HP Color LaserJet Exposure of Sensitive Information to an Unauthorized Actor (CVE-2005-2988)

HP LaserJet 2430, and possibly other printers that use Jetdirect controls, stores information about recently printed documents without proper protection, which could allow remote attackers to obtain sensitive information via SNMP. This plugin only works with Tenable.ot. Please visit...

CVE-2023-23522

A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Ventura 13.2.1. An app may be able to observe unprotected user data...

CVE-2025-24263

A privacy issue was addressed by moving sensitive data to a protected location. This issue is fixed in macOS Sequoia 15.4. An app may be able to observe unprotected user data...

CVE-2022-49737

In X.Org X server 20.11 through 21.1.16, when a client application uses easystroke for mouse gestures, the main thread modifies various data structures used by the input thread without acquiring a lock, aka a race condition. In particular, AttachDevice in dix/devices.c does not acquire an input...

ROS-20240529-01

Vulnerability in the Lightweight HTTP Server component of the Oracle Java SE software platform and virtual machine Oracle GraalVM Enterprise Edition is related to unrestricted resource allocation. Exploitation exploitation of the vulnerability could allow a remote attacker to cause a denial of...

PT-2024-1240 · Splunk · Splunk Enterprise

Name of the Vulnerable Software and Affected Versions: Splunk Enterprise versions prior to 9.0.8 Description: The issue is related to the Splunk RapidDiag utility, which discloses server responses from external applications in a log file due to insufficient protection of registration data. This...

Database Mess Up: 7TB of Healthcare Data Leak Affects 12 Million Patients

By Deeba Ahmed Yet another day, more unprotected data left in the Cloud without password or security measures. This is a post from HackRead.com Read the original post: Database Mess Up: 7TB of Healthcare Data Leak Affects 12 Million Patients...

PT-2023-6058 · Microsoft · Windows Deployment Services +1

Name of the Vulnerable Software and Affected Versions: Windows Deployment Services affected versions not specified Description: The issue is related to a lack of protection for service data in Windows Deployment Services, which can be exploited by a remote attacker to disclose protected...

PT-2023-5977 · Microsoft · Windows Remote Desktop Gateway +1

Name of the Vulnerable Software and Affected Versions: Windows Remote Desktop Gateway RD Gateway affected versions not specified Description: The issue is related to a lack of protection for service data in Windows Remote Desktop Gateway RD Gateway, which can be exploited by a remote attacker to...

PT-2023-5298 · Unknown · Modulys Gp

Name of the Vulnerable Software and Affected Versions: MODULYS GP MOD3GP-SY-120K affected versions not specified Description: The issue is related to the lack of security in the authentication process of the web application, allowing information to be obtained by sending specific requests. This i...

CVE-2021-34588

In Bender/ebee Charge Controllers in multiple versions are prone to unprotected data export. Backup export is protected via a random key. The key is set at user login. It is empty after reboot...

CVE-2021-34588

In Bender/ebee Charge Controllers in multiple versions are prone to unprotected data export. Backup export is protected via a random key. The key is set at user login. It is empty after reboot...

CVE-2021-34588 Bender Charge Controller: Unprotected data export

In Bender/ebee Charge Controllers in multiple versions are prone to unprotected data export. Backup export is protected via a random key. The key is set at user login. It is empty after reboot...

Bender ebee 充电控制器 安全漏洞

The ebee is a charge controller from Bender. A security vulnerability exists in the Bender ebee Charge Controller that stems from an unprotected data export. The backup export is protected by a random key. The key is set at user login. It is empty after a reboot. An attacker can exploit this...

New privacy tool exposes which website leaves your data unprotected

By Sudais The new privacy tool will inform you if the site you are visiting expose your data or not. Here's how it's done... This is a post from HackRead.com Read the original post: New privacy tool exposes which website leaves your data unprotected...

Data Pours from Cloud—And ‘The Enemy is Us’

Accenture, Verizon, Dow Jones and Deep Root Analytics are just the tip of the iceberg when it comes to the millions of private records and sensitive enterprise data exposed on cloud backends this year. And the problem is getting worse not better. “The enemy is us,” said Chris Vickery, director of...

ownCloud/Nextcloud Unprotected Data Directory (HTTP)

ownCloud/Nextcloud is exposing an unprotected data directory. SPDX-FileCopyrightText: 2016 SCHUTZWERK GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...

PT-2007-3717 · Unknown · Script.Aculo.Us

Name of the Vulnerable Software and Affected Versions: Script.aculo.us affected versions not specified Description: The issue allows remote attackers to obtain data through a web page that retrieves the data using JavaScript Object Notation JSON without protection. This is achieved by capturing t...

DST2K0035.txt

============================================================================ Delphis Consulting Plc ============================================================================ Security Team Advisories 22/09/2000 [email protected] http://www.delphisplc.com/thinking/whitepapers/...