Lucene search
K
PtsecurityMost viewed

184419 matches found

Positive Technologies
Positive Technologies
added 2026/05/15 12:0 a.m.19 views

PT-2026-41244

An unchecked return value within the AMD Platform Management Framework PMF could allow an attacker to read or modify an arbitrary address potentially resulting in loss of confidentiality, integrity, or availability...

8.3CVSS5.9AI score0.00104EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/15 12:0 a.m.19 views

PT-2026-41298

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.8 Linux kernel versions prior to 6.18.31 Linux kernel versions prior to 6.12.89 Linux kernel versions prior to 6.6.139 Linux kernel versions prior to 6.1.173 Linux kernel versions prior to 5.15.207 Linux kern...

7.8CVSS6.4AI score0.0138EPSS
Exploits6
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.19 views

PT-2026-41183

Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.8.11 Description An internal-only bypass filter parameter is exposed on the '/openai/chat/completions' and '/ollama/api/chat' HTTP endpoints due to FastAPI query string binding. This allows any authenticated user...

5.4CVSS5.8AI score0.00193EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.19 views

PT-2026-41165

Name of the Vulnerable Software and Affected Versions CodeWhale versions prior to 0.8.22 Description The fetch url tool implements a check using the is restricted ip function to validate the resolved IP address of an initial URL against a blocklist of restricted IPs, such as localhost, private...

7.4CVSS5.7AI score0.00226EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.19 views

PT-2026-41150

Discovered through manual source code review. Verified by PoC execution against a local dbt-mcp v1.15.1 installation. Summary DefaultUsageTracker.emit tool called event in src/dbt mcp/tracking/tracking.py serializes the complete arguments dictionary of every MCP tool call and transmits it verbati...

3.1CVSS6.1AI score0.00042EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.19 views

PT-2026-41155

Name of the Vulnerable Software and Affected Versions ApostropheCMS versions prior to 4.29.0 Description The password reset flow in the resetRequest route of the modules/@apostrophecms/login/index.js component constructs the reset URL using req.hostname. When apos.baseUrl is not explicitly...

8.1CVSS5.2AI score0.0025EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.19 views

PT-2026-41120

HRConvert2 is a self-hosted, drag-and-drop & nosql file conversion server & share tool. Prior to 3.3.8, the sanitizeString function in convertCore.php is missing backtick and tab t from its strip list. User input then reaches shell exec, where the shell interprets these characters and commands...

9.3CVSS5.8AI score0.00297EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.19 views

PT-2026-41167

Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.9.3 Description The channel webhook create and update flow accepts arbitrary profile image url values, including base64-encoded SVG payloads. The endpoint '/api/v1/channels/webhooks/webhook id/profile/image'...

7.4CVSS6AI score0.00212EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.19 views

PT-2026-41191

Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.9.5 Description An authenticated attacker can perform a mass assignment attack via the 'POST /api/v1/evaluations/feedback' endpoint. This is possible because the FeedbackForm uses a configuration that allows extr...

5.4CVSS5.9AI score0.00307EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.19 views

PT-2026-40967

Name of the Vulnerable Software and Affected Versions Fleet versions prior to 4.81.0 Description A flaw in the Windows MDM management endpoint allows requests to be processed without proper client certificate validation. The endpoint relies on mutual TLS mTLS—a process where both the client and...

8.2CVSS5.8AI score0.00214EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.19 views

PT-2026-41189

Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.9.5 Description An issue exists where users granted read access to a model can also read the model's system prompt, which may contain confidential information. This occurs because the workspace model edit page...

4.3CVSS5.8AI score0.0022EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.19 views

PT-2026-41121

Name of the Vulnerable Software and Affected Versions libyang versions prior to 5.2.15 Description The lyb read string function in src/parser lyb.c contains an integer overflow. This occurs when parsing a maliciously crafted LYB binary blob, leading to a heap buffer overflow. An attacker capable ...

7.5CVSS6.1AI score0.00428EPSS
Exploits0References40
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.19 views

PT-2026-41032

libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. From to 1.8.7-r1, signed integer overflow in sixel encode highcolor's allocation size calculation can lead to a heap buffer overflow. The public sixel encode entry point validates only that width and height are greater...

7.4CVSS6.3AI score0.00104EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.19 views

PT-2026-40978

Name of the Vulnerable Software and Affected Versions Microsoft Exchange Server 2016 Microsoft Exchange Server 2019 Microsoft Exchange Server Subscription Edition Description An improper neutralization of input during web page generation leads to a cross-site scripting XSS flaw in Outlook Web...

9.4CVSS7.2AI score0.0564EPSS
Exploits1References283
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.19 views

PT-2026-40846

Name of the Vulnerable Software and Affected Versions SOGo versions prior to 5.12.7 Description SOGo allows SQL injection when PostgreSQL is used. SQL injection is a type of flaw that allows an attacker to interfere with the queries that an application makes to its database. Recommendations Updat...

7.1CVSS6AI score0.00239EPSS
Exploits0References25
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.19 views

PT-2026-41196

Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.9.5 Description The validate url function in backend/open webui/retrieval/web/utils.py only validates the initial URL provided by the user. Downstream HTTP clients, including sync requests, async aiohttp, and...

8.5CVSS5.8AI score0.003EPSS
Exploits1References9
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.19 views

PT-2026-41098

Name of the Vulnerable Software and Affected Versions Google Chrome on Mac versions prior to 148.0.7778.168 Description An out of bounds write in Codecs allows a remote attacker to potentially perform a sandbox escape by using a crafted video file. A sandbox escape is a technique used to break ou...

8.8CVSS5.8AI score0.00498EPSS
Exploits0References85
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.19 views

PT-2026-41193

Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.8.12 Description An Insecure Direct Object Reference IDOR exists in the retrieval API due to insufficient validation in the validate collection access function. While the function checks specific prefixes for use...

7.5CVSS5.8AI score0.00331EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.19 views

PT-2026-40960

Name of the Vulnerable Software and Affected Versions Cisco Catalyst SD-WAN Manager versions prior to 26.0.1 Description A flaw in the web UI of Cisco Catalyst SD-WAN Manager allows an authenticated remote attacker with read-only permissions to elevate their privileges to a high-privileged level...

5.4CVSS5.8AI score0.00194EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.19 views

PT-2026-41182

Name of the Vulnerable Software and Affected Versions electerm versions 3.0.6 through 3.8.8 Description A local code execution issue exists where any process running under the same user can send a JSON payload to the single-instance socket or pipe of the application. This allows an attacker to...

9.3CVSS6.2AI score0.00114EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/05/13 12:0 a.m.19 views

PT-2026-40624

IObit Uninstaller 9.5.0.15 contains an unquoted service path vulnerability in the IObitUnSvr service that allows local attackers to escalate privileges to SYSTEM level. Attackers can place a malicious executable named IObit.exe in the C:Program Files x86IObit directory and restart the service to...

8.5CVSS6AI score0.0012EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/13 12:0 a.m.19 views

PT-2026-40628

Buffer Overflow vulnerability in Ardupiot Copter Latest commit 92693e023793133e49a035daf37c14433e484778 allows a local attacker to cause a denial of service via the AP MSP::loop, AP MSP, AP MSP.cpp components...

5.8AI score0.00102EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/13 12:0 a.m.19 views

PT-2026-40812

Name of the Vulnerable Software and Affected Versions CubeCart versions prior to 6.7.0 Description The admin orders-transactions listing page at 'admin.php? g=orders&node=transactions' constructs a raw ORDER BY SQL fragment using the sort array from the $ GET variable without validating the colum...

4.9CVSS6.1AI score0.00239EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/13 12:0 a.m.19 views

PT-2026-40752

Name of the Vulnerable Software and Affected Versions Palo Alto Networks GlobalProtect app affected versions not specified Description Multiple local privilege escalation issues in the GlobalProtect app allow a local user to elevate their privileges to NT AUTHORITYSYSTEM on Windows and root on...

8.5CVSS6.1AI score0.00155EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/05/13 12:0 a.m.19 views

PT-2026-40799

The HCL BigFix SCM Reporting site contains an outdated and unsupported version of the jQuery 1.x library. Since jQuery 1.x has reached end-of-life and no longer receives security updates, it may expose the application to publicly known security weaknesses and increase the risk of client-side...

8.3CVSS5.6AI score0.00212EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/13 12:0 a.m.19 views

PT-2026-40706

Name of the Vulnerable Software and Affected Versions U-SPEED AC1200 Gigabit Wi-Fi Router Model: T18-21K version 1.0 Description The Network Time Protocol NTP configuration interface fails to properly sanitize user-supplied input. An authenticated user with permissions to modify NTP settings can...

7.2CVSS6.2AI score0.0209EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.19 views

PT-2026-40223

Null pointer dereference in Windows TCP/IP allows an unauthorized attacker to deny service over an adjacent network...

7.4CVSS5.8AI score0.00401EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.19 views

PT-2026-39981

Name of the Vulnerable Software and Affected Versions RUGGEDCOM ROX MX5000 versions prior to V2.17.1 RUGGEDCOM ROX MX5000RE versions prior to V2.17.1 RUGGEDCOM ROX RX1400 versions prior to V2.17.1 RUGGEDCOM ROX RX1500 versions prior to V2.17.1 RUGGEDCOM ROX RX1501 versions prior to V2.17.1...

9.1CVSS7.6AI score0.00543EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.19 views

PT-2026-40548

Name of the Vulnerable Software and Affected Versions SillyTavern versions prior to 1.18.0 Description SillyTavern is a locally installed user interface for interacting with large language models, image generation engines, and text-to-speech voice models. The corsProxyMiddleware function forwards...

6.9CVSS5.8AI score0.00375EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.19 views

PT-2026-40067

Name of the Vulnerable Software and Affected Versions Pandora FMS versions 777 through 800 Description Improper neutralization of special elements used in an SQL command allows SQL Injection via the graph container parameter. SQL Injection is a technique where an attacker inserts malicious SQL co...

9.8CVSS6AI score0.00274EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.19 views

PT-2026-40188

Name of the Vulnerable Software and Affected Versions Microsoft Office Click-To-Run affected versions not specified Description Insufficient granularity of access control in the Click-to-Run C2R technology of Microsoft Office and Microsoft 365 Apps for Enterprise allows an authorized attacker to...

8.8CVSS5.8AI score0.00219EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.19 views

PT-2026-40040

Name of the Vulnerable Software and Affected Versions Ivanti Xtraction versions prior to 2026.2 Description External control of a file name allows a remote authenticated attacker to read sensitive files and write arbitrary HTML files to a web directory. This can lead to information disclosure and...

9.6CVSS5.9AI score0.00869EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.19 views

PT-2026-39930

SAP TAF APPLAUNCHER within Business Server Pages allows an unauthenticated attacker to craft malicious links that, when clicked by a victim, redirects them to attacker?controlled sites, potentially exposing or altering sensitive information in the victim�s browser. This results in a low impact on...

6.1CVSS5.8AI score0.00211EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.19 views

PT-2026-40395

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by an Uncontrolled Resource Consumption vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to exhaust system resources,...

7.5CVSS5.8AI score0.15933EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.19 views

PT-2026-40252

linux-entra-sso is a browser plugin for Linux to SSO on Microsoft Entra ID. Prior to 1.8.1, platform/chrome/js/platform-chrome.js:69-88 registers a single declarativeNetRequest rule whose urlFilter is Platform.SSO URL + "/", i.e. "https://login.microsoftonline.com/". Chrome's urlFilter without a ...

5.3CVSS5.8AI score0.00234EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.19 views

PT-2026-39959

Name of the Vulnerable Software and Affected Versions webpack-dev-server versions prior to 5.2.4 Description Cross-origin source code exposure occurs when serving over a non-potentially trustworthy origin, such as plain HTTP. The issue arises because the previous fix relied on Sec-Fetch-Mode and...

6.5CVSS5.8AI score0.00216EPSS
Exploits0References13
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.19 views

PT-2026-40031

pam authnft is a PAM session module binding nftables firewall rules to authenticated sessions via cgroupv2 inodes. Prior to 0.2.0-alpha, a heap buffer over-read in peer lookup tcp src/peer lookup.c:134, prior to the fix allowed a crafted NETLINK SOCK DIAG reply to slip past the message-size check...

8.7CVSS5.9AI score0.00263EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.19 views

PT-2026-40443

Name of the Vulnerable Software and Affected Versions efw4.X versions prior to 4.08.010 Description The unZip function in efw.file.FileManager writes zip entries to disk using new FilebaseDir, zipEntry.getName without performing a canonical-path check. This allows an attacker to use entry names...

9.3CVSS6.1AI score0.00319EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.19 views

PT-2026-40294

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, the SOAP extension's object deduplication mechanism stores pointers to PHP objects in a global map without incrementing their reference counts. When an apache:Map node contains duplicate keys,...

9.8CVSS6.1AI score0.00739EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.19 views

PT-2026-40447

Name of the Vulnerable Software and Affected Versions Deskflow versions prior to 1.26.0.167 Description Remote, unauthenticated denial of service DoS affects servers running with TLS enabled. When a TCP peer connects to the listening port and the initial bytes are not a valid TLS ClientHello, the...

7.5CVSS5.8AI score0.00279EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/11 12:0 a.m.19 views

PT-2026-39776

A denial of service issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. An app may be able to modify protected parts of the file system...

5.8AI score0.00483EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/11 12:0 a.m.19 views

PT-2026-39746

EDIMAX BR-6428nS V3 1.15 is vulnerable to Command Injection. An authenticated attacker with access to the network can submit crafted input to the WLAN configuration functionality. Due to insufficient input validation, the attacker is able to execute arbitrary system commands on the device...

6.1AI score0.01258EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/11 12:0 a.m.19 views

PT-2026-39714

Neat VNC is a VNC server library. Prior to 0.9.6, a pre-authentication stack buffer overflow exists in neatvnc in the RSA-AES security type handler. An unauthenticated remote attacker who can reach the VNC listening socket can send a crafted security type 5 RSA-AES or security type 129 RSA-AES-25...

9.3CVSS6AI score0.0055EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/11 12:0 a.m.19 views

PT-2026-39580

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description The check user account lock states feature within the email OTP flow fails to validate user input. This allows an attacker to infer whether specific user account...

5.3CVSS5.8AI score0.00184EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/05/11 12:0 a.m.19 views

PT-2026-39566

A flaw has been found in Open5GS up to 2.7.7. This vulnerability affects the function smf nsmf handle created data in vsmf of the component SMF. This manipulation causes denial of service. The attack may be initiated remotely. The exploit has been published and may be used. The project was inform...

5.3CVSS5.4AI score0.00372EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/05/11 12:0 a.m.19 views

PT-2026-39882

Name of the Vulnerable Software and Affected Versions MantisBT affected versions not specified Description An attacker can bypass the Content Security Policy CSP script-src directive by uploading a crafted attachment to an issue. When this attachment is accessed via the 'file download.php'...

7.6CVSS5.9AI score0.00498EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/05/11 12:0 a.m.19 views

PT-2026-39740

Name of the Vulnerable Software and Affected Versions Amazon::Credentials versions prior to 1.3.0 Description Amazon::Credentials stores credentials in an obfuscated form to prevent secrets from being accessed via a data dump of the object. The software uses a 64-bit key generated by the built-in...

5.3CVSS5.8AI score0.00174EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/05/11 12:0 a.m.19 views

PT-2026-39577

Name of the Vulnerable Software and Affected Versions WebDyne::Session versions prior to 2.076 Description The session handler generates session identifiers insecurely using an MD5 hash seeded with the built-in rand function. The rand function is seeded by 32-bits, making it predictable and...

6.5CVSS5.8AI score0.00304EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/05/11 12:0 a.m.19 views

PT-2026-39599

Zed is a code editor. Prior to 0.229.0, Zed's terminal tool permission system can be bypassed by prepending environment variable assignments to allowlisted commands, hijacking program behavior e.g., PAGER to execute arbitrary code. This vulnerability is fixed in 0.229.0...

8.6CVSS6.1AI score0.00232EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/05/11 12:0 a.m.19 views

PT-2026-39552

A vulnerability has been found in Tenda AC6 2.0/15.03.06.23. The affected element is an unknown function of the file /goform/telnet of the component httpd. The manipulation of the argument lan.ip leads to os command injection. Remote exploitation of the attack is possible. The exploit has been...

5.8CVSS5.5AI score0.04447EPSS
Exploits1References6
Total number of security vulnerabilities5000