CVE-2024-45164

Akamai SIA Secure Internet Access Enterprise ThreatAvert, in SPS Security and Personalization Services before the latest 19.2.0 patch and Apps Portal before 19.2.0.3 or 19.2.0.20240814, has incorrect authorization controls for the Admin functionality on the ThreatAvert Policy page. An authenticat...

CVE-2023-22076

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite component: Personalization. Supported versions that are affected are 12.2.3-12.2.12. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Application...

CVE-2023-51492

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in If So Plugin If-So Dynamic Content Personalization allows Stored XSS.This issue affects If-So Dynamic Content Personalization: from n/a through 1.6.3.1...

CVE-2022-24584

Incorrect access control in Yubico OTP functionality of the YubiKey hardware tokens along with the Yubico OTP validation server. The Yubico OTP supposedly creates hardware bound second factor credentials. When a user reprograms the OTP functionality by "writing" it on a token using the Yubico...

The vulnerability of the Dynamo Personalization Server component of the Oracle Commerce Platform allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Dynamo Personalization Server component of the Oracle Commerce Platform relates to insufficient validation of input data. Exploiting this vulnerability could allow an attacker operating remotely to gain unauthorized access to protected information...

CVE-2025-21576

Vulnerability in the Oracle Commerce Platform product of Oracle Commerce component: Dynamo Personalization Server. Supported versions that are affected are 11.3.0, 11.3.1 and 11.3.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

CVE-2025-21576

Vulnerability in the Oracle Commerce Platform product of Oracle Commerce component: Dynamo Personalization Server. Supported versions that are affected are 11.3.0, 11.3.1 and 11.3.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

CVE-2025-21576

Vulnerability in the Oracle Commerce Platform product of Oracle Commerce component: Dynamo Personalization Server. Supported versions that are affected are 11.3.0, 11.3.1 and 11.3.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

Oracle Commerce 安全漏洞

Oracle Commerce is a suite of e-commerce solutions from Oracle Corporation, of which Commerce Platform is one component that provides a versatile e-commerce platform. A security vulnerability exists in Oracle Commerce's Commerce Platform versions 11.3.0, 11.3.1, and 11.3.2, which stems from...

Citrix Profile Management fails to load When User Personalization Layer is enabled

When User Personalization Layer UPL is enabled, Citrix Profile Management CPM profile is is not loaded. If UPL is not enabled, CPM profile does load...

CVE-2024-52411

Deserialization of Untrusted Data vulnerability in flowcraft Advanced Personalization personalization-by-flowcraft allows Object Injection.This issue affects Advanced Personalization: from n/a through = 1.1.2...

The vulnerability of the PKCS15-init personalization utility in the software and library set for working with smart cards in OpenSC allows a violator to gain unauthorized access to protected information.

The vulnerability of the pkcs15-init personalization utility for smart cards, a software tool and library for working with smart cards in OpenSC, is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow an attacker to gain unauthorized acce...

The vulnerability of the openpgpGenerateKeyRsa() function in the personalization utility for smart cards PKCS15-INIT is a flaw in the software and library tools used to work with OpenSC smart cards. This vulnerability allows a perpetrator to circumvent security restrictions and execute arbitrary code.

The vulnerability of the openpgpGenerateKeyRsa function in the personalization utility for smart cards, part of the software and library suite for working with OpenSC smart cards, stems from an operation that occurs outside the buffer in memory during key generation. Exploiting this vulnerability...

Top AI Trends of 2025 Businesses Should Be Ready For

AI is transforming business in 2025, from hyper-personalization to ethical AI. Success lies in mastering it to enhance innovation, efficiency, and trust while staying competitive...

CVE-2024-10796

CVE-2024-10796 (If-So Dynamic Content Personalization, WordPress) The WordPress plugin is vulnerable to information exposure on all versions up to 1.9.2.1 via the ifso-show-post shortcode due to insufficient post access restrictions. Authenticated attackers with Contributor level or higher could ...

WordPress If-So Dynamic Content Personalization Plugin <= 1.9.2.1 is vulnerable to Broken Access Control

Software If-So Dynamic Content Personalization Type Plugin Vulnerable versions = 1.9.2.1 Fixed in 1.9.2.2 OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Access Control CVE CVE-2024-10796 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID...

CVE-2024-52411

Deserialization of Untrusted Data vulnerability in flowcraft Advanced Personalization personalization-by-flowcraft allows Object Injection.This issue affects Advanced Personalization: from n/a through = 1.1.2...

CVE-2024-52411 WordPress Advanced Personalization plugin <= 1.1.2 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in flowcraft Advanced Personalization personalization-by-flowcraft allows Object Injection.This issue affects Advanced Personalization: from n/a through = 1.1.2...

CVE-2024-52411

CVE-2024-52411 describes a deserialization of untrusted data vulnerability in Flowcraft UX Design Studio Advanced Personalization, enabling PHP object injection. Affected: Flowcraft Advanced Personalization component, versions up to 1.1.2 (n/a through 1.1.2). CVSS 3.1 base 9.8 (Network attack vec...

CVE-2024-52411 WordPress Advanced Personalization plugin <= 1.1.2 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in Flowcraft UX Design Studio Advanced Personalization allows Object Injection.This issue affects Advanced Personalization: from n/a through 1.1.2...