25 matches found
CVE-2026-12053 Insertion of Sensitive Information into Log File in GitLab
GitLab has remediated an issue in GitLab EE affecting all versions from 19.1 before 19.1.1 that under certain conditions could have allowed a user to access sensitive information that had already been committed to a project, due to insufficient output filtering in Duo Workflows...
CVE-2026-23869
A denial of service vulnerability exists in React Server Components, affecting the following packages: react-server-dom-parcel, react-server-dom-turbopack and react-server-dom-webpack versions 19.0.0 through 19.0.4, 19.1.0 through 19.1.5, and 19.2.0 through 19.2.4. The vulnerability is triggered ...
Exploit for Deserialization of Untrusted Data in Facebook React
Vulnerable React Application CVE-2025-55182 This applicatio...
CVE-2025-61815 InDesign Desktop | Use After Free (CWE-416)
InDesign Desktop versions 20.5, 19.5.5 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
Dell PowerProtect Data Manager 操作系统命令注入漏洞
Dell PowerProtect Data Manager PPDM is a data protection solution from Dell USA. The product supports features such as data backup, virtual machine backup and database protection. A security vulnerability exists in Dell PowerProtect Data Manager versions 19.19 and 19.20, which can be exploited by...
CVE-2025-54219
InCopy versions 20.4, 19.5.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
PT-2025-32940 · Adobe · Indesign Desktop
Name of the Vulnerable Software and Affected Versions: InDesign Desktop versions 20.4 and 19.5.4 and earlier Description: InDesign Desktop versions 20.4, 19.5.4, and earlier are susceptible to a Use After Free issue, potentially leading to arbitrary code execution with current user privileges...
CVE-2025-30751
Vulnerability in the Oracle Database component of Oracle Database Server. Supported versions that are affected are 19.27 and 23.4-23.8. Easily exploitable vulnerability allows low privileged attacker having Create Session, Create Procedure privilege with network access via Oracle Net to compromis...
CVE-2025-50069
Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 19.3-19.27 and 21.3-21.18. Easily exploitable vulnerability allows low privileged attacker having Create Session, Create Procedure privilege with network access via Oracle Net to compromise...
CVE-2023-22071
Vulnerability in the PL/SQL component of Oracle Database Server. Supported versions that are affected are 19.3-19.20 and 21.3-21.11. Easily exploitable vulnerability allows high privileged attacker having Create Session, Execute on sys.utlhttp privilege with network access via Oracle Net to...
CVE-2023-22074
Vulnerability in the Oracle Database Sharding component of Oracle Database Server. Supported versions that are affected are 19.3-19.20 and 21.3-21.11. Easily exploitable vulnerability allows high privileged attacker having Create Session, Select Any Dictionary privilege with network access via...
CVE-2023-22034
Vulnerability in the Unified Audit component of Oracle Database Server. Supported versions that are affected are 19.3-19.19 and 21.3-21.10. Easily exploitable vulnerability allows high privileged attacker having SYSDBA privilege with network access via Oracle Net to compromise Unified Audit...
Oracle Database Server Security Vulnerability
Oracle Database Server is a set of relational database management system of the United States Oracle Oracle. The database management system provides data management, distributed processing and other functions. A security vulnerability exists in Oracle Database Server versions 19.3 through 19.21 a...
CVE-2023-22075
Vulnerability in the Oracle Database Sharding component of Oracle Database Server. Supported versions that are affected are 19.3-19.20 and 21.3-21.11. Easily exploitable vulnerability allows high privileged attacker having Create Session, Create Any View, Select Any Table privilege with network...
PT-2023-14434 · South River Technologies · Titan Ftp Server
Name of the Vulnerable Software and Affected Versions: Titan FTP server versions 19.0 and below Description: The issue allows users to be redirected to any target URL, which could potentially be exploited. Recommendations: For versions 19.0 and below, update to a version above 19.0 to resolve the...
CVE-2022-3226
An OS command injection vulnerability allows admins to execute code via SSL VPN configuration uploads in Sophos Firewall releases older than version 19.5 GA...
Mitel MiVoice Connect 命令注入漏洞
Mitel MiVoice Connect is Mitel Canada's software for centralized management of Mitel Networks' call processing and collaboration tools. A security vulnerability exists in Mitel MiVoice Connect 19.3 22.22.6100.0 and prior versions, which stems from an insufficient restriction of URL parameters in...
GoCD 安全漏洞
GoCD is a continuous delivery server. A security vulnerability exists in GoCD versions 19.2.0 through 19.11.0 that originates from allowing an authenticated agent to impersonate another agent, resulting in an access control outage and incorrect authentication of agent tokens in the GoCD server to...
CVE-2021-42633
PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to SQL Injection, which may allow an attacker to access additional audit records...
Cisco SD-WAN vManage Software Path Traversal Vulnerability
Cisco SD-WAN vManage Software is a management software for SD-WAN Software Defined Wide Area Network solutions from Cisco. A path traversal vulnerability exists in the Web management interface in Cisco SD-WAN vManage Software versions 19.2.2 and earlier, which stems from the program failing to...