PT-2026-31259

Name of the Vulnerable Software and Affected Versions MAIO – The new AI GEO / SEO tool versions n/a through 6.2.8 Description A missing authorization issue exists in HBSS Technologies MAIO – The new AI GEO / SEO tool, allowing exploitation of incorrectly configured access control security levels...

EUVD-2025-208466

PROBLEMTYPE in COMPONENT in VENDOR PRODUCT VERSION on PLATFORMS allows ATTACKER to IMPACT via VECTOR...

KB5077473 - Description of the security update for SQL Server 2016 SP3 Azure Connect Feature Pack: March 10, 2026

KB5077473 - Description of the security update for SQL Server 2016 SP3 Azure Connect Feature Pack: March 10, 2026 Summary Improvements and fixes included in this update How to obtain and install the update More information File information Information about protection and security Summary This...

CVE-2021-22800

A CWE-20: Improper Input Validation vulnerability exists that could cause a Denial of Service when a crafted packet is sent to the controller over network port 1105/TCP. Affected Product: Modicon M218 Logic Controller V5.1.0.6 and prior...

CVE-2024-44636

CVE-2024-44636 affects PHPGurukul Student Record System 3.20. A SQL Injection flaw exists in /admin-profile.php, exploitable via the parameters adminname and aemailid . The vulnerability, confirmed across multiple sources, could allow an attacker to execute SQL commands and access database data. ...

Security Bulletin: IBM Copy Services Manager may be affected by a vulnerabilities due to default security configuration allowing cross site scripting

Summary A vulnerability has been found that allows cross site scripting once a user has been authenticated or unauthenticated into the server. Although likelihood of this issue being exploited is very low, IBM Copy Services Manager frequently updates configuration files in the product dependency...

CVE-2025-11909 Shenzhen Ruiming Technology Streamax Crocus RepairRecord.do queryLast sql injection

A weakness has been identified in Shenzhen Ruiming Technology Streamax Crocus 1.3.40. The impacted element is the function queryLast of the file /RepairRecord.do?Action=QueryLast. Executing manipulation of the argument orderField can lead to sql injection. The attack may be performed from remote...

EUVD-2002-2353

Malware in sbrugna...

EUVD-2020-26155

Malware in sbrugna...

EUVD-2020-29813

Malware in sbrugna...

EUVD-2022-25651

Malicious code in bioql PyPI...

PT-2025-36727

Name of the Vulnerable Software and Affected Versions: versions affected versions not specified Description: A denial-of-service issue exists due to the controller repeatedly attempting to forward messages. This can result in a major, nonrecoverable fault on the controller. Recommendations: At th...

CVE-2025-57733

JetBrains TeamCity prior to 2025.07.1 is vulnerable to a sMTP injection that can modify email content. The CVE-2025-57733 entry is corroborated by multiple connected sources, including Red Hat advisory and PT Security, which list TeamCity

PT-2025-29301 · Undefined · Undefined

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: The provided descriptions indicate an authentication bypass issue. The reason for rejection is stated as 'Not used'. Recommendations: At the moment, there is no information about a newer...

CVE-2023-24724

A stored cross site scripting XSS vulnerability was discovered in the user management module of the SAS 9.4 Admin Console, due to insufficient validation and sanitization of data input into the user creation and editing form fields. The product name is SAS Web Administration interface SASAdmin. F...

CVE-2025-27567

Cross-site scripting vulnerability exists in the NickName registration screen of HGW-BL1500HM Ver 002.002.003 and earlier. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who is using the configuration page or functions accessible only from t...

JVN#19358384: hostapd vulnerable to improper processing of RADIUS packets

hostapd provided by Jouni Malinen fails to process crafted RADIUS packets properly CWE-826. Impact When hostapd authenticates wi-fi devices with RADIUS authentication, an attacker in the position between the hostapd and the RADIUS server may inject crafted RADIUS packets and force RADIUS...

CVE-2023-36531

Missing Authorization vulnerability in LiquidPoll LiquidPoll – Advanced Polls for Creators and Brands allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LiquidPoll – Advanced Polls for Creators and Brands: from n/a through 3.3.68...

CVE-2024-45205

An Improper Certificate Validation on the UniFi iOS App managing a standalone UniFi Access Point not using UniFi Network Application could allow a malicious actor with access to an adjacent network to take control of this UniFi Access Point. Affected Products: UniFi iOS App Version 10.17.7 and...

KB5046860 - Description of the security update for SQL Server 2019 CU29: November 12, 2024

KB5046860 - Description of the security update for SQL Server 2019 CU29: November 12, 2024 Summary Improvements and fixes included in this update How to obtain and install the update How to obtain or download the latest cumulative update package for Linux More information File information...