184462 matches found
PT-2022-3992 · Nginx · Nginx Ingress Controller
Name of the Vulnerable Software and Affected Versions: NGINX Ingress Controller versions 1.x and earlier NGINX Ingress Controller versions 2.x before 2.3.0 Description: The issue is related to insufficient input validation, allowing an authorized attacker to obtain secrets available to the NGINX...
PT-2022-3986 · Cisco · Cisco Webex Meetings
Name of the Vulnerable Software and Affected Versions: Cisco Webex Meetings affected versions not specified Description: The issue exists due to insufficient protection of the web page structure in the web interface of Cisco Webex Meetings. This could allow a remote attacker to conduct a cross-si...
PT-2022-20959 · Unknown · Newsletter Module
Name of the Vulnerable Software and Affected Versions: Newsletter Module versions 3.x Description: The issue is related to a SQL injection vulnerability. It can be exploited via the zemez newsletter email parameter at the "/index.php" API endpoint. Recommendations: For Newsletter Module version...
PT-2022-8695 · Nexusphp · Nexusphp
Name of the Vulnerable Software and Affected Versions: NexusPHP version 1.5.beta5.20120707 Description: The issue is related to incorrect access control, allowing unauthorized attackers to access published content. Recommendations: For NexusPHP version 1.5.beta5.20120707, consider restricting...
PT-2022-12079 · Reolink · Reolink Rlc-410W
Name of the Vulnerable Software and Affected Versions: reolink RLC-410W version 3.0.0.136 20121102 Description: A denial of service issue exists in the cgiserver.cgi JSON command parser functionality. This can be triggered by a specially-crafted HTTP request, leading to a reboot. The SetIrLights...
PT-2022-1608 · Linux +6 · Linux Kernel +6
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.16.5 Description: An issue was discovered in the Linux kernel, which is related to a memory leak in the yam siocdevprivate function in drivers/net/hamradio/yam.c. This issue can be exploited to cause a denial ...
PT-2021-20654 · Cisco · Cisco Aironet Access Point
Name of the Vulnerable Software and Affected Versions: Cisco Aironet Access Point AP software affected versions not specified Description: A vulnerability in the WLAN Control Protocol WCP implementation could allow an unauthenticated, adjacent attacker to cause a reload of an affected device,...
PT-2021-3958 · Apache · Apache Directory Studio
Name of the Vulnerable Software and Affected Versions: Apache Directory Studio versions prior to 2.0.0.v20210213-M16 Description: The issue is related to the absence of protection for service data. An attacker could exploit this to disclose protected information. The problem arises when configure...
PT-2021-7379
Name of the Vulnerable Software and Affected Versions QEMU affected versions not specified Description A flaw was found in the USB redirector device of QEMU, where small USB packets are combined into a single, large transfer request to improve performance. The combined size of the bulk transfer i...
PT-2021-7977 · Oracle +4 · Java +4
Name of the Vulnerable Software and Affected Versions: io.netty:netty-codec-http versions prior to 4.1.77.Final Description: The issue is related to insufficient fix for a vulnerability in Netty's multipart decoders, which can lead to local information disclosure via the local system temporary...
PT-2021-2217 · Linux +6 · Linux Kernel +6
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.10.13 Description: A local privilege escalation issue is present in the Linux kernel due to multiple race conditions in the AF VSOCK implementation. These conditions are caused by incorrect locking in the...
PT-2020-6177 · Linux +8 · Linux +8
Name of the Vulnerable Software and Affected Versions: Linux affected versions not specified Description: A flaw was found in the way RTAS handled memory accesses in userspace to kernel communication. This issue allows a local user to increase their privileges to that of a running kernel on a...
PT-2020-6008 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Linux kernel versions through 5.6.3 Description: The issue is related to the function snd ctl elem add in the Linux kernel, specifically with the line count = info-owner, which can lead to errors when multiplying private size count. This coul...
PT-2020-6587
Name of the Vulnerable Software and Affected Versions: io.netty:netty-codec-http2 versions prior to 4.1.61.Final Description: The issue is related to a lack of proper validation of the content-length header in HTTP/2 requests. If a request only uses a single Http2HeaderFrame with the endStream se...
PT-2020-5322 · Php +7 · Php +7
Name of the Vulnerable Software and Affected Versions: PHP versions 7.2.x through 7.2.27 PHP versions 7.3.x through 7.3.14 PHP versions 7.4.x through 7.4.2 Description: The issue is related to a null pointer dereference when using file upload functionality in PHP. If upload progress tracking is...
PT-2019-12021 · Npm · Assign-Deep
Name of the Vulnerable Software and Affected Versions: assign-deep versions prior to 0.4.8 assign-deep versions prior to 1.0.1 Description: The issue allows attackers to modify the prototype of Object, causing the addition or modification of an existing property on all objects. This is due to the...
PT-2018-29: Stored Cross-Site Scripting in Cisco Secure ACS
The specialists of the Positive Research center have detected a Stored Cross-Site Scripting vulnerability in Cisco Secure ACS. A vulnerability in the web-based management interface of the Cisco Secure Access Control System ACS, due to insufficient input validation of user-supplied values and a la...
PT-2017-2221 · Linux +5 · Linux Kernel +5
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.11.1 Description: The issue exists due to insufficient input validation in the tcp v6 syn recv sock function. This can be exploited by a local user to cause a denial of service or possibly have other unspecifi...
PT-2017-3944
Name of the Vulnerable Software and Affected Versions OpenSSL versions 1.0.2 through 1.0.2k OpenSSL versions 1.1.0 through 1.1.0d MySQL Server versions 5.6.35 and earlier MySQL Server versions 5.7.18 and earlier Description The issue is related to an out-of-bounds read in the OpenSSL library when...
PT-2016-6001 · Trihedral · Vtscada
Name of the Vulnerable Software and Affected Versions: Trihedral VTScada formerly VTS versions 8.x through 11.x before 11.2.02 Description: The issue allows remote attackers to cause a denial of service, resulting in an out-of-bounds read and application crash, via unspecified vectors. This affec...
PT-2021-3057
Name of the Vulnerable Software and Affected Versions 802.11 standard affected versions not specified Check Point GAiA affected versions not specified Description The issue concerns a flaw in the authentication procedure of the 802.11 standard, which underlies Wi-Fi Protected Access WPA, WPA2, an...
PT-2018-2681 · Linux +5 · Linux Kernel +5
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a use-after-free vulnerability in the Linux kernel's NFS41+ subsystem. This vulnerability can be exploited when NFS41+ shares are mounted in different network...
PT-2013-2093 · Microsoft · Internet Explorer
Name of the Vulnerable Software and Affected Versions: Microsoft Internet Explorer versions 6 through 10 Description: The issue is related to a use-after-free vulnerability that allows remote attackers to execute arbitrary code via a crafted web site. This is achieved by triggering access to a...
PT-2026-54981
Name of the Vulnerable Software and Affected Versions Motors versions prior to 5.6.81 Description An unauthenticated broken access control issue exists, allowing unauthorized users to bypass access restrictions. Recommendations Update to a version newer than 5.6.80...
PT-2026-55198
The Divi Form Builder plugin for WordPress is vulnerable to Arbitrary File Upload leading to Remote Code Execution in all versions up to and including 5.1.8. This is due to insufficient file extension validation in the do image upload function where user-supplied input from the acceptFileTypes PO...
PT-2026-55246
A malicious actor who lures an authenticated user to a malicious page could exploit a Cross-Origin Resource Sharing CORS misconfiguration found in UniFi OS to trigger actions in UniFi OS using that user's session...
PT-2026-54935
Name of the Vulnerable Software and Affected Versions MLflow versions prior to 3.14.0 Description When authentication is enabled, the trace API endpoints lack proper authorization validators. This occurs because the before request handler fails to register authorization validators for these...
PT-2026-54495
The Product Configurator for WooCommerce WordPress plugin before 1.7.3 does not perform any authorisation or post-status check before returning WooCommerce product data through a public AJAX action, allowing unauthenticated users to retrieve the data title, price, weight, stock status, and...
PT-2026-54694
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.46 Description A heap buffer overflow exists in Skia, a graphics library used by the browser. This issue allows a remote attacker who has already compromised the renderer process to potentially achiev...
PT-2026-53615
PySyft Syft Datasite/Server versions 0.9.5 and earlier are vulnerable to remote code execution due to insufficient validation and sandboxing of user-submitted code. The system allows low-privileged users to submit Python functions via @sy.syft function for remote execution on the server. While a...
PT-2026-53170
A weakness has been identified in Chess Play and Learn App up to 4.9.42 on Android. This issue affects some unknown processing of the file AndroidManifest.xml of the component com.chess. This manipulation causes exposure of backup file to an unauthorized control sphere. It is feasible to perform...
PT-2026-53529
PandasAI uses an interactive prompt function that is vulnerable to prompt injection and run arbitrary Python code that can lead to Remote Code Execution RCE instead of the intended explanation of the natural language processing by the LLM. The security controls of PandasAI 2.4.3 and earlier fail ...
PT-2026-53349
Missing JWT signature check GHSL-2022-078 The StatelessTokenService of the DataHub metadata service GMS does not verify the signature of JWT tokens. This allows an attacker to connect to DataHub instances as any user if Metadata Service authentication is enabled. This vulnerability occurs because...
PT-2026-53545
Summary OAuthManager.validate token returns True for any token not found in its internal store, which is empty by default. Any HTTP request to the MCP server with an arbitrary Bearer token is treated as authenticated, granting full access to all registered tools and agent capabilities. Details...
PT-2026-53251
Name of the Vulnerable Software and Affected Versions Edimax EW-7478APC version 1.04 Description An OS command injection flaw exists in the POST Request Handler component. A remote attacker can exploit this by manipulating the submit-url argument within the formAccept function of the...
PT-2026-53328
When using the "tarfile" module with a file opened in "streaming mode" mode="r|" the tarfile module did not properly handle EOF, making archive parsing take exponentially longer...
PT-2026-53443
Horovod thru 0.28.1 contains an insecure deserialization vulnerability CWE-502 in its KVStore HTTP server component. The KVStore server, used for distributed task coordination, lacks authentication and authorization controls, allowing any remote attacker to write arbitrary data via HTTP PUT...
PT-2026-53394
Summary Boxlite is a sandbox service that allows users to create lightweight virtual machines Boxes and launch OCI containers within them to run untrusted code. One of the core security features claimed by Boxlite is the ability to mount host directories in read-only mode read only=True into the ...
PT-2026-53462
langchain experimental aka LangChain Experimental 0.1.17 through 0.3.0 for LangChain allows attackers to execute arbitrary code through sympy.sympify which uses eval in LLMSymbolicMathChain. LLMSymbolicMathChain was introduced in fcccde406dd9e9b05fc9babcbeb9ff527b0ec0c6 2023-10-05...
PT-2026-52694
Name of the Vulnerable Software and Affected Versions libnfs versions prior to 6.0.2 Description An integer underflow occurs in the READ IOVEC section of the rpc read from socket function within lib/socket.c. This issue is triggered during a connection to a crafted NFS server when the expected PD...
PT-2026-52776
Unauthenticated SQL Injection in Advance Product Search = 1.4.4 versions...
PT-2026-52449
Name of the Vulnerable Software and Affected Versions Nokogiri versions prior to 1.19.4 Description Nokogiri contains a bug occurring when certain methods are called on native wrapper classes that inherit from Nokogiri::XML::Node and have been allocated but not initialized. This leads to a NULL...
PT-2026-52616
Name of the Vulnerable Software and Affected Versions Flowise affected versions not specified Description An unauthenticated path traversal issue exists in the '/api/v1/document-store/loader/process' endpoint. This flaw allows attackers to write arbitrary files to the filesystem by using...
PT-2026-52598
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description The WebSocket backend uses charging station identifiers to uniquely associate sessions but permits multiple endpoints to connect using the same session identifie...
PT-2026-52200
Name of the Vulnerable Software and Affected Versions shell-quote versions prior to 1.8.5 Description The parse function finalizes parsed tokens using Array.prototype.concat as a reduce accumulator, causing the entire growing array to be reallocated and copied during every iteration. This results...
PT-2026-52406
In EmberZNet v9.0.2 and earlier, a malformed Level Control Step command can terminate the process through a divide-by-zero fault. This command must come from a device that has already joined the network. Only devices supporting the Level Control cluster may be impacted...
PT-2026-52618
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.201 Description An integer overflow exists in Mojo, a Chromium IPC Inter-Process Communication framework. This issue allows a remote attacker who has already compromised the renderer process to...
PT-2026-52151
Name of the Vulnerable Software and Affected Versions Quest NetVault Backup affected versions not specified Description A flaw in the processing of NVBUDashboard JSON-RPC messages allows remote attackers to execute arbitrary code in the context of NETWORK SERVICE. The issue stems from insufficien...
PT-2026-51986
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the BPF Berkeley Packet Filter verifier regarding linked register delta tracking. When the source register src reg and destination register dst reg are pointers to the...
PT-2026-51627
Name of the Vulnerable Software and Affected Versions Gogs versions prior to 0.14.3 Description Password-reset tokens are generated using the account-activation lifetime conf.Auth.ActivateCodeLives instead of the intended password-reset lifetime conf.Auth.ResetPasswordCodeLives. Because the token...