Lucene search
K
PtsecurityMost viewed

184382 matches found

Positive Technologies
Positive Technologies
•added 2024/07/21 12:0 a.m.•19 views

PT-2024-37979

Name of the Vulnerable Software and Affected Versions ThinkSAAS version 3.7.0 Description A problematic issue has been found in the processing of the file app/system/action/do.php. The manipulation of the arguments site title, site subtitle, site key, site desc, site url, site email, site icp lea...

5.4CVSS3.3AI score0.00439EPSS
Exploits1References10
Positive Technologies
Positive Technologies
•added 2024/07/20 12:0 a.m.•19 views

PT-2024-37803 · WordPress · Wp Mail Smtp

Name of the Vulnerable Software and Affected Versions: WP Mail SMTP plugin for WordPress versions up to, and including, 4.0.1 Description: The issue allows authenticated attackers with administrative-level access and above to view the SMTP password for the supplied server when viewing the setting...

2.7CVSS6.5AI score0.00574EPSS
Exploits0References5
Positive Technologies
Positive Technologies
•added 2024/07/18 12:0 a.m.•19 views

PT-2024-37812 · WordPress · Reglevel

Name of the Vulnerable Software and Affected Versions: RegLevel plugin for WordPress versions up to, and including, 1.2.1 Description: The issue allows authenticated attackers with administrator-level permissions and above to inject arbitrary web scripts in pages due to insufficient input...

5.5CVSS6.9AI score0.00341EPSS
Exploits0References6
Positive Technologies
Positive Technologies
•added 2024/07/09 12:0 a.m.•19 views

PT-2024-19444 · Unknown · Admin Console

Name of the Vulnerable Software and Affected Versions: Admin console affected versions not specified Description: A cross-site scripting issue exists in the admin console OIDC Policy Management Editor, with the impact contained to admin console users only. Recommendations: At the moment, there is...

4.3CVSS6.3AI score0.00173EPSS
Exploits0References5
Positive Technologies
Positive Technologies
•added 2024/07/02 12:0 a.m.•19 views

PT-2024-29748

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue arises from a race condition between the ice ptp extts event function and ice ptp release, leading to a NULL pointer dereference and resulting in a kernel panic. This occurs...

4.7CVSS5.5AI score0.00154EPSS
Exploits0
Positive Technologies
Positive Technologies
•added 2024/07/01 12:0 a.m.•19 views

PT-2024-18881 · Qualcomm · Snapdragon +105

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue concerns information disclosure when handling Multi-link IE in a beacon frame. No details are provided about the estimated number of potential...

7.5CVSS6.5AI score0.00213EPSS
Exploits0References3
Positive Technologies
Positive Technologies
•added 2024/06/07 12:0 a.m.•19 views

PT-2024-37117 · Itsourcecode · Itsourcecode Bakery Online Ordering System

Name of the Vulnerable Software and Affected Versions: itsourcecode Bakery Online Ordering System version 1.0 Description: A critical issue has been found in the itsourcecode Bakery Online Ordering System, affecting an unknown function of the file /admin/modules/product/controller.php?action=add...

9.8CVSS7.5AI score0.00867EPSS
Exploits1References12
Positive Technologies
Positive Technologies
•added 2024/05/15 12:0 a.m.•19 views

PT-2024-5068 · Roku · Roku Indoor Camera Se

Name of the Vulnerable Software and Affected Versions: Kalay SDK versions affected versions not specified Owlet Cam version affected versions not specified Owlet Cam v1 Owlet Cam v2 Wyze Cam v3 Roku Indoor Camera SE Description: The issue is related to insufficient authentication of received data...

6.5CVSS7.2AI score0.00328EPSS
Exploits1References7
Positive Technologies
Positive Technologies
•added 2024/05/07 12:0 a.m.•19 views

PT-2024-10351

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue is related to the incomplete cleanup of temporary or auxiliary resources in the Linux kernel, specifically in the s390/pkey component. This could allow an attacker to cause a...

1.9CVSS5.5AI score0.00188EPSS
Exploits0
Positive Technologies
Positive Technologies
•added 2024/04/17 12:0 a.m.•19 views

PT-2024-14805 · Honeywell · Honeywell C300

Name of the Vulnerable Software and Affected Versions: Honeywell C300 affected versions not specified Description: The issue is related to a denial of service due to improper handling of a specially crafted message received by the controller. This can be exploited remotely. There is a critical...

5.9CVSS7.6AI score0.00443EPSS
Exploits0References8
Positive Technologies
Positive Technologies
•added 2024/04/16 12:0 a.m.•19 views

PT-2024-4891 · Oracle · Oracle Complex Maintenance

Name of the Vulnerable Software and Affected Versions: Oracle Complex Maintenance, Repair, and Overhaul versions 12.2.3 through 12.2.13 Description: The issue is related to insufficient input validation in the LOV component of Oracle Complex Maintenance, Repair, and Overhaul, allowing an...

6.4CVSS6.7AI score0.00362EPSS
Exploits0References5
Positive Technologies
Positive Technologies
•added 2024/04/09 12:0 a.m.•19 views

PT-2024-2997 · Siemens · Teamcenter Visualization +2

Name of the Vulnerable Software and Affected Versions: Parasolid versions prior to V35.1.254 Parasolid versions prior to V36.0.207 Parasolid versions prior to V36.1.147 JT2Go versions prior to V2312.0004 Teamcenter Visualization versions prior to V14.2.0.12 Teamcenter Visualization versions prior...

4.8CVSS7.1AI score0.00211EPSS
Exploits0References5
Positive Technologies
Positive Technologies
•added 2024/04/05 12:0 a.m.•19 views

PT-2024-17997 · WordPress · Wp-Stateless

Name of the Vulnerable Software and Affected Versions: WP-Stateless – Google Cloud Storage plugin for WordPress versions up to, and including, 3.4.0 Description: The issue is related to a missing capability check on the dismiss notices function, which allows authenticated attackers with...

7.1CVSS9.1AI score0.00409EPSS
Exploits0References6
Positive Technologies
Positive Technologies
•added 2024/03/11 12:0 a.m.•19 views

PT-2024-15320 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android affected versions not specified Description: A logic error in the code of UserManagerService.java causes device policies to be serialized with an incorrect tag. This can lead to a local denial of service when policies are deserialized...

5.5CVSS6.8AI score0.00147EPSS
Exploits0References10
Positive Technologies
Positive Technologies
•added 2024/03/07 12:0 a.m.•19 views

PT-2024-22112 · Apple · Apple Macos

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 14.4 Description: A path handling issue was addressed with improved validation, which may allow an app to access user-sensitive data. Recommendations: For versions prior to 14.4, update to macOS Sonoma 14.4 to resolve...

6.2CVSS7.8AI score0.00235EPSS
Exploits0References6
Positive Technologies
Positive Technologies
•added 2024/02/19 12:0 a.m.•19 views

PT-2024-18194

Name of the Vulnerable Software and Affected Versions Pyhtml2pdf version 0.0.6 Description The issue allows an external attacker to remotely obtain arbitrary local files. This is possible because the application does not validate the HTML content entered by the user. Recommendations For Pyhtml2pd...

7.5CVSS7.2AI score0.00695EPSS
Exploits1References10
Positive Technologies
Positive Technologies
•added 2024/02/09 12:0 a.m.•19 views

PT-2024-18015 · Linksys · Linksys Wrt54G

Name of the Vulnerable Software and Affected Versions: Linksys WRT54GL version 4.30.18 Description: A vulnerability was found in the Web Management Interface of the Linksys WRT54GL, affecting an unknown part of the file /wlaninfo.htm. This issue leads to information disclosure. The exploit has be...

4.3CVSS6.7AI score0.00359EPSS
Exploits0References7
Positive Technologies
Positive Technologies
•added 2024/02/05 12:0 a.m.•19 views

PT-2024-15878 · WordPress · Instant Images – One Click Image Uploads

Name of the Vulnerable Software and Affected Versions: The Instant Images – One Click Image Uploads from Unsplash, Openverse, Pixabay and Pexels plugin for WordPress versions prior to 6.1.1 Description: The issue allows unauthorized arbitrary options update due to an insufficient check that...

8.8CVSS7AI score0.00791EPSS
Exploits0References7
Positive Technologies
Positive Technologies
•added 2023/11/07 12:0 a.m.•19 views

PT-2023-16268 · Mongodb · Mongodb Atlas Kubernetes Operator

Name of the Vulnerable Software and Affected Versions: MongoDB Atlas Kubernetes Operator versions 1.5.0 through 1.7.0 Description: The issue affects MongoDB Atlas Kubernetes Operator, causing it to print sensitive information like GCP service account keys and API integration secrets when DEBUG mo...

7.5CVSS7.3AI score0.00598EPSS
Exploits0References3
Positive Technologies
Positive Technologies
•added 2023/11/02 12:0 a.m.•19 views

PT-2023-29521 · Unknown · Online Food Ordering System

Name of the Vulnerable Software and Affected Versions: Online Food Ordering System version 1.0 Description: The issue concerns multiple Unauthenticated SQL Injection vulnerabilities in the Online Food Ordering System. Specifically, the deleted parameter of the routers/user-router.php resource doe...

9.8CVSS9.8AI score0.007EPSS
Exploits1References7
Positive Technologies
Positive Technologies
•added 2023/10/17 12:0 a.m.•19 views

PT-2023-6638 · Oracle · Oracle Flexcube Universal Banking

Name of the Vulnerable Software and Affected Versions: Oracle FLEXCUBE Universal Banking versions 12.3, 12.3 through 12.4, 14.0 through 14.3, 14.5 through 14.7 Description: The issue is related to insufficient input validation in the Infrastructure component of Oracle FLEXCUBE Universal Banking,...

6.1CVSS4.9AI score0.00322EPSS
Exploits0References5
Positive Technologies
Positive Technologies
•added 2023/10/13 12:0 a.m.•19 views

PT-2023-27199 · WordPress · Wordpress

Name of the Vulnerable Software and Affected Versions: WordPress versions 4.1 through 4.1.38 WordPress versions 4.2 through 4.2.35 WordPress versions 4.3 through 4.3.31 WordPress versions 4.4 through 4.4.30 WordPress versions 4.5 through 4.5.29 WordPress versions 4.6 through 4.6.26 WordPress...

7.6CVSS7.1AI score0.79527EPSS
Exploits13References34
Positive Technologies
Positive Technologies
•added 2023/10/10 12:0 a.m.•19 views

PT-2023-9488 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the mctp component in the Linux kernel, where route lookups are performed without proper read-side critical section locks, leading to potential preemption and...

9.1CVSS6.5AI score0.01401EPSS
Exploits3References962
Positive Technologies
Positive Technologies
•added 2023/09/26 12:0 a.m.•19 views

PT-2023-27461 · Apple · Apple Macos

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 14 Description: A permissions issue was addressed with additional restrictions. This issue allows a sandboxed process to potentially circumvent sandbox restrictions. Recommendations: For versions prior to 14, update to...

10CVSS8.6AI score0.01038EPSS
Exploits0References7
Positive Technologies
Positive Technologies
•added 2023/09/19 12:0 a.m.•19 views

PT-2023-8744 · Linux +8 · Linux Kernel +8

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.6.0-rc1-syzkaller-00236-gad8a69f361b9 Description: The vulnerability is related to a data-race condition in the br handle frame finish function, which can run from multiple CPUs without mutual exclusion. This...

9.8CVSS6.5AI score0.28058EPSS
Exploits23References981
Positive Technologies
Positive Technologies
•added 2023/06/28 12:0 a.m.•19 views

PT-2023-9655 · Autodesk · Autodesk Autocad

Name of the Vulnerable Software and Affected Versions: Autodesk AutoCAD affected versions not specified Description: The issue is related to an Out-of-Bounds Write vulnerability in the libodxdll.dll library of Autodesk AutoCAD, caused by parsing a maliciously crafted MODEL file. This can allow an...

7.8CVSS8.2AI score0.00615EPSS
Exploits0References13
Positive Technologies
Positive Technologies
•added 2023/06/24 12:0 a.m.•19 views

PT-2023-7510 · Google +3 · Google Chrome +3

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 120.0.6099.62 Description: The issue is related to an inappropriate implementation in the Web Browser UI, allowing a remote attacker to potentially spoof the contents of an iframe dialog context menu via a...

9.8CVSS6.2AI score0.99735EPSS
Exploits128References1112
Positive Technologies
Positive Technologies
•added 2023/05/09 12:0 a.m.•19 views

PT-2025-18579 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability has been resolved in the Linux kernel related to the tipc nl compat name table dump header function. The issue was caused by a missing type cast of sizeof.. to int, whi...

8.8CVSS6.9AI score0.03882EPSS
Exploits21References998
Positive Technologies
Positive Technologies
•added 2023/04/18 12:0 a.m.•19 views

PT-2023-3585 · Git +10 · Git +10

Name of the Vulnerable Software and Affected Versions: Git versions prior to 2.30.9 Git versions prior to 2.31.8 Git versions prior to 2.32.7 Git versions prior to 2.33.8 Git versions prior to 2.34.8 Git versions prior to 2.35.8 Git versions prior to 2.36.6 Git versions prior to 2.37.7 Git versio...

9.8CVSS6.3AI score0.88644EPSS
Exploits46References174
Positive Technologies
Positive Technologies
•added 2023/03/31 12:0 a.m.•19 views

PT-2023-23726 · Nextcloud +1 · Nextcloud Server +1

Name of the Vulnerable Software and Affected Versions: Nextcloud server versions 24.0.0 through 24.0.10 Nextcloud server versions 25.0.0 through 25.0.4 Nextcloud server versions prior to 26.0.0 Description: The issue is related to missing brute-force protection on the WebDAV endpoints via the bas...

9.8CVSS6.3AI score0.04176EPSS
Exploits10References78
Positive Technologies
Positive Technologies
•added 2023/03/16 12:0 a.m.•19 views

PT-2023-13393 · Dell · Dell Precision Bios +1

Name of the Vulnerable Software and Affected Versions: Dell PowerEdge BIOS affected versions not specified Dell Precision BIOS affected versions not specified Description: The issue is related to an Improper SMM communication buffer verification vulnerability. A local malicious user with high...

7.5CVSS6.9AI score0.00172EPSS
Exploits0References3
Positive Technologies
Positive Technologies
•added 2023/03/02 12:0 a.m.•19 views

PT-2023-12689 · Red Hat · Keycloak Node.Js Adapter

Name of the Vulnerable Software and Affected Versions: Keycloak Node.js Adapter affected versions not specified Description: A flaw was found in the Keycloak Node.js Adapter, allowing an attacker to benefit from an Open Redirect vulnerability in the checkSso function. This issue is also present...

6.1CVSS6.2AI score0.00399EPSS
Exploits0References10
Positive Technologies
Positive Technologies
•added 2023/02/02 12:0 a.m.•19 views

PT-2025-13313 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A memory leak issue has been identified in the Linux kernel, specifically in the hv balloon component when using the debugfs lookup function. The issue arises because the result of...

8.8CVSS7.8AI score0.16642EPSS
Exploits11References579
Positive Technologies
Positive Technologies
•added 2022/12/30 12:0 a.m.•19 views

PT-2022-26532 · Undefined · Undefined

Name of the Vulnerable Software and Affected Versions: No information is available about the vulnerable software and its affected versions. Description: The provided information does not contain details about the issue, such as general information, estimated number of potentially affected devices...

6.3AI score
Exploits0References2
Positive Technologies
Positive Technologies
•added 2022/12/11 12:0 a.m.•19 views

PT-2022-5921 · Linux +4 · Linux +4

Name of the Vulnerable Software and Affected Versions: Linux affected versions not specified Description: A use-after-free flaw caused by a race among the superblock operations in the gadgetfs Linux driver was found. It could be triggered by yanking out a device that is running the gadgetfs side...

8.8CVSS6.8AI score0.71737EPSS
Exploits30References2094
Positive Technologies
Positive Technologies
•added 2022/12/02 12:0 a.m.•19 views

PT-2024-11847 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a crash when replugging CSR fake controllers in the Linux kernel's Bluetooth component. It seems that fake CSR 5.0 clones can cause the suspend notifier to be...

9.1CVSS6.5AI score0.03702EPSS
Exploits12References1873
Positive Technologies
Positive Technologies
•added 2022/11/21 12:0 a.m.•19 views

PT-2022-26759 · Unknown · Sourcecodester Password Storage Application

Name of the Vulnerable Software and Affected Versions: Sourcecodester Password Storage Application in PHP/OOP and MySQL version 1.0 Description: The issue concerns multiple cross-site scripting XSS vulnerabilities. These vulnerabilities can be exploited via the Name, Username, Description, and Si...

5.4CVSS5.5AI score0.00767EPSS
Exploits1References4
Positive Technologies
Positive Technologies
•added 2022/11/17 12:0 a.m.•19 views

PT-2022-23624 · D Link · D-Link G Integrated Access Device4

Name of the Vulnerable Software and Affected Versions: D-Link - G integrated Access Device4 affected versions not specified Description: The issue concerns information disclosure and authorization bypass. It involves a file containing a URL with a private IP address and default username value...

7.5CVSS6.4AI score0.01894EPSS
Exploits0References5
Positive Technologies
Positive Technologies
•added 2022/09/16 12:0 a.m.•19 views

PT-2022-33242 · Unknown · Openvswitch

Name of the Vulnerable Software and Affected Versions: openvswitch versions prior to v5.19.8 Description: A memory leak issue was discovered in openvswitch, related to failed datapath creation. The actual impact and attack plausibility have not yet been proven. Recommendations: For versions prior...

7.2AI score
Exploits0References1
Positive Technologies
Positive Technologies
•added 2022/08/21 12:0 a.m.•19 views

PT-2022-7210 · Linux +7 · Linux Kernel +7

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.19.6 Description: An issue in the Linux kernel's net/netfilter/nf tables api.c component can cause a denial of service when binding to an already bound chain. The vulnerability is related to errors in resource...

9.8CVSS7.4AI score0.67994EPSS
Exploits220References1836
Positive Technologies
Positive Technologies
•added 2022/08/03 12:0 a.m.•19 views

PT-2022-3986 · Cisco · Cisco Webex Meetings

Name of the Vulnerable Software and Affected Versions: Cisco Webex Meetings affected versions not specified Description: The issue exists due to insufficient protection of the web page structure in the web interface of Cisco Webex Meetings. This could allow a remote attacker to conduct a cross-si...

5.5CVSS5.2AI score0.00445EPSS
Exploits0References4
Positive Technologies
Positive Technologies
•added 2022/06/28 12:0 a.m.•19 views

PT-2022-20494 · Glpi +1 · Glpi +1

Name of the Vulnerable Software and Affected Versions: GLPI versions prior to 10.0.2 Description: The issue affects all assistance forms, including Ticket, Change, and Problem, allowing sql injection on the actor fields. This has been resolved in version 10.0.2. Recommendations: For versions prio...

10CVSS7.3AI score0.99628EPSS
Exploits27References156
Positive Technologies
Positive Technologies
•added 2022/05/02 12:0 a.m.•19 views

PT-2022-2509 · Linux +9 · Linux Kernel +9

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a memory leak problem in the TCP source port generation algorithm, which may allow an attacker to leak information and potentially cause a denial of service...

9.8CVSS7.4AI score0.67994EPSS
Exploits214References1605
Positive Technologies
Positive Technologies
•added 2022/02/22 12:0 a.m.•19 views

PT-2022-7490 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The vulnerability is related to a race condition in the configfs component of the Linux kernel. When configfs register subsystem or configfs unregister subsystem is executing link grou...

8.8CVSS6.7AI score0.0193EPSS
Exploits16References1677
Positive Technologies
Positive Technologies
•added 2022/02/09 12:0 a.m.•19 views

PT-2022-12590 · Siemens · Simcenter Femap

Name of the Vulnerable Software and Affected Versions: Simcenter Femap versions 2020.2 through 2021.1 Description: A memory corruption issue has been identified in the affected application while parsing NEU files. This could allow an attacker to execute code in the context of the current process...

7.8CVSS7.7AI score0.01311EPSS
Exploits0References4
Positive Technologies
Positive Technologies
•added 2021/12/31 12:0 a.m.•19 views

PT-2021-7531 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux kernel versions through 5.16-rc6 Description: An issue was discovered in the Linux kernel where the uapi finalize function in drivers/infiniband/core/uverbs uapi.c lacks a check of kmalloc array. This issue is related to a pointer...

9.8CVSS7.2AI score0.67994EPSS
Exploits197References1196
Positive Technologies
Positive Technologies
•added 2021/12/23 12:0 a.m.•19 views

PT-2021-8146 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.16.0-rc5+ Description: The vulnerability is related to the veth component of the Linux kernel, which fails to properly check for shared or cloned skbs when GRO is enabled on a veth device and TSO is disabled o...

8.8CVSS6.5AI score0.12746EPSS
Exploits45References1509
Positive Technologies
Positive Technologies
•added 2021/12/15 12:0 a.m.•19 views

PT-2021-7530 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.16-rc6 Description: The issue is related to the ef100 update stats function in the drivers/net/ethernet/sfc/ef100 nic.c module of the Linux kernel, which lacks a check of the return value of kmalloc. This can...

9.8CVSS7.3AI score0.67994EPSS
Exploits197References1183
Positive Technologies
Positive Technologies
•added 2021/11/16 12:0 a.m.•19 views

PT-2021-5354 · Moodle +1 · Moodle +1

Name of the Vulnerable Software and Affected Versions: Moodle versions 3.11 to 3.11.3 Moodle versions 3.10 to 3.10.7 Moodle versions 3.9 to 3.9.10 Moodle versions earlier than 3.9 Description: The issue is related to errors in code generation management, allowing a remote attacker to execute...

9.8CVSS6.8AI score0.02383EPSS
Exploits0References30
Positive Technologies
Positive Technologies
•added 2021/11/02 12:0 a.m.•19 views

PT-2021-23860 · Mozilla +2 · Firefox +2

Name of the Vulnerable Software and Affected Versions: Firefox versions prior to 94 Description: The issue allows a website to potentially steal authentication tokens by tricking a user into copying and pasting an image link that contains the token. This can happen when an image triggers...

10CVSS8.3AI score0.26709EPSS
Exploits38References454
Total number of security vulnerabilities5000