891 matches found
CVE-2024-51322
CVE-2024-51322 affects Zucchetti Ad Hoc Infinity 2.4. An authenticated attacker can achieve Remote Code Execution via multiple components: /jsp/home.jsp, /jsp/gsfr_feditorHTML.jsp, /servlet/SPVisualZoom, and /jsp/gsmd_container.jsp. Root cause is a cross-site scripting vulnerability that enables ...
CVE-2024-51319
A local file include vulnerability in the /servlet/Report of Zucchetti Ad Hoc Infinity 2.4 allows an authenticated attacker to achieve Remote Code Execution by uploading a jsp web/reverse shell through /jsp/zimgupload.jsp...
PT-2025-2394 · Illumos · Illumos
Name of the Vulnerable Software and Affected Versions: illumos illumos-gate affected versions not specified Description: An error occurs in the elliptic curve point addition algorithm that uses mixed Jacobian-affine coordinates, causing the algorithm to yield a result of POINT AT INFINITY when it...
PT-2025-1782 · Pegasystems · Pega Platform
Name of the Vulnerable Software and Affected Versions: Pega Platform versions 8.1 to Infinity 24.2.0 Description: The issue is related to a Stored XSS problem with the profile. Recommendations: For Pega Platform versions 8.1 to Infinity 24.2.0, update to a version newer than Infinity 24.2.0 to...
CVE-2024-10716
Pega Platform versions 8.1 to Infinity 24.2.0 are affected by an XSS issue with search...
CVE-2024-10716
Pega Platform versions 8.1 to Infinity 24.2.0 are affected by an XSS issue with search...
CVE-2024-10094
Pega Platform versions 6.x to Infinity 24.1.1 are affected by an issue with Improper Control of Generation of Code...
CVE-2024-10094
Pega Platform versions 6.x to Infinity 24.1.1 are affected by an issue with Improper Control of Generation of Code...
CVE-2024-10094
Pega Platform versions 6.x to Infinity 24.1.1 are affected by an issue with Improper Control of Generation of Code...
CVE-2024-10094
Pega Platform versions 6.x to Infinity 24.1.1 are affected by an issue with Improper Control of Generation of Code...
PT-2024-16022 · Pegasystems · Pega Platform
Name of the Vulnerable Software and Affected Versions: Pega Platform versions 6.x through Infinity 24.1.1 Description: The issue is related to Improper Control of Generation of Code. No information is provided about the estimated number of potentially affected devices worldwide or real-world...
CVE-2024-6702
Pega Platform versions 8.1 to Infinity 24.1.2 are affected by an HTML Injection issue with Stage...
CVE-2024-6700
Pega Platform versions 8.1 to Infinity 24.1.2 are affected by an XSS issue with App name...
CVE-2024-6702
Pega Platform versions 8.1 to Infinity 24.1.2 are affected by an HTML Injection issue with Stage...
CVE-2024-6701
Pega Platform versions 8.1 to Infinity 24.1.2 are affected by an XSS issue with case type...
CVE-2024-6700
Pega Platform versions 8.1 to Infinity 24.1.2 are affected by an XSS issue with App name...
PT-2024-37807 · Pegasystems · Pega Platform
Name of the Vulnerable Software and Affected Versions: Pega Platform versions 8.1 to Infinity 24.1.2 Description: The issue is related to Cross-Site Scripting XSS in the Pega Platform, specifically with the App name. Recommendations: For Pega Platform versions 8.1 to Infinity 24.1.2, update to a...
CVE-2024-33850
Pexip Infinity before 34.1 has Improper Access Control for persons in a waiting room. They can see the conference roster list, and perform certain actions that should not be allowed before they are admitted to the meeting...
CVE-2024-33850
Pexip Infinity before 34.1 has Improper Access Control for persons in a waiting room. They can see the conference roster list, and perform certain actions that should not be allowed before they are admitted to the meeting...
CVE-2024-33850
CVE-2024-33850 affects Pexip Infinity prior to 34.1. The issue is improper access control for people in a waiting room: they can view the conference roster and perform actions that should be restricted until admission. Documents from multiple sources confirm the affected product/versions and the ...