PT-2025-16734 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved, related to the powerpc/perf component. The issue arises from the introduction of the 'vpa pmu' PMU, which does not assign ownersh...

Linux Distros Unpatched Vulnerability : CVE-2022-37769

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libjpeg commit 281daa9 was discovered to contain a segmentation fault via HuffmanDecoder::Get at huffmandecoder.hpp. This vulnerability allows attackers to caus...

Linux Distros Unpatched Vulnerability : CVE-2015-6806

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The MScrollV function in ansi.c in GNU screen 4.3.1 and earlier does not properly limit recursion, which allows remote attackers to cause a denial of service...

Linux Distros Unpatched Vulnerability : CVE-2019-13753

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Out of bounds read in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory vi...

DRUPAL-CONTRIB-2025-006

The security team is marking this project unsupported. There is a known security issue with the project that has not been fixed by the maintainer. If you would like to maintain this project, please read: https://www.drupal.org/node/251466s-becoming-owner-maintainer-or-co-mai...

D-Link DIR-619L Multiple Vulnerabilities (2024 - 2025)

D-Link DIR-619L devices are prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2024-9102

phpLDAPadmin since at least version 1.2.0 through the latest version 1.2.6.7 allows users to export elements from the LDAP directory into a Comma-Separated Value CSV file, but it does not neutralize special elements that could be interpreted as a command when the file is opened by a spreadsheet...

PT-2024-34927 · Unknown · Brand My Footer

Name of the Vulnerable Software and Affected Versions: Brand my Footer versions n/a through 1.1 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for DOM-Based XSS. Recommendations: For versions n/a...

PT-2024-7781 · Google +4 · Google Chrome +4

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 130.0.6723.58 Microsoft Edge affected versions not specified Description: The issue is related to a use-after-free vulnerability in the Artificial Intelligence AI technology of Google Chrome and Microsoft Edge...

3DSecure 2.0 3DS Method Authentication Cross Site Scripting

Product: 3DSecure 2.0 Manufacturer: Redsys Affected Versions: 3DSecure 2.0 3DS Method Authentication Tested Versions: 3DSecure 2.0 3DS Method Authentication Vulnerability Type: Cross-Site Scripting XSS Risk Level: Medium Solution Status: Not yet fixed Manufacturer Notification: 2024-01-17 Solutio...

CVE-2024-22281 Apache Helix Front (UI): Helix front hard-coded secret in the express-session

UNSUPPORTED WHEN ASSIGNED The Apache Helix Front UI component contained a hard-coded secret, allowing an attacker to spoof sessions by generating their own fake cookies. This issue affects Apache Helix Front UI: all versions. As this project is retired, we do not plan to release a version that...

PT-2024-5286 · Google +4 · Google Chrome +4

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 127.0.6533.72 Microsoft Edge affected versions not specified Description: The issue is related to a use after free vulnerability in the User Education component of Google Chrome and Microsoft Edge, which can le...

PT-2024-4236 · Google +6 · Google Chrome +6

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 126.0.6478.54 Microsoft Edge affected versions not specified Description: The issue is related to an inappropriate implementation in the Dawn component, which may allow a remote attacker to execute arbitrary co...

Open redirect

Rejected reason: This is unused...

PT-2023-7066 · Google +5 · Google Chrome +5

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 119.0.6045.159 Microsoft Edge affected versions not specified Description: The issue is related to a use after free vulnerability in the Navigation component of Google Chrome and Microsoft Edge browsers. This...

PT-2023-28696 · Gnome +1 · Gnome Maps +1

Name of the Vulnerable Software and Affected Versions: GNOME Maps affected versions not specified Description: A flaw was found in GNOME Maps, making it vulnerable to a code injection attack via its service.json configuration file. If the configuration file is malicious, it may execute arbitrary...

Open redirect

Rejected reason: This candidate is unused by its CNA...

Open redirect

Rejected reason: This candidate is unused by its CNA...

Open redirect

Rejected reason: This candidate is unused by its CNA...

Open redirect

Rejected reason: This candidate is unused by its CNA...