Lucene search
K

23 matches found

Positive Technologies
Positive Technologies
added 2025/07/11 12:0 a.m.7 views

PT-2025-29228 · Red Hat · Ansible

Name of the Vulnerable Software and Affected Versions: Ansible affected versions not specified Description: A flaw exists in Ansible where sensitive cookies without security flags transmitted over non-encrypted channels can lead to Man-in-the-Middle MitM and Cross-site scripting XSS attacks...

3.1CVSS5.4AI score0.00099EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2025/06/30 12:0 a.m.6 views

PT-2025-27434 · Unknown · Hotspot Shield Vpn

Name of the Vulnerable Software and Affected Versions: Hotspot Shield VPN client affected versions not specified Description: The issue concerns a Host Header Injection HHI vulnerability, which can cause unexpected behavior when accessing third-party web applications through the VPN tunnel. This...

2.3CVSS7.1AI score0.00269EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2025/06/14 12:0 a.m.17 views

PT-2025-25467 · Apache · Apache Http Server

Name of the Vulnerable Software and Affected Versions: Apache HTTP Server affected versions not specified Description: The issue concerns an information disclosure problem. No specific details about the estimated number of potentially affected devices worldwide or real-world incidents where this...

6.3AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/06/04 12:0 a.m.5 views

PT-2025-23801 · Apache · Apache Http Server

Name of the Vulnerable Software and Affected Versions: Apache HTTP Server affected versions not specified Description: The issue concerns unvalidated user input. No information is provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issu...

6.4AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/05/18 12:0 a.m.4 views

PT-2025-21862 · Unknown · Calmkart Django-Sso-Server

Name of the Vulnerable Software and Affected Versions: calmkart Django-sso-server up to 057247929a94ffc358788a37ab99e391379a4d15 Description: A vulnerability was found in the function gen rsa keys of the file common/crypto.py, leading to inadequate encryption strength. The attack can be initiated...

6.3CVSS3.9AI score0.00216EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2025/05/13 12:0 a.m.3 views

PT-2025-20943 · Microsoft · Windows Hardware Lab Kit

Name of the Vulnerable Software and Affected Versions: Windows Hardware Lab Kit affected versions not specified Description: The issue concerns the use of hard-coded credentials in the software, which allows an authorized attacker to elevate privileges locally. There is no information provided...

6.8CVSS9.2AI score0.00362EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/05/10 12:0 a.m.5 views

PT-2025-20614 · Adobe · Flash

Name of the Vulnerable Software and Affected Versions: Adobe Flash affected versions not specified Description: The issue concerns unvalidated user input in Adobe Flash. No information is provided about the estimated number of potentially affected devices worldwide or real-world incidents where...

6.4AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/05/07 12:0 a.m.6 views

PT-2025-20135 · Unknown · Fullworks Display Eventbrite Events

Name of the Vulnerable Software and Affected Versions: fullworks Display Eventbrite Events affected versions not specified Description: The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion' vulnerability. Th...

7.5CVSS7.8AI score0.0061EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/04/23 12:0 a.m.7 views

PT-2025-17617 · Apache · Apache Http Server

Name of the Vulnerable Software and Affected Versions: Apache HTTP Server affected versions not specified Description: The issue concerns HTTP Request Smuggling in the Apache HTTP Server. No information is provided about the estimated number of potentially affected devices worldwide or real-world...

6.4AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/04/17 12:0 a.m.6 views

PT-2025-16945 · Apple · Gamecenter

Name of the Vulnerable Software and Affected Versions: GameCenter version 16.0.23 Description: There is a whitelist mechanism bypass in GameCenter. Successful exploitation of this issue may affect the confidentiality and integrity of the service. Recommendations: GameCenter version 16.0.23: At th...

9.1CVSS6.2AI score0.00271EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2025/04/09 12:0 a.m.4 views

PT-2025-15834 · Tibco · Spotfire Enterprise Runtime For R

Name of the Vulnerable Software and Affected Versions: TERR versions affected versions not specified Spotfire Enterprise Runtime for R version 6 Description: Attackers can create specially crafted files with embedded code that may execute without adequate security validation, potentially leading ...

9.4CVSS6.4AI score0.00543EPSS
Exploits0References19
Positive Technologies
Positive Technologies
added 2024/12/10 12:0 a.m.2 views

PT-2024-9431 · Microsoft · Windows Remote Desktop Services +1

Name of the Vulnerable Software and Affected Versions: Windows Remote Desktop Services affected versions not specified Description: The issue is related to a remote code execution problem in Windows Remote Desktop Services. It involves the use of memory after it has been freed, which can be...

8.1CVSS8.7AI score0.01154EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2024/09/01 12:0 a.m.7 views

PT-2024-40930 · Web-Time · Web-Time

Name of the Vulnerable Software and Affected Versions: web-time affected versions not specified Description: The issue concerns a crate that is no longer maintained, with the author recommending the use of the maintained web-time crate instead. Recommendations: At the moment, there is no...

7AI score
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/08/16 12:0 a.m.6 views

PT-2024-40853 · Git +1 · Gpsd

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash type of "Use-of-uninitialized-value" as reported by OSS-Fuzz. The crash occurs in the packet parse function, located in t...

6.9AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/08/31 12:0 a.m.2 views

PT-2023-35990 · Git +1 · Libredwg

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A heap-buffer-overflow read issue has been identified, potentially causing a crash. The crash involves the functions dxf fixup string, dxf header write,...

7AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/08/13 12:0 a.m.3 views

PT-2023-35952 · Git +1 · Fluent-Bit

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash type identified as Invalid-free. The crash state involves several functions: reset context, finish metric, and cmt decode...

6.9AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/05/02 12:0 a.m.7 views

PT-2023-17400 · Mattermost · Mattermost Desktop App

Name of the Vulnerable Software and Affected Versions: Mattermost Desktop App affected versions not specified Description: The Mattermost Desktop App has an issue where it fails to validate a Mattermost server redirection, allowing it to navigate to an arbitrary website. Recommendations: At the...

5.4CVSS5.4AI score0.00363EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/04/10 12:0 a.m.5 views

PT-2023-21553 · Pegasystems +1 · Synchronization Engine

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: A user with a compromised configuration can start an unsigned binary as a service. There is no information provided about the estimated number of...

7.5CVSS7.4AI score0.01389EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2022/10/24 12:0 a.m.4 views

PT-2022-36703 · Git +1 · Ghostscript

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a heap-buffer-overflow read crash. The crash type is specified as Heap-buffer-overflow READ 4, and the crash state includes Ins...

6.8AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/10/11 12:0 a.m.4 views

PT-2022-5108 · Microsoft · Windows Server +1

Name of the Vulnerable Software and Affected Versions: Windows Server affected versions not specified Description: The issue is related to insufficient protection of service data when processing registry keys, which can allow an attacker to obtain unauthorized access to protected information. Thi...

7.8CVSS9.3AI score0.01506EPSS
Exploits0References7
Rows per page
Query Builder