Lucene search
+L

70 matches found

cve
cve
added 2025/08/26 12:22 p.m.14 views

CVE-2025-53811

CVE-2025-53811 describes a TCC-related bypass in Mosh-Pro on macOS caused by misconfigured RunAsNode fuses. A local, unprivileged attacker could execute arbitrary code that runs with Mosh-Pro’s TCC permissions, limited to permissions the user has already granted. Additional resource access beyond...

4.8CVSS7.5AI score0.00119EPSS
Exploits0References2
nessus
nessus
added 2025/08/26 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2019-1010025

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthreadcreated thread. The component is: glibc. NOTE...

5.3CVSS6.1AI score0.02286EPSS
Exploits1References2
ptsecurity
ptsecurity
added 2025/08/21 12:0 a.m.8 views

PT-2025-34232 · Sourcecodester · Online Bank Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Bank Management System version 1.0 Description: A weakness has been identified that allows for SQL injection. The issue impacts an unknown function within the /bank/show.php file. Manipulation of the ID argument can lead...

9.8CVSS7.6AI score0.00387EPSS
Exploits1References10
nessus
nessus
added 2025/08/18 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2025-4050

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Out of bounds memory access in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote attacker who convinced a user to engage in specific UI gestures...

8.8CVSS7.2AI score0.00462EPSS
Exploits0References2
nessus
nessus
added 2025/08/12 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2021-46971

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: perf/core: Fix unconditional securitylockeddown call Currently, the lockdown state is querie...

3.3CVSS6.4AI score0.0023EPSS
Exploits0References2
nessus
nessus
added 2025/08/12 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2024-27076

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: media: imx: csc/scaler: fix v4l2ctrlhandler memory leak Free the memory allocated in...

5.5CVSS6.1AI score0.00289EPSS
Exploits0References2
nessus
nessus
added 2025/08/11 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2025-37915

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netsched: drr: Fix double list add in class with netem as child qdisc As described in Gerrard's report 1, there are use cases where a netem child qdisc will mak...

7CVSS6.8AI score0.00166EPSS
Exploits0References3
nessus
nessus
added 2025/08/11 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-38194

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - jffs2: check that raw node were preallocated before writing summary Syzkaller detected a kernel bug in jffs2linknoderef, caused by fault injection in...

5.5CVSS6.6AI score0.00181EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2025/08/08 12:0 a.m.10 views

PT-2025-32398 · Xoda · Xoda

Name of the Vulnerable Software and Affected Versions: XODA version 0.4.5 Description: XODA version 0.4.5 contains an unauthenticated file upload vulnerability that allows remote attackers to execute arbitrary PHP code on the server. The flaw resides in the upload functionality, which fails to...

9.3CVSS7.8AI score0.01141EPSS
Exploits0References8
osv
osv
added 2025/06/17 9:43 p.m.5 views

CVE-2025-49825 Teleport allows remote authentication bypass

Teleport provides connectivity, authentication, access controls and audit for infrastructure. Community Edition versions before and including 17.5.1 are vulnerable to remote authentication bypass. At time of posting, there is no available open-source patch...

9.8CVSS7.2AI score0.07754EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2025/04/17 12:0 a.m.10 views

PT-2025-22162

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved, specifically in the iommu copy struct from user function. The issue involved a NULL pointer that should be rejected prior to...

5.5CVSS6.7AI score0.00157EPSS
Exploits0
ptsecurity
ptsecurity
added 2025/02/22 12:0 a.m.7 views

PT-2025-13228

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved. The issue was found in the ipvlan module, where the function ipvlan process v6 outbound was assuming the IPv6 network header is...

5.5CVSS5.4AI score0.0018EPSS
Exploits0
ptsecurity
ptsecurity
added 2024/09/07 12:0 a.m.4 views

PT-2024-39093 · Sourcecodester · Clinic'S Patient Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Clinics Patient Management System version 2.0 Description: A vulnerability exists in the system, allowing for an open redirect. The issue is related to the manipulation of the goto page argument in an unknown function of the fi...

6.9CVSS6.9AI score0.006EPSS
Exploits1References11
ptsecurity
ptsecurity
added 2024/09/02 12:0 a.m.4 views

PT-2024-18172 · Nt Ware +1 · Uniflow Online +1

Name of the Vulnerable Software and Affected Versions: uniFLOW Online versions prior to and including 2024.1.0 Description: The registration process of uniFLOW Online apps can be compromised when email login is enabled on the tenant, particularly for those utilizing email login in combination wit...

8.3CVSS6.8AI score0.00363EPSS
Exploits0References13
ptsecurity
ptsecurity
added 2024/05/04 12:0 a.m.6 views

PT-2024-25925 · Clario · Clario

Name of the Vulnerable Software and Affected Versions: Clario through 2024-04-11 for Desktop Description: The issue is related to weak permissions for the %PROGRAMDATA%Clario directory and the attempt to load DLLs from this location as SYSTEM. Recommendations: For Clario through 2024-04-11 for...

7.8CVSS6.9AI score0.00322EPSS
Exploits0References8
ptsecurity
ptsecurity
added 2024/04/03 12:0 a.m.7 views

PT-2024-21775 · Ibm · Ibm Db2

Name of the Vulnerable Software and Affected Versions: IBM Db2 for Linux, UNIX and Windows includes DB2 Connect Server versions 10.5, 11.1, and 11.5 Description: The issue is related to a denial of service condition that can be triggered with a specially crafted query under certain conditions...

6.5CVSS9.4AI score0.00653EPSS
Exploits0References6
ptsecurity
ptsecurity
added 2024/03/14 12:0 a.m.4 views

PT-2024-2406 · Tenda · Tenda Ac15

Name of the Vulnerable Software and Affected Versions: Tenda AC15 versions 15.03.05.18 through 15.03.20 multi Description: A critical issue affects the function formSetSpeedWan of the file /goform/SetSpeedWan. The manipulation of the argument speed dir leads to a stack-based buffer overflow. This...

9CVSS8.9AI score0.01605EPSS
Exploits1References9
ptsecurity
ptsecurity
added 2024/03/12 12:0 a.m.4 views

PT-2024-2436 · Adobe · Experience Manager

Name of the Vulnerable Software and Affected Versions: Adobe Experience Manager versions 6.5.19 and earlier Description: The issue is related to a stored Cross-Site Scripting XSS vulnerability that could allow an attacker to inject malicious scripts into vulnerable form fields. This could lead to...

5.5CVSS5.9AI score0.00427EPSS
Exploits0References6
ptsecurity
ptsecurity
added 2024/03/05 12:0 a.m.6 views

PT-2024-21976 · Supercali · Supercali

Name of the Vulnerable Software and Affected Versions: SuperCali version 1.1.0 Description: A reflected cross-site scripting XSS issue exists, allowing remote attackers to execute arbitrary JavaScript code via the email parameter in the "bad password.php" page. This could potentially affect a...

6.1CVSS6.6AI score0.00424EPSS
Exploits0References6
ptsecurity
ptsecurity
added 2024/03/05 12:0 a.m.22 views

PT-2024-14631 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A use-after-free UAF issue has been resolved in the Linux kernel. The pmif driver data, which contains clocks, is allocated along with spmi controller. When a device is removed, spmi...

8CVSS6.6AI score0.78388EPSS
Exploits21References809
Rows per page
Query Builder