Linux Distros Unpatched Vulnerability : CVE-2026-25932

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI is a Free Asset and IT Management Software package. From 0.60 to before 10.0.24, an authenticated technician user can store an XSS payload in a supplier...

Linux Distros Unpatched Vulnerability : CVE-2026-5277

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer overflow in ANGLE in Google Chrome on Windows prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to perform an o...

Linux Distros Unpatched Vulnerability : CVE-2026-2782

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Privilege escalation in the Netmonitor component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

SOGo <= 5.12.4 XSS Vulnerability

SOGo is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:alinto:sogo"; if...

PT-2025-44127

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's coresight component related to the handling of return values from the devm kzalloc function. Specifically, the return value of devm kzalloc could be a...

PT-2025-35560

Name of the Vulnerable Software and Affected Versions: E2 Facility Management Systems affected versions not specified Description: E2 Facility Management Systems utilizes a proprietary protocol that permits unauthenticated file operations on any file within the file system. Recommendations: At th...

PT-2025-5473 · Unknown · Admin/Site Enhancements

Name of the Vulnerable Software and Affected Versions: Admin and Site Enhancements ASE versions n/a through 7.6.2 Description: The issue is related to a Missing Authorization vulnerability, allowing the exploitation of incorrectly configured access control security levels. Recommendations: For...

PT-2025-42557

Name of the Vulnerable Software and Affected Versions mediawiki affected versions not specified Description The software contains a flaw related to sanitizing data attributes. Insufficient sanitization of data attributes may lead to potential issues. Recommendations At the moment, there is no...

PT-2024-8575 · Adobe · Indesign Desktop

Name of the Vulnerable Software and Affected Versions: InDesign Desktop versions ID19.3, ID18.5.2 and earlier Description: The issue is related to a Heap-based Buffer Overflow that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires use...

PT-2024-40935 · Unknown · Openslides

Name of the Vulnerable Software and Affected Versions: openslide affected versions not specified Description: The openslide crate is no longer maintained, with its last release on 2018-11-20. Recommendations: At the moment, there is no information about a newer version that contains a fix for thi...

PT-2024-28514

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue is related to potential data races in the io uring/io-wq component of the Linux kernel. The structure io worker-flags may be accessed through various data paths, leading to...

PT-2024-40905 · Yaml-Rust · Yaml-Rust

Name of the Vulnerable Software and Affected Versions: yaml-rust affected versions not specified Description: The maintainer of yaml-rust seems unreachable, with many issues and pull requests submitted over the years without any response. Recommendations: Consider switching to the actively...

PT-2023-21490 · Hcl +1 · Hcl Bigfix Mobile / Modern Client Management +1

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue allows a Master operator to potentially incorporate an SVG tag into HTML, leading to an alert pop-up that displays a cookie. This is related t...

PT-2023-30265 · Eyoucms · Eyoucms

Name of the Vulnerable Software and Affected Versions: eyoucms version 1.6.4 Description: The issue allows for Cross Site Scripting XSS, which can lead to stealing sensitive information of logged-in users. Recommendations: For eyoucms version 1.6.4, update to a version that fixes the Cross Site...

PT-2023-30223 · Unknown · Online Matrimonial Project

Name of the Vulnerable Software and Affected Versions: Online Matrimonial Project version 1.0 Description: The issue affects the Online Matrimonial Project, allowing for multiple vulnerabilities to be exploited. Recommendations: For Online Matrimonial Project version 1.0, at the moment, there is ...

PT-2023-36015 · Git +1 · Gstreamer

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a heap-use-after-free READ 8 crash. The crash state involves functions such as g datalist get flags, g object unref, and gst obje...

PT-2023-20880 · Atropim · Atropim

Name of the Vulnerable Software and Affected Versions: Atropim version 1.5.26 Description: The issue is related to Directory Traversal. Recommendations: For Atropim version 1.5.26, at the moment, there is no information about a newer version that contains a fix for this vulnerability...

PT-2023-22654 · Vconsole · Vconsole

Name of the Vulnerable Software and Affected Versions: vConsole version 3.15.0 Description: The issue is related to a prototype pollution in vConsole due to incorrect key and value resolution in the setOptions function in core.ts. This can potentially lead to security issues. Recommendations: For...

PT-2022-26829 · Wasm2C +1 · Wasm2C +1

Name of the Vulnerable Software and Affected Versions: wasm2c version 1.0.29 Description: An issue was discovered in wasm2c, where an abort occurs in the CWriter::Write function. Recommendations: For version 1.0.29, at the moment, there is no information about a newer version that contains a fix...

PT-2020-19252 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab EE versions 11.3 and later Description: An issue was discovered that could lead to a GitLab Workhorse bypass, resulting in package and file disclosure via request smuggling. Recommendations: For GitLab EE versions 11.3 and later, at th...