421 matches found
PT-2025-42398
Name of the Vulnerable Software and Affected Versions Veeam Agent for Microsoft Windows affected versions not specified Description The issue resides in insufficient input validation within Veeam Agent for Microsoft Windows. Successful exploitation could allow an attacker to elevate their...
PT-2025-41344
Name of the Vulnerable Software and Affected Versions Affected versions not specified Description A memory corruption issue exists when performing a System Configuration Manager SCM call. Recommendations At the moment, there is no information about a newer version that contains a fix for this...
PT-2025-39582
Name of the Vulnerable Software and Affected Versions Joovii Sendle Shipping versions through 6.02 Description A Cross-Site Request Forgery CSRF issue exists in Joovii Sendle Shipping. This allows attackers to perform actions on behalf of unsuspecting users. The issue allows Cross Site Request...
CVE
It is an offensive tool for web applications. The repository app...
PT-2025-36440
Name of the Vulnerable Software and Affected Versions: Apache Jackrabbit Core versions 1.0.0 through 2.22.1 Apache Jackrabbit JCR Commons versions 1.0.0 through 2.22.1 Description: This issue involves the deserialization of untrusted data in Apache Jackrabbit Core and Apache Jackrabbit JCR Common...
PT-2025-34852 · Uhcrtfdoc · Uhcrtfdoc
Name of the Vulnerable Software and Affected Versions: UHCRTFDoc affected versions not specified Description: The filename parameter in UHCRTFDoc can be exploited to execute arbitrary code through command injection into the system function call within the ConvertToPDF function. Recommendations: A...
PT-2025-34842 · Print.Pl · Print.Pl
Name of the Vulnerable Software and Affected Versions: Print.pl affected versions not specified Description: The uhcPrintServerPrint function allows execution of arbitrary code via the CopyCounter parameter. Recommendations: At the moment, there is no information about a newer version that contai...
PT-2025-34847 · Clininet · Clininet
Name of the Vulnerable Software and Affected Versions: CliniNET affected versions not specified Description: The vulnerability allows unauthenticated users to download a file containing session ID data by directly accessing the /cgi-bin/CliniNET.prd/utils/userlogxls.pl endpoint. Recommendations: ...
PT-2025-34857 · Cgm · Cgm Clininet
Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. affected versions not specified Description: The configuration file containing database logins and passwords is readable by any local user. Recommendations: At the moment, there is no information about a...
PT-2025-34846 · Clininet · Clininet
Name of the Vulnerable Software and Affected Versions: CliniNET affected versions not specified Description: Unauthenticated access to the /cgi-bin/CliniNET.prd/GetActiveSessions.pl endpoint allows takeover of any user session logged into the system, including those with administrative privileges...
PT-2025-34343 · Uniong · Webitr
Name of the Vulnerable Software and Affected Versions: WebITR versions affected versions not specified Description: WebITR developed by Uniong is susceptible to an arbitrary file reading issue. This allows remote attackers with regular privileges to exploit an Absolute Path Traversal flaw to...
PT-2025-34237
Name of the Vulnerable Software and Affected Versions: org.keycloak/keycloak-model-storage-service affected versions not specified Description: A flaw exists in the KeycloakRealmImport custom resource, which substitutes placeholders within imported realm documents, referencing environment...
PT-2025-33903 · Six Apart · Movable Type
Name of the Vulnerable Software and Affected Versions: Movable Type affected versions not specified Description: An open redirect issue exists in Movable Type. Exploitation of this issue may allow an attacker to insert an invalid parameter into the password reset page, potentially redirecting use...
PT-2025-33725 · Lexmark · Lexmark Cloud Services
Name of the Vulnerable Software and Affected Versions: Lexmark Cloud Services affected versions not specified Description: A missing authorization vulnerability in Lexmark Cloud Services badge management allows an attacker to reassign badges within their organization. Recommendations: At the...
PT-2025-33716 · Unknown · Fluke Process Instruments Devices
Name of the Vulnerable Software and Affected Versions: affected versions not specified Description: An unauthenticated remote attacker can grant access without password protection to the affected device, enabling unprotected read-only access to stored measurement data. Recommendations: At the...
PT-2025-33473 · Zte · Zte F50
Name of the Vulnerable Software and Affected Versions: ZTE F50 affected versions not specified Description: An unauthorized access issue exists in ZTE F50 due to improper permission control of the Web module interface. This allows an unauthorized attacker to obtain sensitive information through t...
PT-2025-33397 · WordPress · Visual Composer Website Builder
Name of the Vulnerable Software and Affected Versions: Visual Composer Website Builder affected versions not specified Description: Improper neutralization of input during web page generation allows for Stored Cross-site Scripting XSS. Recommendations: At the moment, there is no information about...
PT-2025-32839 · Microsoft · Office Visio
Name of the Vulnerable Software and Affected Versions: Microsoft Office Visio affected versions not specified Description: A use after free issue exists in Microsoft Office Visio that could allow an unauthorized attacker to execute code locally. Recommendations: At the moment, there is no...
PT-2025-32794
Name of the Vulnerable Software and Affected Versions: Remote Desktop Server affected versions not specified Description: The Remote Desktop Server is susceptible to a missing authorization flaw, potentially enabling an unauthorized attacker to conduct spoofing attacks over a network...
PT-2025-32683 · Servicenow · Servicenow
Name of the Vulnerable Software and Affected Versions: ServiceNow affected versions not specified Description: A Broken Access Control vulnerability was identified in the ServiceNow AI Platform. This vulnerability could allow a low privileged user to bypass access controls and perform actions...