CVE-2026-8211 codelibs Fess JSP File AdminDesignAction.java update code injection

A vulnerability was detected in codelibs Fess up to 15.5.1. Affected by this issue is the function update of the file org/codelibs/fess/app/web/admin/design/AdminDesignAction.java of the component JSP File Handler. The manipulation of the argument content results in code injection. The attack may...

EUVD-2021-23692

Malware in sbrugna...

CVE-2023-52363

Vulnerability of defects introduced in the design process in the Control Panel module.Successful exploitation of this vulnerability may cause app processes to be started by mistake...

Privilege escalation

Vulnerability of defects introduced in the design process in the Control Panel module.Successful exploitation of this vulnerability may cause app processes to be started by mistake...

Design/Logic Flaw

Access to critical Unified Diagnostics Services UDS of the Modular Infotainment Platform 3 MIB3 infotainment is transmitted via Controller Area Network CAN bus in a form that can be easily decoded by attackers with physical access to the vehicle. Vulnerability discovered on Škoda Superb III 3V3 -...

Design/Logic Flaw

Vulnerability of parameters being out of the value range in the QMI service module. Successful exploitation of this vulnerability may cause errors in reading file data...

Design/Logic Flaw

Vulnerability of parameters not being strictly verified in the PMS module. Successful exploitation of this vulnerability may cause the system to restart...

CVE-2023-41297

Vulnerability of defects introduced in the design process in the HiviewTunner module. Successful exploitation of this vulnerability may cause service hijacking...

CVE-2023-29320

Adobe Acrobat Reader versions 23.003.20244 and earlier and 20.005.30467 and earlier are affected by an Violation of Secure Design Principles vulnerability that could result in arbitrary code execution in the context of the current user by bypassing the API blacklisting feature. Exploitation of th...

Shopping Cart & eCommerce Store < 5.2.5 - Arbitrary Design Settings Update via CSRF

The plugin is lacking CSRF checks in various AJAX actions, such as ecadminajaxsavedesignsettings, which could allow attackers to make a logged in admin update arbitrary settings PoC To disable the Live Design Editor To set the custom CSS setting to body background-color: red;...

CVE-2021-37116

PCManager has a Weaknesses Introduced During Design vulnerability .Successful exploitation of this vulnerability may cause that the PIN of the subscriber is changed...

CVE-2021-37116

CVE-2021-37116 affects Huawei HarmonyOS PCManager. The vulnerability is described as a weakness introduced during design that could allow changing a subscriber PIN. The NVD entry lists CVSS v3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H with a base score of 9.1 (CRITICAL) and notes impact to confidenti...

Design/Logic Flaw

There is a Defects Introduced in the Design Process Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect service integrity and availability...

CVE-2021-22373

There is a Defects Introduced in the Design Process Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect service integrity and availability...

Cloud Foundry UAA Design Vulnerability

Cloud Foundry UAA is an authentication and managed service endpoint for the Cloud Foundry cloud platform from the Cloud Foundry Foundation. A security vulnerability exists in Cloud Foundry UAA. A detailed description of the vulnerability is not available at this time...

node-opencv design vulnerability

node-opencv is a JavaScript library for connecting to OpenCV. A security vulnerability exists in node-opencv. An attacker can exploit the vulnerability to steal environment variables...

BD ReadA Design Vulnerability

BD ReadA is a browser software used in BD products from BD Bection, Dickinson and Commpany in the United States. A security vulnerability exists in BD ReadA 1.1.0.2 and earlier versions. The vulnerability can be exploited by an attacker to issue SQL commands, resulting in data corruption or loss...

Plone Design Vulnerability

Plone is the U.S. Plone Foundation's set of free and open source content management system CMS built on an application server Zope. The system is developed in Python language , suitable for web portals , internal and external corporate websites , document publishing systems and so on. A design...

Kanboard Design Vulnerability (CNVD-2017-30943)

Kanboard is a French software developer Frederic Guillot developed a set of open source visualization task board software. The software supports customization of the panel according to the business, task dragging and so on. A security vulnerability exists in Kanboard versions prior to 1.0.47. An...

Red Hat FreeIPA Design Vulnerability

Red Hat FreeIPA is an integrated security information management solution from Red Hat, Inc. The solution provides an easy-to-manage identity, policy and audit IPA suite for Linux and Unix computer networks. A security vulnerability exists in Red Hat FreeIPA. An attacker could exploit this...