PT-2026-38458

Name of the Vulnerable Software and Affected Versions Yarbo version 2.3.9 Description A hidden, persistent backdoor provides remote, unauthenticated or weakly authenticated access to privileged functionality. This backdoor is undocumented, cannot be disabled through user-facing settings, and...

IBM Aspera Shares 代码问题漏洞

IBM Aspera Shares is a Web application from International Business Machines IBM. An access control error vulnerability exists in IBM Aspera Shares versions 1.9.9 through 1.11.0. The vulnerability stems from a password reset that does not disable the session and can be exploited by an attacker to...

CVE-2025-52623

CVE-2025-52623 affects HCL AION v2.0 where the password field does not have autocomplete disabled, enabling potential storage or disclosure of credentials. Connected sources (CNVD-2026-16403, RH/Red Hat, NVD, and PT-2026-5901) corroborate an information disclosure risk from password-field autocom...

CVE-2025-52623 HCL AION is affected by an Autocomplete HTML Attribute Not Disabled for Password Field vulnerability

HCL AION is affected by an Autocomplete HTML Attribute Not Disabled for Password Field vulnerability. This can allow autocomplete on password fields may lead to unintended storage or disclosure of sensitive credentials, potentially increasing the risk of unauthorized access. This issue affects...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a spinlock not disabling interrupts, which could lead to a deadlock...

Linux Distros Unpatched Vulnerability : CVE-2025-32728

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In sshd in OpenSSH before 10.0, the DisableForwarding directive does not adhere to the documentation stating that it disables X11 and agent forwarding...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not disabling interrupts before resetting the GPU...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the RDMA/hns module not disabling interrupts when calling the spinunlockirqrestore function...

python-urllib3: Cookie request header isn't stripped during cross-origin redirects

A flaw was found in urllib3, a user-friendly HTTP client library for Python. urllib3 doesn't treat the Cookie HTTP header special or provide any helpers for managing cookies over HTTP, which is the responsibility of the user. However, it is possible for a user to specify a Cookie header and...

IBM Engineering Lifecycle Optimization Code Issue Vulnerability

IBM Engineering Lifecycle Optimization ELO is an extension of the Engineering Lifecycle Management ELM portfolio from International Business Machines IBM. They make it easier to collect and analyze data across the development environment to make better decisions. Automate reporting to ensure that...

python-urllib3: Cookie request header isn't stripped during cross-origin redirects

A flaw was found in urllib3, a user-friendly HTTP client library for Python. urllib3 doesn't treat the Cookie HTTP header special or provide any helpers for managing cookies over HTTP, which is the responsibility of the user. However, it is possible for a user to specify a Cookie header and...

python-urllib3: Cookie request header isn't stripped during cross-origin redirects

A flaw was found in urllib3, a user-friendly HTTP client library for Python. urllib3 doesn't treat the Cookie HTTP header special or provide any helpers for managing cookies over HTTP, which is the responsibility of the user. However, it is possible for a user to specify a Cookie header and...

Kirby 安全漏洞

Kirby is a file-based content management system CMS. A security vulnerability exists in Kirby that stems from a configuration that does not disable Kirby's APIs and panels, and a user enumeration vulnerability that could affect all Kirby sites with user accounts. The following products and versio...

PT-2024-11121 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the Linux kernel, specifically with the mt76: mt7921 module, where a possible invalid register access can occur. This happens when the interrupt is not properly...

CVE-2020-14487

OpenClinic GA 5.09.02 contains a hidden default user account that may be accessed if an administrator has not expressly turned off this account, which may allow an attacker to login and execute arbitrary commands...

IBM Maximo Asset Management Security Bypass Vulnerability (CNVD-2020-41863)

IBM Maximo Asset Management is a comprehensive solution for asset-intensive industries to manage corporate physical assets through a common platform. A security bypass vulnerability exists in IBM Maximo Asset Management 7.6.0, 7.6.1. The vulnerability stems from the product not disabling a sessio...

CVE-2020-10965

Teradici PCoIP Management Console 20.01.0 and 19.11.1 is vulnerable to unauthenticated password resets via login/resetadminpassword of the default admin account. This vulnerability only exists when the default admin account is not disabled. It is fixed in 20.01.1 and 19.11.2...

IBM Cloud Private Privilege Escalation Vulnerability

IBM Cloud Private is a set of enterprise private cloud solutions from IBM USA. The product is built primarily on Kubernetes and container technology. A privilege escalation vulnerability exists in IBM Cloud Private versions 3.1.1 and 3.1.2, which stems from the program failing to disable a sessio...

Sensio Labs Symfony Security Component CSRF Vulnerability

Sensio Labs Symfony is the French company Sensio Labs a set of free , MVC-based PHP development framework , which provides commonly used functional components and tools , can be used to quickly create complex WEB program . Security is one of the security components . A security vulnerability exis...