Dell Data Lakehouse, versions prior to 1.5.0.0, contains an Execution with Unnecessary Privileges vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Denial of service.

A vulnerability was determined in linlinjava litemall up to 1.8.0. Affected by this issue is some unknown functionality of the file litemall-wx-api/src/main/java/org/linlinjava/litemall/wx/util/JwtHelper.java of the component JSON Web Token Handler. The manipulation of the argument SECRET with the …

A vulnerability has been found in SourceCodester Cashier Queuing System 1.0. Affected is an unknown function of the file /Actions.php. The manipulation of the argument Username leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may…

A vulnerability was identified in itsourcecode Online Tour and Travel Management System 1.0. This issue affects some unknown processing of the file /admin/page-login.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The exploit has been disclo…

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpbits WPBITS Addons For Elementor Page Builder wpbits-addons-for-elementor allows Stored XSS.This issue affects WPBITS Addons For Elementor Page Builder: from n/a through <= 1.5.

A vulnerability was determined in itsourcecode Online Tour and Travel Management System 1.0. This vulnerability affects unknown code of the file /admin/operations/travellers.php. The manipulation of the argument val-username leads to sql injection. The attack can be initiated remotely. The exploit …

A vulnerability was found in itsourcecode Online Tour and Travel Management System 1.0. This affects an unknown part of the file /admin/operations/booking.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed …

HomeAssistant-Tapo-Control offers Control for Tapo cameras as a Home Assistant component. Prior to commit 2a3b80f, there is a code injection vulnerability in the GitHub Actions workflow .github/workflows/issues.yml. It does not affect users of the Home Assistant integration itself — it only impacts…

A vulnerability in the CLI of Cisco Secure Firewall Management Center (FMC) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as root. This vulnerability is due to imprope…

@std/toml is the Deno Standard Library. Prior to version 1.0.9, an attacker can pollute the prototype chain in Node.js runtime and Browser when parsing untrusted TOML data, thus achieving Prototype Pollution (PP) vulnerability. This is because the library is merging an untrusted object with an empt…