SUSE CVE-2026-46084

In the Linux kernel, the following vulnerability has been resolved: RDMA/manaib: Disable RX steering on RSS QP destroy When an RSS QP is destroyed e.g. DPDK exit, manaibdestroyqprss destroys the RX WQ objects but does not disable vPort RX steering in firmware. This leaves stale steering...

PT-2026-28750

Name of the Vulnerable Software and Affected Versions Belkin F9K1122 version 1.00.33 Description A security issue exists in Belkin F9K1122 1.00.33. The issue involves a stack-based buffer overflow in the formCrossBandSwitch function located in the /goform/formCrossBandSwitch file within the...

PT-2026-28720

Name of the Vulnerable Software and Affected Versions PromtEngineer localGPT versions up to 4d41c7d1713b16b216d8e062e51a5dd88b20b054 Description A flaw exists within PromtEngineer localGPT that allows for injection. The issue resides in the route using overviews function within the...

CVE-2023-54166 igc: Fix Kernel Panic during ndo_tx_timeout callback

In the Linux kernel, the following vulnerability has been resolved: igc: Fix Kernel Panic during ndotxtimeout callback The Xeon validation group has been carrying out some loaded tests with various HW configurations, and they have seen some transmit queue time out happening during the test. This...

PT-2025-44659

Name of the Vulnerable Software and Affected Versions Totolink LR350 version 9.3.5u.6369 B20220309 Description The software contains a stack overflow issue via the wifiOff parameter in the sub 4232EC function. This allows attackers to cause a Denial of Service DoS through a crafted request...

PT-2025-43874

Name of the Vulnerable Software and Affected Versions Tenda O3 version 1.0.0.102478 Description A stack-based buffer overflow exists in the SetValue/GetValue function within the /goform/sysAutoReboot file of Tenda O3. Manipulation of the enable argument can trigger this issue, allowing for remote...

toggle-array vulnerable to prototype pollution

toggle-array is a package designed to enables a property on the object at the specified index, while disabling the property on all other objects. A Prototype Pollution vulnerability in the enable and disable function of toggle-array v1.0.1 and before allows attackers to inject properties on...

toggle-array 安全漏洞

toggle-array is a js library by the individual developer Jon Schlinkert. A security vulnerability exists in toggle-array 1.0.1 and earlier versions, which stems from prototype contamination in the enable and disable functions, which could lead to a denial of service attack...

PT-2025-38468

Name of the Vulnerable Software and Affected Versions fuyang lipengjun platform version 1.0 Description A weakness exists in the BrandController function of the /brand/queryAll file, potentially leading to improper authorization. This issue can be exploited remotely. The exploit has been made...

PT-2025-37402

Name of the Vulnerable Software and Affected Versions: CRMEB versions prior to 5.6.1 Description: A security issue exists in CRMEB that allows for server-side request forgery. The testOutUrl function within the app/services/out/OutAccountServices.php file is affected. Manipulation of the push tok...

PT-2025-33839 · Unknown · Thrivex-Blog

Name of the Vulnerable Software and Affected Versions: LiuYuYang01 ThriveX-Blog versions through 3.1.7 Description: A security flaw exists in the updateJsonValueByName function within the /web config/json/name/web file. This flaw results in improper authorization and allows for remote attacks. Th...

Linux Distros Unpatched Vulnerability : CVE-2022-49931

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Correctly move list in scdisable Commit 13bac861952a IB/hfi1: Fix abba locking issu...

PT-2025-32499 · Linksys · Linksys Ea6500 +5

Name of the Vulnerable Software and Affected Versions: Linksys RE6250, RE6300, RE6350, RE6500, RE7000, and RE9000 versions up to 20250801 Description: A vulnerability exists in Linksys RE Series devices. The algDisable function within the /goform/setOpMode file is susceptible to a stack-based...

PT-2025-27841 · WordPress · Wp Firebase Push Notification

Name of the Vulnerable Software and Affected Versions: WP Firebase Push Notification plugin for WordPress versions prior to 1.2.1 Description: The issue is due to missing or incorrect nonce validation on the wfpn brodcast notification message function, making it possible for unauthenticated...

PT-2025-27588 · WordPress · Soumettre.Fr

Name of the Vulnerable Software and Affected Versions: Soumettre.fr plugin for WordPress versions up to, and including, 2.1.5 Description: The issue is related to improper authorization checks on the make signature function, allowing unauthorized access and modification of data. This enables...

PT-2025-27357

Name of the Vulnerable Software and Affected Versions: HDF5 version 1.14.6 Description: A problematic issue was found in the function H5FL reg gc list of the file src/H5FL.c. The manipulation leads to use after free. Attacking locally is a requirement. Recommendations: For HDF5 version 1.14.6, as...

PT-2025-27295 · Hdf5 +1 · Hdf5 +1

Name of the Vulnerable Software and Affected Versions: HDF5 version 1.14.6 Description: A vulnerability has been found in HDF5, affecting the function H5C load entry of the file /src/H5Centry.c. The manipulation leads to resource consumption. The attack needs to be approached locally. The exploit...

PT-2025-27149 · Unknown · Sfturing Hosp Order

Name of the Vulnerable Software and Affected Versions: sfturing hosp order versions up to 627f426331da8086ce8fff2017d65b1ddef384f8 Description: A critical issue affects the findDoctorByCondition function of the DoctorServiceImpl.java file. The manipulation of the hospitalName argument leads to SQ...

PT-2025-26577 · Vstakhov · Libucl

Name of the Vulnerable Software and Affected Versions: vstakhov libucl versions up to 0.9.2 Description: A problematic vulnerability was found in the vstakhov libucl, affecting the function ucl parse multiline string of the file src/ucl parser.c. This vulnerability leads to a heap-based buffer...

PT-2025-26623 · Hdf5 +1 · Hdf5 +1

Name of the Vulnerable Software and Affected Versions: HDF5 versions up to 1.14.6 Description: A critical vulnerability has been found in HDF5, affecting the function H5F addr decode len of the file /hdf5/src/H5Fint.c. The manipulation leads to a heap-based buffer overflow. An attack must be...