Hitachi Energy Ellipse

SUMMARY Hitachi Energy is aware of a Jasper Report vulnerability that affects the Ellipse product versions mentioned in this document below. This vulnerability can be exploited to carry out remote code execution RCE attack on the product. Please refer to the Recommended Immediate Actions for...

CVE-2024-41107

The CloudStack SAML authentication disabled by default does not enforce signature check. In CloudStack environments where SAML authentication is enabled, an attacker that initiates CloudStack SAML single sign-on authentication can bypass SAML authentication by submitting a spoofed SAML response...

PT-2025-24051 · Totolink · Totolink X15

Name of the Vulnerable Software and Affected Versions: TOTOLINK X15 version 1.0.0-B20230714.1105 Description: A critical vulnerability has been found in the HTTP POST Request Handler component of TOTOLINK X15, affecting the file /boafrm/formWlanRedirect. The manipulation of the redirect-url...

PT-2025-29663

Name of the Vulnerable Software and Affected Versions Oracle VM VirtualBox version 7.1.10 Description An easily exploitable issue exists in the Core component of Oracle VM VirtualBox, allowing a high-privileged attacker with access to the infrastructure where Oracle VM VirtualBox executes to...

PT-2025-21975 · Unknown · Woocommerce

Name of the Vulnerable Software and Affected Versions: Product Code for WooCommerce versions 1.5.0 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability, which allows for Cross Site Request Forgery. This means an attacker can trick a user into performing unintended...

CGA-MHJW-7F5M-83JF

Bulletin has no description...

Hitachi Energy RTU500 Series (Update B)

SUMMARY Hitachi Energy is aware of the vulnerabilities, CVE-2024-10037, CVE-2024-11499, CVE-2024-12169, and CVE-2025-1445 in the RTU500 Web server component, the IEC 60870-5-104 controlled station implementation and IEC 61850 implementation, that affects the RTU500 versions that are listed...

Hitachi Energy MACH PS700

SUMMARY Hitachi Energy is aware of a vulnerability in third party component Intel Chipset Device Software, that affects MACH PS700 v2 product versions listed in this document. Authenticated malicious clients successfully exploiting this vulnerability could escalate the privilege to cause...

PT-2025-5726 · Progress · Loadmaster

Name of the Vulnerable Software and Affected Versions: LoadMaster versions 7.2.48.12 and earlier LoadMaster versions 7.2.49.0 through 7.2.54.12 LoadMaster versions 7.2.55.0 through 7.2.60.1 ECS versions prior to 7.2.60.1 Description: The issue is related to improper input validation of...

PT-2025-3816 · Unknown · Code-Projects Online Book Shop

Name of the Vulnerable Software and Affected Versions: code-projects Online Book Shop version 1.0 Description: A critical issue has been found in the code-projects Online Book Shop, affecting an unknown part of the /booklist.php file. The manipulation of the subcatid argument leads to SQL...

PT-2024-34546 · Jepaas · Jepaas

Name of the Vulnerable Software and Affected Versions: JEPaaS version 7.2.8 Description: The issue is related to SQL injection vulnerability in multiple parameters via the "/je/login/btnLog/insertBtnLog" API endpoint. This could allow a remote user to submit a specially crafted query, enabling an...

2024.3 IPU - Intel® Processor RAPL Interface Advisory

Summary: A potential security vulnerability in the Running Average Power Limit RAPL interface for some Intel® Processors may allow information disclosure. Intel is releasing firmware updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2024-23984 Description:...

Windows Secure Kernel Mode Elevation of Privilege Vulnerability

Summary: As of July 10, 2025 Microsoft has completed mitigations to address this vulnerability. See KB5042562: Guidance for blocking rollback of virtualization-based security related updates and the Recommended Actions section of this CVE for guidance on how to protect your systems from this...

Intel® Data Center GPU Max Series Advisory

Summary: A potential security vulnerability in the Intel® Data Center GPU Max Series 1100 and 1550 products may allow denial of service. Intel is releasing prescriptive guidance to address this potential vulnerability. Vulnerability Details: CVEID: CVE-2023-47165 Description: Improper conditions...

Hitachi Energy RTU500 Series Product (Update B)

SUMMARY Hitachi Energy is aware of the vulnerability CVE-2024-2617 in the RTU500 Web server component, that affects the RTU500 versions that are listed below. An attacker successfully exploiting this vulnerability could bypass secure update. Please refer to the Recommended Immediate Actions for...

PT-2024-1597

Name of the Vulnerable Software and Affected Versions: kernel versions prior to 6.1.77-alt1 kernel-uek, kernel-uek-debug, kernel-uek-debug-devel, kernel-uek-devel, kernel-uek-doc, kernel-uek-tools versions prior to 6.1.77-alt1 kernel versions 5.10.206 through 5.10.209 Debian 10 buster kernel...

PT-2023-8128

Name of the Vulnerable Software and Affected Versions OpenSSH versions 9.6 and earlier Description The issue is related to a potential row hammer attack that could allow authentication bypass. This is applicable to a certain threat model of attacker-victim co-location in which the attacker has us...

PT-2023-18403 · Intel · Intel Unison

Name of the Vulnerable Software and Affected Versions: Intel Unison affected versions not specified Description: The issue concerns an uncaught exception in Intel Unison software that could allow an authenticated user with local access to potentially escalate privileges. Recommendations: At the...

PT-2023-35578 · Git +1 · Libredwg

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a heap-buffer-overflow read error. Technical details include a crash type of Heap-buffer-overflow READ 16, with the crash state...

PT-2023-32521 · Undefined · Undefined

Name of the Vulnerable Software and Affected Versions: No information is available about the vulnerable software and its affected versions. Description: The issue was accidentally requested. There is a vulnerability notification available. Recommendations: At the moment, there is no information...