to deficiencies in the authentication mechanism. Exploiting this vulnerability could allow an attacker to cause service interruptions...

The vulnerability of the Microsoft Azure File Sync data synchronization service, related to access control deficiencies, allows attackers to escalate their privileges.

The vulnerability of the Microsoft Azure File Sync data synchronization service is related to lack of access control. Exploiting this vulnerability can allow attackers to enhance their privileges...

The vulnerability of the virtual learning environment Moodle, related to deficiencies in authentication mechanisms, allows a intruder to gain unauthorized access to user data.

The vulnerability of the virtual learning environment Moodle is related to deficiencies in the authentication mechanism. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to user data...

PT-2025-18987 · Undefined · Undefined

Уязвимость операционных систем Fortinet FortiOS связана с недостатками механизма аутентификации. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, раскрыть данные о конфигурации устройства и обойти существующие механизмы безопасности...

The vulnerability of Active Directory Certificate Services on Windows operating systems allows attackers to increase their privileges.

The vulnerability of Active Directory Certificate Services on Windows operating systems is related to deficiencies in the authentication process. Exploiting this vulnerability can allow an attacker to gain increased privileges remotely...

The vulnerability of the Microsoft AutoUpdate (MAU) application for Mac, which deals with access control deficiencies, allows a malicious individual to escalate their privileges.

The vulnerability of the Microsoft AutoUpdate MAU for Mac application relates to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...

The vulnerability of the Cross Device Service on the Windows operating system allows attackers to increase their privileges.

The vulnerability of the Cross Device Service on the Windows operating system is related to access control deficiencies. Exploiting this vulnerability can allow attackers to enhance their privileges...

The vulnerability of microprogrammed multifunctional devices (MFUs) such as Versalink, Phaser, and WorkCentre, related to deficiencies in authentication procedures, allows attackers to disclose protected information.

The vulnerability of microprogrammed multifunctional devices such as Versalink, Phaser, and WorkCentre is related to deficiencies in authentication procedures. Exploiting this vulnerability can allow an attacker, operating remotely, to disclose protected information...

The vulnerability of the Two-factor Authentication (TFA) module in the Drupal CMS system, related to deficiencies in authentication procedures, allows attackers to circumvent security restrictions.

The vulnerability of the Two-factor Authentication TFA module in the Drupal CMS system is related to deficiencies in the authentication process. Exploiting this vulnerability could allow attackers to bypass security restrictions remotely...

The vulnerability of the Next.js software platform for creating web applications stems from deficiencies in the authentication process, which allows attackers to circumvent security restrictions.

The vulnerability of the Next.js software platform for creating web applications is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to bypass security restrictions remotely...

The vulnerability of cloud-based software for creating and using Nextcloud Server and Nextcloud Enterprise Server lies in the authentication procedures’ deficiencies, which allow attackers to disclose protected information.

The vulnerability of cloud-based software for creating and using Nextcloud Server and Nextcloud Enterprise Server is related to deficiencies in authentication procedures. Exploiting this vulnerability can allow a malicious actor, operating remotely, to disclose protected information...