CVE-2026-40888 Frappe HR vulnerable to Improper Access Control

Frappe HR is an open-source human resources management solution HRMS. Prior to versions 15.58.1 and 16.4.1, an authenticated user with default role can access unauthorized information by exploiting certain api endpoint. Versions 15.58.1 and 16.4.1 contain a patch. No known workarounds are availab...

UBUNTU-CVE-2023-3917

Denial of Service in pipelines affecting all versions of Gitlab EE and CE prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1 allows attacker to cause pipelines to fail...

Cross site scripting

Adobe InDesign versions 17.1 and earlier and 16.4.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2022-34245

Adobe InDesign versions 17.2.1 and earlier and 16.4.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a maliciou...

CVE-2022-30661

Adobe InDesign versions 17.2.1 and earlier and 16.4.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a maliciou...

PT-2021-3596 · Node.Js +9 · Node.Js +9

Name of the Vulnerable Software and Affected Versions: Node.js versions prior to 16.4.1 Node.js versions prior to 14.17.2 Node.js versions prior to 12.22.2 Description: The issue is related to an out-of-bounds read in the uv idna toascii function of the Node.js platform, which can be triggered vi...