CVE-2025-43697

Improper Preservation of Permissions vulnerability in Salesforce OmniStudio DataMapper allows exposure of encrypted data. This impacts OmniStudio: before Spring 2025...

CVE-2025-43697

Improper Preservation of Permissions vulnerability in Salesforce OmniStudio DataMapper allows exposure of encrypted data. This impacts OmniStudio: before Spring 2025...

CVE-2025-43697

CVE-2025-43697 is a Salesforce OmniStudio (DataMapper) issue described as Improper Preservation of Permissions, enabling exposure of encrypted data for affected records when field-level permissions are not enforced. Public details indicate the vulnerability affects OmniStudio before Spring 2025 a...

CVE-2025-43700

Improper Preservation of Permissions vulnerability in Salesforce OmniStudio FlexCards allows exposure of encrypted data. This impacts OmniStudio: before Spring 2025...

CVE-2025-43700

CVE-2025-43700 is a vulnerability in Salesforce OmniStudio (FlexCards) described as Improper Preservation of Permissions that can expose encrypted data. Public sources (NVD/NVD-derived entries) state impact on OmniStudio versions before Spring 2025 with a CVSS v3.1 base score of 7.5 (HIGH), indic...

Salesforce OmniStudio 安全漏洞

Salesforce OmniStudio is a digitization platform from US-based Salesforce, Inc. A security vulnerability exists in versions of Salesforce OmniStudio prior to 2025, which stems from an improper privilege retention issue that could lead to the disclosure of encrypted data...

Salesforce OmniStudio 安全漏洞

Salesforce OmniStudio is a digitization platform from US-based Salesforce, Inc. A security vulnerability exists in versions of Salesforce OmniStudio prior to 2025, which stems from an improper privilege retention issue that could lead to the disclosure of encrypted data...

CVE-2024-39925

An issue was discovered in Vaultwarden formerly BitwardenRS 1.30.3. It lacks an offboarding process for members who leave an organization. As a result, the shared organization key is not rotated when a member departs. Consequently, the departing member, whose access should be revoked, retains a...

CVE-2022-29948

Due to an insecure design, the Lepin EP-KP001 flash drive through KP001V19 is vulnerable to an authentication bypass attack that enables an attacker to gain access to the stored encrypted data. Normally, the encrypted disk partition with this data is unlocked by entering the correct passcode 6 to...

CVE-2021-46247

The use of a hard-coded cryptographic key significantly increases the possibility encrypted data may be recovered from ASUS CMAX6000 v1.02.00...

CVE-2020-3645

Firmware will hit assert in WLAN firmware If encrypted data length in FILS IE of reassoc response is more than 528 bytes in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon...

CVE-2020-9774

An issue existed with Siri Suggestions access to encrypted data. The issue was fixed by limiting access to encrypted data. This issue is fixed in macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra. Encrypted data may be inappropriately accessed...

Pura: an Efficient Privacy-Preserving Solution for Face Recognition

Face recognition is an effective technology for identifying a target person by facial images. However, sensitive facial images raises privacy concerns. Although privacy-preserving face recognition is one of potential solutions, this solution neither fully addresses the privacy concerns nor is...

PT-2025-22117 · Salesforce · Omnis Studio

Name of the Vulnerable Software and Affected Versions: Salesforce OmniStudio versions prior to Spring 2025 Description: The issue is related to an Improper Preservation of Permissions vulnerability in Salesforce OmniStudio DataMapper, which allows the exposure of encrypted data. Recommendations:...

Lattica Emerges from Stealth to Solve AI’s Biggest Privacy Challenge with FHE

Lattica’s cloud-based solution uses Fully Homomorphic Encryption to query encrypted data on AI models without decrypting it, preserving privacy and bolstering security...

SIMPLE.ERP 安全漏洞

SIMPLE.ERP is an e-commerce platform from SIMPLE, Inc. A security vulnerability exists in SIMPLE.ERP versions 6.20 through 6.30, which stems from an MS SQL protocol degradation request may result in unencrypted communication that is susceptible to data interception and modification...

The vulnerability of the MoTw mechanism in Windows operating systems allows attackers to circumvent existing security restrictions and gain access to encrypted data.

The vulnerability of the MoTe-Web mechanism in Windows operating systems is related to a breach of data protection mechanisms. Exploiting this vulnerability allows attackers to circumvent existing security restrictions and gain access to encrypted data...

PT-2025-10811 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows 10 Version 1809 Windows versions prior to the patch released on 2025-03-11 Description: A security-feature bypass vulnerability in Windows Mark of the Web MOTW allows an unauthorized attacker to bypass a security feature locally. This...

PT-2025-8739 · Esri · Esri Arcgis Monitor

Name of the Vulnerable Software and Affected Versions: Esri ArcGIS Monitor versions 2023.0 through 2024.x Description: The issue is a SQL injection problem that allows a remote, authenticated attacker with low privileges to improperly read limited database schema information by passing crafted...

Apple ordered to grant access to users’ encrypted data

Last week, an article in the Washington Post revealed the UK had secretly ordered Apple to provide blanket access to protected cloud backups around the world. Since then, privacy focused groups have uttered their objections. The UK government has demanded to be able to access encrypted data store...