7 matches found
PT-2026-46911
Name of the Vulnerable Software and Affected Versions Product Slider Pro for WooCommerce versions prior to 3.5.4 Description Improper validation of input parameters related to specified quantities allows unauthenticated remote attackers to implant malicious software and execute arbitrary commands...
CVE-2026-33622 A PinchTab Security Policy Bypass in /wait Allows Arbitrary JavaScript Execution
PinchTab is a standalone HTTP server that gives AI agents direct control over a Chrome browser. PinchTab v0.8.3 through v0.8.5 allow arbitrary JavaScript execution through POST /wait and POST /tabs/id/wait when the request uses fn mode, even if security.allowEvaluate is disabled. POST /evaluate...
CVE-2026-32879 New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure
New API is a large language mode LLM gateway and artificial intelligence AI asset management system. Starting in version 0.10.0, a logic flaw in the universal secure verification flow allows an authenticated user with a registered passkey to satisfy secure verification without completing a WebAut...
Linux Distros Unpatched Vulnerability : CVE-2025-68772
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - f2fs: fix to avoid updating compression context during writeback Bai, Shuangpeng reported a bug as below: Oops: divide error: 0000 1 SMP KASAN PTI CPU: 0 UID: 0...
Linux Distros Unpatched Vulnerability : CVE-2021-22186
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An authorization issue in GitLab CE/EE version 9.4 and up allowed a group maintainer to modify group CI/CD variables which should be restricted to group owners...
Linux Distros Unpatched Vulnerability : CVE-2017-2668
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - 389-ds-base before versions 1.3.5.17 and 1.3.6.10 is vulnerable to an invalid pointer dereference in the way LDAP bind requests are handled. A remote...
Linux Distros Unpatched Vulnerability : CVE-2018-1000038
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Artifex MuPDF 1.12.0 and earlier, a stack buffer overflow in function pdflookupcmapfull in pdf/pdf- cmap.c could allow an attacker to execute arbitrary code...