CVE-2020-26693

A stored cross-site scripting XSS vulnerability was discovered in pfSense 2.4.5-p1 which allows an authenticated attacker to execute arbitrary web scripts via exploitation of the loadbalancermonitor.php function...

CVE-2023-22251

Adobe Commerce versions 2.4.4-p2 and earlier and 2.4.5-p1 and earlier are affected by an Incorrect Authorization vulnerability. A low-privileged authenticated attacker could leverage this vulnerability to achieve minor information disclosure...

Improper access control

Adobe Commerce versions 2.4.4-p2 and earlier and 2.4.5-p1 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to impact the availability of a user's minor feature. Exploitation of this...

CVE-2023-22249 Adobe Commerce Stored XSS Arbitrary code execution

Adobe Commerce versions 2.4.4-p2 and earlier and 2.4.5-p1 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s...

Adobe Commerce 访问控制错误漏洞

Adobe Commerce is a leading global digital commerce solution for merchants and brands from Adobe. An access control error vulnerability exists in Adobe Commerce version 2.4.4-p2 and earlier, 2.4.5-p1 and earlier, which stems from improper access control...

Adobe Commerce 安全漏洞

Adobe Commerce is a leading global digital commerce solution for merchants and brands from Adobe. A security vulnerability exists in Adobe Commerce version 2.4.4-p2 and earlier, and version 2.4.5-p1 and earlier. An attacker could exploit the vulnerability to read arbitrary files...

PT-2023-2044 · Adobe · Commerce

Name of the Vulnerable Software and Affected Versions: Adobe Commerce versions 2.4.4-p2 and earlier Adobe Commerce versions 2.4.5-p1 and earlier Description: The issue is related to an Incorrect Authorization vulnerability in Adobe Commerce. This vulnerability could allow a low-privileged...

Cross site scripting

A stored cross-site scripting XSS vulnerability was discovered in pfSense 2.4.5-p1 which allows an authenticated attacker to execute arbitrary web scripts via exploitation of the loadbalancermonitor.php function...

pfSense 2.4.x < 2.4.5-p1 Multiple Vulnerabilities

According to its self-reported version number, the remote pfSense install is a version 2.4.x prior to 2.4.5-p1. It is, therefore, affected by the following vulnerabilities in its subcomponents: - Unbound before 1.10.1 has Insufficient Control of Network Message Volume, aka an 'NXNSAttack' issue...