Lucene search
K

18 matches found

Positive Technologies
Positive Technologies
added 2025/07/17 12:0 a.m.4 views

PT-2025-34434

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A revert was implemented to address an issue where the dma buf field in the drm gem object structure became unstable during the object instance's lifetime. Specifically, the field coul...

5.5CVSS6.1AI score0.00119EPSS
Exploits0References16
Positive Technologies
Positive Technologies
added 2025/07/17 12:0 a.m.4 views

PT-2025-34433

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw exists due to an unstable dma buf field within the drm gem object structure in the Linux kernel. The field can become NULL when user space releases the final GEM handle on the...

5.5CVSS6.2AI score0.00121EPSS
Exploits0References18
Positive Technologies
Positive Technologies
added 2025/04/16 12:0 a.m.4 views

PT-2025-38571

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the wifi subsystem, specifically in the cfg80211 component, leading to a use-after-free condition in the cmp bss function. This issue was addresse...

7.8CVSS6.7AI score0.00152EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/02/24 12:0 a.m.9 views

PT-2025-7758 · Unknown · Reactive Mortgage Calculator

Name of the Vulnerable Software and Affected Versions: Reactive Mortgage Calculator versions 1.1 and earlier Description: The issue is related to improper neutralization of input during web page generation, which leads to a Cross-site Scripting XSS vulnerability. Specifically, it is a Stored XSS...

6.5CVSS8.4AI score0.00204EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/01/27 12:0 a.m.8 views

PT-2025-5556 · Unknown · Notfound Bridge Core

Name of the Vulnerable Software and Affected Versions: NotFound Bridge Core versions n/a through 3.3 Description: The issue is related to a Missing Authorization vulnerability in NotFound Bridge Core. This vulnerability affects the authorization process, potentially allowing unauthorized access...

4.3CVSS6.8AI score0.0023EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/12/09 12:0 a.m.3 views

PT-2024-13500 · Themewinter · Wpcafe

Name of the Vulnerable Software and Affected Versions: WPCafe versions through 2.2.22 Description: The issue is related to a Missing Authorization vulnerability in Themewinter WPCafe, which allows exploiting incorrectly configured access control security levels. Recommendations: For versions...

9.8CVSS9.4AI score0.0049EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/11/19 12:0 a.m.6 views

PT-2024-34780 · Unknown · Gmo Social Connection

Name of the Vulnerable Software and Affected Versions: GMO Social Connection versions 1.2 and earlier Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability that also allows Cross-Site Scripting XSS. This means an attacker could potentially trick a user into performi...

7.1CVSS6.4AI score0.00194EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/10/21 12:0 a.m.5 views

PT-2024-32770 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel affected versions not specified Description: A severe issue was disclosed for the Linux Kernel. The upstream kernel version 6.6.58 fixes bugs and vulnerabilities. For more information about the vulnerabilities, additional resourc...

9.2AI score
Exploits0References15
Positive Technologies
Positive Technologies
added 2024/06/09 12:0 a.m.8 views

PT-2024-23467 · Delucks Gmbh · Delucks Seo

Name of the Vulnerable Software and Affected Versions: DELUCKS SEO versions 2.5.4 and earlier Description: The issue is related to a Missing Authorization vulnerability in DELUCKS GmbH DELUCKS SEO. Recommendations: For DELUCKS SEO versions 2.5.4 and earlier, update to a version that contains a fi...

9.8CVSS9.3AI score0.00402EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/05/08 12:0 a.m.6 views

PT-2024-25983 · Themeqx · Themeqx Letterpress

Name of the Vulnerable Software and Affected Versions: Themeqx LetterPress versions 1.2.1 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an attacker can inje...

5.9CVSS6.7AI score0.00243EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/04/15 12:0 a.m.5 views

PT-2024-24437 · Libsyn · Libsyn Publisher Hub

Name of the Vulnerable Software and Affected Versions: Libsyn Publisher Hub versions 1.4.4 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended actions on a web application...

4.3CVSS6.5AI score0.00216EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/04/07 12:0 a.m.6 views

PT-2024-23874 · Unknown · Sizam Rehub

Name of the Vulnerable Software and Affected Versions: Sizam Rehub versions through 19.6.1 Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for potential exploitation by injecting malicious S...

8.5CVSS9.8AI score0.00523EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/03/27 12:0 a.m.7 views

PT-2024-23289 · Unknown · Contact Form To Any Api

Name of the Vulnerable Software and Affected Versions: Contact Form to Any API versions 1.1.8 and earlier Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for potential exploitation by...

8.5CVSS8AI score0.00549EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/01/31 12:0 a.m.10 views

PT-2024-37896 · Grafana · Grafana

Name of the Vulnerable Software and Affected Versions: Grafana affected versions not specified Description: A medium severity security fix has been released for Grafana. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability...

9.8CVSS6.9AI score0.04094EPSS
Exploits3References84
Positive Technologies
Positive Technologies
added 2023/12/19 12:0 a.m.8 views

PT-2023-31082 · Oceanwp · Ocean Extra

Name of the Vulnerable Software and Affected Versions: Ocean Extra versions through 2.2.2 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability in OceanWP Ocean Extra. This type of vulnerability allows an attacker to trick a user into performing unintended actions on a web...

8.8CVSS8.8AI score0.00286EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2023/12/13 12:0 a.m.7 views

PT-2023-36300 · Suse · Container-Suseconnect

Name of the Vulnerable Software and Affected Versions: container-suseconnect affected versions not specified Description: The issue is related to a security release in the go 1.21 package. The container-suseconnect package has been rebuilt with this security release to address the issue. There is...

7AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/09/13 12:0 a.m.6 views

PT-2023-27150 · Unknown +1 · Routinator +1

Name of the Vulnerable Software and Affected Versions: Routinator versions up to and including 0.12.1 Description: The issue is caused by insufficient input checking in the bcder library, which may lead to a crash when trying to parse certain malformed RPKI objects. Recommendations: For versions ...

7.5CVSS6.5AI score0.00515EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2012/12/11 12:0 a.m.8 views

PT-2012-5585 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions prior to the fixed version Description: A remote code execution issue exists due to the way Microsoft Windows parses filenames, potentially allowing attackers to execute arbitrary code in the context of the current...

9.3CVSS7.3AI score0.20766EPSS
Exploits1References6
Rows per page
Query Builder