PT-2026-28735

Name of the Vulnerable Software and Affected Versions Tenda F453 version 1.0.0.3 Description A flaw exists in the Tenda F453 device. The issue is a stack-based buffer overflow within the fromPPTPUserSetting function, located in the /goform/PPTPUserSetting file of the httpd component. Manipulation...

CVE-2026-23017

In the Linux kernel, the following vulnerability has been resolved: idpf: fix error handling in the inittask on load If the inittask fails during a driver load, we end up without vports and netdevs, effectively failing the entire process. In that state a subsequent reset will result in a crash as...

EUVD-2026-5077

In the Linux kernel, the following vulnerability has been resolved: idpf: fix error handling in the inittask on load If the inittask fails during a driver load, we end up without vports and netdevs, effectively failing the entire process. In that state a subsequent reset will result in a crash as...

CVE-2025-26431

CVE-2025-26431 affects Android Wear OS (and related Android framework components) through a logic error in setupAccessibilityServices inside AccessibilityFragment.java that can cause an enabled accessibility service to be hidden. This enables local privilege escalation with no extra privileges an...

VulnCheck KEV: CVE-2024-50334

Scoold is a Q&A and a knowledge sharing platform for teams. A semicolon path injection vulnerability was found on the /api;/config endpoint. By appending a semicolon in the URL, attackers can bypass authentication and gain unauthorised access to sensitive configuration data. Furthermore, PUT...

Do Not Enable the RPC Service

The rpcbind service maps remote procedure call RPC services to the ports on which they listen. RPC processes notify rpcbind when they start and register the ports they are listening on and the RPC program numbers they expect to serve. The client system then contacts rpcbind on the server using a...

CVE-2025-20907

CVE-2025-20907 affects Samsung Find prior to SMR Feb-2025 Release 1. The issue is improper privilege management that allows local privileged attackers to disable Samsung Find. Affected: Samsung Find versions before SMR Feb-2025 Release 1. Impact: local attacker with sufficient privileges can disa...

PT-2025-1303 · Teamviewer · Teamviewer

Name of the Vulnerable Software and Affected Versions: TeamViewer versions prior to 15.62 Description: The issue is related to improper neutralization of argument delimiters in the TeamViewer service.exe component, allowing an attacker with local unprivileged access on a Windows system to elevate...

PT-2024-6501

Name of the Vulnerable Software and Affected Versions cups versions prior to 2.4.11-alt1 cups-browsed versions prior to 2.0.1-0ubuntu2.1 cups-filters affected versions not specified Description The Common UNIX Printing System CUPS and related components, including cups-browsed and cups-filters, a...

PT-2023-16948 · Ta · Ta

Name of the Vulnerable Software and Affected Versions: TA versions prior to 5.7.9 Description: A heap-based overflow issue allows a remote user to alter the page heap in the macmnsvc process memory block, resulting in the service becoming unavailable. Recommendations: For versions prior to 5.7.9,...

PT-2023-21639 · Sourcecodester · Sourcecodester Dental Clinic Appointment Reservation System

Name of the Vulnerable Software and Affected Versions: SourceCodester Dental Clinic Appointment Reservation System version 1.0 Description: A problematic issue was found in the system, affecting some unknown functionality of the file /admin/service.php, specifically the POST Parameter Handler...

How to disable/enable a service (LB, GSLB, etc.) using the NetScaler's CLI

How to disable/enable a service LB, GSLB, etc. using CLI...

VMware ESXi OpenSLP heap overflow

Added: 02/10/2023 Background VMware ESXi is a bare metal hypervisor. Problem A heap overflow vulnerability in the OpenSLP service could allow an attacker on the same network segment to execute arbitrary commands. Resolution Upgrade to a fixed version referenced in VMSA-2021-0002 or disable the SL...

PT-2022-5480 · Tp Link · Tp-Link Tl-Wr841N

Name of the Vulnerable Software and Affected Versions: TP-Link TL-WR841N versions TL-WR841NUS V14 220121 Description: This issue allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link TL-WR841N routers. Although authentication is required to exploit this...

PT-2022-23718 · Ivanti · Ivanti Avalanche

Name of the Vulnerable Software and Affected Versions: Ivanti Avalanche version 6.3.2.3490 Description: This issue allows remote attackers to execute arbitrary code on affected installations. Although authentication is required to exploit this issue, the existing authentication mechanism can be...

PT-2022-12182 · Wondershare · Dr. Fone

Name of the Vulnerable Software and Affected Versions: Wondershare LTD Dr. Fone as of 2021-12-06 version Description: The issue is related to remote code execution due to software design flaws. An unauthenticated user can communicate over UDP with the "InstallAssistService.exe" service, which run...

PT-2022-16918 · Unknown · Postgresql +1

Name of the Vulnerable Software and Affected Versions: Gin-vue-admin versions prior to 2.5.1 Description: The issue occurs in the server/service/system/sys auto code pgsql.go code, which means PostgreSQL must be used as the database for this problem to occur. Users must have JWT login and be usin...

PT-2022-4845 · D Link · D-Link Dir-2150

Name of the Vulnerable Software and Affected Versions: D-Link DIR-2150 version 4.0.1 Description: The issue is related to a stack-based buffer overflow in the anweb service of the D-Link DIR-2150 router. This allows a remote attacker to execute arbitrary code on the affected device. The anweb...

PT-2022-16790 · Canon · Canon Imageclass Mf644Cdw

Name of the Vulnerable Software and Affected Versions: Canon imageCLASS MF644Cdw version 10.02 Description: This issue allows remote attackers to execute arbitrary code on affected installations. Authentication is not required to exploit this issue. The specific flaw exists within the...

PT-2022-6124 · Microsoft · Windows Backup Service +1

Name of the Vulnerable Software and Affected Versions: Windows Backup Service versions prior to the fixed version Description: The issue is related to errors in privilege management within the Windows Backup Service, allowing an attacker to elevate their privileges to the level of SYSTEM. This ca...