57 matches found
PT-2026-2206
Name of the Vulnerable Software and Affected Versions Versions affected versions not specified Description An attacker with a network connection could detect credentials in clear text. Recommendations At the moment, there is no information about a newer version that contains a fix for this...
PT-2025-53041
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the iommufd subsystem where the same hardware-assisted page table hwpt could be added to the ioas-hwpt list multiple times. This double addition...
PT-2025-42340
Name of the Vulnerable Software and Affected Versions BIG-IP systems affected versions not specified Description Undisclosed traffic can lead to data corruption and unauthorized data modification in protocols lacking message integrity protection. Software versions that have reached End of Technic...
EUVD-2024-55017
Malicious code in bioql PyPI...
PT-2025-42245
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's i40e driver related to input validation for the action meta component. The issue involves a condition check that was insufficient, potentially leading...
PT-2025-37993
Name of the Vulnerable Software and Affected Versions: E1 Informatics Web Application versions through 20250916 Description: The E1 Informatics Web Application contains a SQL Injection issue due to improper neutralization of special elements used in an SQL command. This allows attackers to perfor...
PT-2025-33140 · Ctrlx Os · Ctrlx Os
Name of the Vulnerable Software and Affected Versions: ctrlX OS affected versions not specified Description: Ambiguous wording in the web interface of the setup mechanism could lead a user to believe that the backup file is encrypted when a password is set. However, only the private key – if...
PT-2025-32770 · Microsoft · Edge For Android
Name of the Vulnerable Software and Affected Versions: Microsoft Edge for Android affected versions not specified Description: A user interface UI misrepresentation of critical information in Microsoft Edge for Android can allow an unauthorized attacker to perform spoofing over a network...
PT-2025-32830 · Microsoft · Windows
Name of the Vulnerable Software and Affected Versions: Windows versions affected versions not specified Description: An issue exists in Windows Push Notifications related to access of a resource using an incompatible type 'type confusion'. This allows an authorized attacker to elevate privileges...
CVE-2024-12143
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Mobilteg Mobile Informatics Mikro Hand Terminal - MikroDB allows SQL Injection. This issue affects Mikro Hand Terminal - MikroDB. NOTE: The vendor did not inform about the completion of the fixing...
PT-2025-15319 · Isherlock · Isherlock
Name of the Vulnerable Software and Affected Versions: iSherlock affected versions not specified Description: The iSherlock web service has an issue that allows remote attackers to inject and execute arbitrary system commands on the server. This is possible due to an OS command injection flaw,...
PT-2025-11070 · Google · Android
Name of the Vulnerable Software and Affected Versions: Linux Kernel Hidd Component affected versions not specified Description: A use-after-free issue exists in the hidd check config done function within hidd conn.cc. This could allow for arbitrary code execution, potentially leading to local...
PT-2025-30787
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability exists in the Linux kernel related to RDMA/mlx5, specifically concerning the initialization of obj event-obj sub list before its insertion using xa insert. This can lead ...
PT-2024-10567 · Phpexcel · Phpexcel
Name of the Vulnerable Software and Affected Versions: PHPExcel affected versions not specified Description: The issue concerns an XML External Entity XXE vulnerability. No specific details about affected devices or real-world incidents are provided. Recommendations: At the moment, there is no...
PT-2024-12198 · Enel X · Waybox Enel X
Name of the Vulnerable Software and Affected Versions: Waybox Enel X affected versions not specified Description: The Waybox Enel X web management application has a flaw that allows execution of arbitrary requests on the internal database via the /admin/versions.php endpoint. This issue affects...
PT-2024-39345 · Syscom · Omflow
Name of the Vulnerable Software and Affected Versions: OMFLOW from The SYSCOM Group affected versions not specified Description: The issue involves the exposure of sensitive data, allowing remote attackers who have logged into the system to obtain password hashes of all users and administrators...
PT-2024-31157 · Vernemq · Vernemq
Name of the Vulnerable Software and Affected Versions: vernemq version 2.0.1 Description: A memory allocation issue allows attackers to cause a Denial of Service DoS via excessive memory consumption. Recommendations: For vernemq version 2.0.1, at the moment, there is no information about a newer...
PT-2024-29879 · Cyberark · Cyberark
Name of the Vulnerable Software and Affected Versions: CyberArk affected versions not specified Description: The issue concerns the exposure of sensitive information to an unauthorized actor. This is a critical vulnerability that affects CyberArk, allowing unauthorized access to confidential data...
PT-2024-5447 · Cisco · Cisco Asyncos
Name of the Vulnerable Software and Affected Versions: Cisco AsyncOS for Secure Email Gateway affected versions not specified Description: A vulnerability in the web-based management interface of Cisco AsyncOS for Secure Email Gateway could allow an authenticated, remote attacker to execute...
PT-2024-26159 · Unknown · Pluginops Landing Page Builder
Name of the Vulnerable Software and Affected Versions: PluginOps Landing Page Builder versions through 1.5.1.8 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Reflected XSS. Recommendations:...