CVE-2023-30207

A divide by zero issue discovered in Kodi Home Theater Software 19.5 and earlier allows attackers to cause a denial of service via use of crafted mp3 file...

CVE-2021-3341

A path traversal vulnerability in the DxWebEngine component of DH2i DxEnterprise and DxOdyssey for Windows, version 19.5 through 20.x before 20.0.219.0, allows an attacker to read any file on the host file system via an HTTP request...

PT-2024-8787 · Adobe · Indesign Desktop

Name of the Vulnerable Software and Affected Versions: InDesign Desktop versions ID18.5.2 through ID19.5 Description: The issue is related to a Heap-based Buffer Overflow that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user...

CVE-2023-5552

A password disclosure vulnerability in the Secure PDF eXchange SPX feature allows attackers with full email access to decrypt PDFs in Sophos Firewall version 19.5 MR3 19.5.3 and older, if the password type is set to “Specified by sender”...

Cross site scripting

A password disclosure vulnerability in the Secure PDF eXchange SPX feature allows attackers with full email access to decrypt PDFs in Sophos Firewall version 19.5 MR3 19.5.3 and older, if the password type is set to “Specified by sender”...

CVE-2022-3226

An OS command injection vulnerability allows admins to execute code via SSL VPN configuration uploads in Sophos Firewall releases older than version 19.5 GA...

CVE-2022-3709

A stored XSS vulnerability allows admin to super-admin privilege escalation in the Webadmin import group wizard of Sophos Firewall releases older than version 19.5 GA...

Cross site scripting

A stored XSS vulnerability allows admin to super-admin privilege escalation in the Webadmin import group wizard of Sophos Firewall releases older than version 19.5 GA...

Command injection

An OS command injection vulnerability allows admins to execute code via SSL VPN configuration uploads in Sophos Firewall releases older than version 19.5 GA...

Code injection

A post-auth code injection vulnerability allows admins to execute code in Webadmin of Sophos Firewall releases older than version 19.5 GA...

CVE-2022-3226

An OS command injection vulnerability allows admins to execute code via SSL VPN configuration uploads in Sophos Firewall releases older than version 19.5 GA...

CVE-2022-3696

A post-auth code injection vulnerability allows admins to execute code in Webadmin of Sophos Firewall releases older than version 19.5 GA...

CVE-2022-3709

A stored XSS vulnerability allows admin to super-admin privilege escalation in the Webadmin import group wizard of Sophos Firewall releases older than version 19.5 GA...

Input validation

Dell EMC Data Protection Central version 19.5 contains an Improper Input Validation Vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to denial of service...

DH2i DxEnterprise and DxOdyssey Path Traversal Vulnerability

DH2i DxEnterprise and DH2i DxOdyssey are both products of DH2i, Inc.DH2i DxEnterprise is a Docker-based application that provides container management, database management, and other functionality for a variety of platforms.DH2i DxOdyssey is a Vpn software for secure connectivity. A path traversa...