332 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-46226
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - spi: fsl: fix controller deregistration Make sure to deregister the controller before releasing underlying resources like DMA during driver unbind. CVE-2026-462...
PT-2026-42117
Name of the Vulnerable Software and Affected Versions haveged affected versions not specified Description A privilege escalation issue exists via the command socket. The software verifies the connecting peer's user ID using SO PEERCRED and sends a NAK response to non-root callers. However,...
PT-2026-37216
Name of the Vulnerable Software and Affected Versions D-Link DI-8100 version 16.07.26A1 Description A buffer overflow occurs in the HTTP Request Handler component when manipulating the Name argument. This issue is located within the tggl asp function of the '/tggl.asp' endpoint and can be trigger...
PT-2026-36807
Name of the Vulnerable Software and Affected Versions OpenConcerto version 1.7.5 Description Incorrect permission assignment for a critical resource allows the replacement of binaries. Recommendations At the moment, there is no information about a newer version that contains a fix for this...
PT-2026-36551
Name of the Vulnerable Software and Affected Versions Dayoooun hwpx-mcp version 0.2.0 Description A path traversal issue exists in the MCP Interface component within the file mcp-server/src/index.ts. Manipulation of the output path argument in the functions save document, export to text, and expo...
PT-2026-36837
Name of the Vulnerable Software and Affected Versions D-Link DIR-456U Hardware Revision A1 Description The device contains a hardcoded telnet backdoor. At boot, a telnet daemon is started via the script '/etc/init0.d/S80telnetd.sh' using the username "Alphanetworks" and a static password "whdrv01...
PT-2026-28732
Name of the Vulnerable Software and Affected Versions Simple Food Order System version 1.0 Description A flaw exists in Simple Food Order System 1.0 related to the handling of parameters. Specifically, manipulating the Name argument can lead to SQL injection. This issue affects an unknown functio...
PT-2026-28289
Name of the Vulnerable Software and Affected Versions HCL Aftermarket DPC affected versions not specified Description A flaw exists where the system fails to invalidate a session after a password change. This allows an attacker who has access to an existing session to maintain control of an accou...
PT-2026-28298
Name of the Vulnerable Software and Affected Versions HCL Aftermarket DPC affected versions not specified Description HCL Aftermarket DPC is susceptible to a Cross Domain Script Include issue. An attacker can use external scripts to manipulate the Document Object Model DOM, potentially changing t...
PT-2026-21989
Name of the Vulnerable Software and Affected Versions IBM WebSphere Application Server Liberty affected versions not specified Description IBM WebSphere Application Server Liberty may provide weaker than expected security. The issue could potentially impact the security posture of the application...
PT-2026-20266
Name of the Vulnerable Software and Affected Versions Datart version 1.0.0-rc.3 Description An information exposure issue exists in Datart version 1.0.0-rc.3. Authenticated attackers can potentially access sensitive data through a custom H2 JDBC connection string. The issue involves the potential...
PT-2026-20308
Name of the Vulnerable Software and Affected Versions HPE Aruba Networking 5G Core versions affected versions not specified Description An issue exists in the API error handling of an HPE Aruba Networking 5G Core server API that could allow an unauthenticated remote attacker to obtain sensitive...
PT-2026-8219
Name of the Vulnerable Software and Affected Versions SilverFox affected versions not specified Description A proof of concept has been published demonstrating exploitation in the wild. The Silverfox Group is actively exploiting this issue to terminate antivirus processes. The vulnerable driver i...
PT-2026-7025
Name of the Vulnerable Software and Affected Versions Tenda AC9 version 15.03.06.42 multi Description A security issue exists in the function formGetRebootTimer of Tenda AC9 routers. Manipulation of the arguments sys.schedulereboot.start time/sys.schedulereboot.end time can lead to a stack-based...
PT-2026-7024
Name of the Vulnerable Software and Affected Versions Tenda AC9 version 15.03.06.42 multi Description A flaw exists in the Tenda AC9 device. The formGetDdosDefenceList function is susceptible to a stack-based buffer overflow when the security.ddos.map argument is manipulated. This issue can be...
PT-2026-6578
Name of the Vulnerable Software and Affected Versions UltraVNC Viewer version 1.2.4.0 Description The software contains a denial of service issue that allows attackers to crash the application. Attackers can create a 256-byte malformed payload and paste it into the VNC Server connection dialog,...
Linux Distros Unpatched Vulnerability : CVE-2026-23553
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the context switch logic Xen attempts to skip an IBPB in the case of a vCPU returning to a CPU on which it was the previous vCPU to run. While safe for Xen's...
PT-2026-2329
Name of the Vulnerable Software and Affected Versions SAP Fiori App Intercompany Balance Reconciliation affected versions not specified Description A Cross-Site Request Forgery CSRF issue exists in SAP Fiori App Intercompany Balance Reconciliation. An attacker may be able to perform actions that...
PT-2026-1798
Name of the Vulnerable Software and Affected Versions WorkDo HRMGo affected versions not specified Description A stored Cross-Site Scripting XSS issue exists due to insufficient validation of user-supplied data. The issue involves sending a POST request to the /hrmgo/ticket/changereply API...
PT-2026-1860
Name of the Vulnerable Software and Affected Versions Perch CMS version 3.2 Description A stored Cross-Site Scripting XSS issue exists in Perch CMS. An attacker with administrative privileges can inject malicious JavaScript code into the “Help button url” setting within the admin panel. The...