PT-2025-3589

Name of the Vulnerable Software and Affected Versions Raptor RDF Syntax Library versions 2.0.0 through 2.0.16 Description The issue is related to an integer underflow when normalizing a URI with the turtle parser in the raptor uri normalize path function. This problem occurs in the Raptor RDF...

PT-2024-31624 · Zoom · Zoom Product Suite

Name of the Vulnerable Software and Affected Versions: Zoom Product Suite versions prior to 6.2.0 Description: A buffer overflow issue in some Zoom Apps may allow an authenticated user to conduct an escalation of privilege via network access. This issue can be exploited by authenticated users,...

PT-2024-31184 · Tenda · Tenda Ax1806

Name of the Vulnerable Software and Affected Versions: Tenda AX1806 version 1.0.0.1 Description: The issue is a stack overflow that occurs via the serverName parameter in the form fast setting internet set function. Recommendations: For Tenda AX1806 version 1.0.0.1, as a temporary workaround,...

PT-2024-28852 · Unknown · Squirrelly

Name of the Vulnerable Software and Affected Versions: squirrellyjs squirrelly version 9.0.0 Description: The issue is a code injection vulnerability via the component options.varName. This vulnerability was discovered in squirrellyjs squirrelly and was fixed in version 9.0.1, however, another...

PT-2024-7008

Name of the Vulnerable Software and Affected Versions DOMPurify versions prior to 2.5.4 DOMPurify versions prior to 3.1.3 Description The issue is related to the DOMPurify library, which is a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML, and SVG. It has been discovered that...

PT-2024-10599 · Microsoft · Windows 10 +3

Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions 8 through 11 Description: The issue concerns a temporary client-side performance degradation that occurs when processing multiple Unicode combining characters, also known as a "Zalgo text" attack. This affects the...

PT-2024-7914

Name of the Vulnerable Software and Affected Versions node-tar versions prior to 6.2.1 Node.js affected versions not specified Description The node-tar package, used for Tar operations in Node.js, is susceptible to a denial-of-service condition. This occurs because there is no limit on the number...

PT-2023-29982 · Tenda · Tenda W18E

Name of the Vulnerable Software and Affected Versions: Tenda W18E version 16.01.0.81576 Description: The issue is related to a stack overflow vulnerability. It occurs via the portMirrorMirroredPorts parameter in the formSetNetCheckTools function. Recommendations: For Tenda W18E version...

PT-2023-26793 · Ntsc-Crt · Ntsc-Crt

Name of the Vulnerable Software and Affected Versions: NTSC-CRT version 2.2.1 Description: The issue is related to an integer overflow and out-of-bounds write in the loadBMP function in bmp rw.c. This occurs because the file's width, height, and BPP are not validated. The vendor notes that the ma...

PT-2023-20854 · Xpdf +1 · Xpdf +1

Name of the Vulnerable Software and Affected Versions: XPDF version 4.04 Description: A Buffer Overflow issue allows an attacker to cause a Denial of Service via the PDFDoc malloc in the pdftotext.cc function. The vendor states that this is an expected abort on out-of-memory error. Recommendation...

PT-2023-15902 · Sisimai · Sisimai

Name of the Vulnerable Software and Affected Versions: Sisimai versions up to 4.25.14p11 Description: A vulnerability has been found in the function to plain of the file lib/sisimai/string.rb, leading to inefficient regular expression complexity. The exploit has been disclosed to the public and m...

PT-2022-7809 · Unknown · Markdown-It

Name of the Vulnerable Software and Affected Versions: markdown-it versions up to 2.x Description: A vulnerability was found in markdown-it, classified as problematic. It affects an unknown function of the file lib/common/html re.js, leading to inefficient regular expression complexity. Upgrading...

PT-2022-27870 · Docconv · Docconv

Name of the Vulnerable Software and Affected Versions: docconv versions prior to 1.2.1 Description: A critical issue affects the function ConvertPDFImages of the file pdf ocr.go. The manipulation of the argument path leads to os command injection. The attack can be initiated remotely...

PT-2022-27111 · Pdftojson · Pdftojson

Name of the Vulnerable Software and Affected Versions: pdftojson version 94204bb Description: The issue is related to a stack overflow in the Object::copyObject:Object.cc component. This occurs due to a problem in the pdftojson commit 94204bb. Recommendations: For version 94204bb, consider applyi...

PT-2023-15616 · Uniswap · Uniswap Universal Router

Name of the Vulnerable Software and Affected Versions: Uniswap Universal Router versions prior to 1.1.0 Description: The issue concerns the mishandling of reentrancy in the Uniswap Universal Router, which could have allowed the theft of funds. Recommendations: For versions prior to 1.1.0, update ...

PT-2022-25546 · Pypi · D8S-Domains +1

Name of the Vulnerable Software and Affected Versions: d8s-domains version 0.1.0 Description: The d8s-domains for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-hypothesis package. Recommendations: For version...

PT-2022-21523 · Apple · Apple Macos +1

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 11.6.8 macOS versions prior to 12.5 Description: An out-of-bounds read issue was addressed with improved input validation. Processing a maliciously crafted AppleScript binary may result in unexpected termination or...

PT-2022-3032 · Ntfs-3G +9 · Ntfs-3G +9

Name of the Vulnerable Software and Affected Versions: NTFS-3G versions through 2021.8.22 Description: The issue is related to a heap-based buffer overflow in the ntfs names full collate function of the NTFS-3G module for the NTFS file system. This can be exploited by using a specially crafted NT...

PT-2022-6880 · File +6 · File +6

Name of the Vulnerable Software and Affected Versions: File versions prior to 5.43 Description: The issue is related to a stack-based buffer over-read in the file copystr function in funcs.c, which can lead to a denial of service when a specially crafted file is used. This can be exploited by an...

PT-2021-11555

Name of the Vulnerable Software and Affected Versions: merge versions prior to 2.1.1 Description: The issue concerns Prototype Pollution via the recursiveMerge function. This affects the merge package, potentially allowing for malicious modifications to the prototype. Recommendations: For version...