There is a flaw in the code used to configure the internal gateway firewall when the gateway's VLAN feature is enabled. If a user enables…

The package handsontable before 10.0.0; the package handsontable from 0 and before 10.0.0 are vulnerable to Regular Expression Denial of Service (ReDoS) in Handsontable.helper.isNumeric function.…

IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, 18.0.0.2, 19.0.0.1, 19.0.0.2, 19.0.0.3,20.0.0.1, 20.0.0.2, and 21.0.2 and IBM Business Process Manager 8.5 and 8.6 are vulnerable to stored…

Adobe Creative Cloud Desktop Application for macOS version 5.3 (and earlier) is affected by a privilege escalation vulnerability that could allow a normal user to…

“Shuupâ€� application in versions 0.4.2 to 2.10.8 is affected by the “Formula Injectionâ€� vulnerability. A customer can inject payloads in the name input field in…

In “SuiteCRMâ€� application, v7.1.7 through v7.10.31 and v7.11-beta through v7.11.20 fail to properly invalidate password reset links that is associated with a deleted user id,…

In “SuiteCRMâ€� application, v7.11.18 through v7.11.19 and v7.10.29 through v7.10.31 are affected by “CSV Injectionâ€� vulnerability (Formula Injection). A low privileged attacker can use accounts…

In OpenCRX, versions v4.0.0 through v5.1.0 are vulnerable to reflected Cross-site Scripting (XSS), due to unsanitized parameters in the password reset functionality. This allows execution…

An uncontrolled search path element privilege escalation vulnerability in Trend Micro HouseCall for Home Networks version 5.3.1225 and below could allow an attacker to escalate…

Confluent Ansible (cp-ansible) version 5.5.0, 5.5.1, 5.5.2 and 6.0.0 is vulnerable to Incorrect Access Control via its auxiliary component that allows remote attackers to access…