NA - CVE-2024-45514 - An issue was discovered in Zimbra Collaboration...
An issue was discovered in Zimbra Collaboration (ZCS) through v10.1. A Cross-Site Scripting (XSS) vulnerability exists in one of the endpoints of Zimbra Webmail due to insufficient sanitization of...
NA - CVE-2024-8525 - An unrestricted upload of file with dangerous...
An unrestricted upload of file with dangerous type in Automated Logic WebCTRL 7.0 could allow an unauthenticated user to perform remote command execution via a crafted HTTP POST request which could...
NA - CVE-2024-8526 - A vulnerability in Automated Logic WebCTRL 7.0...
A vulnerability in Automated Logic WebCTRL 7.0 could allow an attacker to send a maliciously crafted URL, which when visited by an authenticated WebCTRL user, could result in the redirection of the...
NA - CVE-2024-45194 - In Zimbra Collaboration (ZCS) 9.0 and 10.0, a...
In Zimbra Collaboration (ZCS) 9.0 and 10.0, a vulnerability in the Webmail Modern UI allows execution of stored Cross-Site Scripting (XSS) payloads. An attacker with administrative access to the...
NA - CVE-2024-45513 - An issue was discovered in Zimbra Collaboration...
An issue was discovered in Zimbra Collaboration (ZCS) through 10.1. A stored Cross-Site Scripting (XSS) vulnerability exists in the /modern/contacts/print endpoint of Zimbra webmail. This allows an...
NA - CVE-2024-45517 - An issue was discovered in Zimbra Collaboration...
An issue was discovered in Zimbra Collaboration (ZCS) through 10.1. A Cross-Site Scripting (XSS) vulnerability in the /h/rest endpoint of the Zimbra webmail and admin panel interfaces allows...
Medium - CVE-2024-49529 - InDesign Desktop versions 19.0, 20.0 and...
InDesign Desktop versions 19.0, 20.0 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability...
NA - CVE-2024-52799 - Argo Workflows Chart is used to set up argo and...
Argo Workflows Chart is used to set up argo and its needed dependencies through one command. Prior to 0.44.0, the workflow-role has excessive privileges, the worst being create pods/exec, which...
NA - CVE-2024-52803 - LLama Factory enables fine-tuning of large...
LLama Factory enables fine-tuning of large language models. A critical remote OS command injection vulnerability has been identified in the LLama Factory training process. This vulnerability arises...