799 matches found
PT-2026-51160
Name of the Vulnerable Software and Affected Versions jq versions prior to 1.8.2 Description In assertion-disabled builds, the jq --rawfile command can lead to invalid-state reuse and a heap out-of-bounds write. This occurs when the jv load fileraw=1 function reads an attacker-controlled file and...
PT-2026-45644
Memory corruption while processing fastboot commands with invalid input...
PT-2026-48805
Unknown description...
PT-2026-48815
Unknown description...
PT-2026-48802
Unknown description...
PT-2026-45196
A weakness has been identified in SourceCodester Hospitals Patient Records Management System 1.0. Affected is an unknown function of the file /classes/Users.php?f=save. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been...
PT-2026-48607
Unknown description...
PT-2026-47213
Name of the Vulnerable Software and Affected Versions Incus version 7.0.0 Description An authenticated user with can create instances permission can cause a denial of service by crashing the incusd daemon. The issue occurs when the daemon processes an instance backup tarball containing a malforme...
PT-2026-47214
Name of the Vulnerable Software and Affected Versions incus versions 6.0.x and 7.0.0 Description An authenticated user with can create storage volumes permissions can cause a denial of service by crashing the incusd daemon. The issue occurs during the processing of an imported custom-volume backu...
PT-2026-47212
Name of the Vulnerable Software and Affected Versions Incus affected versions not specified Description The S3 protocol upload endpoint is susceptible to path traversal, enabling the creation of arbitrary files on the host system. This occurs because the uploadId variable is appended to the uploa...
PT-2026-44921
A vulnerability was found in macrozheng mall up to 1.0.3. This affects an unknown function of the file /admin/update/ of the component Super Admin Password Handler. Performing a manipulation results in improper authorization. Remote exploitation of the attack is possible. The vendor deleted the...
PT-2026-47186
Please update...
PT-2026-44176
This vulnerability in Veeam Service Provider Console allows for remote code execution...
PT-2026-44346
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.11-1.1 Description A deadlock occurs in the cgroup subsystem during the rmdir2 operation. The issue arises when the process calling rmdir is also the reaper of a zombie process that pins a PID namespace...
PT-2026-47091
Name of the Vulnerable Software and Affected Versions crun affected versions not specified Description Security issues were identified and subsequently resolved in the software. Recommendations Update to version 1.28-1.1...
PT-2026-47220
Name of the Vulnerable Software and Affected Versions Twig affected versions not specified Description An issue exists where a sandboxed template author can trigger a disallowed toString method on objects reachable from the render context, bypassing the security policy. This occurs through two...
PT-2026-47207
Name of the Vulnerable Software and Affected Versions Twig PHP templating engine affected versions not specified Description An allow-list bypass exists within the Sandbox filter, tag, and function mechanisms, which could allow an attacker to execute unauthorized actions by circumventing the...
OSV-2026-795 Stack-buffer-underflow in probe_dasd_pt
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=514896889 Crash type: Stack-buffer-underflow READ 1 Crash state: probedasdpt idinfoprobe partitionsprobe...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: dmaengine: ptdma: A check for a null descriptor is performed before calling ptcmdcallback. This issue resolves a panic that can occur on AMD systems, typically during host shutdown, after the PTDMA driver has been exercised. The...
PT-2026-42195
InfoScale VIOM 9.1.3 allows XSS...