Hitachi Energy's RTU500 series Unrestricted Upload of File with Dangerous Type (CVE-2024-1532)

A vulnerability exists in the stb-language file handling that affects the RTU500 series product versions listed below. A malicious actor could enforce diagnostic texts being displayed as empty strings, if an authorized user uploads a specially crafted stb-language file. This plugin only works wit...

Design/Logic Flaw

A vulnerability exists in the FTP server of the Zyxel AX7501-B0 firmware prior to V5.17ABPC.3C0, which processes symbolic links on external storage media. A local authenticated attacker with administrator privileges could abuse this vulnerability to access the root file system by creating a...

CVE-2022-45440

A vulnerability exists in the FTP server of the Zyxel AX7501-B0 firmware prior to V5.17ABPC.3C0, which processes symbolic links on external storage media. A local authenticated attacker with administrator privileges could abuse this vulnerability to access the root file system by creating a...

CVE-2022-45440

The CVE-2022-45440 issue affects Zyxel AX7501-B0 firmware prior to V5.17(ABPC.3)C0, where the FTP server processes symbolic links on external storage. A local attacker with administrator privileges can abuse this to access the device’s root filesystem by creating a symbolic link on a USB/external...

Hitachi Energy MSM Product

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: MSM Product Vulnerability: Reliance on Uncontrolled Component 2. RISK EVALUATION Successful exploitation of this vulnerability could disrupt the functionality of the MSM web...

CVE-2018-3619

Information disclosure vulnerability in storage media in systems with Intel Optane memory module with Whole Disk Encryption may allow an attacker to recover data via physical access...

Information disclosure

Information disclosure vulnerability in storage media in systems with Intel Optane memory module with Whole Disk Encryption may allow an attacker to recover data via physical access...

CVE-2018-3619

CVE-2018-3619 describes an information-disclosure vulnerability in storage media when using an Intel® Optane™ memory module with BitLocker-enabled Whole Disk Encryption. A small region on the non-Optane memory can remain unencrypted if BitLocker is enabled after configuring the Optane module, pot...

HPSBHF03587 rev. 1 - Information Disclosure Vulnerability in Storage Media in Systems with Intel® Optane™ Memory Module with Whole Disk Encryption

Potential Security Impact Some platforms configured with Whole Disk Encryption and an Intel® Optane™ memory module, may be at risk of data remaining unencrypted and potentially accessible under specific conditions. Source: HP, HP Product Security Response Team PSRT Reported by: Intel VULNERABILIT...

Microsoft Windows NTFS File System Metadata Disclosures Exploit

The Microsoft Windows Kernel suffers from multiple stack and pool memory disclosures into NTFS file system metadata. Windows Kernel multiple stack and pool memory disclosures into NTFS file system metadata CVE-2017-11880 We have discovered that the NTFS.sys driver writes uninitialized kernel stac...

CVE-2015-5901

The Secure Empty Trash feature in Finder in Apple OS X before 10.11 improperly deletes Trash files, which might allow local users to obtain sensitive information by reading storage media, as demonstrated by reading a flash drive...

CVE-2015-5901

CVE-2015-5901 affects Apple OS X Finder’s Secure Empty Trash feature, where Trash files may not be securely deleted due to improper deletion, enabling local attackers to read data from storage media (e.g., a flash drive). Affected: OS X versions prior to 10.11. Root cause: implementation failure ...

CVE-2015-5901

The Secure Empty Trash feature in Finder in Apple OS X before 10.11 improperly deletes Trash files, which might allow local users to obtain sensitive information by reading storage media, as demonstrated by reading a flash drive...