111379 matches found
PT-2026-48259
Name of the Vulnerable Software and Affected Versions Acrobat Reader versions prior to 26.001.21652 Description An out-of-bounds read issue exists where the software reads data outside the intended buffer in memory. This can lead to the disclosure of sensitive memory information. Exploitation...
PT-2026-47744
Name of the Vulnerable Software and Affected Versions TYPO3 CMS versions 10.4.0 through 13.4.30 TYPO3 CMS versions 14.0.0 through 14.3.2 Description Backend users can insert arbitrary records and files into the clipboard without proper read permission checks. This allows unauthorized users to...
PT-2026-48264
Name of the Vulnerable Software and Affected Versions Acrobat Reader versions prior to 26.001.21652 Description An out-of-bounds read issue occurs when the software processes a malicious file, which can lead to the disclosure of sensitive memory information or cause a denial of service...
PT-2026-47767
Wow Forms WordPress Plugin version 2.1 contains an SQL injection vulnerability that allows unauthenticated attackers to read arbitrary database information by exploiting an unescaped POST parameter. Attackers can inject SQL code through the 'mwpformid' parameter in requests to the admin-ajax.php...
PT-2026-47997
Name of the Vulnerable Software and Affected Versions Windows DHCP Server affected versions not specified Description An out-of-bounds read occurs in Windows DHCP Server, which allows an authorized attacker to disclose sensitive information locally and affect the system. An out-of-bounds read is ...
PT-2026-48275
Name of the Vulnerable Software and Affected Versions ColdFusion versions 2023.19 and earlier ColdFusion versions 2025.8 and earlier Description An Improper Restriction of XML External Entity Reference XXE allows arbitrary file system read. This issue enables an attacker to access sensitive files...
PT-2026-48256
Name of the Vulnerable Software and Affected Versions Acrobat Reader versions 24.001.30365 through 26.001.21651 Description An out-of-bounds read issue exists where the software reads data outside the intended boundary of a buffer, which can lead to the disclosure of sensitive memory. An attacker...
OpenSSL 缓冲区错误漏洞
OpenSSL is an open-source encryption library developed by the OpenSSL team that enables secure implementation of Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. This product supports various encryption algorithms, including symmetric ciphers, hash algorithms, and secure...
RHEL 9 : krb5 (RHSA-2026:24686)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:24686 advisory. Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending password...
Security Updates for Microsoft SharePoint Server Subscription Edition (June 2026)
The Microsoft SharePoint Server Subscription Edition installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Office SharePoint allows an...
Security Updates for Microsoft Excel Products (June 2026)
The Microsoft Excel Products are missing a security update. They are, therefore, affected by multiple vulnerabilities: - Integer underflow wrap or wraparound in Microsoft Office Excel allows an unauthorized attacker to execute code locally. CVE-2026-44817, CVE-2026-44818, CVE-2026-44820,...
Security Updates for Microsoft SharePoint Server 2019 (June 2026)
The Microsoft SharePoint Server 2019 installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Office SharePoint allows an authorized attack...
PT-2026-47687
Name of the Vulnerable Software and Affected Versions QTS versions prior to 5.2.9.3492 build 20260507 QuTS hero versions prior to h5.2.9.3499 build 20260514 QuTS hero versions prior to h5.3.4.3500 build 20260520 QuTS hero versions prior to h6.0.0.3500 build 20260520 Description A cross-site...
PT-2026-47993
Out-of-bounds read in Windows Application Identity AppID Subsystem allows an authorized attacker to disclose information locally...
PT-2026-48224
Dreamweaver Desktop versions 21.7 and earlier are affected by an Improper Access Control vulnerability that could lead to arbitrary file system read. An attacker could exploit this vulnerability to access sensitive files and directories outside the intended access scope. Exploitation of this issu...
phpVMS 7.0.5 Security Exposure Scanner
This script is a non-destructive security scanner designed to assess phpVMS installations by performing read-only HTTP requests. It fingerprints targets using known phpVMS-related signatures and checks for the presence and accessibility of common importer and administration endpoints...
X.Org Server CheckSetGeom Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows local attackers to disclose sensitive information on affected installations of X.Org Server. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling...
PT-2026-47930
Name of the Vulnerable Software and Affected Versions Windows DWM Core Library affected versions not specified Description An out-of-bounds read in the Windows DWM Core Library allows an authorized attacker to disclose sensitive information locally, which may affect the system. An out-of-bounds...
PT-2026-48005
Name of the Vulnerable Software and Affected Versions Windows Hyper-V affected versions not specified Description An out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute arbitrary code locally or remotely, affecting the system. An out-of-bounds read occurs when a progr...
PT-2026-47995
Out-of-bounds read in Microsoft UxTheme Library uxtheme.dll allows an authorized attacker to deny service locally...