PT-2026-40438

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description Improper authorization checks of team members privileges allow a team member to escalate privileges to the team owner account. Recommendations At the moment, the...

CVE-2025-52882 Claude Code IDE extensions allow websocket connections from arbitrary origins

Claude Code is an agentic coding tool. Claude Code extensions in VSCode and forks e.g., Cursor, Windsurf, and VSCodium and JetBrains IDEs e.g., IntelliJ, Pycharm, and Android Studio are vulnerable to unauthorized websocket connections from an attacker when visiting attacker-controlled webpages...

Redaxo CMS 5.0.0 - Multiple Vulnerabilities

Exploit for php platform in category web applications Redaxo CMS contains multiple vulnerabilities ------------------------------------------------------------- Problem Overview ================ Technical Risk: high Likelihood of Exploitation: medium Vendor: https://www.redaxo.org/ Tested version...

ManageEngine ServiceDesk Plus 8.0 - Multiple Stored XSS Vulnerabilities

No description provided by source. ManageEngine ServiceDesk Plus 8.0 Multiple Stored XSS Vulnerabilities Vendor: Zoho Corporation Pvt. Ltd. Product web page: http://www.manageengine.com Affected version: 8.0.0 Build 8013 Enterprise Summary: ServiceDesk Plus integrates your help desk requests and...

Sony PC Companion 2.1 (DownloadURLToFile()) Stack-based Unicode Buffer Overflow

No description provided by source. Sony PC Companion 2.1 DownloadURLToFile Stack-based Unicode Buffer Overload SEH Vendor: Sony Mobile Communications AB Product web page: http://www.sonymobile.com Affected version: 2.10.115 Production 27.1, Build 830 2.10.108 Production 26.1, Build 818 Summary: P...

Zen Cart 1.3.9f Local File Inclusion

Zen Cart v1.3.9f typefilter Local File Inclusion Vulnerability Vendor: Zen Ventures, LLC Product web page: http://www.zen-cart.com Version affected: 1.3.9f Summary: Zen Cart is an online store management system. It is PHP-based, using a MySQL database and HTML components. Support is provided for...

Adobe Photoshop CS4 Extended 11.0 GRD File Handling Remote Buffer Overflow

/ Title: Adobe Photoshop CS4 Extended 11.0 GRD File Handling Remote Buffer Overflow PoC Summary: The Adobe® Photoshop® family of products is the ultimate playground for bringing out the best in your digital images, transforming them into anything you can imagine and showcasing them in extraordina...

GroupWise Padlock Speculative Info

---------------------- GroupWise Padlock Info ---------------------- History ------- Novell was notified by someone around the 6th of August about a security flaw in GroupWise that apparently allowed basically anyone with access to the GroupWise server to do "bad stuff". August 14th brought the...