Vulnerability in the Oracle Business Intelligence Enterprise Edition component of Oracle Fusion Middleware (subcomponent: Web Catalog). Supported versions that are affected are 11.1.1.9.0, 12.2.1.3.0 ...

In Philips HDI 4000 Ultrasound Systems, all versions running on old, unsupported operating systems such as Windows 2000, the HDI 4000 Ultrasound System is built on an old operating system that is no l...

Configuration/Environment manipulation vulnerability in the administrative interface in McAfee Web Gateway (MWG) MWG 7.8.1.x allows authenticated administrator users to execute arbitrary commands via ...

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u201, 7u191, 8u182 and 11; Java SE Embedded: 8u1...

Vulnerability in the Oracle Agile PLM component of Oracle Supply Chain Products Suite (subcomponent: Security). Supported versions that are affected are 9.3.5 and 9.3.6. Easily exploitable vulnerabili...

Information exposure in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to obtain the existence of unauthorized files on the system via a URL...

Unspecified vulnerability in the Database Vault component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows local users to affect confidentiality and integrity via unknown vectors.

Siemens APOGEE Insight uses weak permissions for the application folder, which allows local users to obtain sensitive information or modify data via unspecified vectors.

The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padd...

GitHub Desktop is an open-source, Electron-based GitHub app designed for git development. Prior to version 3.4.20-beta3, an attacker convincing a user to view a file in a commit of their making in the...

TYPO3 is an open source, PHP based web content management system. In versions on the 12.x branch prior to 12.4.31 LTS and the 13.x branch prior to 13.4.2 LTS, Webhooks are inherently vulnerable to Cro...

A minor information leak when running Screen with setuid-root privileges allows unprivileged users to deduce information about a path that would otherwise not be available. Affected are older Screen v...

sudo-rs is a memory safe implementation of sudo and su written in Rust. Prior to version 0.2.6, users with limited sudo privileges (e.g. execution of a single command) can list sudo privileges of othe...

sudo-rs is a memory safe implementation of sudo and su written in Rust. Prior to version 0.2.6, users with no (or very limited) sudo privileges can determine whether files exists in folders that they ...

In Snowflake ODBC Driver before 3.7.0, in certain code paths, the Driver logged the whole SQL query at the INFO level, aka Insertion of Sensitive Information into a Log File.

libsnowflakeclient is the Snowflake Connector for C/C++. Versions starting from 0.5.0 to before 2.2.0, incorrectly treat malformed requests that caused the HTTP response status code 400, as able to be...

libsnowflakeclient is the Snowflake Connector for C/C++. Versions starting from 0.5.0 to before 2.2.0, are vulnerable to local logging of sensitive information. When the logging level was set to DEBUG...

VisiCut 2.1 allows stack consumption via an XML document with nested set elements, as demonstrated by a java.util.HashMap StackOverflowError when reference='../../../set/set[2]' is used, aka an "insec...

In JetBrains IntelliJ IDEA before 2024.3, 2024.2.4 source code could be logged in the idea.log file

A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 11.5, macOS Sonoma 14.7.6, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, ...

A logic issue was addressed with improved checks. This issue is fixed in iOS 18.3 and iPadOS 18.3. Photos in the Hidden Photos Album may be viewed without authentication.

open-webui v0.5.16 is vulnerable to SSRF in routers/ollama.py in function verify_connection.

in OpenHarmony v5.0.2 and prior versions allow a local attacker case DOS through missing release of memory.

Snowflake, a platform for using artificial intelligence in the context of cloud computing, has a vulnerability in the Snowflake JDBC driver ("Driver") in versions 3.0.13 through 3.23.0 of the driver. ...