Lucene search
K

162658 matches found

Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.12 views

PT-2026-48286

Name of the Vulnerable Software and Affected Versions CAI Content Credentials versions [email protected] and earlier CAI Content Credentials versions c2pa-v0.80.1 and earlier Description Improper Input Validation allows an attacker to crash the application, resulting in a denial-of-service condition...

6.2CVSS5.2AI score0.00153EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.13 views

PT-2026-47748

Name of the Vulnerable Software and Affected Versions TYPO3 CMS versions 14.0.0 through 14.3.3 Description Backend users with write access to the form definition database table can directly create, update, or delete form definition records using the DataHandler. This process bypasses the Form...

8.7CVSS5.7AI score0.00244EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.16 views

PT-2026-47818

Name of the Vulnerable Software and Affected Versions NETGEAR affected versions not specified Description A buffer overflow occurs due to insufficient input validation of buffers. This allows authenticated administrators connected to the local network to make unauthorized modifications to the...

6.8CVSS5.5AI score0.00323EPSS
Exploits0References19
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.15 views

PT-2026-47823

Name of the Vulnerable Software and Affected Versions NETGEAR JR6150 affected versions not specified Description Insufficient input validation allows users connected to local WiFi networks to execute operating system commands. This issue was identified through firmware emulation in a controlled...

8CVSS5.8AI score0.00289EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.14 views

PT-2026-47798

The Electron preload script in Logseq exposes an API method that allows the renderer process to invoke IPC handlers without proper path validation. An attacker with JavaScript execution in the renderer e.g. via XSS or a malicious plugin, can read, write, or delete arbitrary files on the user's...

8.7CVSS5.8AI score0.00137EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.17 views

PT-2026-47817

Insufficient input validation vulnerability in NETGEAR JR6150 AC750 WiFi Router 802.11ac Dual Band Gigabit released in 2014 allows administrators connected to the local network to make unauthorized modification of router software and functionality. NETGEAR JR6150 reached End-of-Support status in...

6.8CVSS5.4AI score0.00153EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.14 views

PT-2026-47857

Name of the Vulnerable Software and Affected Versions NETGEAR affected versions not specified Description Insufficient input validation allows authenticated administrators connected to the local network to make unauthorized modifications to router software and functionality...

7.1CVSS5.9AI score0.00216EPSS
Exploits0References34
Zero Day Initiative
Zero Day Initiative
added 2026/06/09 12:0 a.m.11 views

Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handli...

7.8CVSS5.9AI score0.00257EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.12 views

PT-2026-48283

Name of the Vulnerable Software and Affected Versions CAI Content Credentials versions [email protected] and earlier CAI Content Credentials versions c2pa-v0.80.1 and earlier Description Improper Input Validation allows an attacker to crash the application, resulting in a denial-of-service condition...

7.5CVSS5.2AI score0.00407EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.10 views

PT-2026-47841

Issue summary: When the X509 VERIFY PARAM set1 email is called by an application to validate a crafted e-mail address, such as during S/MIME message validation, an out of bounds read can happen. Impact summary: This out of bounds read will not directly exfiltrate the data read to the attacker so...

5.6AI score0.0019EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.10 views

PT-2026-47721

Check for certificate revocation only considers the first matching CRL and ignores other valid CRLs of the same CA in the CycloneCrypto cryptographic wrapper of S2OPC library. It might allow connection between an OPC UA client and server using a revoked certificate...

5.6CVSS5.5AI score0.00108EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2026/06/09 12:0 a.m.7 views

TIFF/DNG Metadata Scanner for Structural Validation and Suspicious Tag Detection

This C program implements a lightweight metadata scanner for TIFF-based DNG files that performs basic structural validation and heuristic analysis of Image File Directory IFD entries. The tool reads TIFF headers, enumerates metadata tags, and evaluates entries against simple consistency rules to...

5.5AI score
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.13 views

PT-2026-48317

Name of the Vulnerable Software and Affected Versions Spring AMQP versions 4.0.0 through 4.0.3 Spring AMQP versions 3.2.0 through 3.2.10 Spring AMQP versions 3.1.0 through 3.1.15 Spring AMQP versions 2.4.0 through 2.4.17 Description Applications that configure their broker connection using the...

4CVSS5.8AI score0.00132EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.18 views

PT-2026-48315

Name of the Vulnerable Software and Affected Versions Spring Security versions 5.7.0 through 5.7.23 Spring Security versions 5.8.0 through 5.8.25 Spring Security versions 6.3.0 through 6.3.16 Spring Security versions 6.4.0 through 6.4.16 Spring Security versions 6.5.0 through 6.5.10 Spring Securi...

6.1CVSS5.8AI score0.00211EPSS
Exploits0References4
FreeBSD
FreeBSD
added 2026/06/09 12:0 a.m.6 views

FreeBSD -- Multiple vulnerabilities in unbound

Problem Description: Multiple vulnerabilities have been reported in Unbound. Instead of listing detailed writeups for each issue, please see the upstream advisories referenced below. CVE-2026-32792: Packet of death with DNSCrypt CVE-2026-33278: Possible remote code execution during DNSSEC...

10CVSS6.3AI score0.01272EPSS
Exploits0
Nvidia
Nvidia
added 2026/06/09 12:0 a.m.14 views

Security Bulletin: NVIDIA DALI - June 2026

NVIDIA has released a software update for NVIDIA® DALI. To protect your system, clone or update this software to DALI v2.1 or later from NVIDIA/DALI on GitHub. Go to NVIDIA Product Security. Details The following table summarizes the potential vulnerabilities that this security update addresses a...

7.3CVSS5.9AI score0.00154EPSS
Exploits0Affected Software1
Zero Day Initiative
Zero Day Initiative
added 2026/06/09 12:0 a.m.9 views

Adobe Acrobat Reader DC Multimedia Rendition Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handli...

7.8CVSS5.9AI score0.00285EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.11 views

PT-2026-47824

Name of the Vulnerable Software and Affected Versions ReadyCloud client app affected versions not specified Description An improper implementation of TLS certificate validation allows an attacker to perform attacker-in-the-middle MiTM style attacks, which are attacks where the perpetrator secretl...

8.2CVSS5.2AI score0.00135EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.10 views

PT-2026-47819

Name of the Vulnerable Software and Affected Versions NETGEAR affected versions not specified Description Insufficient input validation allows authenticated administrators connected to the local network to make unauthorized modifications to router software and functionality...

6.8CVSS5.2AI score0.00229EPSS
Exploits0References17
Packet Storm
Packet Storm
added 2026/06/09 12:0 a.m.51 views

📄 Python-Multipart Path Traversal

This code bundle contains two separate components related to the path traversal vulnerability affecting Python-Multipart versions prior to 0.0.22. ================================================================================================================================== | Title :...

8.6CVSS6.5AI score0.02228EPSS
Exploits5
Rows per page
Query Builder