11758 matches found
Improper Certificate Validation
Overview Affected versions of this package are vulnerable to Improper Certificate Validation via incorrect handling of name constraints during certificate validation. An attacker can bypass critical certificate validation checks by presenting a certificate chain where permitted name constraints a...
Linux Distros Unpatched Vulnerability : CVE-2026-7984
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in ReadingMode in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to execute arbitrary co...
Linux Distros Unpatched Vulnerability : CVE-2026-7962
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient policy enforcement in DirectSockets in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to perform arbitrary read/write via a crafted...
PT-2026-37216
Name of the Vulnerable Software and Affected Versions D-Link DI-8100 version 16.07.26A1 Description A buffer overflow occurs in the HTTP Request Handler component when manipulating the Name argument. This issue is located within the tggl asp function of the '/tggl.asp' endpoint and can be trigger...
PT-2026-37233
Name of the Vulnerable Software and Affected Versions FluentCMS version 1.2.3 Description Cross Site Scripting XSS exists in the TextHTML plugin. XSS is a flaw that allows an attacker to inject malicious scripts into web pages viewed by other users. Recommendations At the moment, there is no...
PT-2026-37076
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A misleadingly named function copy user nocache was identified as a specialty memory copy routine that uses non-temporal stores for the destination and provides exception handling for bo...
PT-2026-37062
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description List corruption and Use-After-Free UAF issues exist in the Bluetooth MGMT command complete handlers. These issues stem from a change in the mgmt pending valid function, which validates a...
GHSA-HCWR-PQ9G-RQ3M apko doesn't verify downloaded apk packages against APKINDEX checksum (package substitution possible)
apko verifies the signature on APKINDEX.tar.gz but never compares individually downloaded .apk packages against the checksum recorded in the signed index. The checksum is parsed and available via ChecksumString, and the downloaded package control hash is computed, but the two values are never...
PT-2026-36806
Name of the Vulnerable Software and Affected Versions Ansible Automation Platform Gateway versions 2.6 and later Description A flaw in the AAP gateway involves the user auto-link strategy, which automatically links an external Identity Provider IDP identity to an existing user account based on...
PT-2026-36800
Name of the Vulnerable Software and Affected Versions Norton Secure VPN affected versions not specified Description A privilege escalation issue occurs during the installation of the software via the Microsoft Store. A low-privilege user can replace files during the installation process,...
PT-2026-36807
Name of the Vulnerable Software and Affected Versions OpenConcerto version 1.7.5 Description Incorrect permission assignment for a critical resource allows the replacement of binaries. Recommendations At the moment, there is no information about a newer version that contains a fix for this...
PT-2026-36910
Name of the Vulnerable Software and Affected Versions WDR201A WiFi Extender HW V2.1, FW LFMZX28040922V1.02 Description An OS command injection issue exists in the 'wireless.cgi' binary. Unauthenticated remote attackers can execute arbitrary shell commands by injecting malicious input into the...
PT-2026-36744
Name of the Vulnerable Software and Affected Versions Gym Management System In PHP and Windows NT 1.0 affected versions not specified Description A remote SQL injection can be triggered through the manipulation of the day argument in the '/index.php' endpoint. SQL injection is a type of flaw that...
PT-2026-36696
Name of the Vulnerable Software and Affected Versions Wavlink WL-WN570HA1 version R70HA1 V1410 221110 Description A remote command injection issue exists in the ping ddns function within the '/cgi-bin/adm.cgi' endpoint. Manipulating the DDNS argument allows an attacker to execute arbitrary comman...
PT-2026-36694
Name of the Vulnerable Software and Affected Versions Wavlink WL-WN570HA1 version R70HA1 V1410 221110 Description A command injection issue exists that allows remote attackers to execute arbitrary commands. The flaw is located in the set sys adm function within the '/cgi-bin/adm.cgi' endpoint,...
PT-2026-36602
Name of the Vulnerable Software and Affected Versions TRENDnet TEW-821DAP version 1.12B01 Description An issue exists in the Firmware Update component within the '/www/cgi/ssi' file. This flaw allows for the remote cleartext transmission of sensitive information. The attack is characterized by hi...
PT-2026-36600
Name of the Vulnerable Software and Affected Versions School App developed by Zyosoft affected versions not specified Description An Insecure Direct Object Reference IDOR issue exists, where authenticated remote attackers can modify a specific parameter to read and modify data belonging to other...
PT-2026-36603
Name of the Vulnerable Software and Affected Versions TRENDnet TEW-821DAP versions prior to 1.12B01 Description An issue exists in the Firmware Update Handler component within the cameo dev.sh file. Specifically, the platform do upgrade cameo dev function fails to sufficiently verify data...
PT-2026-36551
Name of the Vulnerable Software and Affected Versions Dayoooun hwpx-mcp version 0.2.0 Description A path traversal issue exists in the MCP Interface component within the file mcp-server/src/index.ts. Manipulation of the output path argument in the functions save document, export to text, and expo...
PT-2026-36512
Name of the Vulnerable Software and Affected Versions socketcand version 0.4.2 Description A buffer overflow occurs in the main function within the socketcand.c file. This issue allows attackers to cause a denial of service or other unspecified impacts by using a crafted bus name variable...