PT-2025-31261 · Unknown · Tuleap Enterprise Edition +1

Name of the Vulnerable Software and Affected Versions: Tuleap Community Edition versions prior to 16.9.99.1752585665 Tuleap Enterprise Edition versions prior to 16.8-6 and 16.9-5 Description: Tuleap is an Open Source Suite created to facilitate management of software development and collaboration...

PT-2025-31315 · Apple · Macos Ventura 13.7.7 +3

Name of the Vulnerable Software and Affected Versions: macOS versions prior to Sequoia 15.6 macOS versions prior to Sonoma 14.7.7 macOS versions prior to Ventura 13.7.7 Description: An out-of-bounds access issue exists due to insufficient bounds checking. Processing a maliciously crafted file may...

PT-2025-31322 · Apple · Apple Macos

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 15.6 macOS versions prior to 14.7.7 macOS versions prior to 13.7.7 Description: A permissions issue was addressed with additional restrictions. A malicious app with root privileges may be able to modify the contents of...

PT-2025-31334 · Apple · Apple Macos

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 15.6 macOS versions prior to 14.7.7 macOS versions prior to 13.7.7 Description: A permissions issue was addressed with additional restrictions. An app may be able to break out of its sandbox. Recommendations: Update to...

PT-2025-30474 · Unknown · Vigi Nvr1104H-4P V1 +1

Name of the Vulnerable Software and Affected Versions: VIGI NVR1104H-4P V1 versions prior to 1.1.5 Build 250518 VIGI NVR2016H-16MP V2 versions prior to 1.3.1 Build 250407 Description: A command injection vulnerability exists that can be exploited after authentication. Recommendations: Update VIGI...

PT-2025-30480

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 141 Firefox ESR versions prior to 128.13 Firefox ESR versions prior to 140.1 Thunderbird versions prior to 141 Thunderbird versions prior to 128.13 Thunderbird versions prior to 140.1 Description The username:password...

PT-2025-30484

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 141 Thunderbird versions prior to 141 Firefox ESR versions prior to 128.13 Firefox ESR versions prior to 140.1 Thunderbird ESR versions prior to 128.13 Thunderbird ESR versions prior to 140.1 Description Memory safety...

PT-2025-29283 · Unknown · Open Ondemand

Name of the Vulnerable Software and Affected Versions: Open OnDemand versions prior to 3.1.14 Open OnDemand versions prior to 4.0.6 Description: Open OnDemand, an open-source HPC portal, is susceptible to a denial-of-service DoS condition. By interacting with the shell application and generating...

PT-2025-28773 · Adobe · Framemaker

Name of the Vulnerable Software and Affected Versions: Adobe Framemaker versions 2020.8, 2022.6 and earlier Description: The issue is an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue...

PT-2025-28749 · Adobe · Coldfusion

Name of the Vulnerable Software and Affected Versions: ColdFusion versions 2025.2, 2023.14, 2021.20 and earlier ColdFusion versions prior to 2025.3 Description: A reflected Cross-Site Scripting XSS issue affects the software. If an unauthenticated attacker convinces a victim to visit a URL...

PT-2025-28790 · Adobe · Illustrator

Name of the Vulnerable Software and Affected Versions: Illustrator versions 28.7.6 and earlier Illustrator version 29.5.1 and earlier Description: Illustrator is susceptible to a Stack-based Buffer Overflow that may lead to arbitrary code execution within the current user's context. Successful...

PT-2025-28168 · Unknown +1 · Urlshortener Extension +1

Name of the Vulnerable Software and Affected Versions: Mediawiki - UrlShortener Extension versions 1.42.X through 1.42.6 Mediawiki - UrlShortener Extension versions 1.43.X through 1.43.1 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known a...

PT-2025-27641 · Mediawiki +1 · Mediawiki +1

Name of the Vulnerable Software and Affected Versions: Mediawiki - TwoColConflict Extension versions 1.39.X through 1.39.12 Mediawiki - TwoColConflict Extension versions 1.42.X through 1.42.6 Mediawiki - TwoColConflict Extension versions 1.43.X through 1.43.1 Description: The issue is related to...

PT-2025-27616

Name of the Vulnerable Software and Affected Versions: Model Context Protocol Servers Filesystem versions prior to 0.6.4 or 2025.7.01 Model Context Protocol Servers Filesystem versions prior to 0.6.3 or 2025.7.1 Description: Model Context Protocol Servers is a collection of reference...

PT-2025-27464 · Electron · Electron

Name of the Vulnerable Software and Affected Versions: Electron versions prior to 28.3.2 Electron versions prior to 29.3.3 Electron versions prior to 30.0.3 Description: The issue is related to heap buffer overflows in Electron's API, specifically affecting the nativeImage.createFromPath and...

PT-2025-30923 · Salesforce · Tableau Server

Name of the Vulnerable Software and Affected Versions: Tableau Server versions prior to 2025.1.3 Tableau Server versions prior to 2024.2.12 Tableau Server versions prior to 2023.3.19 Description: An authorization bypass issue exists in Salesforce Tableau Server on Windows and Linux due to a...

PT-2025-26818 · Unknown +1 · Mountain Duck +1

Name of the Vulnerable Software and Affected Versions: Cyberduck versions through 9.1.6 Mountain Duck versions through 4.17.5 Description: The issue is related to improper handling of TLS certificate pinning for untrusted certificates, such as self-signed certificates, in Cyberduck and Mountain...

PT-2025-26597 · Aviatrix · Aviatrix Controller

Name of the Vulnerable Software and Affected Versions: Aviatrix Controller versions prior to 7.1.4208 Aviatrix Controller versions prior to 7.2.5090 Aviatrix Controller versions prior to 8.0.0 Description: The issue is related to the failure of the Aviatrix Controller to sanitize user input befor...

PT-2025-26371 · Unknown · Iamapinan Pdpa Consent For Thailand

Name of the Vulnerable Software and Affected Versions: iamapinan PDPA Consent for Thailand versions 1.1.1 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an...

PT-2025-25490 · Apache · Apache Nuttx Rtos

Name of the Vulnerable Software and Affected Versions: Apache NuttX RTOS versions 6.22 through 12.9.0 Description: An issue was discovered in the Apache NuttX RTOS apps/examples/xmlrpc application, where a device stats structure stored remotely provided parameters with a hardcoded buffer size,...