10 matches found
CVE-2026-52782
OpenProject versions prior to 17.3.3 and 17.4.1 are affected by an IDOR in /projects//settings/project_storages/ via PATCH parameter storages_project_storage[project_folder_id], allowing a project-admin to hijack another project’s managed Nextcloud/OneDrive folder on the same storage. The vulnera...
Improper Encoding or Escaping of Output
Overview craftcms/cms is a content management system. Affected versions of this package are vulnerable to Improper Encoding or Escaping of Output via the setReturnUrl function. An attacker can execute arbitrary JavaScript in the context of the application by supplying a crafted return URL...
CVE-2023-47112
Rundeck is an open source automation service with a web console, command line tools and a WebAPI. In affected versions access to two URLs used in both Rundeck Open Source and Process Automation products could allow authenticated users to access the URL path, which provides a list of job names and...
PT-2024-4833 · Apple · Ios +1
Name of the Vulnerable Software and Affected Versions: iPadOS versions prior to 17.3 iOS versions prior to 17.3 Description: The issue is related to a lack of protection for sensitive data in the Notes component of iPadOS and iOS. It may allow a remote attacker to disclose protected information...
Apple iOS and iPadOS Security Vulnerabilities
Apple iOS and Apple iPadOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices, and Apple iPadOS is an operating system for iPad tablets. A security vulnerability exists in Apple iOS version 17.3 and iPadOS version 17.3, which stems from a shortcut that may be...
Apple tvOS Security Breach
Apple tvOS is an operating system for smart TVs from Apple. A security vulnerability exists in Apple tvOS version 17.3, which originates from an application that may be able to execute arbitrary code using kernel privileges...
Apple tvOS Security Breach
Apple tvOS is a smart TV operating system from Apple. A security vulnerability exists in Apple tvOS version 17.3, which stems from an application that may be able to access sensitive user data...
Apple tvOS Security Breach
Apple tvOS is a smart TV operating system from Apple. A security vulnerability exists in Apple tvOS version 17.3, which stems from an application that may be able to access sensitive user data...
CVE-2022-38401
Adobe InCopy version 17.3 and earlier and 16.4.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious fil...
Visual Studio 2022 version 17.3.7 update
This security update applies to all editions of Visual Studio 2022, and will update client machines on the Current channel to version 17.3.7. The client machines must be enabled to receive this administrator update, and by default Visual Studio must be closed on the client in order for the update...