82 matches found
PT-2026-46325
Unauthenticated PHP Object Injection in Hot Coffee = 1.7 versions...
PT-2025-43515
Name of the Vulnerable Software and Affected Versions Liferay Portal versions 7.3 GA through update 35 Liferay Portal versions 7.4.0 through 7.4.3.109 Liferay DXP versions 2023.Q3.1 through 2023.Q3.7 Liferay DXP versions 2023.Q4.0 through 2023.Q4.5 Liferay Portal 7.4 GA through update 92 older...
PYSEC-2025-142
MONAI Medical Open Network for AI is an AI toolkit for health care imaging. In versions up to and including 1.5.0, the pickleoperations function in monai/data/utils.py automatically handles dictionary key-value pairs ending with a specific suffix and deserializes them using pickle.loads . This...
PT-2025-30588 · Ibm · Ibm I Db2 Mirror For I
Name of the Vulnerable Software and Affected Versions: IBM Db2 Mirror for i versions 7.4 through 7.6 Description: IBM Db2 Mirror for i does not disallow the session id after use, potentially allowing an authenticated user to impersonate another user on the system. Recommendations: IBM Db2 Mirror...
PT-2025-29825 · Isc · Bind
Name of the Vulnerable Software and Affected Versions: BIND 9 versions 9.11.3-S1 through 9.16.50-S1 BIND 9 versions 9.18.11-S1 through 9.18.37-S1 BIND 9 versions 9.20.9-S1 through 9.20.10-S1 Description: A named caching resolver configured to send ECS EDNS Client Subnet options may be vulnerable ...
PT-2025-25632 · Undefined · Undefined
Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: A deserialization issue is mentioned, but details are not provided. No information is available about the estimated number of potentially affected devices or real-world incidents...
PT-2025-22498 · Ubtech +1 · Freepass +1
Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: The issue is related to an observable discrepancy, which may allow for information disclosure. No specific details about affected devices or real-world incidents are provided. Recommendation...
PT-2025-21157 · Undefined · Undefined
Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: General information about the issue is not explicitly mentioned. No details are provided about the estimated number of potentially affected devices worldwide or real-world incidents where th...
PT-2025-18225 · Apache · Apache Http Server
Name of the Vulnerable Software and Affected Versions: Apache HTTP Server affected versions not specified Description: The issue concerns an arbitrary file disclosure in the Apache HTTP Server. No information is provided about the estimated number of potentially affected devices worldwide or...
PT-2025-18227 · Undefined · Undefined
Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: A rejected reason is mentioned, but no specific details about the issue are provided. No information is available about potentially affected devices or real-world incidents. Recommendations:...
PT-2025-17694 · Cisco · Cisco Webex Meeting Server
Name of the Vulnerable Software and Affected Versions: Cisco Webex Meeting Server affected versions not specified Description: The issue concerns an authentication bypass in Cisco Webex Meeting Server. No specific details about the estimated number of potentially affected devices worldwide or...
PT-2025-15372 · Sap · Sap Capital Yield Tax Management
Name of the Vulnerable Software and Affected Versions: SAP Capital Yield Tax Management affected versions not specified Description: The issue is related to a directory traversal vulnerability due to insufficient path validation. This could allow an attacker with low privileges to read files from...
PT-2025-1719 · Undefined · Undefined
Name of the Vulnerable Software and Affected Versions: No information is available about the vulnerable software and its affected versions. Description: The issue is being actively exploited. No further details are available about the nature of the issue, potentially affected devices, or real-wor...
PT-2025-2352 · Undefined · Undefined
Name of the Vulnerable Software and Affected Versions: No vulnerable software or affected versions specified. Description: The issue concerns a rejected CVE record due to non-compliance with CNA rules, as it has not been used. Recommendations: At the moment, there is no information about a newer...
PT-2025-2356 · Undefined · Undefined
Name of the Vulnerable Software and Affected Versions: No vulnerable software or affected versions specified. Description: The issue concerns a rejected CVE record due to non-compliance with CNA rules, as it has not been utilized. No further details are provided about the nature of the issue or i...
PT-2025-2340 · Undefined · Undefined
Name of the Vulnerable Software and Affected Versions: No information is available about the vulnerable software and its affected versions. Description: The issue is related to a rejected CVE record due to non-compliance with CNA rules, as it has not been used. No further details are provided abo...
PT-2025-2335 · Undefined · Undefined
Name of the Vulnerable Software and Affected Versions: No information is available about the vulnerable software and its affected versions. Description: The issue is related to a rejected CVE record due to non-compliance with CNA rules, as it has not been used. No further details are provided abo...
CVE-2024-11668
An issue has been discovered in GitLab CE/EE affecting all versions from 16.11 before 17.4.5, 17.5 before 17.5.3, and 17.6 before 17.6.1. Long-lived connections could potentially bypass authentication controls, allowing unauthorized access to streaming results...
PT-2024-11711 · Apache · Apache
Name of the Vulnerable Software and Affected Versions: Apache affected versions not specified Description: The issue concerns a denial of service. However, the provided information indicates that the candidate number was issued in error and is not a valid vulnerability. Therefore, there are no...
PT-2024-29907 · Undefined · Undefined
Name of the Vulnerable Software and Affected Versions: No information is available about the vulnerable software and its affected versions. Description: A CVE ID has been rejected or withdrawn by its CVE Numbering Authority. No further details are provided about the issue. Recommendations: At the...