Lucene search
K

421 matches found

Positive Technologies
Positive Technologies
added 2025/10/14 12:0 a.m.6 views

PT-2025-42398

Name of the Vulnerable Software and Affected Versions Veeam Agent for Microsoft Windows affected versions not specified Description The issue resides in insufficient input validation within Veeam Agent for Microsoft Windows. Successful exploitation could allow an attacker to elevate their...

9.9CVSS7.7AI score0.00976EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2025/10/09 12:0 a.m.6 views

PT-2025-41344

Name of the Vulnerable Software and Affected Versions Affected versions not specified Description A memory corruption issue exists when performing a System Configuration Manager SCM call. Recommendations At the moment, there is no information about a newer version that contains a fix for this...

8.8CVSS6.6AI score0.00081EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/09/26 12:0 a.m.5 views

PT-2025-39582

Name of the Vulnerable Software and Affected Versions Joovii Sendle Shipping versions through 6.02 Description A Cross-Site Request Forgery CSRF issue exists in Joovii Sendle Shipping. This allows attackers to perform actions on behalf of unsuspecting users. The issue allows Cross Site Request...

4.3CVSS6.3AI score0.00131EPSS
Exploits0References3
GithubExploit
GithubExploit
added 2025/09/14 6:59 a.m.72 views

CVE

It is an offensive tool for web applications. The repository app...

7.1AI score
Exploits0
Positive Technologies
Positive Technologies
added 2025/09/08 12:0 a.m.8 views

PT-2025-36440

Name of the Vulnerable Software and Affected Versions: Apache Jackrabbit Core versions 1.0.0 through 2.22.1 Apache Jackrabbit JCR Commons versions 1.0.0 through 2.22.1 Description: This issue involves the deserialization of untrusted data in Apache Jackrabbit Core and Apache Jackrabbit JCR Common...

6.5CVSS7.7AI score0.01286EPSS
Exploits0References29
Positive Technologies
Positive Technologies
added 2025/08/27 12:0 a.m.3 views

PT-2025-34852 · Uhcrtfdoc · Uhcrtfdoc

Name of the Vulnerable Software and Affected Versions: UHCRTFDoc affected versions not specified Description: The filename parameter in UHCRTFDoc can be exploited to execute arbitrary code through command injection into the system function call within the ConvertToPDF function. Recommendations: A...

9.4CVSS7.2AI score0.00737EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/08/27 12:0 a.m.3 views

PT-2025-34842 · Print.Pl · Print.Pl

Name of the Vulnerable Software and Affected Versions: Print.pl affected versions not specified Description: The uhcPrintServerPrint function allows execution of arbitrary code via the CopyCounter parameter. Recommendations: At the moment, there is no information about a newer version that contai...

9.4CVSS6.5AI score0.00231EPSS
Exploits0References14
Positive Technologies
Positive Technologies
added 2025/08/27 12:0 a.m.4 views

PT-2025-34847 · Clininet · Clininet

Name of the Vulnerable Software and Affected Versions: CliniNET affected versions not specified Description: The vulnerability allows unauthenticated users to download a file containing session ID data by directly accessing the /cgi-bin/CliniNET.prd/utils/userlogxls.pl endpoint. Recommendations: ...

9.4CVSS5.9AI score0.00231EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/08/27 12:0 a.m.6 views

PT-2025-34857 · Cgm · Cgm Clininet

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. affected versions not specified Description: The configuration file containing database logins and passwords is readable by any local user. Recommendations: At the moment, there is no information about a...

9.4CVSS5.7AI score0.00231EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/08/27 12:0 a.m.6 views

PT-2025-34846 · Clininet · Clininet

Name of the Vulnerable Software and Affected Versions: CliniNET affected versions not specified Description: Unauthenticated access to the /cgi-bin/CliniNET.prd/GetActiveSessions.pl endpoint allows takeover of any user session logged into the system, including those with administrative privileges...

9.4CVSS5.8AI score0.00231EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/08/22 12:0 a.m.8 views

PT-2025-34343 · Uniong · Webitr

Name of the Vulnerable Software and Affected Versions: WebITR versions affected versions not specified Description: WebITR developed by Uniong is susceptible to an arbitrary file reading issue. This allows remote attackers with regular privileges to exploit an Absolute Path Traversal flaw to...

7.1CVSS7.1AI score0.00502EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/08/21 12:0 a.m.4 views

PT-2025-34237

Name of the Vulnerable Software and Affected Versions: org.keycloak/keycloak-model-storage-service affected versions not specified Description: A flaw exists in the KeycloakRealmImport custom resource, which substitutes placeholders within imported realm documents, referencing environment...

4.9CVSS4.2AI score0.0046EPSS
Exploits0References19
Positive Technologies
Positive Technologies
added 2025/08/20 12:0 a.m.4 views

PT-2025-33903 · Six Apart · Movable Type

Name of the Vulnerable Software and Affected Versions: Movable Type affected versions not specified Description: An open redirect issue exists in Movable Type. Exploitation of this issue may allow an attacker to insert an invalid parameter into the password reset page, potentially redirecting use...

5.1CVSS7.1AI score0.0019EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/08/19 12:0 a.m.5 views

PT-2025-33725 · Lexmark · Lexmark Cloud Services

Name of the Vulnerable Software and Affected Versions: Lexmark Cloud Services affected versions not specified Description: A missing authorization vulnerability in Lexmark Cloud Services badge management allows an attacker to reassign badges within their organization. Recommendations: At the...

8.5CVSS6.8AI score0.00279EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/08/19 12:0 a.m.7 views

PT-2025-33716 · Unknown · Fluke Process Instruments Devices

Name of the Vulnerable Software and Affected Versions: affected versions not specified Description: An unauthenticated remote attacker can grant access without password protection to the affected device, enabling unprotected read-only access to stored measurement data. Recommendations: At the...

7.5CVSS7.1AI score0.00347EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/08/15 12:0 a.m.7 views

PT-2025-33473 · Zte · Zte F50

Name of the Vulnerable Software and Affected Versions: ZTE F50 affected versions not specified Description: An unauthorized access issue exists in ZTE F50 due to improper permission control of the Web module interface. This allows an unauthorized attacker to obtain sensitive information through t...

5.7CVSS5.9AI score0.00244EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/08/14 12:0 a.m.10 views

PT-2025-33397 · WordPress · Visual Composer Website Builder

Name of the Vulnerable Software and Affected Versions: Visual Composer Website Builder affected versions not specified Description: Improper neutralization of input during web page generation allows for Stored Cross-site Scripting XSS. Recommendations: At the moment, there is no information about...

6.5CVSS5.7AI score0.00159EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/08/12 12:0 a.m.6 views

PT-2025-32839 · Microsoft · Office Visio

Name of the Vulnerable Software and Affected Versions: Microsoft Office Visio affected versions not specified Description: A use after free issue exists in Microsoft Office Visio that could allow an unauthorized attacker to execute code locally. Recommendations: At the moment, there is no...

7.8CVSS6.4AI score0.00414EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2025/08/12 12:0 a.m.2 views

PT-2025-32794

Name of the Vulnerable Software and Affected Versions: Remote Desktop Server affected versions not specified Description: The Remote Desktop Server is susceptible to a missing authorization flaw, potentially enabling an unauthorized attacker to conduct spoofing attacks over a network...

9.4CVSS6AI score0.00908EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2025/08/12 12:0 a.m.6 views

PT-2025-32683 · Servicenow · Servicenow

Name of the Vulnerable Software and Affected Versions: ServiceNow affected versions not specified Description: A Broken Access Control vulnerability was identified in the ServiceNow AI Platform. This vulnerability could allow a low privileged user to bypass access controls and perform actions...

5.3CVSS6.8AI score0.0042EPSS
Exploits0References3
Rows per page
Query Builder