Day: September 11, 2024

Description Versions of the package dset before 3.1.4 are vulnerable to Prototype Pollution via the dset function due improper user

Description Inclusion of Functionality from Untrusted Control Sphere(CWE-829) in the Command Centre Server and Workstations may allow an attacker to

Description An unauthenticated attacker can leverage a time-based SQL injection vulnerability in VICIdial to enumerate database records. By default, VICIdial

Description The Ruby SAML library is for implementing the client side of a SAML authorization. Ruby-SAML in

Description DLL hijacking in the management console of Ivanti Workspace Control version 10.18.0.0 and below allows a local authenticated attacker

Description body-parser is Node.js body parsing middleware. body-parser

Description SpiderControl SCADA Web Server has a vulnerability that could allow an attacker to upload specially crafted malicious files without

Description Nix is a package manager for Linux and other Unix systems. A bug in Nix 2.24 prior to 2.24.6

Description An issue was discovered in Samsung Mobile Processor Exynos 1480, Exynos 2400. The xclipse amdgpu driver has a reference

Description Citrix Workspace App version 23.9.0.24.4 on Dell ThinOS 2311 contains an Incorrect Authorization vulnerability when Citrix CEB is enabled