Issue: The Cross-Site Scripting (XSS) vulnerability CVE-2021-31848 occurs in DLP Case Management. Issue: The SQL Injection vulnerability CVE-2021-31849 gets triggered when deleting user information in DLP Endpoint for Windows. Issue: The SQL Injection vulnerability CVE-2021-4088 allows a remote-authenticated attacker to inject unfiltered SQL into the DLP part of the ePO database. Issue: The vulnerability CVE-2022-2330 occurs for improper restriction of the XML External Entity Reference in DLP. Issue: The protection bypass vulnerability CVE-2023-0400 occurs in DLP Endpoint for Windows 11.9.x. Issue: A vulnerability CVE-2022-4450 is observed with the public-facing API function BIO_new_NDEF. Issue: A vulnerability CVE-2023-0215 issue with the PEM_read_bio_ex() function, reads a Privacy Enhanced Mail (PEM) file and returns a failure code, but still populates the name, header, and payload information. Issue: A vulnerability CVE-2022-4304 in Open SSL RSA decryption is caused by an improper timing-based side channel. Issue: A type confusion vulnerability CVE-2023-0286 is observed in the public structure definition for GENERAL_NAME that incorrectly specifies the type x400 address field as ASN1_TYPE. The critical resolved issues are listed below. Endpoint 11.6.401.1 Hotfix (GA) Extension
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |