Adobe Creative Cloud Desktop Application versions 5.1 and earlier have an insecure file permissions vulnerability. Successful exploitation could lead to privilege escalation. Date published : 2020-07-16 https://helpx.adobe.com/security/products/creative-cloud/apsb20-33.html
Adobe Creative Cloud Desktop Application versions 5.1 and earlier have a symlink vulnerability vulnerability. Successful exploitation could lead to privilege escalation. Date published : 2020-07-16 https://helpx.adobe.com/security/products/creative-cloud/apsb20-33.html
Adobe Creative Cloud Desktop Application versions 5.1 and earlier have a lack of exploit mitigations vulnerability. Successful exploitation could lead to privilege escalation. Date published : 2020-07-16 https://helpx.adobe.com/security/products/creative-cloud/apsb20-33.html
Adobe Media Encoder versions 14.2 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution. Date published : 2020-07-16 https://helpx.adobe.com/security/products/media-encoder/apsb20-36.html https://www.zerodayinitiative.com/advisories/ZDI-20-884/
Adobe Media Encoder versions 14.2 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. Date published : 2020-07-16 https://helpx.adobe.com/security/products/media-encoder/apsb20-36.html https://www.zerodayinitiative.com/advisories/ZDI-20-882/
Adobe Media Encoder versions 14.2 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution. Date published : 2020-07-16 https://helpx.adobe.com/security/products/media-encoder/apsb20-36.html https://www.zerodayinitiative.com/advisories/ZDI-20-883/
An issue was found in Apache Airflow versions 1.10.10 and below. A stored XSS vulnerability was discovered in the Chart pages of the the "classic" UI. Date published : 2020-07-16 https://lists.apache.org/thread.html/r7255cf0be3566f23a768e2a04b40fb09e52fcd1872695428ba9afe91%40%3Cusers.airflow.apache.org%3E
IBM Sterling External Authentication Server 6.0.1, 6.0.0, 2.4.3.2, and 2.4.2 and IBM Sterling Secure Proxy 6.0.1, 6.0.0, 3.4.3, and 3.4.2 are vulnerable to an XML External Entity Injection (XXE) attack when processing XML data....
IBM Publishing Engine 6.0.6, 6.0.6.1, and 7.0 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to...
"BigFix Platform is storing clear text credentials within the system’s memory. An attacker who is able to gain administrative privileges can use a program to create a memory dump and extract the credentials. These...
A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. The vulnerability exists because the web-based management...
A vulnerability in the web-based management interface of Cisco Vision Dynamic Signage Director could allow an authenticated, remote attacker with administrative credentials to conduct SQL injection attacks on an affected system. The vulnerability is...
A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to read arbitrary files on the underlying filesystem of the device. The vulnerability is due to...
A vulnerability in the web-based management interface of the Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. The vulnerability...