184517 matches found
PT-2022-5928 · Linux +6 · Linux Kernel +6
Name of the Vulnerable Software and Affected Versions: Linux Kernel affected versions not specified Description: A race condition vulnerability has been found in the Linux Kernel, specifically affecting the kcm tx work function in the net/kcm/kcmsock.c file. This issue is caused by synchronizatio...
PT-2022-25834 · Pypi · D8S-Archives +1
Name of the Vulnerable Software and Affected Versions: d8s-archives version 0.1.0 Description: The d8s-archives package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-file-system package. Recommendations:...
PT-2022-03: Stored Cross-Site Scripting (XSS)
Since the Site Configuration tool has an upload option, it doesn’t validate the file contents. An attacker can upload a Zip file which, when processed, exploits Stored XSS. The attack can only be performed by an internal user. NetAct 22 SP1037 is already delivered on top of NetAct 22 FP2208, SP...
PT-2022-4594 · Flux · Flux
Name of the Vulnerable Software and Affected Versions: Flux affected versions not specified Description: The issue is related to the improper handling of user-supplied input in the Flux CLI, which results in a path traversal that can be controlled by the attacker. This allows other applications t...
PT-2022-6323 · Canonical · Ubuntu
Name of the Vulnerable Software and Affected Versions: Mahara versions 21.04 through 21.04.6 Mahara versions 21.10 through 21.10.4 Mahara versions 22.04 through 22.04.2 Mahara version 22.10.0 Description: The vulnerability exists due to the lack of protection of the web page structure in the PDF...
PT-2022-3476 · Omron · Sysmac Studio +4
Name of the Vulnerable Software and Affected Versions: Machine automation controller NJ series versions 1.48 and earlier Machine automation controller NX7 series versions 1.28 and earlier Machine automation controller NX1 series versions 1.48 and earlier Automation software 'Sysmac Studio' versio...
PT-2022-19653 · Horner Automation · Horner Automation Cscape Csfont +1
Name of the Vulnerable Software and Affected Versions: Product affected versions not specified Description: The issue allows an out-of-bounds read via an uninitialized pointer, potentially enabling an attacker to execute arbitrary code. Recommendations: At the moment, there is no information abou...
PT-2022-7490 · Linux +3 · Linux Kernel +3
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The vulnerability is related to a race condition in the configfs component of the Linux kernel. When configfs register subsystem or configfs unregister subsystem is executing link grou...
PT-2021-7531 · Linux +5 · Linux Kernel +5
Name of the Vulnerable Software and Affected Versions: Linux kernel versions through 5.16-rc6 Description: An issue was discovered in the Linux kernel where the uapi finalize function in drivers/infiniband/core/uverbs uapi.c lacks a check of kmalloc array. This issue is related to a pointer...
PT-2021-8146 · Linux +4 · Linux Kernel +4
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.16.0-rc5+ Description: The vulnerability is related to the veth component of the Linux kernel, which fails to properly check for shared or cloned skbs when GRO is enabled on a veth device and TSO is disabled o...
PT-2021-7530 · Linux +5 · Linux Kernel +5
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.16-rc6 Description: The issue is related to the ef100 update stats function in the drivers/net/ethernet/sfc/ef100 nic.c module of the Linux kernel, which lacks a check of the return value of kmalloc. This can...
PT-2021-4809 · Linux +3 · Linux Kernel +3
Name of the Vulnerable Software and Affected Versions: Linux Kernel version 5.14-rc3 Description: This issue allows local attackers to escalate privileges on affected installations. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit...
PT-2021-1526 · Linux +6 · Linux Kernel +6
Name of the Vulnerable Software and Affected Versions: linux kernel affected versions not specified Description: A vulnerability in the linux kernel allows for an information leak. This issue is related to the ext4 extent header and can lead to the disclosure of protected information to userspace...
PT-2021-2654 · D Link · D-Link Dsl-320B-D1
Name of the Vulnerable Software and Affected Versions: D-Link DSL-320B-D1 devices through EU 1.25 Description: The issue is related to a buffer overflow in the device's firmware, allowing a remote attacker to gain unauthorized access to the device with user login.xgi privileges. The vulnerability...
PT-2021-2271 · Linux +8 · Linux Kernel +8
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.11.3 Description: An issue in the Linux kernel allows a kernel pointer leak, which can be used to determine the address of the iscsi transport structure. When an iSCSI transport is registered with the iSCSI...
PT-2020-17370 · Mediawiki +1 · Mediawiki Casauth Extension +1
Name of the Vulnerable Software and Affected Versions: MediaWiki CasAuth extension versions through 1.35.1 Description: An issue was discovered due to improper username validation, allowing user impersonation with trivial manipulations of certain characters within a given username. An ordinary us...
PT-2020-6587
Name of the Vulnerable Software and Affected Versions: io.netty:netty-codec-http2 versions prior to 4.1.61.Final Description: The issue is related to a lack of proper validation of the content-length header in HTTP/2 requests. If a request only uses a single Http2HeaderFrame with the endStream se...
PT-2019-14826
Name of the Vulnerable Software and Affected Versions Puma versions prior to 3.12.2 Puma versions prior to 4.3.1 Description A poorly-behaved client could use keepalive requests to monopolize Puma's reactor and create a denial of service attack. If more keepalive connections to Puma are opened th...
PT-2019-18099 · Gnu +3 · Gnu Recutils +3
Name of the Vulnerable Software and Affected Versions: GNU Recutils version 1.8 Description: An issue was discovered in GNU Recutils. There is a NULL pointer dereference in the function rec fex size in the file rec-fex.c of librec.a. Recommendations: For GNU Recutils version 1.8, consider avoidin...
PT-2017-13225 · Linux +3 · Linux Kernel +3
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.12.10 Description: The issue is related to an integer overflow in the qla2x00 sysfs write optrom ctl function, which can be exploited by local users with root access to cause a denial of service, resulting in...
PT-2013-49: Null Byte Injection in Oracle Containers for J2EE
The specialists of the Positive Research center have detected a Null Byte Injection vulnerability in Oracle Containers for J2EE. Oracle Containers for J2EE does not properly handle a null byte in the path when transferring a request to another static page or a JSP script via pageContext.forward o...
PT-2005-3677 · Openssh +1 · Openssh +1
Name of the Vulnerable Software and Affected Versions: OpenSSH versions 4.0 through 4.2 Description: The issue is related to the improper handling of dynamic port forwarding when a listen address is not provided, potentially causing OpenSSH to enable the GatewayPorts functionality. Recommendation...
PT-2026-54495
The Product Configurator for WooCommerce WordPress plugin before 1.7.3 does not perform any authorisation or post-status check before returning WooCommerce product data through a public AJAX action, allowing unauthenticated users to retrieve the data title, price, weight, stock status, and...
PT-2026-53443
Horovod thru 0.28.1 contains an insecure deserialization vulnerability CWE-502 in its KVStore HTTP server component. The KVStore server, used for distributed task coordination, lacks authentication and authorization controls, allowing any remote attacker to write arbitrary data via HTTP PUT...
PT-2026-53549
Summary PraisonAI's MCP Model Context Protocol server praisonai mcp serve registers four file-handling tools by default — praisonai.rules.create, praisonai.rules.show, praisonai.rules.delete, and praisonai.workflow.show. Each accepts a path or filename string from MCP tools/call arguments and joi...
PT-2026-53328
When using the "tarfile" module with a file opened in "streaming mode" mode="r|" the tarfile module did not properly handle EOF, making archive parsing take exponentially longer...
PT-2026-53582
Impact A maliciously crafted QPY file can potentially execute arbitrary-code embedded in the payload without privilege escalation when deserializing QPY formats 13. A python process calling Qiskit's qiskit.qpy.load function could potentially execute any arbitrary Python code embedded in the corre...
PT-2026-53113
A flaw has been found in antlr ANTLR4 up to 4.13.2. This affects the function ObjectInputStream.readObject of the file antlr4-maven-plugin/src/main/java/org/antlr/mojo/antlr4/GrammarDependencies.java of the component Maven Plugin. This manipulation causes time-of-check time-of-use. The attack is...
PT-2026-52680
Name of the Vulnerable Software and Affected Versions Claude Code versions 2.1.38 through 2.1.162 Description Worktree handling allows the creation of worktrees named ".git" and navigation to worktrees outside the sandbox context, enabling git directory confusion attacks. By exploiting symlink...
PT-2026-52747
Unauthenticated PHP Object Injection in Uncanny Automator = 7.3.1.2 versions...
PT-2026-52623
Name of the Vulnerable Software and Affected Versions wolfSSL affected versions not specified Description A configuration issue occurs when WOLFSSL IP ALT NAME is not defined, leading to a bypass of iPAddress name constraints. In this state, the software fails to enforce IP address constraints se...
PT-2026-52038
Name of the Vulnerable Software and Affected Versions Tapo C200 v3 Description A denial-of-service DoS issue exists in the network packet handling logic due to improper processing of IPv4 fragmented packets. An unauthenticated adjacent attacker can send crafted packets to cause excessive resource...
PT-2026-51676
Name of the Vulnerable Software and Affected Versions logback-core versions prior to 1.5.35 Description An arbitrary code execution issue exists in the conditional configuration file processing of Java applications. An attacker can execute arbitrary code by compromising an existing logback...
PT-2026-51319
The vulnerability arises when the system fails to properly validate the 'email' field during the authentication process, allowing unverified or fake email addresses to be accepted. This lack of validation enables the creation of user accounts with fake email addresses, facilitating the mass...
PT-2026-51333
Name of the Vulnerable Software and Affected Versions qSnapper versions prior to 1.3.3 Description A path traversal issue exists when using the configName parameter. This allows a local attacker to utilize malicious configuration files for snapper, which can lead to a denial of service or potenti...
PT-2026-51461
Name of the Vulnerable Software and Affected Versions Budibase versions prior to 3.39.9 Description An issue exists where a workspace-level builder can read any file the server process has access to by uploading a specially crafted PWA zip file. The POST /api/pwa/process-zip endpoint extracts the...
PT-2026-51304
Name of the Vulnerable Software and Affected Versions Mattermost version 11.7.0 Mattermost version 11.6.2 Mattermost version 11.5.5 Mattermost version 10.11.17 Description Improper authorization in the GitLab connect command handler allows any authenticated user to overwrite the global default...
PT-2026-51442
Name of the Vulnerable Software and Affected Versions Inspektor Gadget versions 0.28.0 and later Description A malicious container can crash or destabilize the privileged Inspektor Gadget process when a gadget using USDT User-level Statically Defined Tracing probes is deployed. The issue exists i...
PT-2026-51198
Name of the Vulnerable Software and Affected Versions BerriAI litellm versions prior to 1.82.3 Description An issue in the MCP Server Connection Testing component allows for server-side request forgery SSRF, which is a flaw that enables an attacker to induce the server-side application to make...
PT-2026-51233
Name of the Vulnerable Software and Affected Versions Craft CMS versions 5.0.0-RC1 through 5.9.13 Craft CMS versions 4.0.0-RC1 through 4.17.7 Description An authorization bypass exists in the 'assets/preview-file' endpoint. The system fails to enforce per-asset view authorization before returning...
PT-2026-51263
A vulnerability was determined in FlowiseAI Flowise up to 3.1.2. The impacted element is an unknown function of the file packages/components/nodes/documentloaders/S3/S3.ts of the component S3 Document Loader. Executing a manipulation can lead to path traversal. It is possible to launch the attack...
PT-2026-51230
Name of the Vulnerable Software and Affected Versions Craft CMS versions 5.5.0 through 5.9.13 Description An issue exists in the FieldsController::actionRenderCardPreview method where the fieldLayoutConfig POST parameter is passed directly to Fields::createLayout without being processed by...
PT-2026-51253
Name of the Vulnerable Software and Affected Versions OFFIS DCMTK versions prior to 3.7.1 Description A heap-based buffer overflow can occur in the XMLNode::parseFile function within the ofstd/libsrc/ofxml.cc library. This issue allows a remote attacker to execute a manipulation that leads to the...
PT-2026-51172
Name of the Vulnerable Software and Affected Versions vLLM versions 0.10.2 through 0.12.x Description Multimodal embeddings processing lacks sparse tensor validation. Since PyTorch disables sparse tensor invariant checks by default, an attacker can submit crafted embedding requests containing...
PT-2026-51136
Name of the Vulnerable Software and Affected Versions SP LMS versions prior to 4.1.4 Description SP LMS com splms by JoomShaper contains a PHP Object injection flaw where user-controlled cookie data is deserialized without validation. Specifically, the application passes the lmsOrders cookie to a...
PT-2026-51193
Name of the Vulnerable Software and Affected Versions IM-Magic Partition Resizer versions prior to 7.9.0 Description Improper access controls in the Kernel Driver component, specifically within the MDA NTDRV.sys library, allow for local privilege escalation. This issue occurs when a local attacke...
PT-2026-51190
Name of the Vulnerable Software and Affected Versions AOMEI Backupper versions prior to 8.3.0 Description An issue exists in the Kernel Driver component within the amwrtdrv.sys library. A local attacker can perform a manipulation of an unknown function to cause improper access controls...
PT-2026-50851
Name of the Vulnerable Software and Affected Versions 2Download Connector for 2DL Hosted Checkout versions prior to 0.1.6 Description The plugin fails to properly verify user authorization before performing specific actions. This allows unauthenticated attackers to access arbitrary customer...
PT-2026-50864
The security fix for CVE-2025-0728 in eclipse-threadx NetX Duo refactors error handling in the HTTP server PUT process to use a shared cleanup label, but this unified cleanup path unconditionally calls fx file close even when the file was never successfully opened. Multiple error branches jump to...
PT-2026-51001
Name of the Vulnerable Software and Affected Versions Slopsmith versions prior to 0.2.9-alpha.5 Description Slopsmith is a web application for browsing, playing, and practicing Rocksmith 2014 Custom DLC. A path-traversal issue in the archive extractors allows an attacker to write arbitrary files...