6663 matches found
PT-2026-1645
Name of the Vulnerable Software and Affected Versions JanStudio Gecko versions through 1.9.8 Description The software contains an Improper Control of Filename for Include/Require Statement issue, also known as a PHP Remote File Inclusion. This allows for PHP Local File Inclusion. Recommendations...
PT-2026-1623
Name of the Vulnerable Software and Affected Versions 1180px Shortcodes plugin for WordPress versions up to and including 1.1.1 Description The 1180px Shortcodes plugin for WordPress has a Stored Cross-Site Scripting issue because of inadequate input sanitization and output escaping. This affects...
Important: ansible
Issue Overview: A flaw was found in ansible-collection-community-general. This vulnerability allows for information exposure IE of sensitive credentials, specifically plaintext passwords, via verbose output when running Ansible with debug modes. Attackers with access to logs could retrieve these...
PT-2026-1563
Name of the Vulnerable Software and Affected Versions MoneySpace plugin for WordPress versions prior to 2.13.9 Description The MoneySpace plugin for WordPress exhibits a sensitive information exposure issue. The plugin stores complete payment card details – including Primary Account Number PAN,...
PT-2026-2103
Name of the Vulnerable Software and Affected Versions Tarkov Data Manager versions prior to 02 January 2025 Description The Tarkov Data Manager is a tool to manage the Tarkov item data. Prior to 02 January 2025, a reflected Cross Site Scripting XSS vulnerability exists in the toast notification...
PT-2026-2062
Name of the Vulnerable Software and Affected Versions iccDEV versions prior to 2.3.1.2 Description iccDEV is a set of libraries and tools used for interacting with, manipulating, and applying ICC color management profiles. A NULL pointer dereference issue exists in the signature parser in version...
PT-2026-1817
Name of the Vulnerable Software and Affected Versions Veeam Backup & Replication versions prior to 13.0.1.1071 Description The software contains a flaw that permits a Backup or Tape Operator to execute code remotely as root by crafting a malicious backup configuration file. Recommendations Update...
PT-2026-1603
Name of the Vulnerable Software and Affected Versions WP Recipe Manager plugin for WordPress versions prior to 1.0.1 Description The WP Recipe Manager plugin for WordPress is susceptible to Stored Cross-Site Scripting. This is due to insufficient input sanitization and output escaping on...
PT-2026-1678
Name of the Vulnerable Software and Affected Versions Yahei-PHP Prober version 0.4.7 Description The software contains a remote HTML injection issue that enables attackers to execute arbitrary HTML code. This is achieved by injecting malicious HTML code into the speed GET parameter of the...
PT-2026-1551
Name of the Vulnerable Software and Affected Versions TP-Link Archer BE400 version 1.1.0 Build 20250710 rel.14914 Description A flaw exists in the 802.11 modules of the TP-Link Archer BE400 that can lead to a denial-of-service DoS condition. An attacker in close proximity can trigger a device...
PT-2026-1522
Name of the Vulnerable Software and Affected Versions Progress MOVEit Transfer versions 2022.0.0 through 2022.0.10 Progress MOVEit Transfer versions 2022.1.0 through 2022.1.11 Progress MOVEit Transfer versions 2023.0.0 through 2023.0.8 Progress MOVEit Transfer versions 2023.1.0 through 2023.1.3...
PT-2026-1478
Name of the Vulnerable Software and Affected Versions Themepoints Accordion versions through 3.0.3 Description The software contains a flaw due to improper handling of user-supplied data when creating web pages, leading to a potential Cross-site Scripting XSS issue. This allows for the injection ...
PT-2026-1483
Name of the Vulnerable Software and Affected Versions Tickera versions through 3.5.6.4 Description A missing authorization issue exists in Tickera tickera-event-ticketing-system, allowing exploitation of incorrectly configured access control security levels. Recommendations Update Tickera to a...
PT-2026-1481
Name of the Vulnerable Software and Affected Versions Proxy & VPN Blocker versions through 3.5.3 Description An authorization issue exists in Proxy & VPN Blocker that allows exploitation of incorrectly configured access control security levels. Recommendations Update Proxy & VPN Blocker to a...
PT-2026-1476
Name of the Vulnerable Software and Affected Versions CoolHappy The Events Calendar Countdown Addon versions through 1.4.15 Description The CoolHappy The Events Calendar Countdown Addon has a flaw due to incorrectly configured access control security levels, leading to a missing authorization...
PT-2026-1490
Name of the Vulnerable Software and Affected Versions CyberChimps Responsive Addons for Elementor versions through 2.0.8 Description The software contains a missing authorization issue, allowing exploitation of incorrectly configured access control security levels. Recommendations Update Responsi...
PT-2026-1361
Name of the Vulnerable Software and Affected Versions Pterodactyl versions 1.11.11 and below Description Pterodactyl, a game server management panel, has an issue where Time-based One-Time Password TOTP can be reused during its validity window. When a user with two-factor authentication 2FA enabl...
PT-2026-1503
Name of the Vulnerable Software and Affected Versions iccDEV versions prior to 2.3.1.2 Description iccDEV is a set of libraries and tools for interacting with International Color Consortium ICC color management profiles. A flaw exists in versions prior to 2.3.1.2 that can lead to a heap buffer...
PT-2026-1436
Name of the Vulnerable Software and Affected Versions AirVPN Eddie version 2.24.6 Description The software contains an insecure XPC service that allows local, unprivileged users to escalate their privileges to root. Recommendations Update to a newer version that contains a fix for this...
openSUSE Security Advisory (SUSE-SU-2026:0022-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...