17 matches found
CVE-2026-8487
Incorrect default permissions vulnerability in Progress Software MOVEit Automation allows Retrieve Embedded Sensitive Data. This issue affects MOVEit Automation: before 2025.0.11, from 2025.1.0 before 2025.1.7...
PT-2026-27764
Ericsson Indoor Connect 8855 versions prior to 2025.Q3 contains a Cross-Site Request Forgery CSRF vulnerability which, if exploited, can lead to unauthorized modification of certain information...
PT-2026-1542
Name of the Vulnerable Software and Affected Versions versions prior to 2025-47388 Description A memory corruption issue occurs when passing pages to the Digital Signal Processor DSP with an unaligned starting address. Recommendations At the moment, there is no information about a newer version...
PT-2026-1525
Name of the Vulnerable Software and Affected Versions versions prior to 2025-47330 Description A temporary denial-of-service condition can occur during the processing of video packets received from the video firmware. Recommendations At the moment, there is no information about a newer version th...
PT-2026-1530
Name of the Vulnerable Software and Affected Versions versions prior to 2025 affected versions not specified Description A memory corruption issue exists when processing clock configuration data associated with particular hardware. This can lead to unpredictable system behavior. Recommendations A...
PT-2026-1462
Name of the Vulnerable Software and Affected Versions versions prior to 2025 affected versions not specified Description A flaw exists due to insufficient input validation, resulting in a cross-site scripting XSS vector within the HTML filter code. This issue specifically relates to data URLs fou...
KDE Connect 安全漏洞
KDE Connect is a software from the KDE community that connects cell phones and computers. A security vulnerability exists in versions of KDE Connect prior to 2025-11-28 that stems from an unassociated device ID and could affect KDE Connect clients on multiple platforms...
PT-2025-47293
Name of the Vulnerable Software and Affected Versions versions prior to 2025 affected versions not specified Description A remote attacker with low privileges can upload or overwrite Python scripts. This is achieved through a path traversal of the target filename within a PHP context, leading to...
PT-2025-44924
Name of the Vulnerable Software and Affected Versions versions prior to 2025 Description A memory corruption issue exists when processing audio streaming operations. The issue is due to improper validation of array index in audio processing. Recommendations At the moment, there is no information...
PT-2025-43919
Name of the Vulnerable Software and Affected Versions versions prior to 2025 affected versions not specified Description An outdated operating system may be susceptible to known security risks. The issue poses a critical security risk. Recommendations At the moment, there is no information about ...
PT-2025-41352
Name of the Vulnerable Software and Affected Versions Versions prior to 2025-47351 Description A memory corruption issue exists when processing user-supplied buffers. This can potentially lead to unexpected behavior or compromise of the system. Recommendations At the moment, there is no informati...
PT-2025-41346
Name of the Vulnerable Software and Affected Versions versions prior to 2025 affected versions not specified Description A memory corruption issue exists when processing escape commands originating from userspace. This can potentially lead to system instability or compromise. Approximately 2000...
PT-2025-34851 · Unknown · Runcommand
Name of the Vulnerable Software and Affected Versions: versions prior to 2025-30056 Description: The RunCommand function accepts any parameter, which is then passed for execution in the shell, allowing an attacker to execute arbitrary code on the system. Recommendations: At the moment, there is n...
Misskey 安全漏洞
Misskey is a perpetually free open source syndicated social media platform from Misskey Open Source. A security vulnerability exists in Misskey versions prior to 2025.2.1 that stems from insufficient validation of the relationship between the id and url fields of an ActivityPub object, which coul...
Agito Computer Life4All SQL注入漏洞
Agito Computer Life4All is a healthy living application from Agito Computer. A SQL injection vulnerability exists in Agito Computer Life4All versions prior to 10.01.2025 that stems from improper neutralization of special elements in SQL commands...
JFinalOA 安全漏洞
JFinalOA is an enterprise office system based on the JFinal framework developed by rabbit individual developers. A security vulnerability exists in JFinalOA versions prior to v2025.01.01, which stems from the discovery of an SQL injection vulnerability via the component getWorkFlowHis?insid...
JFinalOA 安全漏洞
JFinalOA is an enterprise office system based on the JFinal framework developed by rabbit individual developers. A security vulnerability exists in JFinalOA versions prior to v2025.01.01, which stems from the discovery of an SQL injection vulnerability via the component validRoleKey?sysRole.key...