The vulnerability of the CMSimple content management system, related to incorrect restrictions on the path to the restricted access catalog, allows a intruder to gain unauthorized access to protected information.

The vulnerability of the CMSimple content management system is related to incorrect restrictions on the path to the restricted catalog. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information by sending a specially crafted GET request...

The vulnerability of iCloud Photo Library on macOS operating systems allows a hacker to bypass security restrictions.

The vulnerability of iCloud Photo Library on macOS operating systems is related to errors in the use of standard permissions. Exploiting this vulnerability could allow a remote attacker to bypass security restrictions...

The vulnerability of the Business Logic Infra SEC component of the JD Edwards EnterpriseOne Tools system for enterprise resource management allows a perpetrator to gain unauthorized access to protected information and to modify, add, or delete data.

The vulnerability of the Business Logic Infra SEC component of the JD Edwards EnterpriseOne Tools system, which manages enterprise resources, stems from a lack of mechanisms for verifying data sources. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized...

Vulnerability of the MySQL Server component: The Optimizer component of the MySQL database management system allows a hacker to gain unauthorized access to protected information and to modify, add, or delete data.

The vulnerability of the MySQL Server component involves unlimited distribution of resources. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information and to modify, add, or delete data using the MySQL network protocol...

The vulnerability of the software for deploying and managing cloud-based enterprise systems based on IBM Cloud Pak System allows a hacker to disclose protected information.

The vulnerability related to deploying and managing the IBM Cloud Pak System-based cloud enterprise system involves shortcomings in the error reporting mechanism. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...

The vulnerability of the IBM Control Center’s process monitoring and control system, related to deficiencies in the error reporting mechanism, allows a perpetrator to access confidential information.

The vulnerability of the IBM Control Center’s process monitoring and control system is related to deficiencies in the reporting mechanism for error reports. Exploiting this vulnerability could allow an attacker operating remotely to gain unauthorized access to protected information...

The vulnerability of Adobe Experience Manager’s content and media data management system, which stems from the lack of measures taken to protect the website structure, allows attackers to execute arbitrary code.

The vulnerability of Adobe Experience Manager’s content and media data management system exists due to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code using a specially created web page...

The vulnerability of the Block permissions module in the Drupal CMS system allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Block permissions module in the Drupal CMS system is related to deficiencies in the authentication mechanism. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of the protected information...

The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools system for managing enterprise resources allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools system relates to the lack of authenticity verification for a critical function. Exploitation of this vulnerability could allow an attacker, operating remotely, to compromise the confidentiality, integrity, a...

The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools, a resource management system for enterprises, allows attackers to disclose protected information.

The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools system relates to a lack of mechanisms for verifying the source of the data. Exploiting this vulnerability could allow an attacker, operating remotely, to disclose sensitive information through a specially...

The vulnerability of the OhDear module in the Drupal CMS system allows a hacker to access confidential information.

The vulnerability of the OhDear module in the Drupal CMS system is related to incorrect authentication procedures. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain access to confidential information...

The vulnerability of the `strbuf_getdelim_strip_crlf` function in the cross-platform framework for storing Git Credential Manager (GCM) version control data allows a attacker to disclose sensitive information.

The vulnerability of the strbufgetdelimstripcrlf function in the cross-platform framework for storing Git Credential Manager GCM version control data is related to inconsistencies in the handling of new lines between Git and GCM. Exploiting this vulnerability could allow a malicious actor to expo...

Vulnerability of the Server component: Security: Privileges of the MySQL Server database management system, which allows a hacker to cause a service failure.

The vulnerability of the MySQL Server component relates to the unlimited distribution of resources. Exploiting this vulnerability can allow a malicious actor to cause downtime or service failures using the MySQL network protocol...

The vulnerability of the Core server component of the Oracle HTTP Server allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Core server component of Oracle HTTP Server is related to insufficient protection of service data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information using the HTTP network protocol...

The vulnerability of the Continuous Integration and Deployment Application Delivery system (CI/CD) of JetBrains TeamCity, which allows a hacker to access confidential information

The vulnerability of the Continuous Integration and Application Delivery system CI/CD of JetBrains TeamCity is related to incorrect authentication. Exploiting this vulnerability can allow a malicious actor, operating remotely, to access confidential information...

The vulnerability of the JetBrains YouTrack software interface allows a hacker to bypass the authentication process and gain full access to any user’s account.

The vulnerability of the JetBrains YouTrack project and task management software interface involves exploiting a security flaw through phising techniques. Exploiting this vulnerability allows attackers to bypass the authentication process and gain full access to any user’s account...

The vulnerability of the software for deploying and managing cloud-based corporate systems based on IBM Cloud Pak System allows a hacker to expose protected information.

The vulnerability related to deploying and managing the IBM Cloud Pak System based on containers involves the disclosure of information during data transmission. Exploiting this vulnerability can allow a malicious actor to gain unauthorized access to protected information...

The vulnerability of IBM Common Licensing’s software for license management, related to improper authorization, allows a violator to gain unauthorized access to protected information.

The vulnerability of IBM Common Licensing’s software for license management is related to improper authorization. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain access to confidential information...

The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools, a resource management system, allows a perpetrator to carry out a CSRF attack.

The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools system for resource management involves the manipulation of cross-site requests. Exploiting this vulnerability allows a malicious actor to execute a CSRF attack remotely...

The vulnerability of the TFA two-factor authentication module in Drupal CMS systems allows a hacker to intercept the user’s session.

The vulnerability of the Two-factor Authentication TFA module in Drupal CMS systems is related to improper session management. Exploiting this vulnerability could allow a malicious actor to intercept a user’s session...

The vulnerability of the Views module in Drupal’s SVG animation CMS system allows attackers to perform cross-site scripting attacks.

The vulnerability of the Views module in the Drupal SVG Animation CMS system is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

The vulnerability of the distributed Git version control system, related to the lack of mechanisms for encoding or shielding output data, allows a hacker to disclose protected information.

The vulnerability of the distributed Git version control system is related to the lack of mechanisms for encoding or shielding output data. Exploiting this vulnerability allows a malicious actor, operating remotely, to gain access to confidential data...

Vulnerability of the MySQL Server component: The Optimizer component of the MySQL database management system allows a hacker to gain unauthorized access to protected information and to modify, add, or delete data.

The vulnerability of the MySQL Server component involves unlimited distribution of resources. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information and to modify, add, or delete data using the MySQL network protocol...

Vulnerability of the Monitor component of the IBM Maximo Application Suite, a cloud-based artificial intelligence-driven enterprise asset management platform. It is possible to execute arbitrary code and gain unauthorized access to protected information.

The vulnerability of the Monitor component of the IBM Maximo Application Suite, a platform for managing corporate assets based on artificial intelligence, is related to the lack of protective measures for the website structure. Exploiting this vulnerability allows an attacker operating remotely t...

The vulnerability of the Vault plugin in the JetBrains TeamCity system for continuous integration and delivery applications allows a hacker to perform cross-site scripting attacks.

The vulnerability of the Vault plugin in the JetBrains TeamCity system for continuous integration and delivery applications is related to the lack of security measures for the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotel...

The vulnerability of the Monster Menus module in the Drupal CMS system allows a hacker to compromise the confidentiality and integrity of the protected information.

The vulnerability of the Monster Menus module in the Drupal CMS system is related to deficiencies in the authentication mechanism. Exploiting this vulnerability allows a malicious actor to disclose protected information and compromise the integrity of that information...

The vulnerability of the Open Social CMS system’s Drupal module, related to insufficient control over the frequency of interactions, allows attackers to trigger a service failure.

The vulnerability of the Open Social CMS system, Drupal, is related to insufficient control over the frequency of interactions. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...

The vulnerability of the Monitoring and Diagnostics component of the JD Edwards EnterpriseOne Tools in the enterprise resource management system makes it possible for a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Monitoring and Diagnostics component of the JD Edwards EnterpriseOne Tools system’s resource management system is related to the lack of authentication checks for a critical function. Exploiting this vulnerability allows an attacker, operating remotely, to compromise the...

The vulnerability in the web interface of the microprogramming software for routing and switching platforms RUGGEDCOM ROX MX5000, RUGGEDCOM ROX MX5000RE, and RUGGEDCOM ROX RX1400 allows a attacker to perform a CSRF attack.

The vulnerability of the web interface of microprogramming software for routing and switching platforms such as RUGGEDCOM ROX MX5000, RUGGEDCOM ROX MX5000RE, and RUGGEDCOM ROX RX1400 is related to the manipulation of cross-site requests. Exploiting this vulnerability allows a remote attacker to...

The vulnerability of the software for centralized device management of Fortinet’s FortiManager, as well as the security event monitoring and analysis tools FortiAnalyzer and FortiAnalyzer-BigData, arises from a buffer overflow in the stack. This vulnerability allows an attacker to execute arbitrary code.

The vulnerability of the Fortinet FortiManager software for centralized device management, as well as the FortiAnalyzer and FortiAnalyzer-BigData security event monitoring and analysis tools, is related to buffer overflow in the stack. Exploiting this vulnerability allows an attacker to execute...

The vulnerability of the ANSI Escape Sequence Handler component in the distributed Git version control system allows a hacker to disclose protected information.

The vulnerability of the ANSI Escape Sequence Handler component in the distributed Git version control system is related to a lack of mechanisms for encoding or shielding output data. Exploiting this vulnerability allows an attacker to gain access to confidential data...

Vulnerability of the Server component: The MySQL Server database management system, which allows a hacker to cause service interruptions.

Vulnerability of the MySQL Server component: The MySQL Server component of the database management system involves unlimited distribution of resources. Exploiting this vulnerability can allow a malicious actor to cause downtime or service failures using the MySQL network protocol...

The vulnerability of the JetBrains YouTrack project and task management software interface allows a hacker to obtain the user’s encrypted credentials.

The vulnerability of the JetBrains YouTrack project and task management software interface relates to the disclosure of information through registration files. Exploiting this vulnerability can allow attackers to obtain encrypted user credentials...

The vulnerability of the IBM Control Center’s process monitoring and control system lies in its failure to remove scipt-related HTML tags from web pages. This allows attackers to execute arbitrary code or gain access to confidential information.

The vulnerability of the IBM Control Center’s process monitoring and control system lies in the lack of measures taken to eliminate scipt-related HTML tags on web pages. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or gain access to confidential information...

The vulnerability of Fortinet FortiClientWindows security devices, related to context switching privilege errors, allows attackers to elevate their privileges.

The vulnerability of Fortinet FortiClientWindows protection devices is related to context switching privilege errors. Exploiting this vulnerability can allow attackers to enhance their privileges...

Vulnerability of the Server component: Security: Privileges of the MySQL Server database management system, which allows a hacker to cause a service failure.

The vulnerability of the MySQL Server component relates to the unlimited distribution of resources. Exploiting this vulnerability can allow an attacker to cause service interruptions...

The vulnerability of the Continuous Integration and Deployment Application Delivery system (CI/CD) of JetBrains TeamCity, which allows a hacker to access confidential information

The vulnerability of the Continuous Integration and Application Delivery system CI/CD of JetBrains TeamCity is related to incorrect authentication. Exploiting this vulnerability can allow a malicious actor, operating remotely, to access confidential information...

The vulnerability of the software for deploying and managing cloud-based enterprise systems based on IBM Cloud Pak System allows a hacker to disclose protected information.

The vulnerability related to deploying and managing the IBM Cloud Pak System-based cloud enterprise system involves shortcomings in the error reporting mechanism. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...

The software’s vulnerability regarding access to analytics and planning tools within the IBM Analytics Content Hub, due to deficiencies in the error reporting mechanism, allows a perpetrator to gain access to confidential information.

The vulnerability of the software for accessing analytics and planning tools in the IBM Analytics Content Hub is related to deficiencies in the reporting mechanism for errors. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected...

The vulnerability of IBM Common Licensing’s software for license management lies in the unencrypted storage of critical information, which allows a perpetrator to gain unauthorized access to protected data.

The vulnerability of IBM Common Licensing’s software for license management lies in the unencrypted storage of critical information. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected data...

The vulnerability of the Persistent Login module in the Drupal CMS system allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Persistent Login module in the Drupal CMS system is related to an incorrect session duration. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of the protected information...

The vulnerability of the Gutenberg module in the Drupal CMS system, which allows a hacker to perform a CSRF attack

The vulnerability of the Gutenberg module in the Drupal CMS system is related to the manipulation of cross-site requests. Exploiting this vulnerability allows a malicious actor to perform a CSRF attack remotely...

The vulnerability of the TFA two-factor authentication module in Drupal CMS systems allows a hacker to intercept the user’s session.

The vulnerability of the Two-factor Authentication TFA module in Drupal CMS systems is related to improper session management. Exploiting this vulnerability could allow a malicious actor to intercept a user’s session...

The vulnerability of Fortinet FortiClient Windows security devices, related to the use of an insecure search path, allows attackers to execute arbitrary code.

The vulnerability of Fortinet FortiClient Windows protection devices is related to the use of an insecure lookup path. Exploiting this vulnerability allows attackers to execute arbitrary code...

The vulnerability of the Cookiebot module and the GTM CMS system Drupal, which allows attackers to perform cross-site scripting attacks.

The vulnerability of the Cookiebot module and the Drupal CMS system is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

The vulnerability of the Secure Client Authentication (SCA) server, a software solution for voice call authentication and message exchange in BlackBerry SecuSUITE, allows attackers to circumvent security restrictions and execute brute-force attacks.

The vulnerability of the Secure Client Authentication SCA server, a software solution for voice call authentication and message exchange, developed by BlackBerry SecuSUITE, stems from the lack of limits on the number of authentication attempts. Exploiting this vulnerability allows a malicious act...

The vulnerability of the Firewall component of the MySQL Enterprise Firewall software allows a hacker to induce a service failure.

The vulnerability of the MySQL Enterprise Firewall component is related to the unlimited distribution of resources. Exploiting this vulnerability can allow a malicious actor to cause downtime or service failures using the MySQL network protocol...

The vulnerability of the software for deploying and managing cloud-based corporate systems based on IBM Cloud Pak System allows a hacker to expose protected information.

The vulnerability related to deploying and managing the IBM Cloud Pak System-based cloud enterprise system involves shortcomings in the error reporting mechanism. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...

The vulnerability of the software for accessing analytics and planning tools in the IBM Analytics Content Hub, related to operations occurring outside the buffer in memory, allows attackers to execute arbitrary code or cause service interruptions.

The vulnerability of the software for accessing analytics and planning tools in the IBM Analytics Content Hub is related to the escape from buffer boundaries in memory. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code or cause service interruptions...

The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools, a resource management system for enterprises, allows attackers to disclose protected information.

The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools system relates to the disclosure of information through incompatibility. Exploitation of this vulnerability can allow an attacker, operating remotely, to disclose sensitive information through HTTP requests...