285 matches found
CVE-2025-24246
An injection issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to access user-sensitive data...
CVE-2025-24246
An injection issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to access user-sensitive data...
CVE-2025-30462
A library injection issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. Apps that appear to use App Sandbox may be able to launch without restrictions...
CVE-2025-30462
CVE-2025-30462 concerns a library injection issue that Apple fixed by adding restrictions. Affected: macOS Ventura 13.7.5, macOS Sequoia 15.4, and macOS Sonoma 14.7.5. The issue may allow apps that appear to use App Sandbox to launch with fewer restrictions, per the description. Remediation: appl...
CVE-2025-24282
A library injection issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4. An app may be able to modify protected parts of the file system...
CVE-2025-24282
A library injection issue in macOS Sequoia was addressed with additional restrictions. The vulnerability could allow an app to modify protected parts of the file system and is fixed in macOS Sequoia 15.4. Affected product: macOS Sequoia; fix version: 15.4. CVE-2025-24282. Exploitation status is n...
PT-2025-13959 · Code Projects · Code-Projects Payroll Management System
Name of the Vulnerable Software and Affected Versions: code-projects Payroll Management System version 1.0 Description: A critical issue affects the processing of the file /view account.php, where the manipulation of the salary rate argument leads to SQL injection. The attack can be initiated...
PT-2025-13990 · Apple · Apple Macos
Name of the Vulnerable Software and Affected Versions: macOS versions prior to 13.7.5 macOS Sequoia versions prior to 15.4 macOS Sonoma versions prior to 14.7.5 Description: A library injection issue was addressed with additional restrictions. Apps that appear to use App Sandbox may be able to...
CVE-2025-29980
A SQL injection issue has been discovered in eTRAKiT.net release 3.2.1.77. Due to improper input validation, a remote unauthenticated attacker can run arbitrary commands as the current MS SQL server account. It is recommended that the CRM feature is turned off while on eTRAKiT.net release 3.2.1.7...
Azure Linux 3.0 Security Update: python-virtualenv (CVE-2024-53899)
The version of python-virtualenv installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-53899 advisory. - virtualenv before 20.26.6 allows command injection through the activation scripts for a virtual...
CVE-2024-8402
CVE-2024-8402 affects GitLab EE/CE, with input validation in the Google Cloud IAM integration allowing a Maintainer to inject malicious code in versions: 17.2–17.7.7, 17.8–17.8.5, and 17.9–17.9.2. Affected product: GitLab EE (and CE per sources) before the fixed releases. Root cause: input valida...
CVE-2025-29891
Bypass/Injection vulnerability in Apache Camel. This issue affects Apache Camel: from 4.10.0 before 4.10.2, from 4.8.0 before 4.8.5, from 3.10.0 before 3.22.4. Users are recommended to upgrade to version 4.10.2 for 4.10.x LTS, 4.8.5 for 4.8.x LTS and 3.22.4 for 3.x releases. This vulnerability is...
Linux Distros Unpatched Vulnerability : CVE-2024-23280
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An injection issue was addressed with improved validation. This issue is fixed in Safari 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, watchOS...
Linux Distros Unpatched Vulnerability : CVE-2017-7701
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the BGP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. Th...
Linux Distros Unpatched Vulnerability : CVE-2017-6469
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is an LDSS dissector crash, triggered by packet injection or a malformed capture file. This was addressed...
CVE-2025-20059
CVE-2025-20059 : Affected product is Ping Identity PingAM Java Policy Agent. The issue is a relative path traversal that enables parameter injection in PingAM Policy Agent components. Affects versions through 5.10.3, through 2023.11.1, and through 2024.9. Impact (as per CVSS metrics in the initia...
CVE-2025-26610 SQL Injection endpoint 'restaurar_produto_desocultar.php' parameter 'id_produto' in WeGIA
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. A SQL Injection vulnerability was discovered in the WeGIA application, restaurarprodutodesocultar.php endpoint. This vulnerability allow an authorized attacker to execute arbitrary SQL queries, allowin...
CVE-2024-11346
: Access of Resource Using Incompatible Type 'Type Confusion' vulnerability in Lexmark International CX, XC, CS, et. Al. Postscript interpreter modules allows Resource Injection.This issue affects CX, XC, CS, et. Al.: from 001.001:0 through 081.231, from ..P001 through ..P233, from ..P001 through...
Azure Linux 3.0 Security Update: gtk2 / gtk3 (CVE-2024-6655)
The version of gtk2 / gtk3 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-6655 advisory. - A flaw was found in the GTK library. Under certain conditions, it is possible for a library to be inject...
PT-2025-5724 · Kemp · Loadmaster
Name of the Vulnerable Software and Affected Versions: LoadMaster versions 7.2.48.12 and earlier LoadMaster versions 7.2.49.0 through 7.2.54.12 LoadMaster versions 7.2.55.0 through 7.2.60.1 ECS versions prior to 7.2.60.1 Description: The issue is related to improper input validation, allowing OS...