PT-2025-7175

Name of the Vulnerable Software and Affected Versions musl libc versions 0.9.13 through 1.2.5 Description The issue is related to an out-of-bounds write vulnerability in musl libc when an attacker can trigger iconv conversion of untrusted EUC-KR text to UTF-8. This can be exploited when an...

PT-2024-26293 · Lunary Ai · Lunary

Name of the Vulnerable Software and Affected Versions: lunary-ai/lunary versions up to and including 1.2.5 Description: An information disclosure issue exists where account recovery hashes of users are inadvertently exposed to unauthorized actors. This occurs when authenticated users inspect...

PT-2024-24300 · Userswp · Userswp

Name of the Vulnerable Software and Affected Versions: UsersWP versions prior to 1.2.6 Description: A Cross-Site Request Forgery CSRF issue affects the software. This type of issue allows an attacker to trick a user into performing unintended actions on a web application that the user is...

PT-2024-23110

Name of the Vulnerable Software and Affected Versions Serverpod versions prior to 1.2.6 Description The issue bypasses the validation of TSL certificates on all non-web HTTP clients in the serverpod client package, making them susceptible to a man-in-the-middle attack against encrypted traffic...