PT-2026-49102

Name of the Vulnerable Software and Affected Versions GPAC MP4Box version 2.4 Description A floating point exception occurs in the avidmx process function within the isomedia/isom write.c file. A floating point exception is a runtime error that happens when a program attempts an illegal arithmeti...

PT-2026-48801

Unknown description...

PT-2026-45158

Name of the Vulnerable Software and Affected Versions Twig affected versions not specified Description SandboxNodeVisitor fails to fully enforce SecurityPolicy::checkMethodAllowed for implicit toString calls because the set of wrapped AST nodes in CheckToStringNode is incomplete. This allows a...

MINI-RV3F-J8RF-C25F

Bulletin has no description...

PT-2026-39086

Content removed...

MINI-C9P3-27R3-HGWC

Bulletin has no description...

CVE-2026-3057

A security flaw has been discovered in a54552239 pearProjectApi up to 2.8.10. Affected is the function dateTotalForProject of the file application/common/Model/Task.php of the component Backend Interface. The manipulation of the argument projectCode results in sql injection. The attack can be...

CGA-PRJ8-J638-QHR5

Bulletin has no description...

EUVD-2025-203436

WEBIGniter 28.7.23 contains a file upload vulnerability that allows authenticated attackers to upload and execute dangerous PHP files through the media function. Attackers can leverage any created account to upload malicious PHP scripts that enable remote code execution on the application server...

PT-2025-51248

FNT Command 13.4.0 is vulnerable to Directory Traversal...

PT-2025-39074

🔵 Ammonia, Mutation XSS, CVE-2025-42581 Low https://t.co/YUWArRZLdF...

CGA-PRJ6-RP27-GHPR

Bulletin has no description...

MAL-2025-41043 Malicious code in zodiac-waterfall-ghm775-project (npm)

The package zodiac-waterfall-ghm775-project was found to contain malicious code...

PT-2025-1384 · Unknown · Pearprojectapi

Name of the Vulnerable Software and Affected Versions: pearProjectApi version 2.8.10 Description: The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the projectCode parameter at the "project.php" endpoint. Recommendations: For pearProjectApi version...

PearProject SQL注入漏洞

PearProject is a project management system backend interface for vilson individual developers. A security vulnerability exists in PearProject version v2.8.10, which originates from an SQL injection vulnerability contained via the projectCode parameter on project.php...

GHSA-JX34-GQQQ-R6GM Stored XSS via HTML fields in SilverStripe Framework

SilverStripe Framework through 4.10.8 allows XSS, inside of script tags that can can be added to website content via XHR by an authenticated CMS user if the cwp-core module is not installed on the sanitiseserverside contig is not set to true in project code...

Stored XSS via HTML fields in SilverStripe Framework

SilverStripe Framework through 4.10.8 allows XSS, inside of script tags that can can be added to website content via XHR by an authenticated CMS user if the cwp-core module is not installed on the sanitiseserverside contig is not set to true in project code...

CVE-2018-19011

CX-Supervisor Versions 3.42 and prior can execute code that has been injected into a project file. An attacker could exploit this to execute code under the privileges of the application...