Lucene search
K

3196 matches found

Positive Technologies
Positive Technologies
added 2025/07/24 12:0 a.m.7 views

PT-2025-30673 · Ibm · Ibm Mq Operator

Name of the Vulnerable Software and Affected Versions: IBM MQ Operator versions 2.0.0 through 2.0.29 IBM MQ Operator versions 3.0.0 through 3.1.3 IBM MQ Operator versions 3.2.0 through 3.2.13 IBM MQ Operator versions 3.3.0 IBM MQ Operator versions 3.4.0 through 3.4.1 IBM MQ Operator versions 3.5....

6.2CVSS5.8AI score0.0013EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/07/24 12:0 a.m.5 views

PT-2025-30962 · Tenda · Tenda Ch22

Name of the Vulnerable Software and Affected Versions: Tenda CH22 version 1.0.0.1 Description: A critical issue exists in the formdeleteUserName function within the /goform/deleteUserName file. The old account argument is susceptible to buffer overflow, allowing for remote exploitation. The explo...

9CVSS8.8AI score0.07493EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2025/07/24 12:0 a.m.5 views

PT-2025-30630 · Medtronic · Mycarelink Patient Monitor

Name of the Vulnerable Software and Affected Versions: Medtronic MyCareLink Patient Monitor models 24950 and 24952 before June 25, 2025 Description: The Medtronic MyCareLink Patient Monitor contains a built-in user account with no password. This allows an attacker with physical access to log in...

6.8CVSS6.5AI score0.0027EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/07/24 12:0 a.m.11 views

PT-2025-30706 · Quiet · Quiet

Name of the Vulnerable Software and Affected Versions: Quiet versions 6.1.0-alpha.4 and below Description: Quiet’s API for backend/frontend communication used an insecure, not constant-time comparison function for token verification. This allowed for a potential timing attack where an attacker...

8.5CVSS6.3AI score0.02649EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/07/23 12:0 a.m.10 views

PT-2025-30525 · Bun · Bun

Name of the Vulnerable Software and Affected Versions: bun versions prior to 0.0.12 Description: The package bun is susceptible to Improper Neutralization of Special Elements used in an OS Command OS Command Injection within the $shell API. This issue stems from inadequate neutralization of...

8.8CVSS6.4AI score
Exploits0References13
Positive Technologies
Positive Technologies
added 2025/07/23 12:0 a.m.1 views

PT-2025-30635 · Gitlab · Gitlab Ce/Ee

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 15.0 through 18.0.4 GitLab CE/EE versions 18.1 through 18.1.2 GitLab CE/EE versions 18.2 through 18.2.0 Description: An issue allows privileged users to access certain resource group information through the API that shou...

4.3CVSS6AI score0.00383EPSS
Exploits0References13
Positive Technologies
Positive Technologies
added 2025/07/23 12:0 a.m.5 views

PT-2025-30569 · Profiles · Profiles

Name of the Vulnerable Software and Affected Versions: ProFiles component for Joomla versions 1.0 through 1.5.0 Description: A stored Cross-Site Scripting XSS vulnerability exists in the ProFiles component for Joomla. This issue allows malicious actors to inject and store scripts into the...

7CVSS5.1AI score0.00235EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/07/23 12:0 a.m.6 views

PT-2025-30614

Name of the Vulnerable Software and Affected Versions Redis versions through 7.4.3 Description Redis allows excessive memory consumption via a multi-bulk command consisting of numerous bulks sent by an authenticated user. The server allocates memory for command arguments for each bulk, even if th...

7.8CVSS6.5AI score0.03877EPSS
Exploits4References23
Positive Technologies
Positive Technologies
added 2025/07/23 12:0 a.m.4 views

PT-2025-30523 · Unknown · Private-Ip

Name of the Vulnerable Software and Affected Versions: private-ip affected versions not specified Description: The package is susceptible to a Server-Side Request Forgery SSRF issue. An attacker can exploit this by providing an IP address or hostname that resolves to a multicast IP address...

8.8CVSS6AI score0.00309EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2025/07/23 12:0 a.m.4 views

PT-2025-30616 · Unknown · Lbry-Desktop

Name of the Vulnerable Software and Affected Versions: lbry-desktop version 0.53.9 Description: A URL redirection issue exists in lbry-desktop version 0.53.9, potentially allowing attackers to redirect users to malicious websites. Recommendations: Update lbry-desktop to a newer version that...

5.4CVSS6AI score0.00304EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/07/22 12:0 a.m.5 views

PT-2025-30476

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 141 Firefox ESR versions prior to 115.26 Firefox ESR versions prior to 128.13 Firefox ESR versions prior to 140.1 Thunderbird versions prior to 141 Thunderbird versions prior to 128.13 Thunderbird versions prior to...

9.8CVSS7.7AI score0.09348EPSS
Exploits2References274
Positive Technologies
Positive Technologies
added 2025/07/22 12:0 a.m.17 views

PT-2025-30439

Name of the Vulnerable Software and Affected Versions authentik versions prior to 2025.4.4 authentik versions 2025.6.0-rc1 through 2025.6.3 Description Deactivated users who registered through OAuth/SAML or linked their accounts to OAuth/SAML providers can retain partial access to the system...

9.8CVSS5.8AI score0.02095EPSS
Exploits8References50
Positive Technologies
Positive Technologies
added 2025/07/22 12:0 a.m.3 views

PT-2025-30407 · Undefined · Undefined

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. affected versions not specified Description: The provided descriptions indicate the issue was rejected as not used. No further details are available. Recommendations: At the moment, there is no informati...

6.3AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/07/22 12:0 a.m.5 views

PT-2025-30443 · Letta-Ai · Letta

Name of the Vulnerable Software and Affected Versions: letta versions 0.7.12 Description: A remote code execution issue exists in letta.server.rest api.routers.v1.tools.run tool from source within letta-ai Letta. The vulnerability allows remote attackers to execute arbitrary Python code and syste...

8.8CVSS7.8AI score0.01862EPSS
Exploits1References9
Positive Technologies
Positive Technologies
added 2025/07/22 12:0 a.m.6 views

PT-2025-30440 · Ibm · Security Qradar Network Threat Analytics

Name of the Vulnerable Software and Affected Versions: IBM Security QRadar Network Threat Analytics versions 1.0.0 through 1.3.1 Description: IBM Security QRadar Network Threat Analytics versions 1.0.0 through 1.3.1 may allow a privileged user to cause a denial of service due to improper allocati...

4.5CVSS6.3AI score0.00181EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/07/22 12:0 a.m.3 views

PT-2025-30449

Name of the Vulnerable Software and Affected Versions Ollama version 0.6.7 Description A cross-domain token exposure exists in the server.auth.getAuthorizationToken function. This allows remote attackers to steal authentication tokens and bypass access controls by exploiting a malicious realm val...

6.9CVSS7.9AI score0.03837EPSS
Exploits2References18
Positive Technologies
Positive Technologies
added 2025/07/22 12:0 a.m.9 views

PT-2025-30466

Name of the Vulnerable Software and Affected Versions: Ashlar-Vellum Cobalt VC6 affected versions not specified Description: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this...

7.8CVSS7.8AI score0.00189EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/07/22 12:0 a.m.6 views

PT-2025-30409 · Undefined · Undefined

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. affected versions not specified Description: The provided information indicates a rejected reason associated with an identifier. No further details about the issue are available. Recommendations: At the...

6.3AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/07/22 12:0 a.m.5 views

PT-2025-30506 · Poly · Poly Clariti Manager

Name of the Vulnerable Software and Affected Versions: Poly Clariti Manager versions prior to 10.12.2 Description: A security issue has been identified in Poly Clariti Manager that may allow a bypass of the application's Cross-Site Scripting XSS filter by submitting untrusted characters...

2CVSS5.8AI score0.00184EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/07/22 12:0 a.m.9 views

PT-2025-30441 · Unknown +1 · Aimhubio Aim +1

Name of the Vulnerable Software and Affected Versions: aimhubio Aim versions 3.28.0 Description: A cross-site scripting XSS issue exists in aimhubio Aim 3.28.0. Remote attackers can execute arbitrary JavaScript in a victim’s browser by submitting malicious Python code to the /api/reports endpoint...

8.8CVSS6AI score0.006EPSS
Exploits1References9
Rows per page
Query Builder