Authorization Bypass Through User-Controlled Key

Overview Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key via the file content endpoint. An attacker can access files belonging to other users by supplying a valid file identifier associated with the target user's files. Note: Vendor's statement...

PT-2026-28495

Name of the Vulnerable Software and Affected Versions WordPress Plugin OpenStreetMap versions affected versions not specified Description The OpenStreetMap WordPress plugin by MiKa has a cross-site scripting issue. A user logged in with page creation or editing rights can inject malicious script...

PT-2026-20276

Name of the Vulnerable Software and Affected Versions Tanium Enforce Recovery Key Portal affected versions not specified Description An insecure file permissions issue exists in Tanium Enforce Recovery Key Portal. The vulnerability involves incorrect file permissions that could potentially be...

PT-2026-8094

Name of the Vulnerable Software and Affected Versions The product name cannot be determined. affected versions not specified Description The reported issue has been marked as rejected by NIST in the official CVE List, indicating it is not a valid or recognized vulnerability. No search results fro...

PT-2026-7462

Name of the Vulnerable Software and Affected Versions AMD Secure Processor ASP Boot Loader affected versions not specified Description A flaw exists in the AMD Secure Processor ASP Boot Loader, specifically within its legacy recovery mode. This issue involves inadequate sanitization of input...

PT-2026-6709

Name of the Vulnerable Software and Affected Versions affected versions not specified Description An issue exists in the card module due to an improper criterion security check. Successful exploitation could impact service confidentiality. Recommendations At the moment, there is no information...

PT-2026-6712

Name of the Vulnerable Software and Affected Versions affected versions not specified Description An issue exists in the print module related to improper permission control. Successful exploitation could compromise service confidentiality. Recommendations At the moment, there is no information...

PT-2026-5862

Name of the Vulnerable Software and Affected Versions IBM Cloud Pak System affected versions not specified Description IBM Cloud Pak System reveals sensitive information within user messages, potentially assisting attackers. The disclosed information could be leveraged in subsequent attacks...

Access of Resource Using Incompatible Type ('Type Confusion')

Overview Affected versions of this package are vulnerable to Access of Resource Using Incompatible Type 'Type Confusion' via the flow.dstack function. An attacker can cause the application to crash or become unresponsive by submitting specially crafted input. Remediation There is no fixed version...

PT-2026-1842

Name of the Vulnerable Software and Affected Versions Network Device Firmware affected versions not specified Description This issue enables authenticated attackers to execute commands through the NTP-configuration of the device. The vulnerability involves a command injection within the NTP...

PT-2026-1543

Name of the Vulnerable Software and Affected Versions versions prior to 2025 Description A memory corruption issue exists when accessing resources within a kernel driver. The issue could allow for unexpected behavior or system instability. Recommendations At the moment, there is no information...

PT-2026-1540

Name of the Vulnerable Software and Affected Versions affected versions not specified Description An information disclosure issue exists due to a weak hashed value being returned to userland code in response to an IOCTL call used to obtain a session ID. This could potentially allow unauthorized...

PT-2026-1380

Name of the Vulnerable Software and Affected Versions KeyInstall affected versions not specified Description An out-of-bounds write issue exists in KeyInstall due to a missing bounds check. Successful exploitation of this issue could allow a malicious actor with System privileges to escalate thei...

PT-2026-6840

Name of the Vulnerable Software and Affected Versions GNOME localsearch MP3 Extractor affected versions not specified Description A flaw exists in tracker-miners where it incorrectly processes malformed MP3 files. This can lead to a denial of service, potentially causing the application to crash...

PT-2026-6118

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue where the standard UDP receive path does not utilize skb-destructor, but the skmsg layer does through a call to skb set owner sk safe from udp read skb...

PT-2025-53657

Name of the Vulnerable Software and Affected Versions 9786 phpok3w versions prior to 901d96a06809fb28b17f3a4362c59e70411c933c Description A flaw exists in 9786 phpok3w. The issue is related to the manipulation of the ID argument, which can lead to SQL injection within the show.php file. The attac...

PT-2025-53596

Name of the Vulnerable Software and Affected Versions DEV Systemtechnik GmbH DEV 7113 RF over Fiber Distribution System 32-0078 H.01 Description An issue exists in DEV Systemtechnik GmbH DEV 7113 RF over Fiber Distribution System 32-0078 H.01 related to access control. An unauthenticated attacker...

PT-2025-53453

Name of the Vulnerable Software and Affected Versions Eaton UPS Companion affected versions not specified Description A flaw exists in the Eaton UPS Companion software installer related to improper handling of quotation marks in search paths. This could allow an attacker with file system access t...

PT-2025-52933

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains refcount leak bugs within the qcom smsm probe function. Specifically, two issues exist: a refcount leak of local node during iteration with for each child of...

PT-2025-53298

Name of the Vulnerable Software and Affected Versions affected versions not specified Description A successful exploitation could result in access to the device. Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability...