Linux Distros Unpatched Vulnerability : CVE-2022-49291

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ALSA: pcm: Fix races among concurrent hwparams and hwfree calls Currently we have neither proper check nor protection against the concurrent calls of PCM hwpara...

Linux Distros Unpatched Vulnerability : CVE-2024-43888

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: mm: listlru: fix UAF for memory cgroup The memcgroupfromslabobj is supposed to be called und...

Linux Distros Unpatched Vulnerability : CVE-2017-15227

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Irssi before 1.0.5, while waiting for the channel synchronisation, may incorrectly fail to remove destroyed channels from the query list, resulting in...

Linux Distros Unpatched Vulnerability : CVE-2017-18079

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drivers/input/serio/i8042.c in the Linux kernel before 4.12.4 allows attackers to cause a denial of service NULL pointer dereference and system crash or possibl...

Linux Distros Unpatched Vulnerability : CVE-2011-4462

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Plone 4.1.3 and earlier computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote...

Exploit for CVE-2025-23942

WP Load Gallery Exploit CVE-2025-23942 📌 Description Unr...

PT-2025-13228

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved. The issue was found in the ipvlan module, where the function ipvlan process v6 outbound was assuming the IPv6 network header is...

PT-2025-6775 · Palo Alto Networks · Pan-Os Openconfig Plugin

Name of the Vulnerable Software and Affected Versions: Palo Alto Networks PAN-OS affected versions not specified Description: A command injection vulnerability in the Palo Alto Networks PAN-OS OpenConfig plugin enables an authenticated administrator to make gNMI requests to the PAN-OS management...

PT-2024-21933 · Wasm3 · Wasm3

Name of the Vulnerable Software and Affected Versions: wasm3 version 139076a Description: The issue is related to a Denial of Service DoS attack. This means an attacker could potentially cause the service to become unavailable by overwhelming it with traffic. Recommendations: For wasm3 version...

PT-2024-7501 · Cisco · Cisco Adaptive Security Device Manager +2

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance ASA Software affected versions not specified Cisco Firepower Threat Defense FTD Software affected versions not specified Description: A vulnerability in the TLS cryptography functionality could allow an...

Wordfence Intelligence Weekly WordPress Vulnerability Report (September 30, 2024 to October 6, 2024)

Calling all superheroes and haunters! Introducing the Cybersecurity Month Spooktacular Haunt and the WordPress Superhero Challenge for the Wordfence Bug Bounty Program! Through November 11th, 2024: All in-scope vulnerability types for WordPress plugins/themes with = 1,000 active installations are...

CVE-2024-9463

creationtimestamp| type| source ---|---|--- 2024-10-09 19:50:30+00:00| seen| https://t.me/cvedetector/7514 2024-10-10 12:00:25+00:00| seen| https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus24/2024 2024-10-10 13:17:11+00:00| published-proof-of-concept| https://t.me/truesecator/6304 2024-10-1...

PT-2024-37658 · WordPress · Login With Phone Number

Name of the Vulnerable Software and Affected Versions: Login with phone number plugin for WordPress versions up to, and including, 1.7.49 Description: The issue is due to a lack of validation and missing capability check on user-supplied data in the lwp update password action function. This allow...

PT-2024-39093 · Sourcecodester · Clinic'S Patient Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Clinics Patient Management System version 2.0 Description: A vulnerability exists in the system, allowing for an open redirect. The issue is related to the manipulation of the goto page argument in an unknown function of the fi...

PT-2024-18172 · Nt Ware +1 · Uniflow Online +1

Name of the Vulnerable Software and Affected Versions: uniFLOW Online versions prior to and including 2024.1.0 Description: The registration process of uniFLOW Online apps can be compromised when email login is enabled on the tenant, particularly for those utilizing email login in combination wit...

PT-2024-38512 · WordPress · Dn Popup

Name of the Vulnerable Software and Affected Versions: DN Popup WordPress plugin versions 1.2.2 and earlier Description: The issue is related to the lack of a CSRF check when updating the plugin's settings. This could allow attackers to make a logged-in admin change the settings via a CSRF attack...

CVE-2024-7540

oFono AT CMGL Command Uninitialized Variable Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit this...

PT-2024-26480 · Totolink · Totolink Cp900L

Name of the Vulnerable Software and Affected Versions: TOTOLINK CP900L version 4.1.5cu.798 B20221228 Description: A stack overflow issue was discovered via the desc parameter in the SetPortForwardRules function. This allows for potential exploitation. Recommendations: For TOTOLINK CP900L version...

PT-2024-26468 · Dedecms · Dedecms

Name of the Vulnerable Software and Affected Versions: DedeCMS version 5.7.114 Description: The issue concerns an arbitrary file upload vulnerability located on the media add .php page in the backend of the website. Recommendations: For version 5.7.114, consider restricting access to the media ad...

PT-2024-3929 · Google +6 · Google Chrome +6

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 125.0.6422.141 Microsoft Edge affected versions not specified Description: The issue is related to a use after free vulnerability in the Presentation API of Google Chrome and Microsoft Edge browsers. This...