Aggregator

A vulnerability classified as critical has been found in Veeam One 11/11a/12. Affected is an unknown function of the component Configuration Database Handler. The manipulation leads to Remote Code Execution. This vulnerability is traded as CVE-2023-38547. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability classified as problematic was found in Veeam One 12. Affected by this vulnerability is an unknown functionality of the component Web Client. The manipulation leads to information disclosure. This vulnerability is known as CVE-2023-38548. The attack can be launched remotely. There is no exploit available.

A vulnerability was found in Oracle Communications Cloud Native Core Network Exposure Function 23.3.1. It has been rated as critical. This issue affects some unknown processing of the component Platform. The manipulation leads to Remote Code Execution. The identification of this vulnerability is CVE-2023-22102. The attack may be initiated remotely. There is no exploit available.

A vulnerability classified as critical has been found in Oracle Communications Cloud Native Core Network Repository Function 23.1.4/23.3.1. Affected is an unknown function of the component Install/Upgrade. The manipulation leads to Remote Code Execution. This vulnerability is traded as CVE-2023-22102. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability classified as critical was found in Oracle Communications Cloud Native Core Unified Data Repository 23.3.1. Affected by this vulnerability is an unknown functionality of the component Signaling. The manipulation leads to Remote Code Execution. This vulnerability is known as CVE-2023-22102. The attack can be launched remotely. There is no exploit available.

A vulnerability was found in ImagePress Plugin up to 1.2.2 on WordPress and classified as problematic. This issue affects some unknown processing of the component Setting Handler. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2024-9776. The attack may be initiated remotely. There is no exploit available.

A vulnerability was found in Znuny up to 6.5.1/6.5.10/7.0.1/7.0.16. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Activity Dialogues. The manipulation of the argument SLA leads to cross site scripting. This vulnerability is known as CVE-2024-48937. The attack can be launched remotely. There is no exploit available.

A vulnerability, which was classified as problematic, was found in SourceCodester Online Eyewear Shop 1.0. Affected is an unknown function of the file /admin/?page=inventory/view_inventory&id=2. The manipulation of the argument Code leads to cross site scripting. This vulnerability is traded as CVE-2024-9906. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in Apache Roller up to 6.1.3. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross-site request forgery. This vulnerability is handled as CVE-2024-46911. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in ImagePress Plugin up to 1.2.2 on WordPress. It has been classified as problematic. Affected is an unknown function of the component Setting Handler. The manipulation leads to cross-site request forgery. This vulnerability is traded as CVE-2024-9778. It is possible to launch the attack remotely. There is no exploit available.

Today’s organizations work with incredible quantities of data. From corporate trade secrets to customers’ and employees’ personal information, much of this data is not fit for public consumption. But with growing volumes and complex IT environments, the potential for leakage is immense.

The post What Is Data Leak Prevention? Benefits and Best Practices appeared first on Security Boulevard.

Managing online accounts shouldn’t feel like a chore. But when so many websites and systems require credentials, it’s hard to keep track.

The post What Is an Identity Provider (IdP) and How Does It Work? appeared first on Security Boulevard.

Developers periodically review software and release patches to remedy any bugs. When patches happen often, they can be hard to track.

The post Patch Management Guide: Benefits and Best Practices appeared first on Security Boulevard.

Elastic fixed a critical flaw in the Kibana data visualization dashboard software for Elasticsearch that could lead to arbitrary code execution. Elastic released security updates to address a critical vulnerability, tracked as CVE-2025-25012 (CVSS score of 9.9), impacting the Kibana data visualization dashboard software for Elasticsearch. Kibana provides visualization capabilities on top of the content indexed on an Elasticsearch cluster. Users can create bar, line […]