CVE-2026-47899 Arbitrary File Read, Write, Rename, and Delete in Logseq

The Electron preload script in Logseq exposes an API method that allows the renderer process to invoke IPC handlers without proper path validation. An attacker with JavaScript execution in the renderer e.g. via XSS or a malicious plugin, can read, write, or delete arbitrary files on the user's...

PT-2024-33353 · Unknown · Madiri Salman Aashish

Name of the Vulnerable Software and Affected Versions: Madiri Salman Aashish versions n/a through 1.1 Description: The issue is related to Incorrect Privilege Assignment in the registration system, allowing Privilege Escalation when adding drop down roles. This can be exploited due to the incorre...

PT-2024-28264 · Wavlink · Wavlink Wn551K1

Name of the Vulnerable Software and Affected Versions: Wavlink WN551K1 affected versions not specified Description: The issue allows a remote attacker to obtain sensitive information via the ExportAllSettings.sh component. Recommendations: At the moment, there is no information about a newer...

PT-2023-2785 · Microsoft · Edge

Name of the Vulnerable Software and Affected Versions: Microsoft Edge Chromium-based affected versions not specified Description: The issue is related to errors in security settings, allowing a remote attacker to bypass security restrictions. Recommendations: At the moment, there is no informatio...

PT-2022-37534 · Unknown · Data Importer

Name of the Vulnerable Software and Affected Versions: data importer affected versions not specified Description: The issue is related to security problems in the data importer. To address this, an update rebuilds the current containerized data importer images against current base images...

PHP 5.3.4(WIN) COM_SINK elevation of privilege vulnerability-vulnerability warning-the black bar safety net

PHP the latest version has been updated to 5. 4. x, but China is still in the in the 5. 2. x and 5. 3. x-replacement phase. There is a vulnerability of the php present in the 5. 3. x version The test method is as follows: cmd /c x:\php\php.exe x:\test.php Download php app to a local, then use php...

PT-1999-1504 · Matt · Whois.Cgi

Name of the Vulnerable Software and Affected Versions: Matt's Whois program whois.cgi affected versions not specified Description: The issue allows remote attackers to execute commands via shell metacharacters in the domain entry. Recommendations: At the moment, there is no information about a...

PT-1997-1104 · Webcom · Cgi Guestbook

Name of the Vulnerable Software and Affected Versions: No specific software or versions mentioned. Description: The issue allows for the remote execution of arbitrary commands through the Guestbook CGI program. Recommendations: At the moment, there is no information about a newer version that...