CVE-2024-47422 : ADOBE FRAMEMAKER UP TO 2020.6/2022.4 UNTRUSTED SEARCH PATH
Description Adobe Framemaker versions 2020.6, 2022.4 and earlier are affected by an Untrusted Search Path vulnerability that could lead to
Description Adobe Framemaker versions 2020.6, 2022.4 and earlier are affected by an Untrusted Search Path vulnerability that could lead to
Description In the Linux kernel, the following vulnerability has been resolved: scsi: pm80xx: Set phy->enable_completion only when we wait for
Description Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’), Improper Input Validation vulnerability in TRtek Software
Description Improper Restriction of XML External Entity Reference (‘XXE’) vulnerability in Apache XML Graphics FOP. This issue affects Apache XML
Description Animate versions 23.0.7, 24.0.4 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary
Description Dell AppSync Server, version 4.3 through 4.6, contains an XML External Entity Injection vulnerability. An adjacent high privileged attacker
Description cgi.c in weborf .0.17, 0.18, 0.19, and 0.20 (before 1.0) lacks ‘\0’ termination of the path for CGI scripts
Description In linkturbonative service, there is a possible command injection due to improper input validation. This could lead to local
Description HDF5 library through 1.14.3 has memory corruption in H5A__close resulting in the corruption of the instruction pointer and causing
Description Incorrect credential validation in LemonLDAP::NG 2.18.x and 2.19.x before 2.19.2 allows attackers to bypass OAuth2 client authentication via an
Description An issue was discovered in za-internet C-MOR Video Surveillance 5.2401 and 6.00PL01. Due to insufficient input validation, the C-MOR
Description An improper authorization vulnerability exists in the Rockwell Automation affected products that could allow an unauthorized user to sign
Description Improper check for unusual or exceptional conditions in Intel(R) TDX Module firmware before version 1.5.06 may allow a privileged
Description NULL pointer dereference in IP socket options processing of the Networking Stack in QNX Software Development Platform (SDP) version(s)
Description Discourse is an open source platform for community discussion. An attacker can make several XHR requests until the cache
Description Livewire is a full-stack framework for Laravel that allows for dynamic UI components without leaving PHP. In livewire/livewire `<
Description A flaw exists whereby a user can make a specific call to a FlashArray endpoint allowing privilege escalation. References
Generative AI, driven by advanced machine learning techniques, is revolutionizing industries by creating text, images, music, and virtual environments. These
Description Elsight – CWE-78: Improper Neutralization of Special Elements used in an OS Command (‘OS Command Injection’) References https://www.gov.il/en/Departments/faq/cve_advisories For
Description Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in YITH YITH WooCommerce Ajax Search
Description A vulnerability was found in ESAFENET CDG V5. It has been rated as critical. Affected by this issue is
Description A vulnerability was found in D-Link DIR-605L 2.13B01 BETA. It has been classified as critical. Affected is the function
Description An issue in Plasmoapp RPShare Fabric mod v.1.0.0 allows a remote attacker to execute arbitrary code via the build
Description Cookies of authenticated Advantech ADAM-5630 users remain as active valid cookies when a session is closed. Forging requests with