70 matches found
CVE-2025-53811
CVE-2025-53811 describes a TCC-related bypass in Mosh-Pro on macOS caused by misconfigured RunAsNode fuses. A local, unprivileged attacker could execute arbitrary code that runs with Mosh-Pro’s TCC permissions, limited to permissions the user has already granted. Additional resource access beyond...
Linux Distros Unpatched Vulnerability : CVE-2019-1010025
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthreadcreated thread. The component is: glibc. NOTE...
PT-2025-34232 · Sourcecodester · Online Bank Management System
Name of the Vulnerable Software and Affected Versions: SourceCodester Online Bank Management System version 1.0 Description: A weakness has been identified that allows for SQL injection. The issue impacts an unknown function within the /bank/show.php file. Manipulation of the ID argument can lead...
Linux Distros Unpatched Vulnerability : CVE-2025-4050
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Out of bounds memory access in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote attacker who convinced a user to engage in specific UI gestures...
Linux Distros Unpatched Vulnerability : CVE-2021-46971
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: perf/core: Fix unconditional securitylockeddown call Currently, the lockdown state is querie...
Linux Distros Unpatched Vulnerability : CVE-2024-27076
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: media: imx: csc/scaler: fix v4l2ctrlhandler memory leak Free the memory allocated in...
Linux Distros Unpatched Vulnerability : CVE-2025-37915
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netsched: drr: Fix double list add in class with netem as child qdisc As described in Gerrard's report 1, there are use cases where a netem child qdisc will mak...
Linux Distros Unpatched Vulnerability : CVE-2025-38194
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - jffs2: check that raw node were preallocated before writing summary Syzkaller detected a kernel bug in jffs2linknoderef, caused by fault injection in...
PT-2025-32398 · Xoda · Xoda
Name of the Vulnerable Software and Affected Versions: XODA version 0.4.5 Description: XODA version 0.4.5 contains an unauthenticated file upload vulnerability that allows remote attackers to execute arbitrary PHP code on the server. The flaw resides in the upload functionality, which fails to...
CVE-2025-49825 Teleport allows remote authentication bypass
Teleport provides connectivity, authentication, access controls and audit for infrastructure. Community Edition versions before and including 17.5.1 are vulnerable to remote authentication bypass. At time of posting, there is no available open-source patch...
PT-2025-22162
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved, specifically in the iommu copy struct from user function. The issue involved a NULL pointer that should be rejected prior to...
PT-2025-13228
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved. The issue was found in the ipvlan module, where the function ipvlan process v6 outbound was assuming the IPv6 network header is...
PT-2024-39093 · Sourcecodester · Clinic'S Patient Management System
Name of the Vulnerable Software and Affected Versions: SourceCodester Clinics Patient Management System version 2.0 Description: A vulnerability exists in the system, allowing for an open redirect. The issue is related to the manipulation of the goto page argument in an unknown function of the fi...
PT-2024-18172 · Nt Ware +1 · Uniflow Online +1
Name of the Vulnerable Software and Affected Versions: uniFLOW Online versions prior to and including 2024.1.0 Description: The registration process of uniFLOW Online apps can be compromised when email login is enabled on the tenant, particularly for those utilizing email login in combination wit...
PT-2024-25925 · Clario · Clario
Name of the Vulnerable Software and Affected Versions: Clario through 2024-04-11 for Desktop Description: The issue is related to weak permissions for the %PROGRAMDATA%Clario directory and the attempt to load DLLs from this location as SYSTEM. Recommendations: For Clario through 2024-04-11 for...
PT-2024-21775 · Ibm · Ibm Db2
Name of the Vulnerable Software and Affected Versions: IBM Db2 for Linux, UNIX and Windows includes DB2 Connect Server versions 10.5, 11.1, and 11.5 Description: The issue is related to a denial of service condition that can be triggered with a specially crafted query under certain conditions...
PT-2024-2406 · Tenda · Tenda Ac15
Name of the Vulnerable Software and Affected Versions: Tenda AC15 versions 15.03.05.18 through 15.03.20 multi Description: A critical issue affects the function formSetSpeedWan of the file /goform/SetSpeedWan. The manipulation of the argument speed dir leads to a stack-based buffer overflow. This...
PT-2024-2436 · Adobe · Experience Manager
Name of the Vulnerable Software and Affected Versions: Adobe Experience Manager versions 6.5.19 and earlier Description: The issue is related to a stored Cross-Site Scripting XSS vulnerability that could allow an attacker to inject malicious scripts into vulnerable form fields. This could lead to...
PT-2024-21976 · Supercali · Supercali
Name of the Vulnerable Software and Affected Versions: SuperCali version 1.1.0 Description: A reflected cross-site scripting XSS issue exists, allowing remote attackers to execute arbitrary JavaScript code via the email parameter in the "bad password.php" page. This could potentially affect a...
PT-2024-14631 · Linux +4 · Linux Kernel +4
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A use-after-free UAF issue has been resolved in the Linux kernel. The pmif driver data, which contains clocks, is allocated along with spmi controller. When a device is removed, spmi...