12474 matches found
PT-2025-30474 · Unknown · Vigi Nvr1104H-4P V1 +1
Name of the Vulnerable Software and Affected Versions: VIGI NVR1104H-4P V1 versions prior to 1.1.5 Build 250518 VIGI NVR2016H-16MP V2 versions prior to 1.3.1 Build 250407 Description: A command injection vulnerability exists that can be exploited after authentication. Recommendations: Update VIGI...
PT-2025-30417 · Unknown · Hotelrunner B2B
Name of the Vulnerable Software and Affected Versions: HotelRunner B2B versions prior to 04.06.2025 Description: This issue involves improper validation of certificates with host mismatches, leading to HTTP Response Splitting in HotelRunner B2B. Recommendations: Update HotelRunner B2B to version...
PT-2025-30445 · Devolutions · Devolutions Server
Name of the Vulnerable Software and Affected Versions: Devolutions Server versions 2025.1.11.0 and earlier Devolutions Server versions 2025.2.2.0 through 2025.2.4.0 Description: Improper access control in the secure message component of Devolutions Server allows an authenticated user to steal...
PT-2025-30415
Name of the Vulnerable Software and Affected Versions Ajax Load More versions prior to 2.8.1.2 Description The Ajax Load More plugin does not have authorization in some of its AJAX actions, allowing any authenticated user, such as a subscriber, to upload and delete arbitrary files. Recommendation...
PT-2025-30380 · WordPress · Pixel Gallery Addons For Elementor
Name of the Vulnerable Software and Affected Versions: Pixel Gallery Addons for Elementor versions up to and including 1.6.7 Description: The Pixel Gallery Addons for Elementor plugin for WordPress is susceptible to Stored Cross-Site Scripting XSS due to inadequate input sanitization and output...
PT-2025-30444 · Devolutions · Devolutions Server
Name of the Vulnerable Software and Affected Versions: Devolutions Server versions 2025.1.11.0 through 2025.2.3.0 Description: The use of weak credentials in the emergency authentication component allows an unauthenticated attacker to bypass authentication by brute-forcing the short emergency cod...
PT-2025-30399 · Unknown · Etq Reliance
Name of the Vulnerable Software and Affected Versions: ETQ Reliance versions prior to MP-4583 Description: An authentication bypass allows login as the privileged internal SYSTEM user by manipulating the username field. The SYSTEM account does not require a password, enabling attackers with netwo...
PT-2025-30487
Name of the Vulnerable Software and Affected Versions Thunderbird versions prior to 141 Thunderbird versions prior to 140.1 Firefox versions prior to 141 Firefox ESR versions prior to 140.1 Description Thunderbird and Firefox incorrectly handled path validation during frame navigations. This issu...
PT-2025-30489
Name of the Vulnerable Software and Affected Versions Firefox versions prior to 141 Firefox ESR versions prior to 140.1 Thunderbird versions prior to 141 Thunderbird ESR versions prior to 140.1 Description The software contains memory safety bugs, some of which exhibited evidence of memory...
Stable Channel Update for Desktop
The Stable channel has been updated to 138.0.7204.168/.169 for Windows, Mac and 138.0.7204.168 for Linux which will roll out over the coming days/weeks. A full list of changes in this build is available in the Log. Security Fixes and Rewards Note: Access to bug details and links may be kept...
PT-2025-30423 · Unknown · Ai2 Playground Web Service
Name of the Vulnerable Software and Affected Versions: Ai2 playground web service versions prior to 2025-06-04 Description: The Ai2 playground web service is susceptible to an Insecure Direct Object Reference IDOR issue. This allows attackers to access sensitive information by enumerating thread...
PT-2025-30502 · Poly · Poly Clariti Manager
Name of the Vulnerable Software and Affected Versions: Poly Clariti Manager versions prior to 10.12.1 Description: A reflected cross-site scripting issue exists in the Poly Clariti Manager. The website does not validate or sanitize user input before rendering it in the response. Recommendations:...
PT-2025-30479
Name of the Vulnerable Software and Affected Versions Firefox versions prior to 141 Firefox ESR versions prior to 128.13 Firefox ESR versions prior to 140.1 Thunderbird versions prior to 141 Thunderbird versions prior to 128.13 Thunderbird versions prior to 140.1 Description Insufficient escaping...
PT-2025-30480
Name of the Vulnerable Software and Affected Versions Firefox versions prior to 141 Firefox ESR versions prior to 128.13 Firefox ESR versions prior to 140.1 Thunderbird versions prior to 141 Thunderbird versions prior to 128.13 Thunderbird versions prior to 140.1 Description The username:password...
PT-2025-30484
Name of the Vulnerable Software and Affected Versions Firefox versions prior to 141 Thunderbird versions prior to 141 Firefox ESR versions prior to 128.13 Firefox ESR versions prior to 140.1 Thunderbird ESR versions prior to 128.13 Thunderbird ESR versions prior to 140.1 Description Memory safety...
PT-2025-30504 · Poly · Poly Clariti Manager
Name of the Vulnerable Software and Affected Versions: Poly Clariti Manager versions prior to 10.12.1 Description: A stored cross-site scripting issue exists due to insufficient input sanitization. The website allows user input to be stored and rendered without proper sanitization. Recommendation...
K000152655: Apache Commons vulnerability CVE-2025-48734
Security Advisory Description Improper Access Control vulnerability in Apache Commons. A special BeanIntrospector class was added in version 1.9.2. This can be used to stop attackers from using the declared class property of Java enum objects to get access to the classloader. However this...
RHSA-2025:11408 Red Hat Security Advisory: gnome-remote-desktop security update
Bulletin has no description...
RHSA-2025:11407 Red Hat Security Advisory: gnome-remote-desktop security update
Bulletin has no description...
RHSA-2025:11403 Red Hat Security Advisory: gnome-remote-desktop security update
Bulletin has no description...