179 matches found
PT-2025-42245
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's i40e driver related to input validation for the action meta component. The issue involves a condition check that was insufficient, potentially leading...
CVE-2009-20005 InterSystems Caché UtilConfigHome.csp Stack Buffer Overflow
A stack-based buffer overflow exists in the UtilConfigHome.csp endpoint of InterSystems Caché 2009.1. The vulnerability is triggered by sending a specially crafted HTTP GET request containing an oversized argument to the .csp handler. Due to insufficient bounds checking, the input overflows a sta...
PT-2025-37993
Name of the Vulnerable Software and Affected Versions: E1 Informatics Web Application versions through 20250916 Description: The E1 Informatics Web Application contains a SQL Injection issue due to improper neutralization of special elements used in an SQL command. This allows attackers to perfor...
CVE-2025-53811 TCC Bypass via misconfigured Node fuses in Mosh-Pro
The configuration of Mosh-Pro on macOS, specifically the "RunAsNode" fuse enabled, allows a local attacker with unprivileged access to execute arbitrary code that inherits Mosh-Pro TCC Transparency, Consent, and Control permissions. Acquired resource access is limited to previously granted...
CVE-2025-53811
CVE-2025-53811 describes a TCC-related bypass in Mosh-Pro on macOS caused by misconfigured RunAsNode fuses. A local, unprivileged attacker could execute arbitrary code that runs with Mosh-Pro’s TCC permissions, limited to permissions the user has already granted. Additional resource access beyond...
Linux Distros Unpatched Vulnerability : CVE-2019-1010025
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthreadcreated thread. The component is: glibc. NOTE...
PT-2025-34232 · Sourcecodester · Online Bank Management System
Name of the Vulnerable Software and Affected Versions: SourceCodester Online Bank Management System version 1.0 Description: A weakness has been identified that allows for SQL injection. The issue impacts an unknown function within the /bank/show.php file. Manipulation of the ID argument can lead...
Linux Distros Unpatched Vulnerability : CVE-2025-4050
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Out of bounds memory access in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote attacker who convinced a user to engage in specific UI gestures...
PT-2025-33140 · Ctrlx Os · Ctrlx Os
Name of the Vulnerable Software and Affected Versions: ctrlX OS affected versions not specified Description: Ambiguous wording in the web interface of the setup mechanism could lead a user to believe that the backup file is encrypted when a password is set. However, only the private key – if...
PT-2025-32770 · Microsoft · Edge For Android
Name of the Vulnerable Software and Affected Versions: Microsoft Edge for Android affected versions not specified Description: A user interface UI misrepresentation of critical information in Microsoft Edge for Android can allow an unauthorized attacker to perform spoofing over a network...
PT-2025-32767 · Microsoft · Windows
Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions affected versions not specified Description: A race condition exists in the Microsoft Graphics Component due to improper synchronization during concurrent execution using a shared resource. This allows an authorized...
PT-2025-32830 · Microsoft · Windows
Name of the Vulnerable Software and Affected Versions: Windows versions affected versions not specified Description: An issue exists in Windows Push Notifications related to access of a resource using an incompatible type 'type confusion'. This allows an authorized attacker to elevate privileges...
Linux Distros Unpatched Vulnerability : CVE-2024-27076
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: media: imx: csc/scaler: fix v4l2ctrlhandler memory leak Free the memory allocated in...
Linux Distros Unpatched Vulnerability : CVE-2021-46971
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: perf/core: Fix unconditional securitylockeddown call Currently, the lockdown state is querie...
Linux Distros Unpatched Vulnerability : CVE-2025-38194
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - jffs2: check that raw node were preallocated before writing summary Syzkaller detected a kernel bug in jffs2linknoderef, caused by fault injection in...
Linux Distros Unpatched Vulnerability : CVE-2025-37915
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netsched: drr: Fix double list add in class with netem as child qdisc As described in Gerrard's report 1, there are use cases where a netem child qdisc will mak...
PT-2025-32398 · Xoda · Xoda
Name of the Vulnerable Software and Affected Versions: XODA version 0.4.5 Description: XODA version 0.4.5 contains an unauthenticated file upload vulnerability that allows remote attackers to execute arbitrary PHP code on the server. The flaw resides in the upload functionality, which fails to...
CVE-2024-12143
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Mobilteg Mobile Informatics Mikro Hand Terminal - MikroDB allows SQL Injection. This issue affects Mikro Hand Terminal - MikroDB. NOTE: The vendor did not inform about the completion of the fixing...
CVE-2025-49825 Teleport allows remote authentication bypass
Teleport provides connectivity, authentication, access controls and audit for infrastructure. Community Edition versions before and including 17.5.1 are vulnerable to remote authentication bypass. At time of posting, there is no available open-source patch...
PT-2025-22162
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved, specifically in the iommu copy struct from user function. The issue involved a NULL pointer that should be rejected prior to...