181 matches found
CVE-2025-49825 Teleport allows remote authentication bypass
Teleport provides connectivity, authentication, access controls and audit for infrastructure. Community Edition versions before and including 17.5.1 are vulnerable to remote authentication bypass. At time of posting, there is no available open-source patch...
PT-2025-22162
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved, specifically in the iommu copy struct from user function. The issue involved a NULL pointer that should be rejected prior to...
PT-2025-15319 · Isherlock · Isherlock
Name of the Vulnerable Software and Affected Versions: iSherlock affected versions not specified Description: The iSherlock web service has an issue that allows remote attackers to inject and execute arbitrary system commands on the server. This is possible due to an OS command injection flaw,...
PT-2025-14308
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A potential memory corruption issue has been identified in the Linux kernel, specifically in the nvme-tcp module. The nvme tcp recv pdu function does not validate the header length, whic...
PT-2025-11070 · Google · Android
Name of the Vulnerable Software and Affected Versions: Linux Kernel Hidd Component affected versions not specified Description: A use-after-free issue exists in the hidd check config done function within hidd conn.cc. This could allow for arbitrary code execution, potentially leading to local...
CVE-2024-13892
Smartwares cameras CIP-37210AT and C724IP, as well as others which share the same firmware in versions up to 3.3.0, are vulnerable to command injection. During the initialization process, a user has to use a mobile app to provide devices with Access Point credentials. This input is not properly...
Linux Distros Unpatched Vulnerability : CVE-2020-14060
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to...
PT-2025-13228
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved. The issue was found in the ipvlan module, where the function ipvlan process v6 outbound was assuming the IPv6 network header is...
PT-2025-30787
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability exists in the Linux kernel related to RDMA/mlx5, specifically concerning the initialization of obj event-obj sub list before its insertion using xa insert. This can lead ...
PT-2024-10567 · Phpexcel · Phpexcel
Name of the Vulnerable Software and Affected Versions: PHPExcel affected versions not specified Description: The issue concerns an XML External Entity XXE vulnerability. No specific details about affected devices or real-world incidents are provided. Recommendations: At the moment, there is no...
PT-2024-12198 · Enel X · Waybox Enel X
Name of the Vulnerable Software and Affected Versions: Waybox Enel X affected versions not specified Description: The Waybox Enel X web management application has a flaw that allows execution of arbitrary requests on the internal database via the /admin/versions.php endpoint. This issue affects...
PT-2024-39345 · Syscom · Omflow
Name of the Vulnerable Software and Affected Versions: OMFLOW from The SYSCOM Group affected versions not specified Description: The issue involves the exposure of sensitive data, allowing remote attackers who have logged into the system to obtain password hashes of all users and administrators...
PT-2024-31157 · Vernemq · Vernemq
Name of the Vulnerable Software and Affected Versions: vernemq version 2.0.1 Description: A memory allocation issue allows attackers to cause a Denial of Service DoS via excessive memory consumption. Recommendations: For vernemq version 2.0.1, at the moment, there is no information about a newer...
PT-2024-39093 · Sourcecodester · Clinic'S Patient Management System
Name of the Vulnerable Software and Affected Versions: SourceCodester Clinics Patient Management System version 2.0 Description: A vulnerability exists in the system, allowing for an open redirect. The issue is related to the manipulation of the goto page argument in an unknown function of the fi...
PT-2024-18172 · Nt Ware +1 · Uniflow Online +1
Name of the Vulnerable Software and Affected Versions: uniFLOW Online versions prior to and including 2024.1.0 Description: The registration process of uniFLOW Online apps can be compromised when email login is enabled on the tenant, particularly for those utilizing email login in combination wit...
PT-2024-29879 · Cyberark · Cyberark
Name of the Vulnerable Software and Affected Versions: CyberArk affected versions not specified Description: The issue concerns the exposure of sensitive information to an unauthorized actor. This is a critical vulnerability that affects CyberArk, allowing unauthorized access to confidential data...
PT-2024-5447 · Cisco · Cisco Asyncos
Name of the Vulnerable Software and Affected Versions: Cisco AsyncOS for Secure Email Gateway affected versions not specified Description: A vulnerability in the web-based management interface of Cisco AsyncOS for Secure Email Gateway could allow an authenticated, remote attacker to execute...
PT-2024-5483 · Google +4 · Google Chrome +4
Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 127.0.6533.88 Microsoft Edge affected versions not specified Description: The issue is related to the use of uninitialized variables in the Dawn component, which implements the WebGPU specification. This could...
SUSE CVE-2024-30046
unknown...
PT-2024-28264 · Wavlink · Wavlink Wn551K1
Name of the Vulnerable Software and Affected Versions: Wavlink WN551K1 affected versions not specified Description: The issue allows a remote attacker to obtain sensitive information via the ExportAllSettings.sh component. Recommendations: At the moment, there is no information about a newer...