PT-2024-2416 · Parisneo +1 · Lollms-Webui +1

Name of the Vulnerable Software and Affected Versions: parisneo/lollms-webui version v9.8 Description: The issue is related to the missing client id parameter in lollms binding infos, leading to security vulnerabilities. Specifically, the endpoints "/reload binding", "/install binding", "/reinsta...

PT-2024-19593 · Tencent · Tencent Blueking Cmdb

Name of the Vulnerable Software and Affected Versions: Tencent Blueking CMDB versions 3.2.x through 3.9.x Description: The issue is related to Server-Side Request Forgery SSRF via the event subscription function, located at the /service/subscription.go endpoint. This allows attackers to access...

PT-2023-9218 · FFmpeg +4 · Ffmpeg +4

Name of the Vulnerable Software and Affected Versions: FFmpeg versions v.n6.1-3-g466799d4f5 Description: The issue is related to a buffer overflow vulnerability in the set encoder id function, located in the /fftools/ffmpeg enc.c component. This vulnerability can be exploited by an attacker to...

PT-2023-8883 · Nextcloud +2 · Nextcloud Server +3

Name of the Vulnerable Software and Affected Versions: Nextcloud Server versions 25.0.0 through 25.0.10 Nextcloud Server versions 26.0.0 through 26.0.5 Nextcloud Server versions 27.0.0 through 27.0.0 Nextcloud Enterprise Server versions 22.0.0 through 22.2.10.15 Nextcloud Enterprise Server versio...

PT-2023-7384 · Fortinet · Fortiadc +1

Name of the Vulnerable Software and Affected Versions: Fortinet FortiADC versions 7.1.0 through 7.1.1 FortiDDoS-F versions 6.3.0 through 6.3.4 FortiDDoS-F versions 6.4.0 through 6.4.1 Description: A permissive cross-domain policy with untrusted domains vulnerability allows an unauthorized attacke...

PT-2023-6080 · Siemens · Simatic Cp 1628 +4

Name of the Vulnerable Software and Affected Versions: SIMATIC CP 1604 versions all SIMATIC CP 1616 versions all SIMATIC CP 1623 versions all SIMATIC CP 1626 versions all SIMATIC CP 1628 versions all Description: The issue is related to insufficient control of access to memory DMA, which could...

PT-2023-26535 · Unknown · Async-Sockets-Cpp

Name of the Vulnerable Software and Affected Versions: async-sockets-cpp versions 0.3.1 and earlier Description: The issue is a stack-based buffer overflow in the tcpsocket.hpp file when processing malformed TCP packets. This occurs due to improper handling of packet data, leading to a potential...

PT-2023-4100 · Sap · Sap Solution Manager

Name of the Vulnerable Software and Affected Versions: SAP Solution Manager Diagnostics agent version 7.20 Description: The issue is related to insufficient validation of incoming requests, allowing an unauthenticated attacker to execute HTTP requests blindly. Successful exploitation can lead to ...

PT-2023-4222 · NetGear · Netgear Wnr2000V2 +2

Name of the Vulnerable Software and Affected Versions: Netgear JWNR2000v2 version 1.0.0.11 Netgear XWN5001 version 0.4.1.1 Netgear XAVN2001v2 version 0.4.0.7 Description: The issue is related to buffer overflows in the update auth function, which can be exploited via the http passwd and http...

PT-2023-4711 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-13 Description: The issue is related to a heap buffer overflow in the btm ble update inq result function of btm ble gap.cc, which could lead to a possible out of bounds read. This may result in local information...

PT-2023-17321 · Puppet +1 · Puppet Server +1

Name of the Vulnerable Software and Affected Versions: Puppet Server version 7.9.2 Description: A Regular Expression Denial of Service ReDoS issue was discovered in the certificate validation of Puppet Server. This issue is related to specifically crafted certificate names, which can significantl...

PT-2023-2642 · Oracle · Oracle Database Server

Name of the Vulnerable Software and Affected Versions: Oracle Database Server versions 19c through 21c Description: The issue exists due to insufficient input validation in the Oracle Database Recovery Manager component of Oracle Database Server. This can be exploited by a remote attacker to caus...

PT-2023-21280 · Dualspace · Dualspace Lock Master

Name of the Vulnerable Software and Affected Versions: DUALSPACE Lock Master version 2.2.4 Description: An issue in DUALSPACE Lock Master allows a local attacker to cause a denial of service or gain sensitive information via the com.ludashi.superlock.util.pref.SharedPrefProviderEntryMethod: inser...

PT-2023-21318 · Blackvue · Blackvue Dr750-2Ch Lte

Name of the Vulnerable Software and Affected Versions: BlackVue DR750-2CH LTE version 1.012 2022.10.26 Description: The issue concerns the lack of authenticity check for uploaded firmware, allowing attackers to upload crafted firmware that contains backdoors and enables arbitrary code execution...

PT-2023-20835 · Green Packet · Ot-235 +1

Name of the Vulnerable Software and Affected Versions: GreenPacket OH736's WR-1200 Indoor Unit version M-IDU-1.6.0.3 V1.1 GreenPacket OH736's OT-235 version MH-46360-2.0.3-R5-GP Description: The issue allows for remote command injection. Commands are executed before login and with root privileges...

PT-2023-14128 · Google · Android Kernel

Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue is related to a missing bounds check in Pixel cellular firmware, which could lead to an out of bounds write. This might result in remote code execution without requiring additional execution privileges...

PT-2023-21176 · Sap · Sap Netweaver As For Abap/Abap Platform

Name of the Vulnerable Software and Affected Versions: SAP NetWeaver AS for ABAP and ABAP Platform - versions 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, 791 Description: The issue allows an attacker to exploit insufficient validation of path information provided by users, th...

PT-2023-12273 · Jocms · Jocms

Name of the Vulnerable Software and Affected Versions: jocms version 0.8 Description: The issue allows remote attackers to execute arbitrary SQL commands and view sensitive information. This is achieved via the jo json check function in jocms/apps/mask/inc/getmask.php. Recommendations: For jocms...

PT-2025-13323 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A memory leak has been identified in the Linux kernel, specifically in the ovs flow cmd new function. This issue arises when an allocation of a key fails, and the new flow object is no...

PT-2023-16390 · Yaffshiv · Yaffshiv

Name of the Vulnerable Software and Affected Versions: yaffshiv versions up to 0.1 Description: A path traversal issue affects the yaffshiv YAFFS filesystem extractor. By crafting a malicious YAFFS file, an attacker could force yaffshiv to write outside of the extraction directory. Recommendation...