PT-2025-29342 · Open5Gs · Open5Gs

Name of the Vulnerable Software and Affected Versions: Open5GS versions up to 2.7.3 Description: A problematic issue exists in Open5GS related to the SCTP Partial Message Handler component. The ngap recv handler/s1ap recv handler/recv handler function is susceptible to a reachable assertion due t...

PT-2025-28829 · WordPress · Ait Csv Import/Export

Name of the Vulnerable Software and Affected Versions: WordPress AIT CSV Import/Export plugin versions ≤ 3.0.3 Description: The issue allows for an unrestricted file upload, where an attacker can upload arbitrary files, including malicious PHP code, to the server via a multipart/form-data POST...

PT-2025-28378 · Samsung · Galaxy Tablet

Name of the Vulnerable Software and Affected Versions: Galaxy Tablet versions prior to SMR Jul-2025 Release 1 Description: The issue concerns improper authorization for accessing saved Wi-Fi passwords on Galaxy Tablet devices. This allows secondary users to access the owner's saved Wi-Fi password...

PT-2025-24132 · Unknown · Email Subscribe Form

Name of the Vulnerable Software and Affected Versions: Elastic Email Subscribe Form versions 1.2.2 and earlier Description: The issue is related to a Missing Authorization vulnerability in the Elastic Email Subscribe Form, which allows exploitation due to incorrectly configured access control...

PT-2025-24031 · WordPress · Wp Online Users Stats

Name of the Vulnerable Software and Affected Versions: WP Online Users Stats plugin for WordPress versions up to and including 1.0.0 Description: The issue allows authenticated attackers with Editor-level access or higher to inject additional SQL queries into existing ones, potentially extracting...

PT-2025-21276 · Esignal · Esignal

Name of the Vulnerable Software and Affected Versions: eSigna versions 1.0 through 1.5 Description: The issue is related to an Insecure Direct Object Reference IDOR vulnerability in the eSignaViewer component. This vulnerability allows an unauthenticated attacker to access arbitrary files in the...

PT-2025-20162 · Unknown · Themefic Beaf

Name of the Vulnerable Software and Affected Versions: Themefic BEAF versions through 4.6.10 Description: The issue allows for the unrestricted upload of files with dangerous types, enabling the upload of a web shell to a web server. This can be exploited to gain unauthorized access to the server...

PT-2025-18204 · Unknown · Phpgurukul Online Nurse Hiring System

Name of the Vulnerable Software and Affected Versions: PHPGurukul Online Nurse Hiring System version 1.0 Description: A critical issue has been discovered, affecting an unknown functionality of the file /admin/view-request.php. The manipulation of the viewid argument leads to SQL injection. This...

PT-2025-14545 · Bl-Ac2100 · Bl-Ac2100

Name of the Vulnerable Software and Affected Versions: BL-AC2100 versions 1.0.4 and earlier Description: The issue allows a remote attacker to execute arbitrary code via the enable parameter passed to "/goform/set hidessid cfg", which is not handled properly. Recommendations: For BL-AC2100 versio...

PT-2025-13223 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.12.0-rc7+ Description: A vulnerability in the Linux kernel has been resolved, specifically in the RDMA/mlx5 component. The issue was related to an implicit ODP hang on parent deregistration. The problem occurr...

PT-2025-12479 · WordPress · Export/Import Users/Customers

Name of the Vulnerable Software and Affected Versions: Export and Import Users and Customers plugin for WordPress versions prior to 2.6.3 Description: The issue is related to insufficient file path validation in the admin log page function, allowing authenticated attackers with Administrator-leve...

PT-2025-26181

Name of the Vulnerable Software and Affected Versions ClamAV versions 1.0.9 through 1.4.3 Description A vulnerability in the PDF scanning processes of ClamAV could allow an unauthenticated, remote attacker to cause a buffer overflow condition, cause a denial of service DoS condition, or execute...

PT-2025-28386 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions prior to 15 Description: The issue is related to out-of-bounds writing when accessing uninitialized memory in libsavsvc.so. This allows local attackers to cause memory corruption. Recommendations: For Android versions prior t...

PT-2023-24932 · Unknown · Prestashop +1

Name of the Vulnerable Software and Affected Versions: Prestashop opartplannedpopup versions 1.4.11 and earlier Description: The issue allows remote attackers to run arbitrary SQL commands via the OpartPlannedPopupModuleFrontController::prepareHook method. This enables attackers to potentially...

PT-2023-20516 · Unknown · Drogonframework/Drogon

Name of the Vulnerable Software and Affected Versions: drogonframework/drogon versions prior to the fixed version Description: The issue arises when untrusted user input is used to set request headers in the addHeader function, allowing an attacker to inject additional headers by adding r carriag...

PT-2023-18010 · Google · Android Kernel

Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue is related to a heap buffer overflow in the ss ProcessReturnResultComponent function of ss MmConManagement.c, which could lead to a possible out of bounds read. This might result in remote information...

PT-2023-21585 · Avalanche · Avalanche

Name of the Vulnerable Software and Affected Versions: Avalanche versions 6.3.x and below Description: An unrestricted upload of file with a dangerous type vulnerability exists that could allow an attacker to achieve remote code execution. Recommendations: For Avalanche versions 6.3.x and below,...

PT-2023-1798 · Ibm · Ibm Infosphere Information Server

Name of the Vulnerable Software and Affected Versions: IBM InfoSphere Information Server version 11.7 Description: The issue is related to a cross-site scripting vulnerability in the web interface of the platform, which can be exploited by an attacker to execute arbitrary JavaScript code,...

PT-2025-25926

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.12.0 Description A vulnerability in the Linux kernel has been resolved, related to the netfilter flowtable. The issue occurs when a flow table entry has pending HW stats or HW add work, causing the flow table...

PT-2022-23466 · Seiko · Seiko Skybridge Mb-A100/A110

Name of the Vulnerable Software and Affected Versions: Seiko SkyBridge MB-A100/A110 versions 4.2.0 and below Description: The issue allows attackers to execute arbitrary code via a crafted html file, exploiting an arbitrary file upload vulnerability through the restore backup function...