PT-2026-6270

Name of the Vulnerable Software and Affected Versions apko versions 0.14.8 through 1.1.0 Description apko is a tool that enables users to build and publish OCI container images from apk packages. A flaw exists where a malicious or compromised APK repository can lead to resource exhaustion on the...

PT-2025-21542 · WordPress · Avif Uploader

Name of the Vulnerable Software and Affected Versions: AVIF Uploader versions prior to 1.1.1 Description: The issue concerns the AVIF Uploader WordPress plugin, where uploaded SVG files are not properly sanitized. This could allow users with a role as low as Author to upload malicious SVG files...

PT-2023-21713 · Pdfio +1 · Pdfio +1

Name of the Vulnerable Software and Affected Versions: PDFio versions 1.1.0 and prior Description: A denial of service issue exists in the pdfio parser, where crafted PDF files can cause the program to run at 100% utilization and never terminate. Recommendations: For PDFio versions 1.1.0 and prio...

Improper restriction of XML external entity reference (XXE) vulnerability in tsClinical Define.xml Generator and tsClinical Metadata Desktop Tools

Overview tsClinical Define.xml Generator and tsClinical Metadata Desktop Tools provided by FUJITSU LIMITED contain an improper restriction of XML external entity reference XXE vulnerability CWE-611. Toyama Taku and Sakaki Ryutaro of NEC Corporation reported this vulnerability to IPA. JPCERT/CC...

PT-2019-7796

Name of the Vulnerable Software and Affected Versions Elegant Themes Bloom plugin versions prior to 1.1.1 Description The issue allows for privilege escalation. Recommendations For versions prior to 1.1.1, update to version 1.1.1 or later to resolve the issue...