23 matches found
PT-2025-29228 · Red Hat · Ansible
Name of the Vulnerable Software and Affected Versions: Ansible affected versions not specified Description: A flaw exists in Ansible where sensitive cookies without security flags transmitted over non-encrypted channels can lead to Man-in-the-Middle MitM and Cross-site scripting XSS attacks...
PT-2025-27434 · Unknown · Hotspot Shield Vpn
Name of the Vulnerable Software and Affected Versions: Hotspot Shield VPN client affected versions not specified Description: The issue concerns a Host Header Injection HHI vulnerability, which can cause unexpected behavior when accessing third-party web applications through the VPN tunnel. This...
PT-2025-25467 · Apache · Apache Http Server
Name of the Vulnerable Software and Affected Versions: Apache HTTP Server affected versions not specified Description: The issue concerns an information disclosure problem. No specific details about the estimated number of potentially affected devices worldwide or real-world incidents where this...
PT-2025-23801 · Apache · Apache Http Server
Name of the Vulnerable Software and Affected Versions: Apache HTTP Server affected versions not specified Description: The issue concerns unvalidated user input. No information is provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issu...
PT-2025-21862 · Unknown · Calmkart Django-Sso-Server
Name of the Vulnerable Software and Affected Versions: calmkart Django-sso-server up to 057247929a94ffc358788a37ab99e391379a4d15 Description: A vulnerability was found in the function gen rsa keys of the file common/crypto.py, leading to inadequate encryption strength. The attack can be initiated...
PT-2025-20943 · Microsoft · Windows Hardware Lab Kit
Name of the Vulnerable Software and Affected Versions: Windows Hardware Lab Kit affected versions not specified Description: The issue concerns the use of hard-coded credentials in the software, which allows an authorized attacker to elevate privileges locally. There is no information provided...
PT-2025-20614 · Adobe · Flash
Name of the Vulnerable Software and Affected Versions: Adobe Flash affected versions not specified Description: The issue concerns unvalidated user input in Adobe Flash. No information is provided about the estimated number of potentially affected devices worldwide or real-world incidents where...
PT-2025-20135 · Unknown · Fullworks Display Eventbrite Events
Name of the Vulnerable Software and Affected Versions: fullworks Display Eventbrite Events affected versions not specified Description: The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion' vulnerability. Th...
PT-2025-17617 · Apache · Apache Http Server
Name of the Vulnerable Software and Affected Versions: Apache HTTP Server affected versions not specified Description: The issue concerns HTTP Request Smuggling in the Apache HTTP Server. No information is provided about the estimated number of potentially affected devices worldwide or real-world...
PT-2025-16945 · Apple · Gamecenter
Name of the Vulnerable Software and Affected Versions: GameCenter version 16.0.23 Description: There is a whitelist mechanism bypass in GameCenter. Successful exploitation of this issue may affect the confidentiality and integrity of the service. Recommendations: GameCenter version 16.0.23: At th...
PT-2025-15834 · Tibco · Spotfire Enterprise Runtime For R
Name of the Vulnerable Software and Affected Versions: TERR versions affected versions not specified Spotfire Enterprise Runtime for R version 6 Description: Attackers can create specially crafted files with embedded code that may execute without adequate security validation, potentially leading ...
PT-2024-9431 · Microsoft · Windows Remote Desktop Services +1
Name of the Vulnerable Software and Affected Versions: Windows Remote Desktop Services affected versions not specified Description: The issue is related to a remote code execution problem in Windows Remote Desktop Services. It involves the use of memory after it has been freed, which can be...
PT-2024-40930 · Web-Time · Web-Time
Name of the Vulnerable Software and Affected Versions: web-time affected versions not specified Description: The issue concerns a crate that is no longer maintained, with the author recommending the use of the maintained web-time crate instead. Recommendations: At the moment, there is no...
PT-2024-40853 · Git +1 · Gpsd
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash type of "Use-of-uninitialized-value" as reported by OSS-Fuzz. The crash occurs in the packet parse function, located in t...
PT-2023-35990 · Git +1 · Libredwg
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A heap-buffer-overflow read issue has been identified, potentially causing a crash. The crash involves the functions dxf fixup string, dxf header write,...
PT-2023-35952 · Git +1 · Fluent-Bit
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash type identified as Invalid-free. The crash state involves several functions: reset context, finish metric, and cmt decode...
PT-2023-17400 · Mattermost · Mattermost Desktop App
Name of the Vulnerable Software and Affected Versions: Mattermost Desktop App affected versions not specified Description: The Mattermost Desktop App has an issue where it fails to validate a Mattermost server redirection, allowing it to navigate to an arbitrary website. Recommendations: At the...
PT-2023-21553 · Pegasystems +1 · Synchronization Engine
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: A user with a compromised configuration can start an unsigned binary as a service. There is no information provided about the estimated number of...
PT-2022-36703 · Git +1 · Ghostscript
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a heap-buffer-overflow read crash. The crash type is specified as Heap-buffer-overflow READ 4, and the crash state includes Ins...
PT-2022-5108 · Microsoft · Windows Server +1
Name of the Vulnerable Software and Affected Versions: Windows Server affected versions not specified Description: The issue is related to insufficient protection of service data when processing registry keys, which can allow an attacker to obtain unauthorized access to protected information. Thi...