3 matches found
CVE-2026-34724 Zammad has a server-side template injection leading to RCE via AI Agent
Zammad is a web based open source helpdesk/customer support system. Prior to 7.0.1, a server-side template injection vulnerability which leads to RCE via AI Agent exists. Impact is limited to environments where an attacker can control or influence typeenrichmentdata typically high-privilege...
CVE-2022-38368
An issue was discovered in Aviatrix Gateway before 6.6.5712 and 6.7.x before 6.7.1376. Because Gateway API functions mishandle authentication, an authenticated VPN user can inject arbitrary commands...
SUSE-SU-2019:2686-1 Security update for libreoffice
This update for libreoffice fixes the following issues: Updated to version 6.2.7.1. Security issues fixed: - CVE-2019-9854: Fixed unsafe URL assembly flaw bsc1149944. - CVE-2019-9855: Fixed path equivalence handling flaw bsc1149943...