The package com.twelvemonkeys.imageio:imageio-metadata before 3.7.1 are vulnerable to XML External Entity (XXE) Injection due to an insecurely initialized XML parser for reading XMP Metadata. An…

The BigFix Server API installer is created with InstallShield, which was affected by CVE-2021-41526, a vulnerability that could allow a local user to perform a…

The BigFix Client installer is created with InstallShield, which was affected by CVE-2021-41526, a vulnerability that could allow a local user to perform a privilege…

The BigFix Console installer is created with InstallShield, which was affected by CVE-2021-41526, a vulnerability that could allow a local user to perform a privilege…

Adobe Photoshop versions 22.5.6 (and earlier)and 23.2.2 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the…

In multiple Tecson Tankspion and GOKs SmartBox 4 products the affected application doesn’t properly restrict access to an endpoint that is responsible for saving settings,…

HCL Commerce is affected by an Insufficient Session Expiration vulnerability. After the session expires, in some circumstances, parts of the application are still accessible. Zafiyet…

There is a security vulnerability in login form related to Cross-site Request Forgery which prevents user to login after attacker spam to login and system…

This vulnerability arises because the application allows the user to perform some sensitive action without verifying that the request was sent intentionally. An attacker can…

An issue was discovered in the Sametime chat feature in the Notes 11.0 – 11.0.1 FP4 clients. An authenticated Sametime chat user could cause Remote…