CVE-2025-64988

A command injection vulnerability was discovered in TeamViewer DEX former 1E DEX, specifically within the 1E-Nomad-GetCmContentLocations instruction prior V19.2. Improper input validation, allowing authenticated attackers with Actioner privileges to inject arbitrary commands. Exploitation enables...

nodejs:20 security update

nodejs 1:20.19.2-1 - Update to version 20.19.2 Resolves: RHEL-92865 RHEL-88876 RHEL-91597 nodejs-nodemon nodejs-packaging...

WinNMP 跨站脚本漏洞

WinNMP is a WinNMP package for quickly setting up a development server. A cross-site scripting vulnerability exists in WinNMP version 19.02, which stems from susceptibility to cross-site scripting XSS attacks that could allow an attacker to send a specially crafted query to an authenticated user...

PT-2023-12561 · Unknown · Library Automation System

Name of the Vulnerable Software and Affected Versions: Library Automation System versions prior to 19.2 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, which allows Stored XSS in the Library Automation System. This can lead to the execution of...

CVE-2022-2266

University Library Automation System developed by Yordam Bilgi Teknolojileri before version 19.2 has an unauthenticated Reflected XSS vulnerability. This has been fixed in the version 19.2...

CVE-2022-2014

Code Injection in GitHub repository jgraph/drawio prior to 19.0.2...

Python pip directory traversal vulnerability

Python is an open source, object-oriented programming language from the Python Software Foundation. The language is extensible, supports modules and packages, and supports multiple platforms. A directory traversal vulnerability exists in Python pip versions prior to 19.2. The vulnerability stems...

CVE-2019-7960

Adobe Animate CC versions 19.2.1 and earlier have an insecure library loading dll hijacking vulnerability. Successful exploitation could lead to privilege escalation...