18 matches found
PT-2025-31266 · National Instruments · Ni Labview
Name of the Vulnerable Software and Affected Versions: NI LabVIEW versions 2025 Q1 and prior Description: A memory corruption issue exists due to improper input validation in the lvpict.cpp file. Successful exploitation requires a user to open a specially crafted VI, potentially leading to...
PT-2025-30108 · One Identity · Onelogin
Name of the Vulnerable Software and Affected Versions: One Identity OneLogin versions prior to 2025.2.0 Description: The SQL connection “application name” is set based on the value of an untrusted X-RequestId HTTP request header. Recommendations: Update One Identity OneLogin to version 2025.2.0 o...
PT-2025-26339 · Unknown · Athemeart Translations Eds Responsive Menu
Name of the Vulnerable Software and Affected Versions: aThemeArt Translations eDS Responsive Menu versions 1.2 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows exploiting incorrectly configured access control security levels. Recommendations: Fo...
PT-2025-24915 · Adobe · Acrobat Reader
Name of the Vulnerable Software and Affected Versions: Acrobat Reader versions 24.001.30235, 20.005.30763, 25.001.20521 and earlier Description: The issue is a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue...
PT-2025-24203 · Unknown · Nk Docspress
Name of the Vulnerable Software and Affected Versions: nK DocsPress versions through 2.5.2 Description: The issue is related to a Missing Authorization vulnerability, which allows exploitation of incorrectly configured access control security levels. Recommendations: For versions through 2.5.2,...
PT-2025-21977 · Woocommerce · Active Products Tables For Woocommerce
Name of the Vulnerable Software and Affected Versions: Active Products Tables for WooCommerce versions 1.0.6.8 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that...
PT-2025-19959 · Seacms · Seacms
Name of the Vulnerable Software and Affected Versions: SeaCMS version 13.3 Description: A SQL injection issue was discovered in the admin comment news.php component. Recommendations: For SeaCMS version 13.3, update to a version that fixes the SQL injection vulnerability in the admin comment...
PT-2025-15446 · Unknown · Bep/Imagemeta
Name of the Vulnerable Software and Affected Versions: bep/imagemeta versions prior to 0.10.0 Description: The issue concerns a Go library for reading image meta data from various file formats. The EXIF data format allows for defining large data structures in small payloads, which could be abused...
PT-2025-13761 · WordPress +1 · Wordpress +1
Name of the Vulnerable Software and Affected Versions: Varnish WordPress versions 1.7 and earlier Description: A Cross-Site Request Forgery CSRF issue affects the software, allowing unauthorized actions. The estimated number of potentially affected devices worldwide is not specified. There is no...
CVE-2025-1979
Versions of the package ray before 2.43.0 are vulnerable to Insertion of Sensitive Information into Log File where the redis password is being logged in the standard logging. If the redis password is passed as an argument, it will be logged and could potentially leak the password. This is only...
PT-2024-13505 · Elementor · Nicheaddons Restaurant & Cafe Addon For Elementor
Name of the Vulnerable Software and Affected Versions: NicheAddons Restaurant & Cafe Addon for Elementor versions 1.5.3 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows exploiting incorrectly configured access control security levels...
PT-2024-39544
Name of the Vulnerable Software and Affected Versions CPython versions prior to 3.13.0 Description A vulnerability has been found in the CPython venv module and CLI where path names provided when creating a virtual environment were not quoted properly, allowing the creator to inject commands into...
PT-2024-21583 · Siyuan · Siyuan
Name of the Vulnerable Software and Affected Versions: SiYuan version 3.0.3 Description: The issue allows executing arbitrary commands on the server due to the application being vulnerable to Server Side XSS. Recommendations: For SiYuan version 3.0.3, update to a version that fixes the Server Sid...
PT-2024-21789 · Unknown · A-Blog Cms
Name of the Vulnerable Software and Affected Versions: a-blog cms versions 3.1.x through 3.1.9 and earlier a-blog cms versions 3.0.x through 3.0.30 and earlier a-blog cms versions 2.11.x through 2.11.59 and earlier a-blog cms versions 2.10.x through 2.10.51 and earlier a-blog cms version 2.9 and...
PT-2023-6017 · Fortinet · Fortiwlm
Name of the Vulnerable Software and Affected Versions: Fortinet FortiWLM versions 8.5.0 through 8.5.4 Fortinet FortiWLM versions 8.6.0 through 8.6.5 Description: The issue is related to insufficient checking of arguments passed to a command, allowing a remote attacker to execute arbitrary code...
PT-2023-4681 · Acronis · Acronis Agent +2
Name of the Vulnerable Software and Affected Versions: Acronis Agent versions prior to build 30991 Acronis Cyber Protect 15 versions prior to build 35979 Description: The issue is related to sensitive information disclosure due to excessive collection of system information. This is caused by...
PT-2023-33202 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.83 Description: A potential use-after-free issue was identified in the hix5hd2 rx function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions...
PT-2022-19784 · Delta Industrial Automation · Dialink
Name of the Vulnerable Software and Affected Versions: Delta Industrial Automation DIALink versions prior to v1.5.0.0 Beta 4 Description: The issue arises from the software's failure to properly neutralize special elements within a pathname constructed from external input. This pathname is intend...