CVE-2022-38533 affecting package binutils 2.36.1-3

CVE-2022-38533 affecting package binutils 2.36.1-3. No patch is available currently...

CVE-2022-4904 affecting package grpc 1.35.0-9

CVE-2022-4904 affecting package grpc 1.35.0-9. No patch is available currently...

CVE-2022-1941 affecting package protobuf 3.14.0-1

CVE-2022-1941 affecting package protobuf 3.14.0-1. No patch is available currently...

CVE-2023-21843 affecting package openjdk8 1.8.0.332-2

CVE-2023-21843 affecting package openjdk8 1.8.0.332-2. No patch is available currently...

CVE-2022-46392 affecting package fluent-bit 1.5.2-3

CVE-2022-46392 affecting package fluent-bit 1.5.2-3. No patch is available currently...

JWK Set's HTTP client only overwrites and appends JWK to local cache during refresh

Impact The project's provided HTTP client's local JWK Set cache should do a full replacement when the goroutine refreshes the remote JWK Set. The current behavior is to overwrite or append. This is a security issue for use cases that utilize the provided auto-caching HTTP client and where key...

PT-2025-2803 · Unknown · Neat Board Nfc

Name of the Vulnerable Software and Affected Versions: Neat Board NFC version 1.20240620.0015 Description: A Buffer Overflow issue exists, allowing physically proximate attackers to escalate privileges via a crafted payload to the password field. This enables local privilege escalation...

CBL Mariner 2.0 Security Update: iperf3 (CVE-2024-53580)

The version of iperf3 installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-53580 advisory. - iperf v3.17.1 was discovered to contain a segmentation violation via the iperfexchangeparameters function...

PT-2025-3799 · Code Projects · Travel Management System

Name of the Vulnerable Software and Affected Versions: code-projects Travel Management System version 1.0 Description: A critical issue has been found in the Travel Management System, affecting some unknown processing of the file /enquiry.php. The manipulation of the argument...

PT-2025-3790 · Trimble · Trimble Sps851

Name of the Vulnerable Software and Affected Versions: Trimble SPS851 version 488.01 Description: A problematic issue was found in the Ethernet Configuration Menu component of the affected software. The manipulation of the Hostname argument leads to cross-site scripting. It is possible to initiat...

CVE-2024-56411

CVE-2024-56411 concerns PhpSpreadsheet: an XSS vulnerability in the hyperlink base used when generating HTML headers via PhpOffice\PhpSpreadsheet\Writer\Html. The issue arises because the HTML page header is built without sanitizing the hyperlink base, potentially allowing malicious payloads when...

PT-2025-19378 · Unknown +1 · Request-Tracker5 +1

Name of the Vulnerable Software and Affected Versions: request-tracker5 versions affected versions not specified Description: The issue concerns a Cross Site Scripting vulnerability via JavaScript injection in an RT permalink. Recommendations: At the moment, there is no information about a newer...

PT-2025-30997 · Gnu +1 · Gnu Binutils +1

Name of the Vulnerable Software and Affected Versions: GNU Binutils version 2.44 Description: A problematic issue exists in the BFD Library component of GNU Binutils. The bfd elf get str section function within the bfd/elf.c file is susceptible to a null pointer dereference. Local access is...

PT-2025-30806

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue where a warning is triggered on invalid firmware input within the ath6kl module. This warning does not provide useful information and is a frequent...

PT-2025-32545

Name of the Vulnerable Software and Affected Versions: LibTIFF versions prior to 4.5.1 Description: A stack-based buffer overflow issue exists in the tiffcrop component of LibTIFF, specifically within the readSeparateStripsetoBuffer function located in the tools/tiffcrop.c file. Local access is...

PT-2026-29080

Name of the Vulnerable Software and Affected Versions OpenSC versions prior to 0.27.0 Description OpenSC is a set of open source smart card tools and middleware. A stack-based buffer overflow can occur in the GET RESPONSE function when a user or administrator utilizes a token, allowing an attacke...

CVE-2024-56517

LGSL (Live Game Server List) is affected by CVE-2024-56517 with a reflected XSS in the Referer header affecting versions up to 6.2.1. Attackers can inject arbitrary JavaScript that is echoed back into an HTML attribute in the response due to insufficient sanitization. The issue is caused by using...

CVE-2024-56517 LGSL has a reflected XSS at /lgsl_files/lgsl_list.php

LGSL Live Game Server List provides online status lists for online video games. Versions up to and including 6.2.1 contain a reflected cross-site scripting vulnerability in the Referer HTTP header. The vulnerability allows attackers to inject arbitrary JavaScript code, which is reflected in the...

PT-2024-17864 · Unknown · Phpgurukul Complaint Management System

Name of the Vulnerable Software and Affected Versions: PHPGurukul Complaint Management System version 1.0 Description: A critical vulnerability has been found in the PHPGurukul Complaint Management System. This issue affects an unknown part of the file /admin/category.php. The manipulation of the...

PT-2024-28335 · Unknown · Cpacker Memgpt

Name of the Vulnerable Software and Affected Versions: Cpacker MemGPT version 0.3.17 Description: The issue is related to incorrect access control in the "/users" endpoint, allowing attackers to access sensitive data. Recommendations: For version 0.3.17, consider disabling access to the "/users"...