PT-2025-31301

Name of the Vulnerable Software and Affected Versions iOS versions prior to 18.6 iPadOS versions prior to 17.7.9 iPadOS versions prior to 18.6 Description Privacy Indicators for microphone or camera access may not be correctly displayed. The issue was addressed by adding additional logic...

PT-2025-31261 · Unknown · Tuleap Enterprise Edition +1

Name of the Vulnerable Software and Affected Versions: Tuleap Community Edition versions prior to 16.9.99.1752585665 Tuleap Enterprise Edition versions prior to 16.8-6 and 16.9-5 Description: Tuleap is an Open Source Suite created to facilitate management of software development and collaboration...

PT-2025-31333 · Apple · Apple Macos

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 15.6 macOS versions prior to 14.7.7 macOS versions prior to 13.7.7 Description: A logic issue was addressed with improved checks. An app may be able to break out of its sandbox. Recommendations: Update to macOS version...

PT-2025-31277 · Apple · Ios +1

Name of the Vulnerable Software and Affected Versions: iOS versions prior to 18.6 iPadOS versions prior to 17.7.9 iPadOS versions prior to 18.6 Description: The issue was addressed through improved state management. Remote content may be loaded even when the 'Load Remote Images' setting is turned...

PT-2025-31322 · Apple · Apple Macos

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 15.6 macOS versions prior to 14.7.7 macOS versions prior to 13.7.7 Description: A permissions issue was addressed with additional restrictions. A malicious app with root privileges may be able to modify the contents of...

PT-2025-31257 · Unknown · Bacula-Web

Name of the Vulnerable Software and Affected Versions: Bacula-web versions prior to 9.7.1 Description: A SQL Injection issue exists in Bacula-web. A remote attacker can execute arbitrary code via a crafted HTTP GET request. Recommendations: Update Bacula-web to version 9.7.1 or later...

PT-2025-31287 · Apple · Apple Macos

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 15.6 macOS versions prior to 14.7.7 Description: The issue was addressed with improved memory handling. A malicious app may be able to read kernel memory. Recommendations: Update to macOS version 15.6 or later. Update ...

PT-2025-31267 · National Instruments · Ni Labview

Name of the Vulnerable Software and Affected Versions: NI LabVIEW versions 2025 Q1 and prior Description: A memory corruption issue due to improper error handling when a VILinkObj is null exists, potentially leading to arbitrary code execution. Successful exploitation requires a user to open a...

PT-2025-31280 · Apple · Macos Ventura +4

Name of the Vulnerable Software and Affected Versions: iPadOS versions prior to 17.7.9 macOS Sequoia versions prior to 15.6 macOS Sonoma versions prior to 14.7.7 macOS Ventura versions prior to 13.7.7 Description: A permissions issue was addressed with additional restrictions. An app may be able ...

PT-2025-31339 · Apple · Apple Macos

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 15.6 Description: A logic error was addressed with improved error handling. iCloud Private Relay may not activate when more than one user is logged in simultaneously. Recommendations: Update to version 15.6...

WordPress Dataverse Integration plugin 2.77-2.81 - Missing Authorization to Authenticated (Subscriber+) Privilege Escalation

Missing Authorization to Authenticated Subscriber+ Privilege Escalation vulnerability discovered by kr0d in WordPress Plugin Dataverse Integration versions 2.77-2.81...

PT-2025-31099 · Malwarebytes · Malwarebytes Windows Firewall Control

Name of the Vulnerable Software and Affected Versions: Malwarebytes Binisoft Windows Firewall Control versions prior to 6.16.0.0 Description: The installer is susceptible to local privilege escalation. Recommendations: Update Malwarebytes Binisoft Windows Firewall Control to version 6.16.0.0 or...

PT-2025-31129 · Phpgurukul · Phpgurukul Student Management System

Name of the Vulnerable Software and Affected Versions: PHPGurukul Student Result Management System version 2.0 Description: Improper session invalidation in the component /elms/emp-changepassword.php allows attackers to execute a session hijacking attack. Recommendations: Address the session...

PT-2025-31048

Name of the Vulnerable Software and Affected Versions ssrfcheck versions prior to 1.2.0 Description The package is vulnerable to Server-Side Request Forgery SSRF due to an incomplete denylist of IP address ranges. The package fails to classify the reserved IP address space 224.0.0.0/4 Multicast a...

PT-2025-31124 · Jetbrains · Teamcity

Name of the Vulnerable Software and Affected Versions: TeamCity versions prior to 2025.07 Description: A reflected cross-site scripting XSS issue existed on the agentpushPreset page. Recommendations: Update to TeamCity version 2025.07 or later...

PT-2025-31151 · Unknown · Polkadot Frontier

Name of the Vulnerable Software and Affected Versions: Polkadot Frontier versions prior to commit 36f70d1 Description: Polkadot Frontier is an Ethereum and EVM compatibility layer for Polkadot and Substrate. The Curve25519Add and Curve25519ScalarMul precompiles incorrectly handle invalid Ristrett...

PT-2025-31120 · Jetbrains · Teamcity

Name of the Vulnerable Software and Affected Versions: TeamCity versions prior to 2025.07 Description: A privilege escalation issue existed in TeamCity due to incorrect directory permissions. This allowed for potential unauthorized access and control within the system. Recommendations: Update to...

PT-2025-31096 · Beamsec · Beamsec Phishpro

Name of the Vulnerable Software and Affected Versions: Beamsec PhishPro versions prior to 7.5.4.2 Description: An incorrect use of privileged APIs allows for privilege abuse in Beamsec PhishPro. Recommendations: Update Beamsec PhishPro to version 7.5.4.2 or later...

PT-2025-31137 · Unknown · Commentbox

Name of the Vulnerable Software and Affected Versions: CommentBox versions 1.0.0 through 1.1.0 Description: A stored cross-site scripting XSS issue exists in the CommentBox component. This allows for the injection of malicious scripts into the application through the component. Recommendations:...

PT-2025-31133 · Phpgurukul · Phpgurukul Car Washing Management System

Name of the Vulnerable Software and Affected Versions: PHPGurukul Car Washing Management System version 1.0 Description: Improper session invalidation in the /doctor/change-password.php component allows attackers to execute a session hijacking attack. Recommendations: Address the session...