CVE-2024-21513 : LANGCHAIN-EXPERIMENTAL UP TO 0.0.20 DATABASE EVAL CODE INJECTION

Description Versions of the package langchain-experimental from 0.0.15 and before 0.0.21 are vulnerable to Arbitrary Code Execution when retrieving values

Description The access control in the Electronic Official Document Management System from 2100 TECHNOLOGY is not properly implemented, allowing remote

Description A vulnerability in the package_index module of pypa/setuptools versions up to 69.1.1 allows for remote code execution via its

Description IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 is vulnerable to HTTP header injection, caused by improper validation

Description In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix UAF in svc_tcp_listen_data_ready() After the listener svc_sock

Description An Improper Neutralization of Data within XPath Expressions (‘XPath Injection’) vulnerability in J-Web shipped with Juniper Networks Junos OS

Description The JSON API User plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including,

Description EVerest is an EV charging software stack. An integer overflow in the “v2g_incoming_v2gtp” function in the v2g_server.cpp implementation can

Description Missing authentication for a critical function in Palo Alto Networks Expedition can lead to an Expedition admin account takeover

Description Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Membership Software WishList Member X.This issue affects WishList Member

Description Vulnerability in Jaspersoft JasperReport Servers.This issue affects JasperReport Servers: from 8.0.4 through 9.0.0. References https://community.jaspersoft.com/advisories/jaspersoft-security-advisory-july-9-2024-jasperreports-server-cve-2024-3325-r4/ For More Information CVERecord

Description ServiceNow has addressed an input validation vulnerability that was identified in Vancouver and Washington DC Now Platform releases. This

Description The InstaWP Connect – 1-click WP Staging & Migration plugin for WordPress is vulnerable to authentication bypass in all

Description A vulnerability was found in Tenda AX1806 1.0.0.1. Affected by this issue is the function formSetRebootTimer of the file

Description Incorrect permissions on the Checkmk Windows Agent’s data directory in Checkmk < 2.3.0p8, < 2.2.0p29, < 2.1.0p45, and

Description Insecure handling of POST header parameter body included in requests being sent to an instance of the open-source project

Description An unauthenticated remote attacker can manipulate the device via Telnet, stop processes, read, delete and change data. References https://cert.vde.com/en/advisories/VDE-2024-038

Description In the Linux kernel, the following vulnerability has been resolved: crypto: qat – Fix ADF_DEV_RESET_SYNC memory leak Using completion_done

Description The SmartCrawl WordPress SEO checker, SEO analyzer, SEO optimizer plugin for WordPress is vulnerable to Full Path Disclosure in

Description An issue in ifood Order Manager v3.35.5 ‘Gestor de Peddios.exe’ allows attackers to execute arbitrary code via a DLL

Description Dell Alienware Command Center, version 5.7.3.0 and prior, contains an improper access control vulnerability. A low privileged attacker could

Description All versions of the package audify are vulnerable to Improper Validation of Array Index when frameSize is provided to

Description All versions of the package node-stringbuilder are vulnerable to Out-of-bounds Read due to incorrect memory length calculation, by calling