EUVD-2026-0826

A malicious actor with access to the adjacent network could overflow the UniFi Protect Application Version 6.1.79 and earlier discovery protocol causing it to restart. Affected Products: UniFi Protect Application Version 6.1.79 and earlier. Mitigation: Update your UniFi Protect Application to...

PowerDNS Recursor DoS Vulnerability (2025-07)

PowerDNS Recursor is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

EUVD-2023-32059

Malicious code in bioql PyPI...

Google Chrome Security Update (stable-channel-update-for-desktop_9-2025-09) - Windows

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...

PT-2025-31268 · Iwasm +1 · Iwasm +1

Name of the Vulnerable Software and Affected Versions: WebAssembly Micro Runtime WAMR iwasm versions 2.4.0 and below Description: The iwasm package uses the --addr-pool option with an IPv4 address lacking a subnet mask. This configuration allows the system to accept all IP addresses, potentially...

PT-2025-30449

Name of the Vulnerable Software and Affected Versions Ollama version 0.6.7 Description A cross-domain token exposure exists in the server.auth.getAuthorizationToken function. This allows remote attackers to steal authentication tokens and bypass access controls by exploiting a malicious realm val...

PT-2025-29913 · Hollo · Hollo

Name of the Vulnerable Software and Affected Versions: Hollo versions prior to 0.6.5 Description: Hollo is a federated single-user microblogging software designed to be federated through ActivityPub. Versions prior to 0.6.5 allow HTML form elements to be submitted, leading to a potential HTML...

PT-2025-28904

Name of the Vulnerable Software and Affected Versions Jenkins Git Parameter Plugin versions 439.vb 0e46ca 14534 and earlier Description The Jenkins Git Parameter Plugin does not validate the Git parameter value submitted to a build against the offered choices. This allows attackers with Item/Buil...

PT-2025-28776 · Adobe · Framemaker

Name of the Vulnerable Software and Affected Versions: Adobe Framemaker versions 2020.8, 2022.6 and earlier Description: The issue is an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user...

TencentOS Server 3: brotli (TSSA-2022:0118)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2022:0118 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

PT-2025-22697 · Unknown · Gavias Winnex

Name of the Vulnerable Software and Affected Versions: gavias Winnex versions 1.3.2 and earlier Description: The issue is related to improper control of filename for include/require statement in PHP program, also known as 'PHP Remote File Inclusion', which allows PHP Local File Inclusion...

CVE-2022-23619

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions it's possible to guess if a user has an account on the wiki by using the "Forgot your password" form, even if the wiki is closed to guest users. This problem has been...

PT-2025-21971 · WordPress · Wp Mapa Politico Espana

Name of the Vulnerable Software and Affected Versions: WP Mapa Politico España versions 3.8.0 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability, which allows an attacker to perform unauthorized actions on a user's account. Recommendations: For WP Mapa Politico...

PT-2025-22043 · Unknown · Themovation Hotel + Bed/Breakfast Booking Calendar Theme | Bellevue

Name of the Vulnerable Software and Affected Versions: Themovation Hotel + Bed and Breakfast Booking Calendar Theme | Bellevue versions through 4.2.2 Description: The issue is related to a Missing Authorization vulnerability. There is no information provided about the estimated number of...

PT-2025-21612 · Hitachi · Hitachi Ops Center Analyzer

Name of the Vulnerable Software and Affected Versions: Hitachi Ops Center Analyzer viewpoint versions 10.0.0-00 through 11.0.4-00 Description: The issue is related to authentication credentials leakage. It affects the viewpoint component of Hitachi Ops Center Analyzer. Recommendations: For versio...

PT-2025-21445 · WordPress · Wp Erp

Name of the Vulnerable Software and Affected Versions: The WP ERP | Complete HR solution with recruitment & job listings | WooCommerce CRM & Accounting WordPress plugin versions prior to 1.13.4 Description: The issue concerns the lack of sanitization and escaping of certain settings in the plugin...

PT-2025-21011 · Umbraco · Umbraco Forms

Name of the Vulnerable Software and Affected Versions: Umbraco Forms versions 7.x through 13.4.1 Umbraco Forms versions 15.1.1 and earlier Description: The issue affects Umbraco Forms, a form builder that integrates with the Umbraco content management system. It is related to the 'Send email'...

PT-2025-23256 · Freescout · Freescout

Name of the Vulnerable Software and Affected Versions: FreeScout versions prior to 1.8.180 Description: The issue is caused by a lack of input validation and sanitization in both Session::flash and other areas, allowing user input to be executed without proper filtering. This results in a...

PT-2025-17346 · Z80Pack · Z80Pack

Name of the Vulnerable Software and Affected Versions: z80pack versions 1.38 and prior Description: The issue concerns the exposure of sensitive information, specifically the GITHUB TOKEN, in the workflow run artifact. This occurs because the makefile-ubuntu.yml workflow file uses...

PT-2025-17128 · WordPress · Tableon – Wordpress Posts Table Filterable

Name of the Vulnerable Software and Affected Versions: TableOn – WordPress Posts Table Filterable versions 1.0.3 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for Stored XSS attacks...