PT-2022-25854 · Unknown · Blogengine.Net

Name of the Vulnerable Software and Affected Versions: BlogEngine.NET version 3.3.8.0 Description: An issue in the component BlogEngine/BlogEngine.NET/AppCode/Api/UploadController.cs allows attackers to execute arbitrary code via uploading a crafted PNG file. Recommendations: For BlogEngine.NET...

PT-2022-14804 · Google · Android Kernel

Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue is related to an integer overflow in the ppmpu set of ppmpu.c, which could lead to a local escalation of privilege with no additional execution privileges needed. User interaction is not required for...

PT-2022-26478 · Google · Android Kernel

Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue is related to a possible out of bounds read in the MiscService::DoOemSetTcsFci function of miscservice.cpp due to a missing bounds check. This could lead to local information disclosure, requiring System...

PT-2022-26719 · Bento4 · Bento4

Name of the Vulnerable Software and Affected Versions: Bento4 version 1.6.0-639 Description: An issue was discovered in Bento4, leading to a Denial of Service DoS. The issue is caused by a heap-buffer-overflow in AP4 Dec3Atom::AP4 Dec3Atom at Ap4Dec3Atom.cpp, as demonstrated by mp42aac...

PT-2022-34582 · Microsoft · Exchange Server

Name of the Vulnerable Software and Affected Versions: Microsoft Exchange Server version Exchange Server 2019 and possibly earlier Description: An undisclosed vulnerability exists in an undisclosed component of Microsoft Exchange Server, allowing for remote code execution via network attack. Publ...

PT-2022-5208 · Adobe · Photoshop

Name of the Vulnerable Software and Affected Versions: Adobe Photoshop versions 22.5.8 and earlier Adobe Photoshop versions 23.4.2 and earlier Description: The issue is related to an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an...

PT-2022-24564 · Zoho · Zoho Manageengine Opmanager +4

Name of the Vulnerable Software and Affected Versions: Zoho ManageEngine OpManager versions prior to 125658 Zoho ManageEngine OpManager Plus versions prior to 126003 Zoho ManageEngine OpManager MSP versions prior to 126105 Zoho ManageEngine Network Configuration Manager versions prior to 126120...

PT-2022-23229 · Tifig · Tifig

Name of the Vulnerable Software and Affected Versions: tifig version 0.2.2 Description: A heap-use-after-free issue was discovered in tifig, related to the function temInfoEntry. Recommendations: For version 0.2.2, consider disabling the temInfoEntry function as a temporary workaround until a pat...

PT-2022-22972 · Samsung · Samsung Mtower

Name of the Vulnerable Software and Affected Versions: Samsung mTower version 0.3.0 Description: The issue allows a trusted application to trigger a memory overwrite, denial of service, and information disclosure by invoking the function TEE PopulateTransientObject with a large number in the...

PT-2022-6328 · Zoho · Zoho Manageengine Opmanager +4

Name of the Vulnerable Software and Affected Versions: Zoho ManageEngine OpManager versions prior to 2022-07-29 Zoho ManageEngine OpManager Plus versions prior to 2022-07-29 Zoho ManageEngine OpManager MSP versions prior to 2022-07-29 Zoho ManageEngine Network Configuration Manager versions prior...

PT-2022-13280 · Wireshark +5 · Wireshark +5

Name of the Vulnerable Software and Affected Versions: Wireshark versions 3.4.0 through 3.4.11 Wireshark versions 3.6.0 through 3.6.1 Description: The issue allows for denial of service via packet injection or crafted capture file due to large loops in multiple protocol dissectors. Recommendation...

PT-2022-1818

Name of the Vulnerable Software and Affected Versions Oracle Access Manager versions 11.1.2.3.0 through 12.2.1.4.0 Description The issue is related to errors in processing HTTP requests in the Oracle Access Manager component of Oracle Fusion Middleware. This can allow a remote attacker to execute...

PT-2021-3059 · Alfa +4 · Alfa Windows 10 Driver +4

Name of the Vulnerable Software and Affected Versions: ALFA Windows 10 driver version 6.1316.1209 for AWUS036H Description: An issue was discovered in the ALFA Windows 10 driver where the WEP, WPA, WPA2, and WPA3 implementations accept plaintext frames in a protected Wi-Fi network. This allows an...

PT-2021-2251 · Cisco · Cisco Network Services Orchestrator

Name of the Vulnerable Software and Affected Versions: Cisco Network Services Orchestrator NSO affected versions not specified Description: A vulnerability in the API subsystem and web-management interface of Cisco Network Services Orchestrator NSO could allow an unauthenticated, remote attacker ...

PT-2020-13604 · Lantronix · Xport Edge

Name of the Vulnerable Software and Affected Versions: Lantronix XPort EDGE versions 3.0.0.0R11, 3.1.0.0R9, 3.4.0.0R12, 4.2.0.0R7 Description: An authentication bypass issue exists in the Web Manager functionality. A specially crafted HTTP request can cause increased privileges. An attacker can...

PT-2020-13082 · Intelbras · Intelbras Tip 200 Lite +2

Name of the Vulnerable Software and Affected Versions: Intelbras TIP200 version 60.61.75.15 Intelbras TIP200LITE version 60.61.75.15 Intelbras TIP300 version 65.61.75.15 Description: The issue allows for XSS attacks through the /cgi-bin/cgiServer.exx API endpoint, specifically when the page...

PT-2020-6320 · Atlassian · Jira

Name of the Vulnerable Software and Affected Versions: Atlassian Jira Server and Data Center versions prior to 8.5.8 Atlassian Jira Server and Data Center versions 8.6.0 through 8.11.0 Description: The issue is related to an information disclosure vulnerability in the...

maximair.com.au Cross Site Scripting vulnerability

Security Researcher geeknik Helped patch 8574 vulnerabilities Received 8 Coordinated Disclosure badges Received 20 recommendations , a holder of 8 badges for responsible and coordinated disclosure, found a security vulnerability affecting maximair.com.au website and its users. Following coordinat...

rockriders.com.br Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1083003 Security Researcher haxmov Helped patch 708 vulnerabilities Received 4 Coordinated Disclosure badges Received 3 recommendations , a holder of 4 badges for responsible and coordinated disclosure, found a security vulnerability affecting rockriders.com.br website and...

alierbas.com.tr Cross Site Scripting vulnerability

Security Researcher geeknik Helped patch 8505 vulnerabilities Received 8 Coordinated Disclosure badges Received 20 recommendations , a holder of 8 badges for responsible and coordinated disclosure, found a security vulnerability affecting alierbas.com.tr website and its users. Following coordinat...