12405 matches found
SUSE CVE-2022-25368
Spectre BHB is a variant of Spectre-v2 in which malicious code uses the shared branch history stored in the CPU BHB to influence mispredicted branches in the victim's hardware context. Speculation caused by these mispredicted branches can then potentially be used to cause cache allocation, which...
SUSE CVE-2022-47952
lxc-user-nic in lxc through 5.0.1 is installed setuid root, and may allow local users to infer whether any file exists, even within a protected directory tree, because "Failed to open" often indicates that a file does not exist, whereas "does not refer to a network namespace path" often indicates...
CVE-2023-23463 Sunell DVR – Insufficiently Protected Credentials
Sunell DVR, latest version, Insufficiently Protected Credentials CWE-522 may be exposed through an unspecified request...
CVE-2023-24498 Netgear ProSAFE 24 Port 10/100 FS726TP - CWE-522: Insufficiently Protected Credentials.
An uspecified endpoint in the web server of the switch does not properly authenticate the user identity, and may allow downloading a config page with the password to the switch in clear text...
CVE-2023-23463 Sunell DVR – Insufficiently Protected Credentials
Sunell DVR, latest version, Insufficiently Protected Credentials CWE-522 may be exposed through an unspecified request...
CVE-2023-23463
The CVE-2023-23463 entry concerns Sunell DVR, latest version, with a vulnerability labeled as Insufficiently Protected Credentials (CWE-522) that may be exposed through an unspecified request. This is a network‑driven issue (CVSSv3.1 base score 7.5, HIGH) with no detailed exploit path provided in...
The vulnerability of the graphical interface of the Dell GeoDrive local file system allows a perpetrator to disclose protected information.
The vulnerability of the Dell GeoDrive local file system’s graphical interface is related to the lack of protection for service data. Exploiting this vulnerability can allow an attacker to disclose protected information...
The vulnerability of the IBM Robotic Process Automation software lies in its insufficient protection of registration data, allowing attackers to disclose protected information.
The vulnerability of the IBM Robotic Process Automation software lies in the insufficient protection of registration data. Exploiting this vulnerability can allow a malicious actor to disclose the protected information...
The vulnerability of the centralized control system for network devices and ports of Advantech iView arises from the lack of protective measures for the SQL query structure, allowing attackers to disclose protected information.
The vulnerability of the centralized control system for network devices and ports of Advantech iView relates to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability can allow a malicious actor to disclose the protected information remotely...
The vulnerability of the System Management Unit (SMU) component of AMD processors allows attackers to disclose protected information.
The vulnerability of the System Management Unit SMU component of AMD processors exists due to insufficient checking of input data. Exploiting this vulnerability can allow a malicious actor to disclose the protected information...
Security Bulletin: IBM CICS TX Standard is vulnerable to allowing access to a user's web browser session due to insufficiently protected credentials (CVE-2022-34311).
Summary IBM CICS TX Standard could allow access to a user's web browser session due to insufficiently protected credentials. The fix removes this vulnerability CVE-2022-34311 from IBM CICS TX Standard. Vulnerability Details CVEID:CVE-2022-34311 DESCRIPTION: IBM CICS TX could allow a user with...
CVE-2023-21695
Microsoft Protected Extensible Authentication Protocol PEAP Remote Code Execution Vulnerability...
CVE-2023-21690
Microsoft Protected Extensible Authentication Protocol PEAP Remote Code Execution Vulnerability...
CVE-2023-21692
Microsoft Protected Extensible Authentication Protocol PEAP Remote Code Execution Vulnerability...
CVE-2023-21692
Microsoft Protected Extensible Authentication Protocol PEAP Remote Code Execution Vulnerability...
CVE-2023-21689
Microsoft Protected Extensible Authentication Protocol PEAP Remote Code Execution Vulnerability...
Microsoft Windows 安全漏洞
Microsoft Windows is a suite of operating systems for use on personal devices from the U.S.-based Microsoft Corporation Microsoft. A security vulnerability exists in Microsoft Windows Protected EAP PEAP. The following products and versions are affected: Windows 10 Version 1809 for 32-bit...
Microsoft Windows 安全漏洞
Microsoft Windows is a suite of operating systems for use on personal devices from the U.S.-based Microsoft Corporation Microsoft. A security vulnerability exists in Microsoft Windows Protected EAP PEAP. The following products and versions are affected:Windows 10 Version 1809 for 32-bit...
PT-2023-1456 · Microsoft · Windows Postscript Printer Driver +1
Name of the Vulnerable Software and Affected Versions: Windows PostScript Printer Driver Pscript affected versions not specified Description: The issue is related to a buffer overflow in memory, which can be exploited by a remote attacker to gain unauthorized access to protected information. This...
Ocean Extra < 2.1.3 - Subscriber+ Arbitrary Post Content Disclosure
The plugin does not ensure that the template to be loaded via a shortcode is actually a template, allowing any authenticated users such as subscriber to retrieve the content of arbitrary posts, such as draft, private or even password protected ones. PoC Note: This requires the OceanWP theme to be...