PT-2025-31112 · Ibm · Ibm Informix Dynamic Server

Name of the Vulnerable Software and Affected Versions: IBM Informix Dynamic Server versions 12.10 and 14.10 Description: IBM Informix Dynamic Server is susceptible to brute-force credential attacks due to an inadequate account lockout setting. This could allow a remote attacker to compromise...

PT-2025-31127 · Jetbrains · Teamcity

Name of the Vulnerable Software and Affected Versions: TeamCity versions prior to 2025.07 Description: User credentials were stored in plain text in memory snapshots. Recommendations: Update to version 2025.07 or later...

PT-2025-31095 · Code Projects · Exam Form Submission

Name of the Vulnerable Software and Affected Versions: code-projects Exam Form Submission version 1.0 Description: A critical issue exists in code-projects Exam Form Submission 1.0. The vulnerability is due to a SQL injection flaw within an unknown function of the file /admin/update s8.php...

PT-2025-31118 · Jetbrains · Teamcity

Name of the Vulnerable Software and Affected Versions: TeamCity versions prior to 2025.07 Description: A Cross-Site Request Forgery CSRF issue existed in the GitHub App connection flow. Recommendations: Update to TeamCity version 2025.07 or later...

PT-2025-31100 · Unknown · Meddream Pacs Premium

Name of the Vulnerable Software and Affected Versions: MedDream PACS Premium version 7.3.5.860 Description: A server-side request forgery issue exists in the cecho.php functionality. A specially crafted HTTP request can lead to SSRF. An attacker can make an unauthenticated HTTP request to trigger...

PT-2025-31043 · Campcodes · Best Courier Management System

Name of the Vulnerable Software and Affected Versions: Campcodes Courier Management System version 1.0 Description: A critical issue exists in Campcodes Courier Management System 1.0. The vulnerability is due to SQL injection, stemming from manipulation of the ID argument within the /view...

PT-2025-31154 · Polkadot · Polkadot Frontier

Name of the Vulnerable Software and Affected Versions: Polkadot Frontier versions prior to 0822030 Description: Polkadot Frontier is an Ethereum and EVM compatibility layer for Polkadot and Substrate. The implementation of CallableByContract incorrectly identified contract addresses running under...

PT-2025-31158 · Xorux · Lpar2Rrd

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. affected versions not specified Description: An API endpoint intended for web application administrators is accessible to lower-level read-only users. This allows unauthorized download of appliance...

PT-2025-31114 · Unknown · User Registry

Name of the Vulnerable Software and Affected Versions: Versions prior to 25.4.270.0 Description: A local authenticated attacker can manipulate user profile files to add illegitimate challenge response codes into the local user registry under certain conditions. This allows users with the ability ...

PT-2025-30992 · Unknown · Engeman Web

Name of the Vulnerable Software and Affected Versions: Engeman Web versions through 12.0.0.1 Description: A critical vulnerability exists in Engeman Web. The issue affects an unknown function within the /Login/RecoveryPass file of the Password Recovery Page component. Manipulation of the...

PT-2025-31013 · Code Projects · Exam Form Submission

Name of the Vulnerable Software and Affected Versions: code-projects Exam Form Submission version 1.0 Description: A critical issue exists due to SQL injection. The manipulation of the credits argument in the processing of the file /admin/update s1.php can lead to exploitation. The attack can be...

PT-2025-31004 · Campcodes · Best Courier Management System

Name of the Vulnerable Software and Affected Versions: Campcodes Courier Management System version 1.0 Description: A critical vulnerability exists in Campcodes Courier Management System 1.0. The issue affects unknown code within the /manage user.php file and allows for SQL injection through...

PT-2025-30995 · Unknown · Jpacookieshop

Name of the Vulnerable Software and Affected Versions: jerryshensjf JPACookieShop 蛋糕商城JPA版 versions up to 24a15c02b4f75042c9f7f615a3fed2ec1cefb999 Description: A cross-site scripting issue exists in the GoodsController.java file. The vulnerability is triggered remotely and affects multiple...

PT-2025-30886 · Commvault · Commvault

Name of the Vulnerable Software and Affected Versions: Commvault versions 11.20.0 through 11.20.0 Commvault versions 11.28.0 through 11.28.0 Commvault versions 11.32.0 through 11.32.0 Commvault versions 11.34.0 through 11.34.0 Commvault versions 11.36.0 through 11.36.0 Description: A DLL injectio...

PT-2025-30743

Name of the Vulnerable Software and Affected Versions Kron PAM versions prior to 3.7 Description Kron PAM is susceptible to a denial-of-service DoS attack due to unrestricted resource allocation. This allows an attacker to exhaust system resources via HTTP requests. Recommendations Update Kron PA...

PT-2025-30735 · Itsourcecode · Insurance Management System

Name of the Vulnerable Software and Affected Versions: itsourcecode Insurance Management System version 1.0 Description: A critical issue exists in itsourcecode Insurance Management System 1.0 related to the processing of the /updateAgent.php file. Manipulation of the agent id argument can lead t...

PT-2025-31028 · Totolink · Totolink X15

Name of the Vulnerable Software and Affected Versions: TOTOLINK X15 version 1.0.0-B20230714.1105 Description: A critical vulnerability exists in the TOTOLINK X15 router's built-in boa server. The issue is a buffer overflow within the memory during the processing of the submit-url parameter. This...

PT-2025-30916 · Unknown · Deerwms Deer-Wms-2

Name of the Vulnerable Software and Affected Versions: deerwms deer-wms-2 versions up to 3.3 Description: A critical issue exists in deerwms deer-wms-2. The manipulation of the paramsdataScope argument leads to SQL injection within the /system/role/list file. This issue can be exploited remotely...

PT-2025-30718 · Unknown · Deerwms Deer-Wms-2

Name of the Vulnerable Software and Affected Versions: deerwms deer-wms-2 versions up to 3.3 Description: A vulnerability exists in deerwms deer-wms-2 that allows for SQL injection. The issue is related to the manipulation of the paramsdataScope argument within the file...

PT-2025-30630 · Medtronic · Mycarelink Patient Monitor

Name of the Vulnerable Software and Affected Versions: Medtronic MyCareLink Patient Monitor models 24950 and 24952 before June 25, 2025 Description: The Medtronic MyCareLink Patient Monitor contains a built-in user account with no password. This allows an attacker with physical access to log in...