| CVE-2026-39888 |
2026-04-08 |
PraisonAI is a multi-agent teams system. Prior to 1.5.115, execute_code() in praisonaiagents.tools.python_tools defaults to sandbox_mode="sandbox", which runs user code in a subprocess wrapped with a … |
| CVE-2025-54255 |
2025-09-09 |
Acrobat Reader versions 24.001.30254, 20.005.30774, 25.001.20672 and earlier are affected by a Violation of Secure Design Principles vulnerability that could result in a security feature bypass impact… |
| CVE-2025-24887 |
2025-04-30 |
OpenCTI is an open-source cyber threat intelligence platform. In versions starting from 6.4.8 to before 6.4.10, the allow/deny lists can be bypassed, allowing a user to change attributes that are inte… |
| CVE-2024-57957 |
2025-02-06 |
Vulnerability of improper log information control in the UI framework module
Impact: Successful exploitation of this vulnerability may affect service confidentiality. |
| CVE-2024-33849 |
2024-05-28 |
ci solution CI-Out-of-Office Manager through 6.0.0.77 uses a Hard-coded Cryptographic Key. |
| CVE-2024-26139 |
2024-05-23 |
OpenCTI is an open source platform allowing organizations to manage their cyber threat intelligence knowledge and observables. Due to lack of certain security controls on the profile edit functionalit… |
| CVE-2023-52714 |
2024-04-07 |
Vulnerability of defects introduced in the design process in the hwnff module.
Impact: Successful exploitation of this vulnerability may affect service confidentiality. |
| CVE-2023-29320 |
2023-08-10 |
Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an Violation of Secure Design Principles vulnerability that could result in arbitrary code execu… |
| CVE-2022-30683 |
2022-09-16 |
Adobe Experience Manager versions 6.5.13.0 (and earlier) is affected by a Violation of Secure Design Principles vulnerability that could lead to bypass the security feature of the encryption mechanism… |
| CVE-2022-28244 |
2022-05-11 |
Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) is affected by a violation of secure design principles through bypassing the content se… |
| CVE-2021-44714 |
2022-01-14 |
Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a Violation of Secure Design Principles that could lead to a Security fe… |
| CVE-2021-36061 |
2021-09-01 |
Adobe Connect version 11.2.2 (and earlier) is affected by a secure design principles violation vulnerability via the 'pbMode' parameter. An unauthenticated attacker could leverage this vulnerability t… |
| CVE-2021-28583 |
2021-06-28 |
Magento versions 2.4.2 (and earlier), 2.4.1-p1 (and earlier) and 2.3.6-p1 (and earlier) are affected by a Violation of Secure Design Principles vulnerability in RMA PDF filename formats. Successful ex… |
| CVE-2020-8133 |
2020-11-09 |
A wrong generation of the passphrase for the encrypted block in Nextcloud Server 19.0.1 allowed an attacker to overwrite blocks in a file. |
| CVE-2019-15611 |
2020-02-04 |
Violation of Secure Design Principles in the iOS App 2.23.0 causes the app to leak its login and token to other Nextcloud services when search e.g. for federated users or registering for push notifica… |
| CVE-2019-0061 |
2019-10-09 |
The management daemon (MGD) is responsible for all configuration and management operations in Junos OS. The Junos CLI communicates with MGD over an internal unix-domain socket and is granted special p… |
| CVE-2019-5478 |
2019-09-03 |
A weakness was found in Encrypt Only boot mode in Zynq UltraScale+ devices. This could lead to an adversary being able to modify the control fields of the boot image leading to an incorrect secure boo… |
| CVE-2017-6032 |
2017-06-29 |
A Violation of Secure Design Principles issue was discovered in Schneider Electric Modicon Modbus Protocol. The Modicon Modbus protocol has a session-related weakness making it susceptible to brute-fo… |