Lucene search
+L

13 matches found

Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.19 views

PT-2026-49615

CVE ID :CVE-2026-54294 Published : June 15, 2026, 6:33 p.m. | 1 hour, 17 minutes ago Description :None Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

5.2AI score0.00045EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.11 views

PT-2026-48803

Unknown description...

5.4AI score
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.18 views

PT-2026-47219

Name of the Vulnerable Software and Affected Versions Twig versions prior to 3.26.0 Description An issue exists where the sandbox visitor fails to wrap mapping keys in ArrayExpression with CheckToStringNode. When a dynamic key expression resolves to a Stringable object, the ArrayExpression::compi...

7.1CVSS5.8AI score0.00234EPSS
Exploits0References14
Positive Technologies
Positive Technologies
added 2026/05/20 12:0 a.m.11 views

PT-2026-42178

CVE-2026-47237 – Overly Permissive Istio Permissions Allow Kubeflow Authorization Token Stealing https://t.co/NYDWRfbN4F...

5.8AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.15 views

PT-2026-38253

Name of the Vulnerable Software and Affected Versions Nitro versions prior to 2.13.4 Nitro versions prior to 3.0.260429-beta Description An attacker can bypass proxy route rules by sending percent-encoded path traversal sequences ..%2f in the URL. This occurs when Nitro treats these characters as...

5.3CVSS5.8AI score0.00392EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2026/04/17 12:0 a.m.8 views

PT-2026-33583

Name of the Vulnerable Software and Affected Versions Apache Airflow versions prior to 3.2.0 Description Dag Authors can craft an XCom payload that allows the webserver to execute arbitrary code, bypassing the restriction that normally prevents them from executing code in the webserver context...

7.2CVSS6.1AI score0.00822EPSS
Exploits0References20
Positive Technologies
Positive Technologies
added 2026/03/26 12:0 a.m.7 views

PT-2026-28797

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, the TrustProxies middleware trusts all proxies $proxies = '', accepting X-Forwarded-Host from any source. The TrustHosts middleware, intended to prevent host header attacks...

5.3CVSS6AI score0.00139EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/03/26 12:0 a.m.7 views

PT-2026-28793

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.469, the executeInDocker helper wraps user-controlled commands in single quotes without escaping embedded single quotes. Attackers who can edit application settings can inject a...

8.8CVSS6.2AI score0.00363EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/24 12:0 a.m.6 views

PT-2026-27352

Name of the Vulnerable Software and Affected Versions activitypub-federation-rust affected versions not specified Description The v4 is invalid function in activitypub-federation-rust does not properly validate IPv4 addresses, specifically failing to check for Ipv4Addr::UNSPECIFIED 0.0.0.0. This...

6.5CVSS5.9AI score0.00359EPSS
Exploits2References9
Positive Technologies
Positive Technologies
added 2026/03/19 12:0 a.m.7 views

PT-2026-26264

CVE-2026-99999: this fucking thing...

5.8AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/27 12:0 a.m.7 views

PT-2026-4854

Name of the Vulnerable Software and Affected Versions ASDA-Soft affected versions not specified Description ASDA-Soft contains a stack-based buffer overflow issue. Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability...

9.8CVSS6.2AI score0.00532EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/01/26 12:0 a.m.7 views

PT-2026-4853

A flaw has been found in Totolink A8000RU 7.1cu.643 b20200521. This issue affects the function setWiFiAclRules of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. This manipulation of the argument mode causes os command injection. The attack is possible to be carried out remotely. The...

10CVSS8.2AI score0.01766EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2025/12/29 12:0 a.m.6 views

PT-2026-4735

Name of the Vulnerable Software and Affected Versions gix-date affected versions not specified Description The gix date::parse::TimeBuf::as str function can produce strings with invalid, non-UTF8 characters. This breaks internal safety rules within the TimeBuf component, potentially causing...

7.1CVSS5.9AI score0.00193EPSS
Exploits1References21
Rows per page
Query Builder