PT-2025-53329

Name of the Vulnerable Software and Affected Versions FaceSentry version 6.4.8 Description FaceSentry 6.4.8 has a remote command injection issue in the pingTest.php and tcpPortTest.php scripts. An attacker with authentication can inject and execute arbitrary shell commands with root privileges...

PT-2025-52840

Name of the Vulnerable Software and Affected Versions PMB version 7.4.6 Description The software contains a SQL injection issue in the storage parameter of the ''ajax.php'' endpoint. This allows remote attackers to manipulate database queries. The unsanitized id parameter is exploitable by...

PT-2025-52523

Name of the Vulnerable Software and Affected Versions Dotclear version 2.25.3 Description Dotclear version 2.25.3 contains a remote code execution issue. Authenticated attackers can upload malicious PHP files with a .phar extension through the blog post creation interface. Uploading files...

CVE-2025-40311 affecting package kernel for versions less than 6.6.117.1-1

CVE-2025-40311 affecting package kernel for versions less than 6.6.117.1-1. An upgraded version of the package is available that resolves this issue...

PT-2025-50974

Name of the Vulnerable Software and Affected Versions Atcom 100M IP Phones versions 2.7.x.x Description The software contains an authenticated command injection issue in the web configuration CGI script. This allows attackers to execute arbitrary system commands. The cmd parameter within the 'web...

PT-2025-54487

Name of the Vulnerable Software and Affected Versions macOS versions prior to Tahoe 26.2 Description A permissions issue existed where an application could potentially access protected files within an App Sandbox container. This issue was addressed with additional restrictions. Recommendations...

Withdrawn Advisory: Emby Server API Vulnerability allowing to gain administrative access without precondition

Withdrawn Advisory This advisory has been withdrawn because it incorrectly listed MediaBrowser.Server.Core as vulnerable. CVE-2025-64113 affects Emby Server versions 4.9.1.80 and prior, and Emby Server Beta versions 4.9.2.6 and prior. Original Description Impact This vulnerability affects all Emb...

KLA90892 SB vulnerabilities in Apache Tomcat

Security vulnerabilities were found in Apache Tomcat. Malicious users can exploit these vulnerabilities to bypass security restrictions. Original advisories Fixed in Apache Tomcat 9.0.113 Exploitation Related products Apache-Tomcat CVE list CVE-2025-66614 unknown CVE-2026-24733 unknown Solution...

Python DoS Vulnerability (Dec 2025) - Linux

Python is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:python:python";...

PT-2025-47262

Name of the Vulnerable Software and Affected Versions Top Friends plugin for WordPress versions prior to 0.4 Description The Top Friends plugin for WordPress is susceptible to Cross-Site Request Forgery CSRF. This is caused by a lack of nonce validation within the top friends options subpanel...

PT-2025-47352

Name of the Vulnerable Software and Affected Versions Fortinet FortiExtender versions 7.0 all versions Fortinet FortiExtender versions 7.2 all versions Fortinet FortiExtender versions 7.4.0 through 7.4.6 Fortinet FortiExtender versions 7.6.0 through 7.6.1 Description An issue exists in Fortinet...

PT-2025-46985

Name of the Vulnerable Software and Affected Versions Desktop Alert PingAlert versions 6.1.0.11 through 6.1.1.2 Description An issue exists in the Application Server of the software that allows remote Path Traversal for loading arbitrary external content. The vulnerability allows an attacker to...

PT-2025-46994

Name of the Vulnerable Software and Affected Versions Desktop Alert PingAlert versions 6.1.0.11 through 6.1.1.2 Description A Server-side Request Forgery issue exists in the Application Server component. This allows for probing of internal infrastructure. Recommendations Update to a newer version...

PT-2025-46983

Name of the Vulnerable Software and Affected Versions Desktop Alert PingAlert versions 6.1.0.11 through 6.1.1.2 Description A Reflected Cross Site Scripting XSS issue exists in the Application Server of the software. This allows an attacker to potentially hijack a user’s browser and capture...

PT-2025-46993

Name of the Vulnerable Software and Affected Versions Desktop Alert PingAlert versions 6.1.0.11 through 6.1.1.2 Description Sensitive Information is exposed to an Unauthorized Actor in the Application Server. Recommendations Update to a newer version of Desktop Alert PingAlert to address this iss...

PT-2025-46780

Name of the Vulnerable Software and Affected Versions WP All Import versions up to and including 3.9.6 Description The Import any XML, CSV or Excel File to WordPress WP All Import plugin for WordPress is susceptible to Remote Code Execution. This is caused by the use of eval on unsanitized...

PT-2025-46811

Name of the Vulnerable Software and Affected Versions YOP Poll versions through 6.5.38 Description An authorization issue exists in YOP Poll, allowing exploitation due to incorrectly configured access control security levels. Recommendations Update YOP Poll to a version later than 6.5.38...

PT-2025-46733

Name of the Vulnerable Software and Affected Versions Ozeki SMS Gateway versions up to and including 10.3.208 Description Ozeki SMS Gateway versions up to and including 10.3.208 contain a path traversal issue. A successful exploit allows an unauthenticated attacker to read arbitrary files from th...

Huawei EulerOS: Security Advisory for python-pip (EulerOS-SA-2025-2399)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PT-2025-46687

Name of the Vulnerable Software and Affected Versions CUPS-Filters versions up to and including 1.28.17 libcupsfilters versions 2.0.0 through 2.1.1 Description CUPS is a standards-based, open-source printing system, and libcupsfilters contains the code of the filters of the former cups-filters...