PT-2024-10761 · Cypress +1 · Cypress Wireless Combo Chips +1

Name of the Vulnerable Software and Affected Versions: Cypress and Broadcom Wireless Combo chips versions prior to the January 2021 firmware update Description: The issue allows memory read access via a "Spectra" attack when a January 2021 firmware update is not present. This affects specific...

PT-2024-19478 · Trendnet · Trendnet Tew-815Dap

Name of the Vulnerable Software and Affected Versions: TRENDnet TEW-815DAP version 1.0.2.0 Description: The issue allows for Command Injection via the do setNTP function. An authenticated attacker with administrator privileges can exploit this over the network by sending a malicious POST request...

PT-2024-25448 · Unknown · Satrya Smart Recent Posts Widget

Name of the Vulnerable Software and Affected Versions: Satrya Smart Recent Posts Widget versions 1.0.3 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows for stored cross-site scripting XSS. This means that an attacker can...

PT-2024-15699 · WordPress · Vk Block Patterns

Name of the Vulnerable Software and Affected Versions: VK Block Patterns plugin for WordPress versions up to, and including, 1.31.1.1 Description: The issue is due to missing or incorrect nonce validation on the vbp clear patterns cache function, making it possible for unauthenticated attackers t...

PT-2020-12131 · Chadha · Chadha Phpkb Standard Multi-Language

Name of the Vulnerable Software and Affected Versions: Chadha PHPKB Standard Multi-Language version 9 Description: The issue concerns how comments are handled in article.php, specifically through a vulnerable function in include/functions-article.php. This allows attackers to execute Stored Blind...