CVE-2026-46748

A vulnerability has been identified in SINEC INS All versions V1.0 SP2 Update 6. The affected system includes a binary that is configured with the capdacoverride capability. This capability allows the process to bypass file system permission checks, resulting in unrestricted file system access...

EUVD-2026-29489

An exposed dangerous method on the Core Server of Ivanti Endpoint Manager before version 2024 SU6 allows a remote authenticated attacker to leak access credentials...

EUVD-2026-29491

SQL injection in the web console of Ivanti Endpoint Manager before version 2024 SU6 allows a remote authenticated attacker to achieve remote code execution...

CVE-2025-40810

A vulnerability has been identified in Solid Edge SE2024 All versions V224.0 Update 14, Solid Edge SE2025 All versions V225.0 Update 6. The affected applications contains an out of bounds write vulnerability while parsing specially crafted PRT files. This could allow an attacker to crash the...

PT-2026-1590

Name of the Vulnerable Software and Affected Versions Recras WordPress plugin versions prior to 6.4.2 Description The Recras WordPress plugin is susceptible to Stored Cross-Site Scripting through the recrasname shortcode attribute. Insufficient input sanitization and output escaping allow...

PT-2025-53159

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.5 Description The Linux kernel contained a flaw in the unix stream sendpage function where a null pointer dereference could occur. This issue arose from attempting to add data to the last socket buffer skb in t...

CVE-2025-66019

pypdf is a free and open-source pure-python PDF library. Prior to version 6.4.0, an attacker who uses this vulnerability can craft a PDF which leads to a memory usage of up to 1 GB per stream. This requires parsing the content stream of a page using the LZWDecode filter. This issue has been patch...

PT-2025-46383

Name of the Vulnerable Software and Affected Versions SigTest versions prior to 6.1.10 Description An improper access control issue exists in SigTest, potentially allowing an escalation of privilege. An unprivileged software adversary with an authenticated user and a high complexity attack may be...

PT-2024-33998

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.6.61 Description: A reference leak issue has been identified in the Linux kernel, specifically in the fsl/fman part. The problem arises in the mac probe function, where multiple calls to of find device by node...

PT-2024-33705

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.6.58 Description: A potential race issue has been identified in certain f2fs ioctl interfaces, such as f2fs ioc set pin file, f2fs move file range, and f2fs defragment range, due to a missing check for atomic...

Minor update (6) for Vivaldi Android Browser 6.8

Head to the Google Play Store and download the browser. Alternatively, you can download Vivaldi from Uptodown, the Android app store. Your rating for our browser matters. ⭐️ ⭐️ ⭐️ ⭐️ ⭐️ Enjoy! Changelog The following is a list of changes since the fifth 6.8 stable, minor update: Chromium Backport...

Minor update (6) for Vivaldi Desktop Browser 6.8

Download Vivaldi The following improvements were made since the fifth 6.8 minor update: Chromium Backport of “Heap Corruption in V8” CVE-2024-7965 Main photo byDominik Van Opdenbosch...

PT-2024-29947 · Zoom · Zoom Workplace Desktop App +1

Name of the Vulnerable Software and Affected Versions: Zoom Workplace Desktop App for macOS versions prior to 6.1.0 Zoom Meeting SDK for macOS versions prior to 6.1.0 Description: The issue is related to an untrusted search path in the installer for the affected software, which may allow a...

Vulnerabilities fixed in Adobe FrameMaker

Adobe has fixed vulnerabilities in FrameMaker. A malicious party can exploit the vulnerabilities to execute arbitrary code with the victim's privileges, and potentially gain access to sensitive data. Successful exploitation requires the malicious party to trick the victim into opening a rogue fil...

PT-2023-16896 · WordPress · Easy Forms For Mailchimp

Name of the Vulnerable Software and Affected Versions: Easy Forms for Mailchimp WordPress plugin versions prior to 6.8.8 Description: The issue is related to a Reflected Cross-Site Scripting problem, where some parameters are not properly sanitised and escaped before being outputted in the...

SUSE CVE-2010-0092

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, and 5.0 Update 23 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors...

SUSE CVE-2012-0547

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 6 and earlier, and 6 Update 34 and earlier, has no impact and remote attack vectors involving AWT and "a security-in-depth issue that is not directly exploitable but which can be used to aggravate...

SUSE CVE-2022-42920

Apache Commons BCEL has a number of APIs that would normally only allow changing specific class characteristics. However, due to an out-of-bounds writing issue, these APIs can be used to produce arbitrary bytecode. This could be abused in applications that pass attacker-controllable data to those...

PT-2023-34768 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.1.7 Description: A NULL-deref issue was discovered in the init error path of the EFI module. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions prio...

PT-2022-35116 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.3 Description: The issue is related to a potential underflow in the wfx send pds function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions prio...