PT-2026-41509

Name of the Vulnerable Software and Affected Versions OpenSearch versions 2.18.0 through 2.19.3 OpenSearch versions 3.0.0 through 3.2.x Description A regression caused the plugins.security.ssl.transport.enforce hostname verification setting to be ineffective. When enabled, the system failed to...

Ubuntu: Security Advisory (USN-7931-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EUVD-2022-26881

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2021-29450

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Wordpress is an open source CMS. One of the blocks in the WordPress editor can be exploited in a way that exposes password-protected posts and pages. This...

PT-2025-25557 · Liferay +1 · Liferay Portal +2

Name of the Vulnerable Software and Affected Versions: Liferay Portal versions 7.0.0 through 7.4.3.4 Liferay DXP versions 7.4 GA, 7.3 GA through update 34 Description: A path traversal vulnerability exists with the downloading and installation of Xuggler, allowing remote attackers to add files to...

CVE-2021-29447

Wordpress is an open source CMS. A user with the ability to upload files like an Author can exploit an XML parsing issue in the Media Library leading to XXE attacks. This requires WordPress installation to be using PHP 8. Access to internal files is possible in a successful XXE attack. This has...

CVE-2021-29450

Wordpress is an open source CMS. One of the blocks in the WordPress editor can be exploited in a way that exposes password-protected posts and pages. This requires at least contributor privileges. This has been patched in WordPress 5.7.1, along with the older affected versions via minor releases...

CVE-2025-47937

TYPO3 is an open source, PHP based web content management system. Starting in version 9.0.0 and prior to versions 9.5.51 ELTS, 10.4.50 ELTS, 11.5.44 ELTS, 12.4.31 LTS, and 13.4.12 LTS, when performing a database query involving multiple tables through the database abstraction layer DBAL, frontend...

PT-2025-22141 · Typo3 · Typo3

Name of the Vulnerable Software and Affected Versions: TYPO3 versions 9.0.0 through 9.5.50 ELTS TYPO3 versions 10.0.0 through 10.4.49 ELTS TYPO3 versions 11.0.0 through 11.5.43 ELTS TYPO3 versions 12.0.0 through 12.4.30 LTS TYPO3 versions 13.0.0 through 13.4.11 LTS Description: The file managemen...

PT-2025-20911 · Kirby · Kirby

Name of the Vulnerable Software and Affected Versions: Kirby versions prior to 3.9.8.3 Kirby versions prior to 3.10.1.2 Kirby versions prior to 4.7.1 Description: A vulnerability in Kirby affects sites that use the snippet helper or $kirby-snippet method with a dynamic snippet name, allowing...

PT-2025-29162 · Honeywell · Onewireless Wdm +1

Name of the Vulnerable Software and Affected Versions: Honeywell Experion PKS versions 520.1 through 520.2 TCU9 Honeywell Experion PKS versions 530 through 530 TCU3 Honeywell OneWireless WDM versions 322.1 through 322.4 Honeywell OneWireless WDM versions 330.1 through 330.3 Description: The...

Siemens SIPROTEC 5

SUMMARY Affected SIPROTEC 5 devices do not encrypt certain data within the on-board flash storage on their PCB. This could allow an attacker with physical access to read the sensitive information from the filesystem of the device. Siemens is preparing fix versions and recommends specific...

PT-2024-17583 · WordPress · Wp Ad Guru

Name of the Vulnerable Software and Affected Versions: WP Ad Guru plugin for WordPress versions up to, and including, 2.5.4 Description: The issue is related to Stored Cross-Site Scripting due to insufficient input sanitization and output escaping. This allows unauthenticated attackers to inject...

Intel® oneAPI DPC++/C++ Compiler Advisory

Summary: A potential security vulnerability in some Intel® oneAPI DPC++/C++ Compiler may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2024-34165 Description: Uncontrolled search path in some Intel®...

PT-2024-19119 · Qnap · Qnap Qts +1

Name of the Vulnerable Software and Affected Versions: QNAP QTS versions prior to 5.1.8.2823 build 20240712 QNAP QuTS hero versions prior to h5.1.8.2823 build 20240712 Description: An OS command injection issue has been reported to affect several QNAP operating system versions. If exploited, the...

PT-2024-6139 · Zyxel · Wax655E +4

Name of the Vulnerable Software and Affected Versions: Zyxel NWA1123ACv3 versions 6.70ABVT.4 and earlier Zyxel WAC500 versions 6.70ABVS.4 and earlier Zyxel WAX655E versions 7.00ACDO.1 and earlier Zyxel WBE530 versions 7.00ACLE.1 and earlier Zyxel USG LITE 60AX version V2.00ACIP.2 Description: The...

PT-2024-5920 · Centreon · Centreon Web

Name of the Vulnerable Software and Affected Versions: Centreon Web versions 22.10.0 through 22.10.22 Centreon Web versions 23.04.0 through 23.04.18 Centreon Web versions 23.10.0 through 23.10.12 Centreon Web versions 24.04.0 through 24.04.2 Description: A SQL Injection vulnerability exists in th...

PT-2024-29497 · Unknown +1 · Prestashop +1

Name of the Vulnerable Software and Affected Versions: PrestaShop versions prior to 6.4.2 PrestaShop 1.6 versions prior to 3.18.1 Description: A logical weakness in the "PayPal Official" module for PrestaShop can be exploited by a malicious customer to confirm an order even if the payment is...

PT-2024-14794 · Honeywell · Honeywell

Name of the Vulnerable Software and Affected Versions: Honeywell product affected versions not specified Description: The issue arises when a server receives a malformed message where the GCL message hostname is too large, potentially causing a stack overflow. This could result in possible remote...

PT-2024-2702 · Siemens · Tecnomatix Plant Simulation

Name of the Vulnerable Software and Affected Versions: Tecnomatix Plant Simulation versions prior to V2201.0012 Tecnomatix Plant Simulation versions prior to V2302.0006 Description: A stack overflow vulnerability has been identified in the affected applications while parsing specially crafted WRL...