PT-2026-45386

Name of the Vulnerable Software and Affected Versions Teamwork Cloud versions No Magic Release 2022x through No Magic Release 2026x Magic Collaboration Studio versions CATIA Magic Release 2022x through CATIA Magic Release 2026x Description An issue involving the deserialization of untrusted data...

MediaTek Chipsets Security Vulnerabilities

MediaTek Chipsets are a series of chips developed by MediaTek Corporation in China. The MediaTek Chipsets contain security vulnerabilities, which stem from buffer overflow attacks. These vulnerabilities may lead to remote code execution, requiring user execution privileges for exploitation...

PT-2026-45373

Name of the Vulnerable Software and Affected Versions Apache ActiveMQ Broker versions prior to 5.19.7 Apache ActiveMQ Broker versions 6.0.0 through 6.2.5 Apache ActiveMQ All versions prior to 5.19.7 Apache ActiveMQ All versions 6.0.0 through 6.2.5 Apache ActiveMQ versions prior to 5.19.7 Apache...

HP Poly Voice security vulnerabilities

HP Poly Voice is a voice communication software developed by the American company Hewlett-Packard HP. There is a security vulnerability in HP Poly Voice, which stems from a buffer overflow issue when administrators enable interactive connection establishment. This vulnerability may lead to remote...

D-Link DI-8400 security vulnerability

The D-Link DI-8400 is a wireless router produced by D-Link Corporation. The D-Link DI-8400, versions 16.07.26A1 and earlier, contained a security vulnerability. This vulnerability stemmed from a stack buffer overflow in the /dbsrv.asp file, which could allow a remote attacker to execute arbitrary...

PT-2026-45545

IBM WebSphere Application Server 9.0, and 8.5 is affected by an improper validation of user-supplied data during deserialization using the SAML Web Single Sign-On component. This could result in remote code execution via a crafted HTTP request when combined with a suitable gadget chain...

Apache Airflow security vulnerabilities

Apache Airflow is an open-source platform developed by the Apache Foundation in the United States. It allows for the creation, management, and monitoring of workflows. Versions of Apache Airflow prior to 3.2.2 contained security vulnerabilities. These vulnerabilities stemmed from the XCom PATCH...

PUB-A-476108161

In TextRtpPayloadDecoderNode::DecodeT140 of TextRtpPayloadDecoderNode.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

PUB-A-477021934

In mfccoregetdecmetadataseinal of mfccoreregapi.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

IBM i Access injection vulnerability

IBM i Access is a set of IBM i platform client software developed by the American multinational company International Business Machines IBM. Versions 1.1.5.0 to 1.1.9.12 of IBM i Access, along with IBM i Access Client Solutions, have injection vulnerabilities. These vulnerabilities arise when the...

IBM WebSphere Application Server (WAS) code injection vulnerability

IBM WebSphere Application Server WAS is an application server product developed by IBM. It serves as a platform for JavaEE and web services applications and forms the foundation of the IBM WebSphere software suite. Both the 9.0 and 8.5 versions of IBM WebSphere Application Server contained a code...

PT-2026-45540

AI Tensor Engine for ROCm AITER through 0.1.14 contains an unauthenticated remote code execution vulnerability in the MessageQueue.recv function within shm broadcast.py that allows unauthenticated remote attackers to execute arbitrary code by sending a malicious pickle payload to a ZMQ SUB socket...

PT-2026-45442

A critical Remote Code Execution RCE vulnerability exists in Disig Web Signer versions 2.0.3 through 2.5.3...

PT-2026-45371

Name of the Vulnerable Software and Affected Versions Apache Airflow versions prior to 3.2.2 Description A bug in the XCom PATCH endpoint "PATCH /api/v2/xcomEntries/key" allows an authenticated UI/API user with XCom write permission on a Dag to set XCom entries using reserved key names, such as...

Apache ActiveMQ security vulnerabilities

Apache ActiveMQ is an open-source messaging middleware developed by the Apache Foundation in the United States. It supports Java Message Service, clustering, Spring Framework, etc. There is a security vulnerability in Apache ActiveMQ. This vulnerability stems from the default access policy of the...

PUB-A-449725960

In Modem, there is a possible out of bounds read due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

PUB-A-481311295

In RtpSession::rtpSendRtcpPacket, there is a possible OOB write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

PUB-A-477022794

In mfccorenalqgetdecmetadataseinal of mfccorenalq.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

PUB-A-481652714

In ParsePayloads of AudioSdpParser.cpp, there is a possible memory corruption due to type confusion. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

PUB-A-472711335

In WC-Radio, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...