Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

517 matches found

Positive Technologies
Positive Technologiesadded 2025/05/01 12:0 a.m.1 views

PT-2025-18666 · Totolink · Totolink Ca600-Poe

Name of the Vulnerable Software and Affected Versions: TOTOLINK CA600-PoE version 5.3c.6665 B20180820 Description: The issue is related to a command injection vulnerability in the NTPSyncWithHost function via the hostTime parameter. This allows attackers to execute arbitrary commands via a crafte...

6.5CVSS7.8AI score0.08913EPSS
Exploits1References6
Positive Technologies
Positive Technologiesadded 2025/05/01 12:0 a.m.2 views

PT-2025-18630

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak issue has been identified in the Linux kernel, specifically in the btrfs file system. The leak occurs during backref walking at find parent nodes, when dealing with a data...

7.8CVSS7.5AI score0.00346EPSS
Exploits1References800
Positive Technologies
Positive Technologiesadded 2025/04/29 12:0 a.m.3 views

PT-2025-18179 · Unknown · Code-Projects Product Management System

Name of the Vulnerable Software and Affected Versions: code-projects Product Management System version 1.0 Description: A critical issue has been found in the function add item. The manipulation of the argument st.productname leads to a stack-based buffer overflow. This issue can be exploited...

7.8CVSS5.3AI score0.00081EPSS
Exploits1References9
Positive Technologies
Positive Technologiesadded 2025/04/28 12:0 a.m.2 views

PT-2025-18115 · Unknown · Code-Projects Atm Banking

Name of the Vulnerable Software and Affected Versions: code-projects ATM Banking version 1.0 Description: A critical vulnerability was found in the code-projects ATM Banking software. The issue affects the moneyDeposit/moneyWithdraw function, leading to business logic errors. Local access is...

5.5CVSS4.6AI score0.00097EPSS
Exploits1References12
Positive Technologies
Positive Technologiesadded 2025/04/17 12:0 a.m.1 views

PT-2025-17237 · Unknown · Prison Management System

Name of the Vulnerable Software and Affected Versions: Personal Management System version 1.4.65 Description: An issue in Personal Management System allows a remote attacker to obtain sensitive information via the "Travel Ideas" function. Recommendations: For version 1.4.65, consider disabling th...

6.5CVSS6.1AI score0.00956EPSS
Exploits1References7
Positive Technologies
Positive Technologiesadded 2025/04/17 12:0 a.m.2 views

PT-2025-17212 · Tenda · Tenda Ac10

Name of the Vulnerable Software and Affected Versions: Tenda AC10 version V4.0si V16.03.10.20 Description: The issue is related to a Buffer Overflow in AdvSetMacMtuWan via wanSpeed2. This allows for potential exploitation. Recommendations: For Tenda AC10 version V4.0si V16.03.10.20, consider...

7.8CVSS6.1AI score0.01225EPSS
Exploits1References10
Positive Technologies
Positive Technologiesadded 2025/04/15 12:0 a.m.2 views

PT-2025-16380 · Tenda · Tenda Ac10

Name of the Vulnerable Software and Affected Versions: Tenda AC10 version V4.0si V16.03.10.20 Description: The issue concerns a Buffer Overflow in the AdvSetMacMtuWan function via the mac2 variable. Recommendations: For Tenda AC10 version V4.0si V16.03.10.20, as a temporary workaround, consider...

10CVSS7.3AI score0.0058EPSS
Exploits1References6
Positive Technologies
Positive Technologiesadded 2025/04/12 12:0 a.m.1 views

PT-2025-25405 · Blink · Bl-Wr9000 +7

Name of the Vulnerable Software and Affected Versions: Blink routers BL-WR9000 version 2.4.9 Blink routers BL-AC2100 AZ3 version 1.0.4 Blink routers BL-X10 AC8 version 1.0.5 Blink routers BL-LTE300 version 1.2.3 Blink routers BL-F1200 AT1 version 1.0.0 Blink routers BL-X26 AC8 version 1.2.8 Blink...

10CVSS6.9AI score0.34666EPSS
Exploits1References10
Positive Technologies
Positive Technologiesadded 2025/04/09 12:0 a.m.0 views

PT-2025-20360

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A null pointer dereference issue was found in the Linux kernel's cpufreq subsystem, specifically in the apple-soc driver. The apple soc cpufreq get rate function does not check if cpufre...

5.5CVSS6.7AI score0.00065EPSS
Exploits0
Positive Technologies
Positive Technologiesadded 2025/04/05 12:0 a.m.4 views

PT-2025-18654 · Totolink · Totolink Cp900L

Name of the Vulnerable Software and Affected Versions: TOTOLINK CP900 version 6.3c.1144 B20190715 Description: The issue is related to a command injection vulnerability in the setUpgradeUboot function via the FileName parameter. This allows attackers to execute arbitrary commands via a crafted...

6.5CVSS7.8AI score0.09962EPSS
Exploits1References6
Positive Technologies
Positive Technologiesadded 2025/04/04 12:0 a.m.2 views

PT-2025-14841 · Unknown · Expand-Object

Name of the Vulnerable Software and Affected Versions: expand-object versions 0.0.0 and later Description: The issue concerns a Prototype Pollution flaw in the expand function located in index.js. This function is used to expand a given string into an object, but it does not check the provided ke...

7.3CVSS6.1AI score0.00313EPSS
Exploits0References11
Positive Technologies
Positive Technologiesadded 2025/04/03 12:0 a.m.1 views

PT-2025-14583 · Mindspore · Mindspore

Name of the Vulnerable Software and Affected Versions: MindSpore version 2.5.0 Description: A vulnerability was found in MindSpore, affecting the function mindspore.numpy.fft.hfftn. The manipulation leads to memory corruption. It is possible to launch the attack on the local host. The exploit has...

4.8CVSS3.7AI score0.00241EPSS
Exploits0References9
Positive Technologies
Positive Technologiesadded 2025/04/03 12:0 a.m.1 views

PT-2025-18664 · Totolink · Totolink Ca600-Poe

Name of the Vulnerable Software and Affected Versions: TOTOLINK CA600-PoE version 5.3c.6665 B20180820 Description: A command injection issue was discovered in the CloudSrvUserdataVersionCheck function through the url parameter. This issue allows attackers to execute arbitrary commands via a...

6.5CVSS7.9AI score0.08742EPSS
Exploits1References8
Positive Technologies
Positive Technologiesadded 2025/04/02 12:0 a.m.1 views

PT-2025-14562 · Pytorch +1 · Pytorch +1

Name of the Vulnerable Software and Affected Versions: PyTorch version 2.6.0 Description: A problematic vulnerability has been found in PyTorch, affecting the function torch.jit.jit module from flatbuffer. This issue leads to memory corruption and requires local access to exploit. The exploit has...

5.5CVSS3.9AI score0.00087EPSS
Exploits1References20
Positive Technologies
Positive Technologiesadded 2025/03/25 12:0 a.m.2 views

PT-2025-12768 · WordPress · Easy Digital Downloads

Name of the Vulnerable Software and Affected Versions: Easy Digital Downloads – eCommerce Payments and Subscriptions plugin for WordPress versions up to, and including, 3.3.6.1 Description: The issue allows unauthenticated attackers to extract private post titles of downloads via the edd ajax get...

5.3CVSS7.3AI score0.00259EPSS
Exploits0References12
Positive Technologies
Positive Technologiesadded 2025/03/20 12:0 a.m.3 views

PT-2025-12052

Name of the Vulnerable Software and Affected Versions: gaizhenbiao/chuanhuchatgpt version git d4ec6a3 Description: The issue is related to a local file inclusion vulnerability due to the use of the gradio component gr.JSON. This vulnerability allows unauthenticated users to access arbitrary files...

6.5CVSS6.6AI score0.00214EPSS
Exploits1References4
Positive Technologies
Positive Technologiesadded 2025/03/20 12:0 a.m.2 views

PT-2025-12302 · Pandas +1 · Pandas +1

Name of the Vulnerable Software and Affected Versions: Dify Tools versions prior to the fixed version Description: A vulnerability in the Dify Tools' Vanna module of the langgenius/dify repository allows for a Pandas Query Injection in the latest version. The vulnerability occurs in the function...

8.8CVSS7.9AI score0.03016EPSS
Exploits1References8
Positive Technologies
Positive Technologiesadded 2025/03/10 12:0 a.m.1 views

PT-2025-10589 · Assimp +2 · Assimp +2

Name of the Vulnerable Software and Affected Versions: Open Asset Import Library Assimp version 5.4.3 Description: A critical issue has been found in the Open Asset Import Library Assimp, affecting the function Assimp::BaseImporter::ConvertToUTF8 of the file BaseImporter.cpp in the File Handler...

10CVSS6.6AI score0.00108EPSS
Exploits1References24
CNNVD
CNNVDadded 2025/02/21 12:0 a.m.1 views

TOTOLINK X5000R 安全漏洞

The TOTOLINK X5000R is a router product from China's Gion Electronics TOTOLINK. The TOTOLINK X5000R suffers from a command injection vulnerability that originates from the vifdisable function, no details of the vulnerability are provided at this time...

6.5CVSS7.6AI score0.0165EPSS
Exploits1References2
Positive Technologies
Positive Technologiesadded 2025/02/21 12:0 a.m.3 views

PT-2025-7559 · Totolink · Totolink X5000R

Name of the Vulnerable Software and Affected Versions: Totolink X5000R version 9.1.0u.6369 B20230113 Description: The issue concerns a command injection vulnerability via the vif disable function in mtkwifi.lua. Recommendations: For Totolink X5000R version 9.1.0u.6369 B20230113, as a temporary...

6.5CVSS7.9AI score0.0165EPSS
Exploits1References4
Rows per page
Query Builder