Information Disclosure

This vulnerability allows an attacker to run harmful code in a victim's web browser when they visit a compromised web page of the affected Dell application. The attacker only needs low-level access to exploit this, which could lead to stealing sensitive information or hijacking user sessions.

This vulnerability allows an attacker to potentially read sensitive information from memory by exploiting a flaw in how certain YAML files are processed, specifically those with complex structures and empty values. It requires the attacker to provide a specially crafted YAML file to trigger the issue, but there’s no evidence that it can lead to more severe memory corruption or control over the system.

This vulnerability allows an attacker to access and manipulate sensitive information in Acronis Cyber Protect products due to a lack of proper authorization checks. It affects specific versions of the software on Linux, macOS, and Windows, so users need to ensure they are running the latest builds to protect themselves.

This vulnerability allows an attacker to access sensitive information from Acronis Cyber Protect products without proper authorization. It affects versions prior to specific builds, meaning that if your software isn't updated, an attacker could potentially view confidential data on your system.

This vulnerability allows an attacker to access sensitive information from Acronis Cyber Protect products due to a lack of proper authorization controls. It affects versions prior to specific builds, meaning that if your software is outdated, an attacker could exploit this flaw to retrieve confidential data without permission.

This vulnerability allows an attacker to access and manipulate sensitive information in Acronis Cyber Protect products due to a lack of proper authorization checks. It affects users running outdated versions of the software on Linux, macOS, or Windows, meaning that if your system isn't updated, it could be at risk.

This vulnerability allows an attacker to potentially send incorrect data during an HTTP POST request if the same connection handle was previously used for a PUT request, which could lead to unexpected application behavior. It mainly affects applications that reuse connection handles without properly resetting them, making it important for developers to be cautious when switching between different types of requests.

This vulnerability allows an attacker with read access to an Azure AD application to access sensitive private key data if it has been improperly uploaded as part of an authentication certificate. This risk arises when users or applications do not follow best practices and store unprotected private keys, potentially exposing them to unauthorized access.

This vulnerability allows an attacker to access a trackable identifier from a user's device without needing special permissions, which could lead to unauthorized access to personal information. However, the attacker must convince the user to interact with the app to exploit this weakness.

This vulnerability allows an attacker to access unique identifiers from the device, potentially exposing sensitive information without needing any special permissions or user interaction. It affects several versions of Android, meaning that many devices could be at risk if they haven't been updated.

This vulnerability allows an attacker to access sensitive information stored on an Android device without needing any special permissions or user interaction. It occurs due to a flaw in how the system checks input data, affecting multiple versions of Android from 8.1 to 11.

This vulnerability allows an attacker to access sensitive information on a user's system, which could lead to further attacks. To exploit it, the attacker needs the user to open a specially crafted file, often by tricking them into clicking a link in an email or message.

This vulnerability allows an attacker to access sensitive information from a Windows 10 system by connecting a device like a camera or scanner and running a specially designed application. To exploit this, the attacker must already have access to the system and be able to connect their device to it.

This vulnerability allows an attacker to access sensitive information from a Windows 10 system by connecting a device like a camera or scanner and running a specially designed application. To exploit it, the attacker must already have access to the system and be able to connect their imaging device.

This vulnerability allows an attacker with local access to a Windows 10 device to potentially steal sensitive information by exploiting how the system processes instructions. To take advantage of this flaw, the attacker must run a specially crafted application on the device.

This vulnerability allows an attacker to gather sensitive information from a Windows 10 system that has the Routing and Remote Access feature enabled, potentially leading to further attacks. However, only systems with this feature turned on are at risk, as it is not enabled by default.

An attacker can take over a user's account by tricking them into visiting a malicious website that steals their login token. This requires the user to click on a specially crafted link, making it crucial for users to be cautious about where they browse.

This vulnerability allows an attacker who has logged into a Windows 10 system to run a specially crafted application that can reveal sensitive information, potentially leading to further attacks on the system. While it doesn't let the attacker execute code or gain higher privileges directly, the leaked information could help them compromise the system in other ways.

This vulnerability allows an attacker to access sensitive information from a user's system, which could help them take further control of the device. To exploit it, the attacker might trick the user into opening a malicious document or visiting a harmful website.

An attacker can exploit this vulnerability to access sensitive information from a user's system, which could help them take further control over it. To do this, the attacker might trick the user into opening a malicious document or visiting a harmful website.