CVE-2026-41030

In ONLYOFFICE DesktopEditors before 9.3.0, the update service allows attackers to perform actions on files with SYSTEM privileges...

EUVD-2026-23197

In ONLYOFFICE DesktopEditors before 9.3.0, the update service allows attackers to perform actions on files with SYSTEM privileges...

CVE-2026-35492

Kedro-Datasets is a Kendo plugin providing data connectors. Prior to 9.3.0, PartitionedDataset in kedro-datasets was vulnerable to path traversal. Partition IDs were concatenated directly with the dataset base path without validation. An attacker or malicious input containing .. components in a...

PT-2024-27836 · Themesphere · Themesphere Smartmag

Name of the Vulnerable Software and Affected Versions: ThemeSphere SmartMag versions prior to 9.3.0 Description: The issue is related to Exposure of Sensitive Information to an Unauthorized Actor and Missing Authorization vulnerability. It allows excavation and accessing functionality not properl...

Schneider Electric FoxRTU Station Path Traversal Vulnerability

Schneider Electric FoxRTU Station is a configuration and programming environment for RTU systems from Schneider Electric France. A path traversal vulnerability exists in Schneider Electric FoxRTU Station versions prior to 9.3.0. An attacker can exploit this vulnerability to remotely execute code...

OESA-2022-2113 python-pillow security update

Pillow is the friendly PIL fork by Alex Clark and Contributors. PIL is the Python Imaging Library by Fredrik Lundh and Contributors. As of 2019, Pillow development is supported by Tidelift. Security Fixes: Pillow before 9.3.0 allows denial of service via SAMPLESPERPIXEL.CVE-2022-45199...

CVE-2022-45199

Pillow before 9.3.0 allows denial of service via SAMPLESPERPIXEL...