Description A vulnerability in significant-gravitas/autogpt version 0.5.1 allows an attacker to bypass the shell commands denylist settings. The issue arises
Description A unauthenticated Remote Code Execution (RCE) vulnerability is found in the SO Planning online planning tool. With this vulnerability,
Description A vulnerability, which was classified as problematic, was found in JFinalCMS up to 20240903. This affects the function update
Description A vulnerability, which was classified as problematic, has been found in Kaon CG3000 1.01.43. Affected by this issue is
Description A vulnerability classified as critical was found in TDuckCloud TDuckPro up to 6.3. Affected by this vulnerability is an
Description An improper authorization vulnerability [CWE-285] in FortiSOAR version 7.4.0 through 7.4.3, 7.3.0 through 7.3.2, 7.2.0 through 7.2.2, 7.0.0 through
Description Deserialization of untrusted data in the agent portal of Ivanti EPM before 2022 SU6, or the 2024 September update
Description Versions of the package dset before 3.1.4 are vulnerable to Prototype Pollution via the dset function due improper user
Description Inclusion of Functionality from Untrusted Control Sphere(CWE-829) in the Command Centre Server and Workstations may allow an attacker to
Description An unauthenticated attacker can leverage a time-based SQL injection vulnerability in VICIdial to enumerate database records. By default, VICIdial
Description The Ruby SAML library is for implementing the client side of a SAML authorization. Ruby-SAML in
Description DLL hijacking in the management console of Ivanti Workspace Control version 10.18.0.0 and below allows a local authenticated attacker
Description body-parser is Node.js body parsing middleware. body-parser
Description SpiderControl SCADA Web Server has a vulnerability that could allow an attacker to upload specially crafted malicious files without
Description Nix is a package manager for Linux and other Unix systems. A bug in Nix 2.24 prior to 2.24.6
Description An issue was discovered in Samsung Mobile Processor Exynos 1480, Exynos 2400. The xclipse amdgpu driver has a reference
Description Citrix Workspace App version 23.9.0.24.4 on Dell ThinOS 2311 contains an Incorrect Authorization vulnerability when Citrix CEB is enabled
Description **UNSUPPORTED WHEN ASSIGNED** A command injection vulnerability in the export-cgi program of Zyxel NAS326 firmware versions through V5.21(AAZF.18)C0 and
Description This vulnerability exists in TechExcel Back Office Software versions prior to 1.0.0 due to improper access controls on certain
API gateways play a key role in today’s digital security, acting as an essential safety net to protect APIs from
Description A deserialization issue in Kibana can lead to arbitrary code execution when Kibana attempts to parse a YAML document
Description Orca HCM from LEARNING DIGITAL does not properly restrict access to a specific functionality, allowing unauthenticated remote attacker to
Description Bypass incomplete fix of CVE-2024-27980, that arises from improper handling of batch files with all possible extensions on Windows
Description IBM MQ Operator 2.0.26 and 3.2.4 could allow an authenticated user in a specifically defined role, to bypass security