Lucene search
+L

2143 matches found

ptsecurity
ptsecurity
added 2026/06/03 12:0 a.m.14 views

PT-2026-45908

Authorization bypass through User-Controlled key vulnerability in ABB T-MAC Plus. This issue affects T-MAC Plus: 4.0-24...

8.8CVSS5.8AI score0.00292EPSS
Exploits0References3
packetstorm
packetstorm
added 2026/06/01 12:0 a.m.68 views

📄 Mennekes Amtron Series and Smart-T PnC 5.22.3 Authentication Bypass / Privilege Escalation

Mennekes Amtron Series and Smart-T PnC version 5.22.3 suffers from authentication bypass and privilege escalation vulnerabilities. CyberDanube Security Research 20260528-0 ------------------------------------------------------------------------------- title| Multiple Vulnerabilities product|...

10CVSS5.8AI score0.00612EPSS
Exploits1
snyk
snyk
added 2026/05/29 11:52 p.m.16 views

Malicious Package

Overview @t-in-one/sendaddapplication is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

9.8CVSS5.8AI score
Exploits0References2
snyk
snyk
added 2026/05/29 11:52 p.m.13 views

Malicious Package

Overview @t-in-one/addapplication is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

9.8CVSS5.8AI score
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Wireshark

The T.38 dissector crash in Wireshark versions 4.2.0 to 4.0.3, and 4.0.0 to 4.0.13 allows for denial of service through packet injection or malicious capture files...

7.8CVSS6.8AI score0.01403EPSS
Exploits1References2
cve
cve
added 2026/05/18 12:0 a.m.15 views

CVE-2026-36438

The CVE-2026-36438 entry concerns Intelbras VIP-1230-D-G4, firmware V2.800.00IB00C.0.T. A vulnerability in the password reset functionality under /OutsideCmd could allow a remote attacker to obtain sensitive information. The provided sources indicate an information-disclosure issue but do not spe...

5.3CVSS5.8AI score0.00349EPSS
Exploits0References3
cnnvd
cnnvd
added 2026/05/14 12:0 a.m.15 views

AMD AIM-T Manageability Service 代码问题漏洞

AMD AIM-T Manageability Service is an industrial-grade remote device management service provided by American semiconductor company AMD. It supports operations and maintenance of edge computing nodes. There are code vulnerabilities in AMD AIM-T Manageability Service. These vulnerabilities stem fro...

7CVSS6AI score0.00109EPSS
Exploits0References1
mscve
mscve
added 2026/04/30 8:11 a.m.11 views

Apache Thrift: Go TFramedTransport uint32 overflow

...

7.5CVSS5.8AI score0.01163EPSS
Exploits0
osv
osv
added 2026/04/28 10:16 a.m.11 views

DEBIAN-CVE-2026-41602

Integer Overflow or Wraparound vulnerability in Apache Thrift TFramedTransport Go language implementation This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue...

7.5CVSS5.3AI score0.01163EPSS
Exploits0References1
osv
osv
added 2026/04/28 9:19 a.m.1 views

CVE-2026-41602 Apache Thrift: Go TFramedTransport uint32 overflow

Integer Overflow or Wraparound vulnerability in Apache Thrift TFramedTransport Go language implementation This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue...

7.5CVSS5.9AI score0.01163EPSS
Exploits0References17
cve
cve
added 2026/04/28 9:19 a.m.51 views

CVE-2026-41602

CVE-2026-41602: Integer Overflow or Wraparound in Apache Thrift Go TFramedTransport (uint32 overflow) affecting Thrift before 0.23.0. Affected component: Apache Thrift’s Go TFramedTransport implementation. Root cause: uint32 overflow/wraparound in framing transport handling. Impact: potential ove...

7.5CVSS5.2AI score0.01163EPSS
Exploits0References15Affected Software1
ubuntucve
ubuntucve
added 2026/04/22 10:16 p.m.7 views

CVE-2026-40517

radare2 prior to 6.1.4 contains a command injection vulnerability in the PDB parser's printgvars function that allows attackers to execute arbitrary commands by crafting a malicious PDB file with newline characters in symbol names. Attackers can inject arbitrary radare2 commands through unsanitiz...

8.4CVSS6AI score0.01051EPSS
Exploits1References1
osv
osv
added 2026/04/22 10:16 p.m.7 views

UBUNTU-CVE-2026-40517

radare2 prior to 6.1.4 contains a command injection vulnerability in the PDB parser's printgvars function that allows attackers to execute arbitrary commands by crafting a malicious PDB file with newline characters in symbol names. Attackers can inject arbitrary radare2 commands through unsanitiz...

8.4CVSS6.2AI score0.01051EPSS
Exploits1References2
ptsecurity
ptsecurity
added 2026/04/16 12:0 a.m.16 views

PT-2026-51774

Name of the Vulnerable Software and Affected Versions Flowise versions prior to 3.1.0 Description The software uses a weak hardcoded default value 'Secre$t' for the TOKEN HASH SECRET environment variable in the packages/server/src/enterprise/utils/tempTokenUtils.ts file when the variable is not...

5.6CVSS6.2AI score0.00093EPSS
Exploits0References9
cnnvd
cnnvd
added 2026/04/14 12:0 a.m.7 views

Trezor多款产品 安全漏洞

Trezor One, among others, is a product of the Czech Republic-based Trezor company. Trezor One is a digital currency wallet device. Trezor T is a hardware cryptocurrency wallet device. Trezor Safe is also a hardware cryptocurrency wallet device. Several Trezor products have security vulnerabilitie...

4.6CVSS5.9AI score0.00241EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2026/04/14 12:0 a.m.15 views

PT-2026-32627

A side-channel vulnerability exists in the implementation of BIP-39 mnemonic processing, as observed in Trezor One v1.13.0 to v1.14.0, Trezor T v1.13.0 to v1.14.0, and Trezor Safe v1.13.0 to v1.14.0 hardware wallets. This originates from the BIP-39 standard guidelines, which induce non-constant...

4.6CVSS6AI score0.00241EPSS
Exploits0References4
vulnrichment
vulnrichment
added 2026/04/09 7:47 p.m.2 views

CVE-2025-13926 Contemporary Controls BASC 20T Reliance on Untrusted Inputs in a Security Decision

An attacker could use data obtained by sniffing the network traffic to forge packets in order to make arbitrary requests to Contemporary Controls BASC 20T...

9.8CVSS5.9AI score0.00443EPSS
Exploits0References3
attackerkb
attackerkb
added 2026/04/09 7:47 p.m.7 views

CVE-2025-13926

An attacker could use data obtained by sniffing the network traffic to forge packets in order to make arbitrary requests to Contemporary Controls BASC 20T...

9.8CVSS6AI score0.00443EPSS
Exploits0References4Affected Software1
ptsecurity
ptsecurity
added 2026/04/06 12:0 a.m.14 views

PT-2026-30569

A flaw has been found in assafelovic gpt-researcher up to 3.4.3. The impacted element is an unknown function of the file backend/server/app.py of the component Report API. This manipulation causes cross site scripting. The attack is possible to be carried out remotely. The exploit has been...

5.3CVSS4.3AI score0.00337EPSS
Exploits0References6
githubexploit
githubexploit
added 2026/03/26 5:16 p.m.271 views

Exploit for CVE-2026-25075

CVE-2026-25075 Vulnerability Assessment Tool Safely detect wh...

8.7CVSS6AI score0.01013EPSS
Exploits2
Rows per page
Query Builder