firefox: thunderbird: Certificate length was not properly checked

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Certificate length was not properly checked when added to a certificate store. In practice only trusted data was processed...

CVE-2024-27124

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.3.2578 build 20231110 and later...

PT-2025-5795 · Unknown · Openplc V3

Name of the Vulnerable Software and Affected Versions: OpenPLC V3 affected versions not specified Description: The issue concerns an arbitrary file upload vulnerability. This could be exploited for malvertising or phishing campaigns. Recommendations: At the moment, there is no information about a...

PT-2025-3993 · Unknown · Routinator

Name of the Vulnerable Software and Affected Versions: Routinator affected versions not specified Description: The issue arises from the initial code parsing the manifest not checking the content of file names, while later code assumes this check has been performed. When encountering illegal...

PT-2025-4989 · Unknown · Notfound Content Planner

Name of the Vulnerable Software and Affected Versions: NotFound Content Planner versions n/a through 1.0 Description: The issue is related to improper neutralization of input during web page generation, also known as Cross-site Scripting, which allows Reflected XSS. Recommendations: For versions...

PT-2025-5165 · Unknown · Amr Personalise

Name of the Vulnerable Software and Affected Versions: amr personalise versions n/a through 2.10 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that allows Cross Site Request Forgery. Recommendations: For versions n/a through 2.10, update to a version that includes a fi...

PT-2025-1220

Name of the Vulnerable Software and Affected Versions Windows affected versions not specified Description An elevation-of-privilege issue exists within the Windows Recovery Environment Agent component. Successful exploitation of this issue could allow an attacker to gain elevated privileges on th...

PT-2025-1161 · Microsoft · Windows Digital Media +1

Name of the Vulnerable Software and Affected Versions: Windows Digital Media affected versions not specified Description: The issue is related to an elevation of privilege in Windows Digital Media, which can be exploited to gain system-level privileges. It involves a memory reading vulnerability...

PT-2025-2913 · Cisco · Cisco Ios Xe

Name of the Vulnerable Software and Affected Versions: Cisco IOS XE affected versions not specified Description: The issue concerns a system configuration buffer overwrite when the administrative distance is set. No further details are available due to the rejection or withdrawal of the CVE ID by...

PT-2025-4201 · Microsoft · Windows Search Service +1

Name of the Vulnerable Software and Affected Versions: Windows Search Service affected versions not specified Description: An elevation-of-privilege issue affects the system, allowing attackers to elevate their privileges. Recommendations: At the moment, there is no information about a newer...

PT-2025-1224 · Microsoft · Windows Csc Service +1

Name of the Vulnerable Software and Affected Versions: Windows CSC Service affected versions not specified Description: The issue is related to a buffer overflow in memory, which can allow an attacker to disclose protected information. There is no information about the estimated number of...

PT-2025-4205

Name of the Vulnerable Software and Affected Versions Windows Geolocation Service affected versions not specified Description The issue allows attackers to obtain sensitive information and affect the system. It is related to the Windows Geolocation Service. No information is available about the...

PT-2025-2044 · Unknown · Minigamecenter

Name of the Vulnerable Software and Affected Versions: MinigameCenter affected versions not specified Description: The MinigameCenter module has insufficient restrictions on loading URLs, which may lead to some information leakage. Recommendations: At the moment, there is no information about a...

PT-2025-1983 · Undefined · Undefined

Name of the Vulnerable Software and Affected Versions: No specific software or versions mentioned. Description: A vulnerability has been identified, but details are not provided in the given input. No information is available about the estimated number of potentially affected devices or real-worl...

PT-2024-32442 · Huawei · Honor

Name of the Vulnerable Software and Affected Versions: Honor products affected versions not specified Description: The issue is related to an information leak vulnerability. Successful exploitation of this vulnerability could cause information to leak. There is no information provided about the...

PT-2024-35176 · Sharp · Sharp Routers

Name of the Vulnerable Software and Affected Versions: SHARP routers affected versions not specified Description: The issue is related to an improper authentication vulnerability in the configuration backup function of SHARP routers. This vulnerability allows a remote unauthenticated attacker to...

PT-2024-17650 · Wacom · Wacom Center

Name of the Vulnerable Software and Affected Versions: Wacom Center affected versions not specified Description: This issue allows local attackers to escalate privileges on affected installations of Wacom Center. An attacker must first obtain the ability to execute low-privileged code on the targ...

PT-2024-9324 · Microsoft · Windows Task Scheduler +1

Name of the Vulnerable Software and Affected Versions: Windows Task Scheduler affected versions not specified Description: The issue is related to an elevation of privilege vulnerability in the Windows Task Scheduler. It is associated with a buffer overflow in dynamic memory. Exploitation of this...

PT-2024-9439 · Microsoft · Message Queue +1

Name of the Vulnerable Software and Affected Versions: Microsoft Message Queue MSMQ affected versions not specified Description: The issue is related to a remote code execution problem. It is associated with the use of memory after it has been freed. This could allow a remote attacker to execute...

CVE-2024-49603

CVE-2024-49603 affects Dell PowerScale OneFS versions 8.2.2.x–9.9.0.x and is caused by an incorrectly specified argument vulnerability that could allow a remote, low-privileged user to disclose information. Connected sources confirm the affected product and impact; one source notes exploitation i...