Adobe Experience Manager cross-site scripting vulnerability (CNVD-2026-13974)

Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Odobie Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...

Exploit for CVE-2026-3222

WP Maps Exploit - Time-Based Blind SQL Injection CVE-2026-32...

📄 Palo Alto Networks PAN-OS 11.2 PHP Code Injection

Palo Alto Networks PAN-OS version 11.2 proof of concept remote command execution exploit that also leverages an authentication bypass vulnerability. ============================================================================================================================================= | Titl...

PT-2026-6696

Name of the Vulnerable Software and Affected Versions affected versions not specified Description An out-of-bounds read issue exists in the media subsystem. Successful exploitation of this issue can impact both the availability and confidentiality of the system. Recommendations At the moment, the...

PT-2026-5869

Name of the Vulnerable Software and Affected Versions Infinera DNA affected versions not specified Description Infinera DNA is susceptible to a time-based SQL injection due to inadequate input validation. This flaw could lead to the disclosure of sensitive information. The vulnerability involves...

PT-2026-5071

Name of the Vulnerable Software and Affected Versions SolarWinds Web Help Desk versions prior to 12.8.8 Hotfix 1 HF1 Description SolarWinds Web Help Desk is susceptible to a security control bypass. Successful exploitation could allow an unauthenticated attacker to gain access to restricted...

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses golang.org/x/crypto which is vulnerable to CVE-2025-47913

Summary IBM Maximo Application Suite - Visual Inspection component uses golang.org/x/crypto which is vulnerable to CVE-2025-47913. This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2025-47913 DESCRIPTION: SSH clients receiving...

CVE-2021-27497

Philips Vue PACS versions 12.2.x.x and prior does not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product...

PT-2026-1794

Name of the Vulnerable Software and Affected Versions RiceTheme Felan Framework versions through 1.1.3 Description The RiceTheme Felan Framework contains a flaw related to improper handling of special characters within SQL queries, potentially leading to SQL Injection. This could allow an attacke...

EUVD-2026-0218

This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure...

EUVD-2026-0240

This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure...

PT-2026-1048

Name of the Vulnerable Software and Affected Versions UTT 进取 512W version 1.7.7-171114 Description A security issue exists in UTT 进取 512W 1.7.7-171114. The strcpy function within the /goform/formConfigCliForEngineerOnly file is susceptible to a buffer overflow when the addCommand argument is...

PT-2026-1029

Name of the Vulnerable Software and Affected Versions wasm3 versions up to 0.5.0 Description A flaw exists in wasm3 that could lead to memory corruption. The issue is related to the op SetSlot i32/op CallIndirect function within the m3 exec.h file. Manipulation of this function can trigger the...

PT-2025-53664

Name of the Vulnerable Software and Affected Versions rawchen ecms affected versions not specified Description A cross site scripting issue exists in rawchen ecms. The updateProductServlet function within the src/servlet/product/updateProductServlet.java file, specifically related to the Add New...

CVE-2022-50724

In the Linux kernel, the following vulnerability has been resolved: regulator: core: fix resource leak in regulatorregister I got some resource leak reports while doing fault injection test: OF: ERROR: memory leak, expected refcount 1 instead of 100, ofnodeget/ofnodeput unbalanced - destroy cset...

Employee Profile Management System /view_personnel.php File SQL Injection Vulnerability

Employee Profile Management System is an employee profile management system. The Employee Profile Management System suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the parameter perid in the file /viewpersonnel.php. An...

PT-2025-48454

FeehiCMS version 2.1.1 fails to enforce server-side immutability for parameters that are presented to clients as "read-only." An authenticated attacker can intercept and modify the parameter in transit and the backend accepts the changes. This can lead to unintended username changes...

PT-2025-52897

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to the erofs filesystem. Specifically, the issue involves insufficient limitations on filesystem stacking for file-backed mounts, potentially...

PT-2025-47292

Name of the Vulnerable Software and Affected Versions affected versions not specified Description A low privileged remote attacker can upload any file to an arbitrary location due to a missing file check, potentially leading to remote code execution. The issue allows for unrestricted file uploads...

CVE-2024-44644

PHPGurukul Small CRM 3.0 is vulnerable to SQL Injection via the frmid and aremark parameters in manage-tickets.php...