CVE-2024-5452 RCE via Property/Class Pollution in lightning-ai/pytorch-lightning

A remote code execution RCE vulnerability exists in the lightning-ai/pytorch-lightning library version 2.2.1 due to improper handling of deserialized user input and mismanagement of dunder attributes by the deepdiff library. The library uses deepdiff.Delta objects to modify application state base...

Oracle Secure Global Desktop Input Validation Error Vulnerability

Oracle Secure Global Desktop is a secure remote access solution for any cloud-hosted enterprise application and hosted desktop running on Microsoft Windows, Linux, Oracle Solaris and mainframe servers. A security vulnerability exists in the Server component of Oracle Secure Global Desktop version...

ProjectSend Arbitrary File Upload Vulnerability

ProjectSend formerly known as cFTP is a suite of self-hosted applications based on PHP and MySQL. An arbitrary file upload vulnerability exists in ProjectSend. An attacker can exploit the vulnerability to upload arbitrary files to an affected application...

Karotz Smart Rabbit 12.07.19.00 - Multiple Vulnerabilities

Trustwave SpiderLabs Security Advisory TWSL2013-021: Multiple Vulnerabilities in Karotz Smart Rabbit Published: 08/01/13 Version: 1.0 Vendor: Electronic Arts http://www.ea.com/, formerly Mindscape, formerly Violet Product: Karotz Version affected: 12.07.19.00 Product description: Karotz is the...