PT-2022-1522 · Microsoft · Windows Remote Access Connection Manager +1

Name of the Vulnerable Software and Affected Versions: Windows Remote Access Connection Manager affected versions not specified Description: The issue is related to errors in privilege management in the Windows Remote Access Connection Manager service. It allows an attacker to elevate their...

PT-2022-6124 · Microsoft · Windows Backup Service +1

Name of the Vulnerable Software and Affected Versions: Windows Backup Service versions prior to the fixed version Description: The issue is related to errors in privilege management within the Windows Backup Service, allowing an attacker to elevate their privileges to the level of SYSTEM. This ca...

PT-2022-12528 · Gpac · Gpac

Name of the Vulnerable Software and Affected Versions: GPAC version 1.0.1 Description: A Pointer Dereference issue exists via the gf hinter finalize function. This issue allows for potential exploitation. No information is provided about the estimated number of affected devices or real-world...

PT-2025-8051

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been identified, related to the ath11k module. The issue causes frames flush failure due to a deadlock, resulting in warnings such as "failed to...

PT-2025-8101

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A issue in the Linux kernel has been resolved where the data transfer routines could potentially enter an infinite loop if the hardware enters a bad state. The polling loops for the stat...

PT-2021-14825 · Lantronix · Lantronix Premierwave 2050

Name of the Vulnerable Software and Affected Versions: Lantronix PremierWave 2050 version 8.9.0.0R4 Description: A directory traversal issue exists in the Web Manager FsTFtp functionality, allowing a specially crafted HTTP request to potentially overwrite FsTFtp files. This can be triggered by an...

PT-2021-23497 · Sap · Sap Knowledge Warehouse

Name of the Vulnerable Software and Affected Versions: SAP Knowledge Warehouse versions 7.30 through 7.50 Description: A security issue has been discovered that enables unauthorized attackers to conduct XSS attacks, potentially leading to the disclosure of sensitive data. This is due to the usage...

PT-2021-6180 · Microsoft · Sharepoint Server +1

Name of the Vulnerable Software and Affected Versions: Microsoft SharePoint Server affected versions not specified Microsoft SharePoint Server Subscription Edition affected versions not specified Microsoft SharePoint Enterprise Server affected versions not specified Description: The issue is...

PT-2021-22766 · Kimai2 · Kimai2

Name of the Vulnerable Software and Affected Versions: kimai2 affected versions not specified Description: The issue is related to Improper Access Control. There is no information provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issu...

PT-2021-20331 · Dolibarr · Dolibarr

Name of the Vulnerable Software and Affected Versions: Dolibarr version 13.0.2 Description: The website builder module in Dolibarr allows remote PHP code execution due to an incomplete protection mechanism. Specifically, while system, exec, and shell exec are blocked, backticks are not blocked,...

PT-2021-4811 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to insecure privilege management in the NTFS file system of the Windows operating system. It allows an attacker to elevate their privileges, potentially affecting the...

PT-2021-22866 · Nagios Xi · Nagios Xi

Name of the Vulnerable Software and Affected Versions: Nagios XI version 5.8.5 Description: An issue was discovered in the Manage Dashlets section of the Admin panel, where an administrator can upload ZIP files. A command injection, within the name of the first file in the archive, allows an...

PT-2021-6151 · Tp Link · Tp-Link Tl-Wr940N

Name of the Vulnerable Software and Affected Versions: TP-Link TL-WR940N version 3.20.1 Build 200316 Rel.34392n 5553 Description: This issue allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link TL-WR940N routers. Authentication is required to exploit th...

PT-2022-4662 · Otrs +1 · Otrs +1

Name of the Vulnerable Software and Affected Versions: OTRS affected versions not specified Description: The issue is related to the lack of protection of the web page structure in the OTRS ticket request system's admin interface. This can be exploited by a remote attacker to conduct a cross-site...

PT-2021-4397 · Microsoft · Sharepoint Server +1

Name of the Vulnerable Software and Affected Versions: Microsoft SharePoint Server affected versions not specified Microsoft SharePoint Foundation affected versions not specified Microsoft SharePoint Enterprise Server affected versions not specified Description: The issue is related to incorrect...

PT-2021-23315 · D Link · Dcs-932L +1

Name of the Vulnerable Software and Affected Versions: DCS-5000L version 1.05 and earlier DCS-932L version 2.17 and earlier Description: The issue is related to incorrect access control, allowing malicious users on the LAN to access the device due to the use of basic authentication for the device...

PT-2021-6285 · Microsoft · Windows Storage Services +1

Name of the Vulnerable Software and Affected Versions: Windows Storage Services affected versions not specified Description: The issue is related to information disclosure in the Windows Storage Services of the Microsoft Windows operating system. It allows an attacker to obtain sensitive...

PT-2021-4939 · Advantech +1 · Advantech R-Seenet +1

Name of the Vulnerable Software and Affected Versions: Advantech R-SeeNet version 2.4.15 Description: A privilege escalation issue exists in the Windows version of Advantech R-SeeNet, related to insufficient access control to the directory C:R-SeeNet. This can allow an attacker to elevate their...

PT-2021-3823 · Cisco · Snort +2

Name of the Vulnerable Software and Affected Versions: Cisco Web Security Appliance affected versions not specified Cisco Firepower Threat Defense affected versions not specified Snort detection engine affected versions not specified Description: A vulnerability in Server Name Identification SNI...

CVE-2021-32826

Proxyee-Down is open source proxy software. An attacker being able to provide an extension script eg: through a MiTM attack or by hosting a malicious extension may be able to run arbitrary commands on the system running Proxyee-Down. For more details including a PoC see the referenced...