PT-2026-44039

A stored cross-site scripting XSS vulnerability in the /admin/config-module.php component of creatorsofcode simplephp GitHub commit 5184cff Latest as of 2026-02-27 via injecting a crafted payload...

PT-2026-44093

When processing a request with a URL path starting with /status or /sysinfo, WOSHttpStatusModule.dll is to be loaded to handle such URL patterns. The WOSBin LoadHttpModule function in the dll would be called to set up a "module" object for that module. However, WOSHttpStatusModule.dll is not...

PT-2026-44095

A path traversal vulnerability exists in WOSDefaultHttpModule.dll when processing a URL path starting with /woshome...

PT-2026-44113

Name of the Vulnerable Software and Affected Versions pam usb versions prior to 0.8.7 Description In the src/tmux.c file, the software reads the $TMUX environment variable, splits it by commas, and interpolates the socket-path component directly into a shell command executed via the popen functio...

PT-2026-44164

Name of the Vulnerable Software and Affected Versions Basket versions prior to 2.1.17 Description The Basket module, which provides e-commerce and checkout functionality for Drupal sites, fails to sufficiently sanitize user-supplied data before it is processed by the PHP unserialize function. Thi...

Tanium Connect 安全漏洞

Tanium Connect is a data exchange module developed by the American company Tanium. Tanium Connect has a security vulnerability, which stems from an unauthorized code execution flaw...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of injection group lock protection in the ocelotportxmitinj function of the net mscc ocelot...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the st33zp24 TPM driver. This vulnerability occurs when the getburstcount function returns an...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the getburstcount function in tpm/tpmi2cinfineon. When this function returns -EBUSY due to timeout, the...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an error in DMA synchronization direction in the crypto Atmel-TDES module. This vulnerability may...

SimplePHP 安全漏洞

SimplePHP is a lightweight CMS tool based on JSON files, developed by Martin personally. SimplePHP has a security vulnerability, which stems from the/admin/config-module.php component having a storage-based cross-site scripting vulnerability. This vulnerability can be exploited by injecting...

free5GC 安全漏洞

free5GC is an open-source project for the 5th generation 5G mobile core network. Versions of free5GC prior to 4.2.2 contained security vulnerabilities. These vulnerabilities stemmed from the PUT processor in the BSF module, which allowed unsynchronized writes to the global Subscriptions mapping,...

free5GC 安全漏洞

free5GC is an open-source project for the 5th generation 5G mobile core network. Versions of free5GC prior to 4.2.2 contained security vulnerabilities. These vulnerabilities stemmed from the lack of inbound OAuth2/bearer-token authorization when the NEF module mounted the nnef-oam routing group...

pam_usb 安全漏洞

pamusb is a Linux hardware authentication tool developed by McDope’s individual developer, based on USB devices. Versions of pamusb prior to 0.9.1 contained security vulnerabilities. These vulnerabilities stemmed from the silent ignoring of EACCES errors in the src/evdev.c file. This could lead t...

Tanium Connect 安全漏洞

Tanium Connect is a data exchange module developed by the American company Tanium. There is a security vulnerability in Tanium Connect, which stems from an issue with unauthorized code execution...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the connection cleanup limits in the netfilter nfconncount module. This issue may cause the number of...

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.216 contained a vulnerability related to input validation. This vulnerability stemmed from insufficient validation for untrusted inputs in the Password module, which could allow remote attackers ...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the fact that the zram module does not call bioendio when processing certain discard requests. Th...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the use of the isbprmcredsforexec function in the ima module. This function uses the containerof...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the niusbinit function in gpib. When niusbsetupinit fails, the allocated writes buffer is not...