PT-2025-33432 · Lemon S · Lemonos

Name of the Vulnerable Software and Affected Versions: LemonOS versions prior to nightly-2024-07-13 Description: A stack-based buffer overflow issue exists in the HTTP Client component of LemonOS. The HTTPGet function within the /Applications/Steal/main.cpp file is affected, specifically due to...

CVE-2025-38212 affecting package kernel for versions less than 6.6.96.1-1

CVE-2025-38212 affecting package kernel for versions less than 6.6.96.1-1. A patched version of the package is available...

CVE-2024-56551 affecting package kernel for versions less than 5.15.182.1-1

CVE-2024-56551 affecting package kernel for versions less than 5.15.182.1-1. A patched version of the package is available...

CVE-2023-27043 affecting package python3 for versions less than 3.12.0-1

CVE-2023-27043 affecting package python3 for versions less than 3.12.0-1. A patched version of the package is available...

PT-2025-2961 · Easyvirt · Easyvirt Dcscope +1

Name of the Vulnerable Software and Affected Versions: EasyVirt DCScope versions 8.6.0 and earlier EasyVirt CO2Scope versions 1.3.0 and earlier Description: The issue allows remote authenticated attackers with low privileges to perform various actions, including adding admin users, modifying user...

PT-2024-35837 · Unknown · Plumeria Web Design Blizzard Quotes

Name of the Vulnerable Software and Affected Versions: Plumeria Web Design Blizzard Quotes versions n/a through 1.3 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that allows Stored XSS. This means an attacker can perform unauthorized actions on the website. The estimat...

PT-2024-35847 · Unknown · Cool Plugins Cryptocurrency Widgets For Elementor

Name of the Vulnerable Software and Affected Versions: Cool Plugins Cryptocurrency Widgets For Elementor versions 1.6.4 and earlier Description: The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion', which...

PT-2024-33582 · WordPress · Noor Alam Wordpress Image Seo

Name of the Vulnerable Software and Affected Versions: Noor Alam WordPress Image SEO versions 1.1.4 and earlier Description: A Cross-Site Request Forgery CSRF issue affects Noor Alam WordPress Image SEO, allowing attackers to perform unauthorized actions. This can be exploited by misusing...

PT-2024-30883 · Minhyeong Lim · Mboard

Name of the Vulnerable Software and Affected Versions: MinHyeong Lim MH Board versions 1.3.2.1 and earlier Description: The issue is related to an improper limitation of a pathname to a restricted directory, also known as a 'Path Traversal' vulnerability, which allows PHP Local File Inclusion. Th...

PT-2024-6243 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows versions prior to the fixed version Description: The issue is related to an uninitialized pointer in the Windows Networking service, which can be exploited by a remote attacker to disclose protected information. This can potentially...

PT-2024-9210 · Sonatype · Sonatype Nexus Repository 2

Name of the Vulnerable Software and Affected Versions: Sonatype Nexus Repository 2 versions up to and including 2.15.1 Description: A stored Cross-site Scripting vulnerability has been discovered, which affects the structure of web pages. This issue may allow a remote attacker to perform cross-si...

CVE-2023-44402 ASAR Integrity bypass via filetype confusion in electron

Electron is an open source framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. This only impacts apps that have the embeddedAsarIntegrityValidation and onlyLoadAppFromAsar fuses enabled. Apps without these fuses enabled are not impacted. This issue is specifi...

PT-2023-29302 · WordPress · Auto Amazon Links

Name of the Vulnerable Software and Affected Versions: Auto Amazon Links plugin for WordPress versions up to, and including, 5.3.1 Description: The issue is related to Stored Cross-Site Scripting via the style parameter due to insufficient input sanitization and output escaping. This allows...

PT-2019-7738 · Pagelines +1 · Pagelines +1

Name of the Vulnerable Software and Affected Versions: PageLines theme version 1.1.4 Description: The issue concerns a CSRF vulnerability in the PageLines theme for WordPress. It affects the "wp-admin/admin-post.php?page=pagelines" endpoint. Recommendations: For PageLines theme version 1.1.4,...