Lucene search
K

280 matches found

Positive Technologies
Positive Technologies
added 2025/08/14 12:0 a.m.7 views

PT-2025-33146

Name of the Vulnerable Software and Affected Versions: Disable-right-click-powered-by-pixterme versions through 1.2 pixter-image-digital-license versions through 1.0 Description: The Disable-Right-Click and Pixter Image Digital License WordPress plugins load a compromised JavaScript file from an...

9.8CVSS5.4AI score0.00413EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2025/08/14 12:0 a.m.6 views

Fedora 42 : matrix-synapse (2025-9e0e3043af)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-9e0e3043af advisory. Update to 1.135.2 ---- Update to 1.135.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus h...

5.6AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/08/12 12:0 a.m.6 views

PT-2025-32942 · Adobe · Indesign Desktop

Name of the Vulnerable Software and Affected Versions: InDesign Desktop versions 20.4 and earlier InDesign Desktop version 19.5.4 and earlier Description: InDesign Desktop versions 20.4 and earlier, including version 19.5.4, are susceptible to a Use After Free issue. Successful exploitation of th...

7.8CVSS8AI score0.00308EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/07/23 12:0 a.m.5 views

PT-2025-30606 · Harbor · Harbor

Name of the Vulnerable Software and Affected Versions: Harbor versions 2.11.2 and below Harbor versions 2.12.0-rc1 Harbor versions 2.13.0-rc1 Description: Harbor, an open source trusted cloud native registry project, is susceptible to a stored cross-site scripting XSS issue. The markdown field...

4.1CVSS5.2AI score0.00303EPSS
Exploits0References13
Positive Technologies
Positive Technologies
added 2025/07/16 12:0 a.m.5 views

PT-2025-29876 · Romm · Romm

Name of the Vulnerable Software and Affected Versions: RomM versions prior to 3.10.3 RomM versions prior to 4.0.0-beta.3 Description: RomM, a self-hosted rom manager and player, contains an authenticated path traversal issue in the /api/raw endpoint. This allows for the leakage of passwords and...

8.3CVSS6AI score0.00445EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2025/07/15 12:0 a.m.11 views

PT-2025-29616 · Oracle · Oracle Bi Publisher 12.2.1.4.0 +2

Name of the Vulnerable Software and Affected Versions: Oracle BI Publisher versions 7.6.0.0.0 Oracle BI Publisher versions 8.2.0.0.0 Oracle BI Publisher versions 12.2.1.4.0 Description: A vulnerability exists within the Oracle BI Publisher product of Oracle Analytics Web Server component that...

8.5CVSS7.2AI score0.00258EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/07/08 12:0 a.m.6 views

PT-2025-28463 · Fortinet · Fortiproxy +1

Name of the Vulnerable Software and Affected Versions: Fortinet FortiOS versions 7.0.0 through 7.0.15 Fortinet FortiOS versions 7.2.0 through 7.2.10 Fortinet FortiOS versions 7.4.0 through 7.4.5 Fortinet FortiOS versions 7.6.0 through 7.6.1 FortiProxy versions 7.0.0 through 7.0.19 FortiProxy...

9CVSS6.6AI score0.00251EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2025/07/07 12:0 a.m.6 views

PT-2025-28170

Name of the Vulnerable Software and Affected Versions: MongoDB Server versions prior to 8.0.5 MongoDB Server versions prior to 7.0.18 MongoDB Server versions prior to 6.0.21 Description: An issue has been identified in MongoDB Server where unredacted queries may inadvertently appear in server log...

8.8CVSS8AI score0.00466EPSS
Exploits0References29
Positive Technologies
Positive Technologies
added 2025/07/03 12:0 a.m.4 views

PT-2025-27813 · Unknown +1 · Masseditregex Extension +1

Name of the Vulnerable Software and Affected Versions: Mediawiki - MassEditRegex Extension versions 1.39.X through 1.39.11 Mediawiki - MassEditRegex Extension versions 1.42.X through 1.42.6 Mediawiki - MassEditRegex Extension versions 1.43.X through 1.43.1 Description: The issue is related to...

5.6CVSS5.3AI score0.00242EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2025/06/20 12:0 a.m.4 views

PT-2025-26352 · Unknown · Powerpress Podcasting

Name of the Vulnerable Software and Affected Versions: PowerPress Podcasting versions through 11.12.11 Description: The issue is a Server-Side Request Forgery SSRF vulnerability that allows Server Side Request Forgery. Recommendations: For versions through 11.12.11, update to a version later than...

4.9CVSS6.3AI score0.00173EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/06/20 12:0 a.m.6 views

PT-2025-26454

Name of the Vulnerable Software and Affected Versions: SugarCRM versions prior to 6.5.24 SugarCRM versions prior to 6.7.13 SugarCRM versions prior to 7.5.2.5 SugarCRM versions prior to 7.6.2.2 SugarCRM versions prior to 7.7.1.0 Description: A PHP object injection issue exists due to improper...

9.3CVSS7.9AI score0.02971EPSS
Exploits0References15
Positive Technologies
Positive Technologies
added 2025/06/12 12:0 a.m.3 views

PT-2025-25283 · Mendix · Mendix Studio Pro

Name of the Vulnerable Software and Affected Versions: Mendix Studio Pro versions prior to 8.18.35 Mendix Studio Pro versions prior to 9.24.35 Mendix Studio Pro versions prior to 10.6.24 Mendix Studio Pro versions prior to 10.12.17 Mendix Studio Pro versions prior to 10.18.7 Mendix Studio Pro...

6.1CVSS6.5AI score0.00395EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/06/04 12:0 a.m.8 views

PT-2025-23841 · Deno · Deno

Name of the Vulnerable Software and Affected Versions: Deno versions prior to 2.1.13 and prior to 2.2.13 Description: The issue affects Deno, a JavaScript, TypeScript, and WebAssembly runtime. It involves the Deno.env.toObject method, which ignores variables listed in the --deny-env option of the...

6.9CVSS6.4AI score0.00359EPSS
Exploits1References13
Positive Technologies
Positive Technologies
added 2025/05/29 12:0 a.m.6 views

PT-2025-23266 · Zitadel · Zitadel

Name of the Vulnerable Software and Affected Versions: Zitadel versions prior to 2.70.12 Zitadel versions prior to 2.71.10 Zitadel versions prior to 3.2.2 Description: Zitadel is open-source identity infrastructure software. A potential issue exists in the password reset mechanism, where ZITADEL...

8.8CVSS6.9AI score0.00358EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2025/05/27 12:0 a.m.11 views

PT-2025-22987

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 139 Firefox ESR versions prior to 115.24 Firefox ESR versions prior to 128.11 Description A double-free issue could occur in the vpx codec enc init multi function after a failed allocation when initializing the encode...

9.8CVSS6.8AI score0.08917EPSS
Exploits2References153
RedhatCVE
RedhatCVE
added 2025/05/22 7:35 p.m.13 views

CVE-2021-29399

XMB is vulnerable to cross-site scripting XSS due to inadequate filtering of BBCode input. This bug affects all versions of XMB. All XMB installations must be updated to versions 1.9.12.03 or 1.9.11.16...

6.1CVSS5.8AI score0.00817EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:9 p.m.18 views

CVE-2021-29075

Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects RBW30 before 2.6.2.2, RBK852 before 3.2.17.12, RBK852 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, RBK752 before 3.2.17.12, RBK753 before...

8.4CVSS7.2AI score0.00401EPSS
Exploits0References1
OSV
OSV
added 2025/05/21 6:15 p.m.4 views

UBUNTU-CVE-2025-47291

containerd is an open-source container runtime. A bug was found in the containerd's CRI implementation where containerd, starting in version 2.0.1 and prior to version 2.0.5, doesn't put usernamespaced containers under the Kubernetes' cgroup hierarchy, therefore some Kubernetes limits are not...

7.5CVSS6.7AI score0.00242EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/05/21 12:0 a.m.4 views

PT-2025-26325 · Mattermost · Mattermost

Name of the Vulnerable Software and Affected Versions: Mattermost versions 10.5.x through 10.5.5 Mattermost versions 9.11.x through 9.11.15 Mattermost versions 10.8.x through 10.8.0 Mattermost versions 10.7.x through 10.7.2 Mattermost versions 10.6.x through 10.6.5 Description: The issue arises...

4.3CVSS6.3AI score0.00251EPSS
Exploits0References10
RedhatCVE
RedhatCVE
added 2025/05/20 11:15 p.m.13 views

CVE-2024-55893

TYPO3 is a free and open source Content Management Framework. A vulnerability has been identified in the backend user interface functionality involving deep links. Specifically, this functionality is susceptible to Cross-Site Request Forgery CSRF. Additionally, state-changing actions in downstrea...

4.3CVSS6.9AI score0.00235EPSS
Exploits0References1
Rows per page
Query Builder