3196 matches found
PT-2025-31708 · Files · Files
Name of the Vulnerable Software and Affected Versions: Files versions 0.16.9 and below Description: The File Move functionality does not contain logic that prevents injection of arbitrary JavaScript, potentially leading to Browser JS code execution in the context of the user’s session...
PT-2025-31701 · Cursor · Cursor
Name of the Vulnerable Software and Affected Versions: Cursor versions 1.17 through 1.2 Description: Cursor is a code editor built for programming with AI. A UI information disclosure exists in Cursor's MCP Model Context Protocol deeplink handler, enabling attackers to execute arbitrary system...
GHSA-8MX2-RJH8-Q3JQ copyparty Reflected XSS via Filter Parameter
Summary Unauthorized reflected Cross-Site-Scripting when accessing the URL for recent uploads with the filter parameter containing JavaScript code. Details When accessing the recent uploads page at /?ru, users can filter the results using an input field at the top. This field appends a filter...
PT-2025-31583
Name of the Vulnerable Software and Affected Versions pyjwt version 2.10.1 Description pyjwt version 2.10.1 contains weak encryption. Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability...
PT-2025-31580 · Pypi · Jwt
Name of the Vulnerable Software and Affected Versions: jwt version 5.4.3 Description: jwt version 5.4.3 contains weak encryption. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability...
PT-2025-31456 · Unknown · Absolute Secure Access
Name of the Vulnerable Software and Affected Versions: Absolute Secure Access versions prior to 13.56 Description: Attackers with administrative access can overwrite policy rules without the necessary permissions. The issue impacts the confidentiality and availability of subsequent systems, and h...
PT-2025-31280 · Apple · Macos Ventura +4
Name of the Vulnerable Software and Affected Versions: iPadOS versions prior to 17.7.9 macOS Sequoia versions prior to 15.6 macOS Sonoma versions prior to 14.7.7 macOS Ventura versions prior to 13.7.7 Description: A permissions issue was addressed with additional restrictions. An app may be able ...
PT-2025-31246 · Nanomq · Nanomq
Name of the Vulnerable Software and Affected Versions: NanoMQ version 0.17.9 Description: NanoMQ version 0.17.9 contains a heap use-after-free vulnerability within the sub Ctx handle component. This issue allows attackers to trigger a denial-of-service DoS condition by sending a specially crafted...
PT-2025-31304 · Apple · Macos Ventura +4
Name of the Vulnerable Software and Affected Versions: iPadOS versions prior to 17.7.9 macOS Sequoia versions prior to 15.6 macOS Sonoma versions prior to 14.7.7 macOS Ventura versions prior to 13.7.7 Description: A use-after-free issue existed due to vulnerable code. Removing the vulnerable code...
PT-2025-31312 · Apple · Tvos +6
Name of the Vulnerable Software and Affected Versions: watchOS versions prior to 11.6 iOS versions prior to 18.6 iPadOS versions prior to 18.6 and 17.7.9 tvOS versions prior to 18.6 macOS Sequoia versions prior to 15.6 visionOS versions prior to 2.6 Description: An application may be able to acce...
PT-2025-31328 · Apple · Macos Sequoia 15.6 +2
Name of the Vulnerable Software and Affected Versions: macOS versions prior to Sequoia 15.6 macOS versions prior to Sonoma 14.7.7 Description: A malicious application may be able to launch arbitrary binaries on a trusted device due to inadequate input validation. Recommendations: Update to macOS...
PT-2025-31332 · Apple · Macos Sequoia 15.6 +2
Name of the Vulnerable Software and Affected Versions: macOS versions prior to Sequoia 15.6 macOS versions prior to Sonoma 14.7.7 Description: An application may be able to hijack entitlements granted to other privileged applications due to improved data protection. Recommendations: Update to mac...
PT-2025-31215
Name of the Vulnerable Software and Affected Versions: Memos versions up to v0.24.3 Description: The Memos application allows embedding of markdown images with arbitrary URLs. Viewing a memo containing such an image causes the user's browser to automatically fetch the image URL, potentially...
PT-2025-31275
Name of the Vulnerable Software and Affected Versions watchOS versions prior to 11.6 iOS versions prior to 18.6 iPadOS versions prior to 18.6 tvOS versions prior to 18.6 macOS Sequoia versions prior to 15.6 visionOS versions prior to 2.6 Description The issue was addressed with improved memory...
PT-2025-31301
Name of the Vulnerable Software and Affected Versions iOS versions prior to 18.6 iPadOS versions prior to 17.7.9 iPadOS versions prior to 18.6 Description Privacy Indicators for microphone or camera access may not be correctly displayed. The issue was addressed by adding additional logic...
PT-2025-31340 · Apple · Macos Sequoia +6
Name of the Vulnerable Software and Affected Versions: iOS versions prior to 18.6 iPadOS versions prior to 18.6 watchOS versions prior to 11.6 macOS Sequoia versions prior to 15.6 tvOS versions prior to 18.6 visionOS versions prior to 2.6 Description: The issue was addressed with improved memory...
PT-2025-31292 · Apple · Macos Sonoma 14.7.7 +2
Name of the Vulnerable Software and Affected Versions: macOS versions prior to Sequoia 15.6 macOS versions prior to Sonoma 14.7.7 Description: An application may be able to access protected user data due to vulnerable code. This issue was addressed by removing the vulnerable code. Recommendations...
PT-2025-31278
Name of the Vulnerable Software and Affected Versions Safari versions prior to 18.6 iOS versions prior to 18.6 iPadOS versions prior to 18.6 macOS Sequoia versions prior to 15.6 tvOS versions prior to 18.6 visionOS versions prior to 2.6 watchOS versions prior to 11.6 WebKitGTK affected versions n...
PT-2025-31225 · Tsplus · Tsplus
Name of the Vulnerable Software and Affected Versions: TSplus versions prior to 18.40.6.17 TSplus versions prior to 17.2025.6.27 TSplus versions prior to 16.2025.6.27 Description: Access to the TSplus Remote Access Admin Tool is restricted to administrators unless the "Disable UAC" option is...
PT-2025-31221 · Grandstream Networks · Gxp1628
Name of the Vulnerable Software and Affected Versions: Grandstream Networks GXP1628 versions 1.0.4.130 and earlier Description: The Grandstream Networks GXP1628 device is susceptible to incorrect access control due to directory listing being enabled. This allows unauthorized access to sensitive...