CVE-2025-69035

Deserialization of Untrusted Data vulnerability in strongholdthemes Dental Care CPT dentalcare-cpt allows Object Injection.This issue affects Dental Care CPT: from n/a through = 20.2...

CVE-2025-47105

InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in...

CVE-2025-43589

InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

OpenText Content Management CE 跨站脚本漏洞

OpenText Content Management CE is an enterprise content management solution from OpenText Canada. A cross-site scripting vulnerability exists in OpenText Content Management CE versions 20.2 through 25.1, which stems from stored cross-site scripting in the Discussions feature that could lead to co...

OpenText Content Server 安全漏洞

OpenText Content Server is an enterprise content management software from OpenText Canada. A security vulnerability exists in OpenText Content Server versions 20.2 through 24.4, which stems from improper authorization of the REST API and could result in an unprivileged user deleting external...

CVE-2023-28980 Junos OS and Junos OS Evolved: In a BGP rib sharding scenario an rpd crash will happen shortly after a specific CLI command is issued

A Use After Free vulnerability in the routing protocol daemon of Juniper Networks Junos OS and Junos OS Evolved allows a locally authenticated attacker with low privileges to cause Denial of Service DoS. In a rib sharding scenario the rpd process will crash shortly after specific CLI command is...

CVE-2023-22414 Junos OS: PTX Series and QFX10000 Series: An FPC memory leak is observed when specific EVPN VXLAN Multicast packets are processed

A Missing Release of Memory after Effective Lifetime vulnerability in Flexible PIC Concentrator FPC of Juniper Networks Junos OS allows an adjacent, unauthenticated attacker from the same shared physical or logical network, to cause a heap memory leak and leading to FPC crash. On all Junos PTX...

Design/Logic Flaw

A Use After Free vulnerability in the Advanced Forwarding Toolkit AFT manager process aftmand of Juniper Networks Junos OS allows an unauthenticated networked attacker to cause a kernel crash due to intensive polling of Abstracted Fabric AF interface statistics and thereby a Denial of Service DoS...

Design/Logic Flaw

An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS allows an unauthenticated networked attacker to cause a Denial of Service DoS by sending specific packets over VXLAN which cause the PFE to reset. This issue...

CVE-2021-31386 Junos OS: When using J-Web with HTTP an attacker may retrieve encryption keys via Person-in-the-Middle attacks.

A Protection Mechanism Failure vulnerability in the J-Web HTTP service of Juniper Networks Junos OS allows a remote unauthenticated attacker to perform Person-in-the-Middle PitM attacks against the device. This issue affects: Juniper Networks Junos OS 12.3 versions prior to 12.3R12-S20; 15.1...

CVE-2021-31373

Juniper Networks Junos OS SRX Series J-Web exposes a persistent XSS when authenticated users access the J-Web interface. An attacker could inject scripts to steal data or hijack sessions. Affected: SRX Series across multiple releases prior to specific fixed deployments (e.g., 18.2R3-S8; 18.3R3-S5...

CVE-2021-0292

An Uncontrolled Resource Consumption vulnerability in the ARP daemon arpd and Network Discovery Protocol ndp process of Juniper Networks Junos OS Evolved allows a malicious attacker on the local network to consume memory resources, ultimately resulting in a Denial of Service DoS condition...

CVE-2021-0231

A path traversal vulnerability in the Juniper Networks SRX and vSRX Series may allow an authenticated J-web user to read sensitive system files. This issue affects Juniper Networks Junos OS on SRX and vSRX Series: 19.3 versions prior to 19.3R2-S6, 19.3R3-S1; 19.4 versions prior to 19.4R2-S4,...

CVE-2021-21055

Adobe Dreamweaver versions 21.0 and earlier and 20.2 and earlier is affected by an untrusted search path vulnerability that could result in information disclosure. An attacker with physical access to the system could replace certain configuration files and dynamic libraries that Dreamweaver...

Command injection

A command injection vulnerability in the license-check daemon of Juniper Networks Junos OS that may allow a locally authenticated attacker with low privileges to execute commands with root privilege. license-check is a daemon used to manage licenses in Junos OS. To update licenses, a user execute...

CVE-2021-0218 Junos OS: Command injection vulnerability in license-check daemon

A command injection vulnerability in the license-check daemon of Juniper Networks Junos OS that may allow a locally authenticated attacker with low privileges to execute commands with root privilege. license-check is a daemon used to manage licenses in Junos OS. To update licenses, a user execute...

Oracle Database Server Oracle Application Express component unauthorized access vulnerability

Oracle Database Server is a set of relational database management system of the United States Oracle Oracle. The database management system provides data management, distributed processing and other functions. An unauthorized vulnerability exists in Oracle Database Server Oracle Application Expre...

CVE-2020-24425

Dreamweaver version 20.2 and earlier is affected by an uncontrolled search path element vulnerability that could lead to privilege escalation. Successful exploitation could result in a local user with permissions to write to the file system running system commands with administrator privileges...

CVE-2020-24425

Dreamweaver version 20.2 and earlier is affected by an uncontrolled search path element vulnerability that could lead to privilege escalation. Successful exploitation could result in a local user with permissions to write to the file system running system commands with administrator privileges...

Path traversal

Dreamweaver version 20.2 and earlier is affected by an uncontrolled search path element vulnerability that could lead to privilege escalation. Successful exploitation could result in a local user with permissions to write to the file system running system commands with administrator privileges...