EUVD-2026-29491

SQL injection in the web console of Ivanti Endpoint Manager before version 2024 SU6 allows a remote authenticated attacker to achieve remote code execution...

EUVD-2026-29489

An exposed dangerous method on the Core Server of Ivanti Endpoint Manager before version 2024 SU6 allows a remote authenticated attacker to leak access credentials...

CVE-2025-40810

A vulnerability has been identified in Solid Edge SE2024 All versions V224.0 Update 14, Solid Edge SE2025 All versions V225.0 Update 6. The affected applications contains an out of bounds write vulnerability while parsing specially crafted PRT files. This could allow an attacker to crash the...

PT-2026-1590

Name of the Vulnerable Software and Affected Versions Recras WordPress plugin versions prior to 6.4.2 Description The Recras WordPress plugin is susceptible to Stored Cross-Site Scripting through the recrasname shortcode attribute. Insufficient input sanitization and output escaping allow...

PT-2025-53159

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.5 Description The Linux kernel contained a flaw in the unix stream sendpage function where a null pointer dereference could occur. This issue arose from attempting to add data to the last socket buffer skb in t...

CVE-2025-66019

pypdf is a free and open-source pure-python PDF library. Prior to version 6.4.0, an attacker who uses this vulnerability can craft a PDF which leads to a memory usage of up to 1 GB per stream. This requires parsing the content stream of a page using the LZWDecode filter. This issue has been patch...

PT-2025-46383

Name of the Vulnerable Software and Affected Versions SigTest versions prior to 6.1.10 Description An improper access control issue exists in SigTest, potentially allowing an escalation of privilege. An unprivileged software adversary with an authenticated user and a high complexity attack may be...

Minor update (6) for Vivaldi Android Browser 6.8

Head to the Google Play Store and download the browser. Alternatively, you can download Vivaldi from Uptodown, the Android app store. Your rating for our browser matters. ⭐️ ⭐️ ⭐️ ⭐️ ⭐️ Enjoy! Changelog The following is a list of changes since the fifth 6.8 stable, minor update: Chromium Backport...

Minor update (6) for Vivaldi Desktop Browser 6.8

Download Vivaldi The following improvements were made since the fifth 6.8 minor update: Chromium Backport of “Heap Corruption in V8” CVE-2024-7965 Main photo byDominik Van Opdenbosch...

PT-2024-29947 · Zoom · Zoom Workplace Desktop App +1

Name of the Vulnerable Software and Affected Versions: Zoom Workplace Desktop App for macOS versions prior to 6.1.0 Zoom Meeting SDK for macOS versions prior to 6.1.0 Description: The issue is related to an untrusted search path in the installer for the affected software, which may allow a...

Vulnerabilities fixed in Adobe FrameMaker

Adobe has fixed vulnerabilities in FrameMaker. A malicious party can exploit the vulnerabilities to execute arbitrary code with the victim's privileges, and potentially gain access to sensitive data. Successful exploitation requires the malicious party to trick the victim into opening a rogue fil...

PT-2023-16896 · WordPress · Easy Forms For Mailchimp

Name of the Vulnerable Software and Affected Versions: Easy Forms for Mailchimp WordPress plugin versions prior to 6.8.8 Description: The issue is related to a Reflected Cross-Site Scripting problem, where some parameters are not properly sanitised and escaped before being outputted in the...

SUSE CVE-2010-0092

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, and 5.0 Update 23 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors...

SUSE CVE-2012-0547

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 6 and earlier, and 6 Update 34 and earlier, has no impact and remote attack vectors involving AWT and "a security-in-depth issue that is not directly exploitable but which can be used to aggravate...

SUSE CVE-2022-42920

Apache Commons BCEL has a number of APIs that would normally only allow changing specific class characteristics. However, due to an out-of-bounds writing issue, these APIs can be used to produce arbitrary bytecode. This could be abused in applications that pass attacker-controllable data to those...

PT-2023-34768 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.1.7 Description: A NULL-deref issue was discovered in the init error path of the EFI module. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions prio...

PT-2022-35116 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.3 Description: The issue is related to a potential underflow in the wfx send pds function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions prio...

Remote Code Execution (RCE)

Overview Affected versions of this package are vulnerable to Remote Code Execution RCE where a stack buffer overrun occurs in .NET Double Parse routine. Remediation Upgrade Microsoft.NETCore.App.Runtime.Mono.android-arm64 to version 6.0.3 or higher. References - Dotnet Announcement - Dotnet Issue...

PT-2022-34750 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions 5.15 through 5.19 Description: A potential resource leakage issue was discovered when registering a chip. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions 5.1...

CVE-2020-24815

A Server-Side Request Forgery SSRF affecting the PDF generation in MicroStrategy 10.4, 2019 before Update 6, and 2020 before Update 2 allows authenticated users to access the content of internal network resources or leak files from the local system via HTML containers embedded in a...