4 matches found
CVE-2026-55798
Pillow is a Python imaging library. Prior to 12.3.0, WindowsViewer.getcommand constructed a cmd.exe shell command by directly embedding a file path into an f-string without escaping and passed the result to subprocess.Popen..., shell=True, allowing shell metacharacters in the file path to inject...
CVE-2026-27461
Summary : Pimcore pre-12.3.3 exposes a SQL-like injection in the dependency listing filter. In versions up to 11.5.14.1 and 12.3.2, the filter query parameter is JSON-decoded and the value is concatenated directly into RLIKE clauses without sanitization or parameterized queries. Impact : With adm...
CVE-2020-25622
An issue was discovered in SolarWinds N-Central 12.3.0.670. The AdvancedScripts HTTP endpoint allows CSRF...
Apple iOS and Apple watchOS Mail Message Framework Component Resource Management Error Vulnerability
Apple iOS and Apple watchOS are both products of Apple Inc. Apple iOS is an operating system developed for mobile devices. apple watchOS is an operating system for smartwatches. mail Message Framework is one of the email messaging frameworks. A resource management error vulnerability exists in th...