EUVD-2025-209859

Improper Control of Generation of Code 'Code Injection' vulnerability in Yordam Information Technology Consulting, Training and Electronic Systems Industry and Trade Inc. Library Automation System allows Remote Code Inclusion. This issue affects Library Automation System: from v.19.5 before v.22....

CVE-2025-15024

Improper Control of Generation of Code 'Code Injection' vulnerability in Yordam Information Technology Consulting, Training and Electronic Systems Industry and Trade Inc. Library Automation System allows Remote Code Inclusion. This issue affects Library Automation System: from v.19.5 before v.22....

CVE-2025-15024

The CVE-2025-15024 entry concerns the Library Automation System from Yordam Information Technology (library management software). Affected versions are 19.5 up to but not including 22.1. The vulnerability is described as an improper control of code generation, i.e., a Code Injection issue that en...

CVE-2025-15023 Improper Access Control in Yordam Informatics' Library Automation System

Incorrect Authorization vulnerability in Yordam Information Technology Consulting, Training and Electronic Systems Industry and Trade Inc. Library Automation System allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Library Automation System: from v.19.5...

PT-2026-41009

Incorrect Authorization vulnerability in Yordam Information Technology Consulting, Training and Electronic Systems Industry and Trade Inc. Library Automation System allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Library Automation System: from v.19.5...

Yordam Library Automation System 安全漏洞

Yordam Library Automation System is an application developed by Yordam Corporation. Versions of the Yordam Library Automation System from v.19.5 to v.22.1 contained security vulnerabilities. These vulnerabilities were caused by incorrect authorization settings, which could lead to exploitation of...

EUVD-2021-22931

Malware in sbrugna...

CVE-2023-30207

A divide by zero issue discovered in Kodi Home Theater Software 19.5 and earlier allows attackers to cause a denial of service via use of crafted mp3 file...

CVE-2021-3341

A path traversal vulnerability in the DxWebEngine component of DH2i DxEnterprise and DxOdyssey for Windows, version 19.5 through 20.x before 20.0.219.0, allows an attacker to read any file on the host file system via an HTTP request...

PT-2024-8787 · Adobe · Indesign Desktop

Name of the Vulnerable Software and Affected Versions: InDesign Desktop versions ID18.5.2 through ID19.5 Description: The issue is related to a Heap-based Buffer Overflow that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user...

CVE-2023-5552

A password disclosure vulnerability in the Secure PDF eXchange SPX feature allows attackers with full email access to decrypt PDFs in Sophos Firewall version 19.5 MR3 19.5.3 and older, if the password type is set to “Specified by sender”...

Cross site scripting

A password disclosure vulnerability in the Secure PDF eXchange SPX feature allows attackers with full email access to decrypt PDFs in Sophos Firewall version 19.5 MR3 19.5.3 and older, if the password type is set to “Specified by sender”...

PT-2023-22587

Name of the Vulnerable Software and Affected Versions Kodi Home Theater Software versions 19.5 and earlier Description A divide by zero issue in Kodi Home Theater Software allows attackers to cause a denial of service via the use of a crafted mp3 file. Recommendations For versions 19.5 and earlie...

CVE-2022-3226

An OS command injection vulnerability allows admins to execute code via SSL VPN configuration uploads in Sophos Firewall releases older than version 19.5 GA...

CVE-2022-3709

A stored XSS vulnerability allows admin to super-admin privilege escalation in the Webadmin import group wizard of Sophos Firewall releases older than version 19.5 GA...

Cross site scripting

A stored XSS vulnerability allows admin to super-admin privilege escalation in the Webadmin import group wizard of Sophos Firewall releases older than version 19.5 GA...

Command injection

An OS command injection vulnerability allows admins to execute code via SSL VPN configuration uploads in Sophos Firewall releases older than version 19.5 GA...

Code injection

A post-auth code injection vulnerability allows admins to execute code in Webadmin of Sophos Firewall releases older than version 19.5 GA...

CVE-2022-3696

A post-auth code injection vulnerability allows admins to execute code in Webadmin of Sophos Firewall releases older than version 19.5 GA...

CVE-2022-3709

A stored XSS vulnerability allows admin to super-admin privilege escalation in the Webadmin import group wizard of Sophos Firewall releases older than version 19.5 GA...