CVE-2023-29293 Adobe Commerce | Improper Input Validation (CWE-20)

Adobe Commerce versions 2.4.6 and earlier, 2.4.5-p2 and earlier and 2.4.4-p3 and earlier are affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. An admin privileged attacker could leverage this vulnerability to impact the availability of a user's...

The vulnerability in the implementation of diagnostic commands and the import of operating systems for Fireware devices used in network security solutions like WatchGuard Firebox and XTM allows attackers to upload and download arbitrary files.

The vulnerability of the diagnostic commands and the import functions of Fireware operating systems for network security devices like WatchGuard Firebox and XTM lies in the possibility of these commands being exploited. Exploiting this vulnerability allows a malicious actor to upload and download...

Privilege escalation

Various administrative external system import resources in Atlassian JIRA Server including JIRA Core before version 7.6.5, from version 7.7.0 before version 7.7.3, from version 7.8.0 before version 7.8.3 and before version 7.9.0 allow remote attackers to run import operations and to determine if ...

Cross site request forgery (csrf)

The Jira-importers-plugin in Atlassian Jira before version 7.6.1 allows remote attackers to create new projects and abort an executing external system import via various Cross-site request forgery CSRF vulnerabilities...

Various Cross-site request forgery(CSRF) vulnerabilities in the Jira-importers-plugin - CVE-2017-18033

The Jira-importers-plugin in Atlassian Jira before version 7.6.1 allows remote attackers to create new projects and abort an executing external system import via various Cross-site request forgery CSRF vulnerabilities...