Free Trial

CVE-2023-3974 : JGRAPH DRAWIO UP TO 21.3.X OS COMMAND INJECTION

Description

OS Command Injection in GitHub repository jgraph/drawio prior to 21.4.0.

References

https://github.com/jgraph/drawio/commit/9d6532de36496e77d872d91b1947bb696607d623

https://huntr.dev/bounties/ce75aa04-e4d6-4e0a-9db0-ae84c46ae9e2

For More Information

CVERecord

Common Vulnerabilityies and Exposures

CVE-2023-3974 : JGRAPH DRAWIO UP TO 21.3.X OS COMMAND INJECTION
CVE-2023-3974 : JGRAPH DRAWIO UP TO 21.3.X OS COMMAND INJECTION

Contact us to get started

CVE-2024-49592 : MCAFEE TRIAL INSTALLER 16.0.53 ACCESS CONTROL

CVE-2024-49592 : MCAFEE TRIAL INSTALLER 16.0.53 ACCESS CONTROL

Description McAfee Trial Installer 16.0.53 has Incorrect Access Control that leads to Local Escalation of Privileges. References https://www.mcafee.com/support/s/article/000002516?language=en_US For More

Learn more
CVE-2024-10934 : OPENBSD UP TO 7.4 ERRATA 020/7.5 ERRATA 007 NFS CLIENT/NFS SERVER DOUBLE FREE

CVE-2024-10934 : OPENBSD UP TO 7.4 ERRATA 020/7.5 ERRATA 007 NFS CLIENT/NFS SERVER DOUBLE FREE

Description In OpenBSD 7.5 before errata 008 and OpenBSD 7.4 before errata 021, avoid possible mbuf double free in NFS

Learn more
CVE-2024-40638 : GLPI UP TO 10.0.16 SQL INJECTION

CVE-2024-40638 : GLPI UP TO 10.0.16 SQL INJECTION

Description GLPI is a free asset and IT management software package. An authenticated user can exploit multiple SQL injection vulnerabilities.

Learn more