Riasztások

An unrestricted upload of file with dangerous type in Automated Logic WebCTRL 7.0 could allow an unauthenticated user to perform remote command execution via a crafted HTTP POST request which could...

A vulnerability in Automated Logic WebCTRL 7.0 could allow an attacker to send a maliciously crafted URL, which when visited by an authenticated WebCTRL user, could result in the redirection of the...

In Zimbra Collaboration (ZCS) 9.0 and 10.0, a vulnerability in the Webmail Modern UI allows execution of stored Cross-Site Scripting (XSS) payloads. An attacker with administrative access to the...

An issue was discovered in Zimbra Collaboration (ZCS) through 10.1. A stored Cross-Site Scripting (XSS) vulnerability exists in the /modern/contacts/print endpoint of Zimbra webmail. This allows an...

An issue was discovered in Zimbra Collaboration (ZCS) through 10.1. A Cross-Site Scripting (XSS) vulnerability in the /h/rest endpoint of the Zimbra webmail and admin panel interfaces allows...

InDesign Desktop versions 19.0, 20.0 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability...

Argo Workflows Chart is used to set up argo and its needed dependencies through one command. Prior to 0.44.0, the workflow-role has excessive privileges, the worst being create pods/exec, which...

LLama Factory enables fine-tuning of large language models. A critical remote OS command injection vulnerability has been identified in the LLama Factory training process. This vulnerability arises...

Linksys E3000 1.0.06.002_US is vulnerable to command injection via the diag_ping_start function.

TP-Link TL-IPC42C V4.0_20211227_1.0.16 is vulnerable to command injection due to the lack of malicious code verification on both the frontend and backend.