PT-2025-24425 · Redash · Redash

Name of the Vulnerable Software and Affected Versions: Redash versions up to 10.1.0/25.1.0 Description: A critical issue affects the run query function of the /query runner/python.py file in the getattr Handler component, leading to a sandbox issue. The exploit has been disclosed publicly and may...

CVE-2025-24026

iTop is an web based IT Service Management tool. Versions prior to 3.2.1 are vulnerable to regular expression denial of service ReDoS that may, under some circumstances, affect iTop server. Version 3.2.1 doesn't use the affected variable in the regular expression. As a workaround, if iTop...

PT-2025-13567

Name of the Vulnerable Software and Affected Versions HDF5 versions up to 1.14.6 Description A problematic issue was found in HDF5, affecting the H5HL fl deserialize function in the file src/H5HLcache.c. The manipulation of the free block argument leads to a heap-based buffer overflow. This issue...

PT-2025-11306

Name of the Vulnerable Software and Affected Versions HDF5 version 1.14.6 Description A critical issue affects the function H5MM strndup of the component Metadata Attribute Decoder, leading to heap-based buffer overflow. The manipulation requires local attacking. The exploit has been disclosed to...

PT-2023-4908 · Libtiff +6 · Libtiff +6

Name of the Vulnerable Software and Affected Versions: LibTIFF version 4.4.0 Description: The issue is related to an out-of-bounds read in the tiffcp utility, located in tools/tiffcp.c:948, which can be exploited by attackers to cause a denial-of-service via a crafted tiff file. This can lead to ...

PT-2022-26244 · Tenda · Tenda Ax1803

Name of the Vulnerable Software and Affected Versions: Tenda AX1803 version US AX1803v2.0br v1.0.0.1 2994 CN ZGYD01 4 Description: The issue is related to Cross Site Request Forgery CSRF and is exploitable via the TendaAteMode function. Recommendations: For Tenda AX1803 version US AX1803v2.0br...