CVE-2021-0517

In updateCapabilities of ConnectivityService.java, there is a possible incorrect network state determination due to a logic error in the code. This could lead to biasing of networking tasks to occur on non-VPN networks, which could lead to remote information disclosure, with no additional executi...

CVE-2021-2353

Vulnerability in the Siebel Core - Server Framework product of Oracle Siebel CRM component: Loging. Supported versions that are affected are 21.5 and Prior. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Siebel Core - Server Framework...

CVE-2025-10439

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Yordam Informatics Yordam Library Automation System allows SQL Injection. This issue affects Yordam Library Automation System: from 21.5 & 21.6 before 21.7...

Yordam Library Automation System SQL注入漏洞

Yordam Library Automation System is an application from Yordam, Inc. A SQL injection vulnerability exists in Yordam Library Automation System versions 21.5, 21.6, and prior to 21.7, which stems from improper neutralization of a special element and could lead to a SQL injection attack...

Vulnerability fixed in Adobe Dreamweaver

Adobe has fixed a vulnerability in Dreamweaver Desktop Specifically for versions 21.5 and earlier. The vulnerability is in the way Dreamweaver handles CSRF attacks. A malicious party can exploit this vulnerability by allowing a user to interact with a malicious link, which can lead to the executi...

CVE-2025-54256

Dreamweaver Desktop versions 21.5 and earlier are affected by a Cross-Site Request Forgery CSRF vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must click on a malicious link, and...

CVE-2025-54256

Dreamweaver Desktop (Windows/macOS) is affected by CVE-2025-54256: CSRF that could allow arbitrary code execution in the context of the current user. Affected: Dreamweaver Desktop versions 21.5 and earlier. Root cause described in the CVE as a Cross-Site Request Forgery vulnerability that require...

CVE-2025-54256 Dreamweaver Desktop | Cross-Site Request Forgery (CSRF) (CWE-352)

Dreamweaver Desktop versions 21.5 and earlier are affected by a Cross-Site Request Forgery CSRF vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must click on a malicious link, and...

CVE-2020-15610

This vulnerability allows remote attackers to execute arbitrary code on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajaxphppecl.php. When parsing the modulo parameter, the process does...

CVE-2020-15428

This vulnerability allows remote attackers to execute arbitrary code on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajaxcrons.php. When parsing the line parameter, the process does not...

PT-2024-28780

Name of the Vulnerable Software and Affected Versions GraphQL Java versions prior to 21.5 GraphQL Java version 20.9 GraphQL Java version 19.11 Description The issue is related to the improper consideration of ExecutableNormalizedFields ENFs in preventing denial of service via introspection querie...

PT-2023-20844 · Evolucare · Evolucare Ecsimaging

Name of the Vulnerable Software and Affected Versions: EVOLUCARE ECSIMAGING aka ECS Imaging versions prior to 6.21.5 Description: The issue concerns a Cross Site Scripting XSS vulnerability. It can be exploited via the new movie.php file. Recommendations: For versions prior to 6.21.5, update to...

CVE-2022-27535

Kaspersky VPN Secure Connection for Windows version up to 21.5 was vulnerable to arbitrary file deletion via abuse of its 'Delete All Service Data And Reports' feature by the local authenticated attacker...

OPENSUSE-SU-2020:1814-1 Security update for singularity

This update for singularity fixes the following issues: Update to new version 3.6.4: - CVE-2020-15229: Due to insecure handling of path traversal and the lack of path sanitization within unsquashfs, it is possible to overwrite/create files on the host filesystem during the extraction of a crafted...

Intel Driver and Support Assistant Competitive Conditions Issue Vulnerability

Intel Driver and Support Assistant is an Intel Driver and Support Assistant application from Intel Corporation USA. The program is mainly used to detect and install system driver updates. A Competing Conditions Issue vulnerability exists in Intel Driver and Support Assistant versions prior to...