Lucene search
K

350 matches found

Positive Technologies
Positive Technologies
added 2024/07/01 12:0 a.m.5 views

PT-2024-28308 · Airvertco · Airvertco Frappejs

Name of the Vulnerable Software and Affected Versions: airvertco frappejs version 0.0.11 Description: The issue is related to a prototype pollution vulnerability via the registerView function. This allows attackers to execute arbitrary code or cause a Denial of Service DoS by injecting arbitrary...

8.8CVSS8AI score0.00822EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2024/06/23 12:0 a.m.11 views

PT-2024-4296

Name of the Vulnerable Software and Affected Versions Emacs versions prior to 29.4 Org Mode versions prior to 9.7.5 Description The issue arises from the expansion of a %... link abbrev by the org-link-expand-abbrev function in lisp/ol.el, even when it specifies an unsafe function like...

10CVSS7.1AI score0.01312EPSS
Exploits0References86
Positive Technologies
Positive Technologies
added 2024/06/17 12:0 a.m.12 views

PT-2024-37356 · Gpac +2 · Gpac +2

Name of the Vulnerable Software and Affected Versions: GPAC version 2.5-DEV-rev228-g11067ea92-master Description: A problematic issue was found, affecting the swf svg add iso sample function of the src/filters/load text.c file in the MP4Box component. This issue leads to a null pointer dereferenc...

7.8CVSS3.6AI score0.00346EPSS
Exploits3References18
Positive Technologies
Positive Technologies
added 2024/06/13 12:0 a.m.1 views

PT-2024-26434 · Libyaml · Libyaml

Name of the Vulnerable Software and Affected Versions: libyaml version 0.2.5 Description: The issue is related to a Buffer Overflow vulnerability. It affects the yaml emitter emit function in the /src/libyaml/src/emitter.c file. The manipulation leads to a double-free. Recommendations: For libyam...

9.8CVSS8.6AI score
Exploits0References9
Positive Technologies
Positive Technologies
added 2024/06/12 12:0 a.m.6 views

PT-2024-4395 · Tenda · Tenda A301

Name of the Vulnerable Software and Affected Versions: Tenda A301 version 15.13.08.12 Description: A critical issue has been identified, classified as critical, affecting the function fromSetWirelessRepeat of the file /goform/WifiExtraSet. The manipulation of the argument wpapsk crypto leads to a...

9CVSS8.9AI score0.01358EPSS
Exploits1References11
PyPA
PyPA
added 2024/06/11 10:15 p.m.9 views

PYSEC-2024-236

Jupyter Server Proxy allows users to run arbitrary external processes alongside their notebook server and provide authenticated web access to them. Versions of 3.x prior to 3.2.4 and 4.x prior to 4.2.0 have a reflected cross-site scripting XSS issue. The /proxy endpoint accepts a host path segmen...

9.6CVSS5.8AI score0.00442EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologies
added 2024/06/05 12:0 a.m.6 views

PT-2024-21857 · Samsung · Exynos 1280 +4

Name of the Vulnerable Software and Affected Versions: Samsung Mobile Processor Exynos 980 Samsung Mobile Processor Exynos 850 Samsung Mobile Processor Exynos 1280 Samsung Mobile Processor Exynos 1380 Samsung Mobile Processor Exynos 1330 Description: An issue was discovered in the function slsi n...

7.8CVSS7.3AI score0.00164EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2024/06/05 12:0 a.m.8 views

PT-2024-27114 · Idccms · Idccms

Name of the Vulnerable Software and Affected Versions: idccms version 1.35 Description: A Cross-Site Request Forgery CSRF issue was discovered in the component "admin/vpsClass deal.php?mudi=del". This issue allows for unauthorized requests to be made on behalf of the user. Recommendations: For...

8.8CVSS6.7AI score0.00289EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2024/05/28 12:0 a.m.9 views

PT-2024-36068 · Unknown · Phpmybackuppro

Name of the Vulnerable Software and Affected Versions: PhpMyBackupPro version 2.3 Description: A vulnerability has been discovered that could allow an attacker to execute XSS through the "/phpmybackuppro/get file.php" API endpoint, using the view parameter. This could allow an attacker to create ...

7.1CVSS6.2AI score0.00252EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/05/24 12:0 a.m.7 views

PT-2024-8987 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the i2c virtio component in the Linux kernel. If a timeout occurs, it can result in incorrect data on the I2C bus and/or memory corruptions in the guest since t...

4.6CVSS6.6AI score0.00202EPSS
Exploits0References15
Positive Technologies
Positive Technologies
added 2024/05/06 12:0 a.m.6 views

PT-2024-25771 · Wasm3 · Wasm3

Name of the Vulnerable Software and Affected Versions: wasm3 version 0.5.0 Description: A global buffer overflow was discovered in wasm3, leading to a segmentation fault. This issue is related to the function PreserveRegisterIfOccupied in wasm3/source/m3 compile.c. Recommendations: For wasm3...

7.5CVSS7.5AI score0.00627EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2024/04/29 12:0 a.m.7 views

PT-2024-13396

Name of the Vulnerable Software and Affected Versions PyPXE version 1.8.4 Description The issue allows a remote attacker to cause a denial of service via the handle function in the tftp module. Recommendations For PyPXE version 1.8.4, consider disabling the handle function in the tftp module as a...

8.8CVSS7.2AI score0.00539EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2024/04/25 12:0 a.m.4 views

PT-2024-29521 · Tenda · Tenda 4G300

Name of the Vulnerable Software and Affected Versions: Tenda 4G300 version 1.01.42 Description: A critical issue affects the function sub 429A30. The manipulation of the argument list1 leads to a stack-based buffer overflow. The attack may be initiated remotely. The vendor was contacted about thi...

9CVSS7.2AI score0.01683EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2024/04/25 12:0 a.m.5 views

PT-2024-29496

Name of the Vulnerable Software and Affected Versions Tenda 4G300 version 1.01.42 Description A critical issue was found, affecting the function sub 422AA4. The manipulation of the argument year/month/day/hour/minute/second leads to a stack-based buffer overflow. This issue can be exploited...

9CVSS7.6AI score0.01755EPSS
Exploits1References19
Positive Technologies
Positive Technologies
added 2024/04/22 12:0 a.m.8 views

PT-2024-22528 · Pdf2Json · Pdf2Json

Name of the Vulnerable Software and Affected Versions: pdf2json version 0.70 Description: A buffer overflow issue allows a local attacker to execute arbitrary code via the GString::copy and ImgOutputDev::ImgOutputDev function. Recommendations: For pdf2json version 0.70, consider disabling the...

7.8CVSS8.2AI score0.00368EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/04/18 12:0 a.m.4 views

PT-2024-3097 · Totolink · Totolink N300Rt

Name of the Vulnerable Software and Affected Versions: TOTOLINK N300RT version V2.1.8-B20201030.1539 Description: The issue is related to the lack of protection for the web page structure, allowing a remote attacker to conduct a cross-site scripting XSS attack. This can be exploited in the MAC...

7.5CVSS6.1AI score0.00592EPSS
Exploits1References9
Positive Technologies
Positive Technologies
added 2024/04/17 12:0 a.m.7 views

PT-2024-3507 · Huawei · Huawei Matebook D16

Name of the Vulnerable Software and Affected Versions: Huawei Matebook D16 version v2.26 Description: The issue is related to a buffer overflow in the SMRAM memory of Huawei personal computers' UEFI BIOS microprogram, which can allow an attacker to execute arbitrary code in System Management Mode...

7.8CVSS8.5AI score0.0013EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/04/15 12:0 a.m.5 views

PT-2024-3134 · Tenda · Tenda Ac8

Name of the Vulnerable Software and Affected Versions: Tenda AC8 version 16.03.34.09 Description: The issue is related to a stack-based buffer overflow in the formSetRebootTimer function of the /goform/SetRebootTimer API endpoint. This can be exploited by manipulating the rebootTime argument,...

9CVSS8.9AI score0.01643EPSS
Exploits1References9
Positive Technologies
Positive Technologies
added 2024/04/15 12:0 a.m.5 views

PT-2024-3222 · Brocade · Brocade Sannav

Name of the Vulnerable Software and Affected Versions: Brocade SANnav versions prior to 2.3.1 Brocade SANnav version 2.3.0a Description: The issue is related to the class FileTransfer in Brocade SANnav, which uses the ssh-rsa signature scheme with a SHA-1 hash. This could allow a remote,...

7.5CVSS7.2AI score0.00306EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2024/04/08 12:0 a.m.3 views

PT-2024-2866 · Totolink · Totolink Ex200

Name of the Vulnerable Software and Affected Versions: TOTOLINK EX200 version 4.0.3c.7646 B20201211 Description: The issue is related to a remote code execution vulnerability in the NTPSyncWithHost function, specifically via the hostTime parameter. This vulnerability is associated with weaknesses...

9.8CVSS8.4AI score0.01368EPSS
Exploits1References7
Rows per page
Query Builder