12473 matches found
PT-2025-32081 · WordPress · Request A Quote Form
Name of the Vulnerable Software and Affected Versions: Request a Quote Form plugin for WordPress versions prior to 2.5.3 Description: The Request a Quote Form plugin for WordPress is susceptible to Remote Code Execution due to improper validation of user input before it is used as a function name...
PT-2025-32113 · Samsung · Galaxy Wearable
Name of the Vulnerable Software and Affected Versions: Galaxy Wearable versions prior to 2.2.63.25042861 Description: Improper access control in Galaxy Wearable allows local attackers to access sensitive information. Recommendations: Update Galaxy Wearable to version 2.2.63.25042861 or later...
PT-2025-32103 · Samsung · Galaxy Watch
Name of the Vulnerable Software and Affected Versions: Galaxy Watch versions prior to SMR Aug-2025 Release 1 Description: Improper access control in the fall detection feature allows local attackers to modify the fall detection configuration. Recommendations: Update to SMR Aug-2025 Release 1 or...
PT-2025-32229 · Suitecrm · Suitecrm
Name of the Vulnerable Software and Affected Versions: SuiteCRM versions 7.14.6 and 8.8.0 Description: SuiteCRM is an open-source Customer Relationship Management CRM software application. In versions 7.14.6 and 8.8.0, user-supplied input is not validated or sanitized before being passed to the...
PT-2025-32173 · Opentext · Opentext Advance Authentication
Name of the Vulnerable Software and Affected Versions: OpenText Advanced Authentication versions prior to 6.5.0 Description: A weakness exists in OpenText Advanced Authentication that allows a malicious browser plugin to record and replay the user authentication process, bypassing authentication...
PT-2025-32185 · Sage · Sage Dpw
Name of the Vulnerable Software and Affected Versions: Sage DPW versions prior to 2024 12 004 Description: Incorrect access control in Sage DPW allows unauthorized attackers to access the built-in Database Monitor via a crafted request. Recommendations: Update to version 2024 12 004 or later...
PT-2025-32203
Name of the Vulnerable Software and Affected Versions Dell SupportAssist OS Recovery versions prior to 5.5.14.0 Description Dell SupportAssist OS Recovery contains a Creation of Temporary File With Insecure Permissions issue. A local authenticated attacker could potentially exploit this issue,...
PT-2025-32209 · Dell · Dell Supportassist Os Recovery
Name of the Vulnerable Software and Affected Versions: Dell SupportAssist OS Recovery versions prior to 5.5.14.0 Description: Dell SupportAssist OS Recovery contains an Exposure of Sensitive Information to an Unauthorized Actor vulnerability. An unauthenticated attacker with physical access could...
PT-2025-32035 · WordPress · Cleverreach® Wp Plugin
Name of the Vulnerable Software and Affected Versions: CleverReach® WP plugin for WordPress versions through 1.5.20 Description: The CleverReach® WP plugin for WordPress is susceptible to time-based SQL Injection via the title parameter. Insufficient escaping of user-supplied input and inadequate...
PT-2025-32100 · Qualcomm · Smr Aug-2025 Release 1
Name of the Vulnerable Software and Affected Versions: versions prior to SMR Aug-2025 Release 1 Description: An improper access control issue exists in accessing a system device node. This allows local attackers to access the device identifier. Recommendations: Update to SMR Aug-2025 Release 1 or...
PT-2025-32112 · Unknown · Blockchain Keystore
Name of the Vulnerable Software and Affected Versions: Blockchain Keystore versions prior to 1.3.17.2 Description: An out-of-bounds write issue exists in the drawing pinpad functionality of Blockchain Keystore. This allows local privileged attackers to write to memory outside of allocated...
Huawei EulerOS: Security Advisory for dhcp (EulerOS-SA-2025-1716)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for grub2 (EulerOS-SA-2025-1758)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2025-54571 ModSecurity's Insufficient Return Value Handling can Lead to XSS and Source Code Disclosure
ModSecurity is an open source, cross platform web application firewall WAF engine for Apache, IIS and Nginx. In versions 2.9.11 and below, an attacker can override the HTTP response’s Content-Type, which could lead to several issues depending on the HTTP scenario. For example, we have demonstrate...
CVE-2025-54884 Vision UI security-kit.js: Potential Uncontrolled Resource Allocation Vulnerability
Vision UI is a collection of enterprise-grade, dependency-free modules for modern web projects. In versions 1.4.0 and below, the generateSecureId and getSecureRandomInt functions in security-kit versions prior to 3.5.0 packaged in Vision UI 1.4.0 and below are vulnerable to Denial of Service DoS...
CVE-2025-54884 Vision UI security-kit.js: Potential Uncontrolled Resource Allocation Vulnerability
Vision UI is a collection of enterprise-grade, dependency-free modules for modern web projects. In versions 1.4.0 and below, the generateSecureId and getSecureRandomInt functions in security-kit versions prior to 3.5.0 packaged in Vision UI 1.4.0 and below are vulnerable to Denial of Service DoS...
CVE-2025-53534 RatPanel can perform remote command execution without authorization
RatPanel is a server operation and maintenance management panel. In versions 2.3.19 through 2.5.5, when an attacker obtains the backend login path of RatPanel including but not limited to weak default paths, brute-force cracking, etc., they can execute system commands or take over hosts managed b...
RHSA-2025:12904 Red Hat Security Advisory: sqlite security update
Bulletin has no description...
RHSA-2025:12838 Red Hat Security Advisory: mod_security security update
Bulletin has no description...
RHSA-2025:12831 Red Hat Security Advisory: opentelemetry-collector security update
Bulletin has no description...