116 matches found
CVE-2023-44213
Sensitive information disclosure due to excessive collection of system information. The following products are affected: Acronis Cyber Protect Cloud Agent Windows before build 35739, Acronis Cyber Protect 16 Windows before build 37391...
CVE-2023-5192
Affected software: pimcore/demo (prior to 10.3.0). Vulnerability: excessive data query operations in a large data table, with an additional risk from GraphQL introspection exposure on the demo site (demo.pimcore.fun). Root cause: not explicitly detailed beyond the symptom (excessive queries) and ...
PT-2023-31900 · Pimcore · Pimcore
Name of the Vulnerable Software and Affected Versions: pimcore/demo versions prior to 10.3.0 Description: The issue concerns excessive data query operations in a large data table. Additionally, introspection is enabled on the demo site demo.pimcore.fun, which allows users to run introspection...
CVE-2023-41745
Sensitive information disclosure due to excessive collection of system information. The following products are affected: Acronis Agent Linux, macOS, Windows before build 30991, Acronis Cyber Protect 15 Linux, macOS, Windows before build 35979...
PT-2023-5316 · Acronis · Acronis Agent +2
Name of the Vulnerable Software and Affected Versions: Acronis Agent versions prior to build 32047 Acronis Cyber Protect 15 versions prior to build 35979 Description: The issue is related to the excessive collection of system information, which may lead to the disclosure of sensitive information...
The vulnerability of IBM TXSeries software for multiplatforms, including IBM CICS TX Standard and IBM CICS TX Advanced application servers, allows attackers to gain unauthorized access to confidential information.
The vulnerability of IBM TXSeries software for multiplatforms, including IBM CICS TX Standard and IBM CICS TX Advanced, is related to excessive data output by the application. Exploiting this vulnerability can allow a malicious actor to gain unauthorized access to confidential information from a...
Imperva Unveils Latest API Security Enhancements
Imperva is continuing to evolve its API Security offering to help customers better protect their APIs, wherever they are, and to meet changing market requirements. Since launching API Security in March 2022, we continued investing in our API Security offering with the goal of simplifying the...
EulerOS 2.0 SP9 : kernel (EulerOS-SA-2023-1102)
According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : There is an infoleak vulnerability in the Linux kernel's net/bluetooth/l2capcore.c's l2capparseconfreq function which can be used to leak kernel...
Denial Of Service (DoS)
linux is vulnerable to denial of service DoS attacks. The affected function intrcallback of the file drivers/net/usb/r8152.c of the component BPF leads to logging of excessive data...
Important: kernel
Issue Overview: In v4l2m2mquerybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Andro...
Linux Kernel BPF r8152.c intr_callback logging of excessive data
...
Unspecified vulnerability in Linux kernel (CNVD-2022-70572)
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel suffers from a security vulnerability that originates from an affected function intrcallback in file drivers/net/usb/r8152.c, which results in logging of too much...
CVE-2022-3594
A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function intrcallback of the file drivers/net/usb/r8152.c of the component BPF. The manipulation leads to logging of excessive data. The attack can be launched remotely. It is...
CVE-2022-3594
A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function intrcallback of the file drivers/net/usb/r8152.c of the component BPF. The manipulation leads to logging of excessive data. The attack can be launched remotely. It is...
Design/Logic Flaw
A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function intrcallback of the file drivers/net/usb/r8152.c of the component BPF. The manipulation leads to logging of excessive data. The attack can be launched remotely. It is...
CVE-2022-3594
A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function intrcallback of the file drivers/net/usb/r8152.c of the component BPF. The manipulation leads to logging of excessive data. The attack can be launched remotely. It is...
CVE-2022-34775
Tabit - Excessive data exposure. Another endpoint mapped by the tiny url, was one for reservation cancellation, containing the MongoDB ID of the reservation, and organization. This can be used to query the http://tgm-api.tabit.cloud/rsv/management/reservationId?organization=orgId API which return...
Authentication flaw
Tabit - Excessive data exposure. Another endpoint mapped by the tiny url, was one for reservation cancellation, containing the MongoDB ID of the reservation, and organization. This can be used to query the http://tgm-api.tabit.cloud/rsv/management/reservationId?organization=orgId API which return...
CVE-2022-34775 Tabit - Excessive data exposure
Tabit - Excessive data exposure. Another endpoint mapped by the tiny url, was one for reservation cancellation, containing the MongoDB ID of the reservation, and organization. This can be used to query the http://tgm-api.tabit.cloud/rsv/management/reservationId?organization=orgId API which return...
CVE-2022-34775
Tabit vulnerability (CVE-2022-34775) involves excessive data exposure via an API endpoint used for reservation cancellation. The endpoint query http://tgm-api.tabit.cloud/rsv/management/{reservationId}?organization={orgId} can return sensitive reservation data (name, email, phone, visit history, ...