219 matches found
KLA12501 Multiple vulnerabilities in Adobe Acrobat and Adobe Acrobat Reader
Multiple vulnerabilities were found in Adobe Acrobat and Adobe Acrobat Reader. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, obtain sensitive information, bypass security restrictions, gain privileges. Below is a complete list of...
[SECURITY] Fedora 35 Update: moodle-3.11.6-1.fc35
Moodle is a course management system CMS - a free, Open Source software package designed using sound pedagogical principles, to help educators create effective online learning communities...
Privacy-by-design… not by accident
The concept of privacy-by-design was actually devised almost 30 years ago by Ann Cavoukian, PhD, former Ontario Information and Privacy Commissioner. If youre reading a blog about privacy, chances are good you have at least a passing familiarity with Dr. Cavoukians seminal contribution to the...
Security feature bypass
Acrobat Reader DC version 21.007.20099 and earlier, 20.004.30017 and earlier and 17.011.30204 and earlier are affected by a Violation of Secure Design Principles that could lead to a Security feature bypass. Acrobat Reader DC displays a warning message when a user clicks on a PDF file, which coul...
Adobe Acrobat and Reader Violation of Secure Design Principles (APSB22-01: CVE-2021-44714)
A vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...
CVE-2021-42759
A violation of secure design principles in Fortinet Meru AP version 8.6.1 and below, version 8.5.5 and below allows attacker to execute unauthorized code or commands via crafted cli commands...
The 2021 OWASP Top 10 Have Evolved: Here's What You Should Know
Late last week, the Open Web Application Security Project OWASP released its top 10 list of critical web application security risks. The last OWASP Top 10 came out in 2017, and in the intervening 4 years, we've seen a fundamental shift in application security that includes greater emphasis on...
in babybuddy/babybuddy
Description Violation of secure design principles Proof of Concept step 1: login to account and logout step 2: click back button in browser step 3:check rightt corner of there we can see user profile option step 4: click on that application settings is getting listed PoC image attached as link...
CVE-2021-36061
Adobe Connect version 11.2.2 and earlier is affected by a secure design principles violation vulnerability via the 'pbMode' parameter. An unauthenticated attacker could leverage this vulnerability to edit or delete recordings on the Connect environment. Exploitation of this issue requires user...
Code injection
Adobe Connect version 11.2.2 and earlier is affected by a secure design principles violation vulnerability via the 'pbMode' parameter. An unauthenticated attacker could leverage this vulnerability to edit or delete recordings on the Connect environment. Exploitation of this issue requires user...
CVE-2021-36061 Adobe Connect Violation of Secure Design Principles Vulnerability Can Lead To Editing Or Deleting Recordings
Adobe Connect version 11.2.2 and earlier is affected by a secure design principles violation vulnerability via the 'pbMode' parameter. An unauthenticated attacker could leverage this vulnerability to edit or delete recordings on the Connect environment. Exploitation of this issue requires user...
CVE-2021-36061
Adobe Connect 11.2.2 and earlier is affected by a secure design principles violation (pbMode) that allows editing/deleting recordings. Exploitation requires a victim to publish a link, and attacker is unauthenticated. Remediation: apply APSB21-66 update to 11.2.3 or later (per sources noting 11.2...
Four features your data-centric security strategy must provide
Each year, the number of data breaches grows by 30%, underscoring the need for organizations to make data-centric security a business priority. Following the big data movement around the beginning of the 21st century, technological innovations have enabled companies to manage, store and process...
CVE-2021-28583
Magento versions 2.4.2 and earlier, 2.4.1-p1 and earlier and 2.3.6-p1 and earlier are affected by a Violation of Secure Design Principles vulnerability in RMA PDF filename formats. Successful exploitation could allow an attacker to get unauthorized access to restricted resources...
CVE-2021-28583 Magento Commerce insecure storage of sensitive documentation
Magento versions 2.4.2 and earlier, 2.4.1-p1 and earlier and 2.3.6-p1 and earlier are affected by a Violation of Secure Design Principles vulnerability in RMA PDF filename formats. Successful exploitation could allow an attacker to get unauthorized access to restricted resources...
Fedora: Security Advisory for moodle (FEDORA-2021-1716261bc3)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 34 Update: moodle-3.11-1.fc34
Moodle is a course management system CMS - a free, Open Source software package designed using sound pedagogical principles, to help educators crea te effective online learning communities...
PT-2021-3426 · Adobe · Magento
Name of the Vulnerable Software and Affected Versions: Magento versions 2.4.2 and earlier Magento versions 2.4.1-p1 and earlier Magento versions 2.3.6-p1 and earlier Description: The issue is related to a Violation of Secure Design Principles vulnerability in RMA PDF filename formats, which could...
[SECURITY] Fedora 33 Update: moodle-3.9.5-1.fc33
Moodle is a course management system CMS - a free, Open Source software package designed using sound pedagogical principles, to help educators crea te effective online learning communities...
[SECURITY] Fedora 34 Update: moodle-3.10.2-1.fc34
Moodle is a course management system CMS - a free, Open Source software package designed using sound pedagogical principles, to help educators crea te effective online learning communities...