Lucene search
K
PtsecurityMost viewed

184382 matches found

Positive Technologies
Positive Technologies
added 2023/10/13 12:0 a.m.19 views

PT-2023-27199 · WordPress · Wordpress

Name of the Vulnerable Software and Affected Versions: WordPress versions 4.1 through 4.1.38 WordPress versions 4.2 through 4.2.35 WordPress versions 4.3 through 4.3.31 WordPress versions 4.4 through 4.4.30 WordPress versions 4.5 through 4.5.29 WordPress versions 4.6 through 4.6.26 WordPress...

7.6CVSS7.1AI score0.79527EPSS
Exploits13References34
Positive Technologies
Positive Technologies
added 2023/10/10 12:0 a.m.19 views

PT-2023-9488 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the mctp component in the Linux kernel, where route lookups are performed without proper read-side critical section locks, leading to potential preemption and...

9.1CVSS6.5AI score0.01401EPSS
Exploits3References962
Positive Technologies
Positive Technologies
added 2023/09/26 12:0 a.m.19 views

PT-2023-27461 · Apple · Apple Macos

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 14 Description: A permissions issue was addressed with additional restrictions. This issue allows a sandboxed process to potentially circumvent sandbox restrictions. Recommendations: For versions prior to 14, update to...

10CVSS8.6AI score0.01038EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2023/09/19 12:0 a.m.19 views

PT-2023-8744 · Linux +8 · Linux Kernel +8

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.6.0-rc1-syzkaller-00236-gad8a69f361b9 Description: The vulnerability is related to a data-race condition in the br handle frame finish function, which can run from multiple CPUs without mutual exclusion. This...

9.8CVSS6.5AI score0.28058EPSS
Exploits23References981
Positive Technologies
Positive Technologies
added 2023/06/28 12:0 a.m.19 views

PT-2023-9655 · Autodesk · Autodesk Autocad

Name of the Vulnerable Software and Affected Versions: Autodesk AutoCAD affected versions not specified Description: The issue is related to an Out-of-Bounds Write vulnerability in the libodxdll.dll library of Autodesk AutoCAD, caused by parsing a maliciously crafted MODEL file. This can allow an...

7.8CVSS8.2AI score0.00615EPSS
Exploits0References13
Positive Technologies
Positive Technologies
added 2023/06/24 12:0 a.m.19 views

PT-2023-7510 · Google +3 · Google Chrome +3

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 120.0.6099.62 Description: The issue is related to an inappropriate implementation in the Web Browser UI, allowing a remote attacker to potentially spoof the contents of an iframe dialog context menu via a...

9.8CVSS6.2AI score0.99735EPSS
Exploits128References1112
Positive Technologies
Positive Technologies
added 2023/05/09 12:0 a.m.19 views

PT-2025-18579 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability has been resolved in the Linux kernel related to the tipc nl compat name table dump header function. The issue was caused by a missing type cast of sizeof.. to int, whi...

8.8CVSS6.9AI score0.03882EPSS
Exploits21References998
Positive Technologies
Positive Technologies
added 2023/04/18 12:0 a.m.19 views

PT-2023-3585 · Git +10 · Git +10

Name of the Vulnerable Software and Affected Versions: Git versions prior to 2.30.9 Git versions prior to 2.31.8 Git versions prior to 2.32.7 Git versions prior to 2.33.8 Git versions prior to 2.34.8 Git versions prior to 2.35.8 Git versions prior to 2.36.6 Git versions prior to 2.37.7 Git versio...

9.8CVSS6.3AI score0.88644EPSS
Exploits46References174
Positive Technologies
Positive Technologies
added 2023/03/31 12:0 a.m.19 views

PT-2023-23726 · Nextcloud +1 · Nextcloud Server +1

Name of the Vulnerable Software and Affected Versions: Nextcloud server versions 24.0.0 through 24.0.10 Nextcloud server versions 25.0.0 through 25.0.4 Nextcloud server versions prior to 26.0.0 Description: The issue is related to missing brute-force protection on the WebDAV endpoints via the bas...

9.8CVSS6.3AI score0.04176EPSS
Exploits10References78
Positive Technologies
Positive Technologies
added 2023/03/16 12:0 a.m.19 views

PT-2023-13393 · Dell · Dell Precision Bios +1

Name of the Vulnerable Software and Affected Versions: Dell PowerEdge BIOS affected versions not specified Dell Precision BIOS affected versions not specified Description: The issue is related to an Improper SMM communication buffer verification vulnerability. A local malicious user with high...

7.5CVSS6.9AI score0.00172EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/03/02 12:0 a.m.19 views

PT-2023-12689 · Red Hat · Keycloak Node.Js Adapter

Name of the Vulnerable Software and Affected Versions: Keycloak Node.js Adapter affected versions not specified Description: A flaw was found in the Keycloak Node.js Adapter, allowing an attacker to benefit from an Open Redirect vulnerability in the checkSso function. This issue is also present...

6.1CVSS6.2AI score0.00399EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2023/02/02 12:0 a.m.19 views

PT-2025-13313 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A memory leak issue has been identified in the Linux kernel, specifically in the hv balloon component when using the debugfs lookup function. The issue arises because the result of...

8.8CVSS7.8AI score0.16642EPSS
Exploits11References579
Positive Technologies
Positive Technologies
added 2022/12/30 12:0 a.m.19 views

PT-2022-26532 · Undefined · Undefined

Name of the Vulnerable Software and Affected Versions: No information is available about the vulnerable software and its affected versions. Description: The provided information does not contain details about the issue, such as general information, estimated number of potentially affected devices...

6.3AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/12/11 12:0 a.m.19 views

PT-2022-5921 · Linux +4 · Linux +4

Name of the Vulnerable Software and Affected Versions: Linux affected versions not specified Description: A use-after-free flaw caused by a race among the superblock operations in the gadgetfs Linux driver was found. It could be triggered by yanking out a device that is running the gadgetfs side...

8.8CVSS6.8AI score0.71737EPSS
Exploits30References2094
Positive Technologies
Positive Technologies
added 2022/12/02 12:0 a.m.19 views

PT-2024-11847 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a crash when replugging CSR fake controllers in the Linux kernel's Bluetooth component. It seems that fake CSR 5.0 clones can cause the suspend notifier to be...

9.1CVSS6.5AI score0.03702EPSS
Exploits12References1873
Positive Technologies
Positive Technologies
added 2022/11/21 12:0 a.m.19 views

PT-2022-26759 · Unknown · Sourcecodester Password Storage Application

Name of the Vulnerable Software and Affected Versions: Sourcecodester Password Storage Application in PHP/OOP and MySQL version 1.0 Description: The issue concerns multiple cross-site scripting XSS vulnerabilities. These vulnerabilities can be exploited via the Name, Username, Description, and Si...

5.4CVSS5.5AI score0.00767EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2022/11/17 12:0 a.m.19 views

PT-2022-23624 · D Link · D-Link G Integrated Access Device4

Name of the Vulnerable Software and Affected Versions: D-Link - G integrated Access Device4 affected versions not specified Description: The issue concerns information disclosure and authorization bypass. It involves a file containing a URL with a private IP address and default username value...

7.5CVSS6.4AI score0.01894EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2022/09/16 12:0 a.m.19 views

PT-2022-33242 · Unknown · Openvswitch

Name of the Vulnerable Software and Affected Versions: openvswitch versions prior to v5.19.8 Description: A memory leak issue was discovered in openvswitch, related to failed datapath creation. The actual impact and attack plausibility have not yet been proven. Recommendations: For versions prior...

7.2AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/08/21 12:0 a.m.19 views

PT-2022-7210 · Linux +7 · Linux Kernel +7

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.19.6 Description: An issue in the Linux kernel's net/netfilter/nf tables api.c component can cause a denial of service when binding to an already bound chain. The vulnerability is related to errors in resource...

9.8CVSS7.4AI score0.67994EPSS
Exploits220References1836
Positive Technologies
Positive Technologies
added 2022/08/03 12:0 a.m.19 views

PT-2022-3986 · Cisco · Cisco Webex Meetings

Name of the Vulnerable Software and Affected Versions: Cisco Webex Meetings affected versions not specified Description: The issue exists due to insufficient protection of the web page structure in the web interface of Cisco Webex Meetings. This could allow a remote attacker to conduct a cross-si...

5.5CVSS5.2AI score0.00445EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2022/06/28 12:0 a.m.19 views

PT-2022-20494 · Glpi +1 · Glpi +1

Name of the Vulnerable Software and Affected Versions: GLPI versions prior to 10.0.2 Description: The issue affects all assistance forms, including Ticket, Change, and Problem, allowing sql injection on the actor fields. This has been resolved in version 10.0.2. Recommendations: For versions prio...

10CVSS7.3AI score0.99628EPSS
Exploits27References156
Positive Technologies
Positive Technologies
added 2022/05/02 12:0 a.m.19 views

PT-2022-2509 · Linux +9 · Linux Kernel +9

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a memory leak problem in the TCP source port generation algorithm, which may allow an attacker to leak information and potentially cause a denial of service...

9.8CVSS7.4AI score0.67994EPSS
Exploits214References1605
Positive Technologies
Positive Technologies
added 2022/02/22 12:0 a.m.19 views

PT-2022-7490 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The vulnerability is related to a race condition in the configfs component of the Linux kernel. When configfs register subsystem or configfs unregister subsystem is executing link grou...

8.8CVSS6.7AI score0.0193EPSS
Exploits16References1677
Positive Technologies
Positive Technologies
added 2022/02/09 12:0 a.m.19 views

PT-2022-12590 · Siemens · Simcenter Femap

Name of the Vulnerable Software and Affected Versions: Simcenter Femap versions 2020.2 through 2021.1 Description: A memory corruption issue has been identified in the affected application while parsing NEU files. This could allow an attacker to execute code in the context of the current process...

7.8CVSS7.7AI score0.01311EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2021/12/31 12:0 a.m.19 views

PT-2021-7531 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux kernel versions through 5.16-rc6 Description: An issue was discovered in the Linux kernel where the uapi finalize function in drivers/infiniband/core/uverbs uapi.c lacks a check of kmalloc array. This issue is related to a pointer...

9.8CVSS7.2AI score0.67994EPSS
Exploits197References1196
Positive Technologies
Positive Technologies
added 2021/12/23 12:0 a.m.19 views

PT-2021-8146 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.16.0-rc5+ Description: The vulnerability is related to the veth component of the Linux kernel, which fails to properly check for shared or cloned skbs when GRO is enabled on a veth device and TSO is disabled o...

8.8CVSS6.5AI score0.12746EPSS
Exploits45References1509
Positive Technologies
Positive Technologies
added 2021/12/15 12:0 a.m.19 views

PT-2021-7530 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.16-rc6 Description: The issue is related to the ef100 update stats function in the drivers/net/ethernet/sfc/ef100 nic.c module of the Linux kernel, which lacks a check of the return value of kmalloc. This can...

9.8CVSS7.3AI score0.67994EPSS
Exploits197References1183
Positive Technologies
Positive Technologies
added 2021/11/16 12:0 a.m.19 views

PT-2021-5354 · Moodle +1 · Moodle +1

Name of the Vulnerable Software and Affected Versions: Moodle versions 3.11 to 3.11.3 Moodle versions 3.10 to 3.10.7 Moodle versions 3.9 to 3.9.10 Moodle versions earlier than 3.9 Description: The issue is related to errors in code generation management, allowing a remote attacker to execute...

9.8CVSS6.8AI score0.02383EPSS
Exploits0References30
Positive Technologies
Positive Technologies
added 2021/11/02 12:0 a.m.19 views

PT-2021-23860 · Mozilla +2 · Firefox +2

Name of the Vulnerable Software and Affected Versions: Firefox versions prior to 94 Description: The issue allows a website to potentially steal authentication tokens by tricking a user into copying and pasting an image link that contains the token. This can happen when an image triggers...

10CVSS8.3AI score0.26709EPSS
Exploits38References454
Positive Technologies
Positive Technologies
added 2021/07/21 12:0 a.m.19 views

PT-2021-1516 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.13.6 Description: The issue is related to a use-after-free vulnerability in the Linux kernel, specifically in the drivers/usb/host/max3421-hcd.c component. This vulnerability can be exploited by physically...

9.8CVSS7.6AI score0.93838EPSS
Exploits346References1657
Positive Technologies
Positive Technologies
added 2021/07/14 12:0 a.m.19 views

PT-2021-7654

Name of the Vulnerable Software and Affected Versions SonicWall Secure Remote Access SRA appliances versions 8.x through 9.0.0.9-26sv Description The issue is related to improper neutralization of a SQL command, leading to a SQL injection vulnerability. This vulnerability impacts end-of-life Secu...

10CVSS7.2AI score0.30084EPSS
Exploits0References13
Positive Technologies
Positive Technologies
added 2021/05/14 12:0 a.m.19 views

PT-2021-18305 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.5.0 TensorFlow version 2.4.2 TensorFlow version 2.3.3 Description: An attacker can cause a denial of service via a FPE runtime error in tf.raw ops.DenseCountSparseOutput. This is because the implementation...

5.5CVSS5.2AI score0.00189EPSS
Exploits1References14
Positive Technologies
Positive Technologies
added 2021/03/05 12:0 a.m.19 views

PT-2021-2230 · Fnet · Fnet

Name of the Vulnerable Software and Affected Versions: FNET version 4.6.3 Description: The issue is related to the improper randomness of TCP Initial Sequence Numbers ISNs in the FNET protocol stack implementation. This could allow a remote attacker to gain unauthorized access to protected...

9.1CVSS9AI score0.00871EPSS
Exploits0References13
Positive Technologies
Positive Technologies
added 2020/11/18 12:0 a.m.19 views

PT-2020-6485

Name of the Vulnerable Software and Affected Versions QEMU affected versions not specified Description A reachable assertion issue was found in the USB EHCI emulation code of QEMU. It could occur while processing USB requests due to missing handling of DMA memory map failure. A malicious privileg...

7.8CVSS6.6AI score0.00573EPSS
Exploits1References394
Positive Technologies
Positive Technologies
added 2020/07/14 12:0 a.m.19 views

PT-2020-3575

Name of the Vulnerable Software and Affected Versions Oracle Java SE versions 11.0.7 and 14.0.1 Description The issue is related to insufficient input validation in the Hotspot component of Oracle Java SE. It allows an unauthenticated attacker with network access via multiple protocols to...

7.4CVSS6.8AI score0.03864EPSS
Exploits0References195
Positive Technologies
Positive Technologies
added 2020/06/05 12:0 a.m.19 views

PT-2020-12783 · Comodo +1 · Itop +1

Name of the Vulnerable Software and Affected Versions: iTop versions prior to 2.6.4 iTop versions prior to 2.7.0 Description: The issue concerns a stored XSS payload that can be exploited through a menu shortcut name in iTop. Recommendations: For versions prior to 2.6.4, update to version 2.6.4 o...

9.8CVSS6.7AI score0.25573EPSS
Exploits11References64
Positive Technologies
Positive Technologies
added 2020/06/05 12:0 a.m.19 views

PT-2020-13970 · Linux +7 · Linux Kernel +7

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.9-rc2 Description: A memory out-of-bounds read flaw was found in the way the Linux kernel accesses a directory with broken indexing using the ext3/ext4 file system. This flaw allows a local user to crash the...

9.8CVSS7AI score0.78684EPSS
Exploits160References2049
Positive Technologies
Positive Technologies
added 2020/05/07 12:0 a.m.19 views

PT-2020-12514 · Oauth2 Proxy · Oauth2 Proxy

Name of the Vulnerable Software and Affected Versions: OAuth2 Proxy versions prior to 5.1.1 Description: The issue is related to an open redirect vulnerability. Users can provide a redirect address for the proxy to send the authenticated user to at the end of the authentication flow. This redirec...

7.1CVSS6.1AI score0.0079EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2020/04/14 12:0 a.m.19 views

PT-2020-6173 · Imagemagick +4 · Imagemagick +4

Name of the Vulnerable Software and Affected Versions: ImageMagick version 7.0.10-7 Description: The issue is related to a stack-based buffer overflow and unconditional jump in the ReadXPMImage function in the coders/xpm.c component of ImageMagick. This allows a remote attacker to access...

8.8CVSS6.6AI score0.89855EPSS
Exploits64References341
Positive Technologies
Positive Technologies
added 2020/02/17 12:0 a.m.19 views

PT-2020-5322 · Php +7 · Php +7

Name of the Vulnerable Software and Affected Versions: PHP versions 7.2.x through 7.2.27 PHP versions 7.3.x through 7.3.14 PHP versions 7.4.x through 7.4.2 Description: The issue is related to a null pointer dereference when using file upload functionality in PHP. If upload progress tracking is...

10CVSS6.6AI score0.99998EPSS
Exploits287References489
Positive Technologies
Positive Technologies
added 2019/10/07 12:0 a.m.19 views

PT-2019-5140 · Xen +1 · Xen +1

Name of the Vulnerable Software and Affected Versions: Xen versions prior to 4.12 Description: The issue is related to a race condition in the XENMEM exchange component of the Xen hypervisor, which arose due to improper synchronization when accessing shared resources. This allows an attacker to...

9.8CVSS7.7AI score0.16658EPSS
Exploits4References200
Positive Technologies
Positive Technologies
added 2019/10/01 12:0 a.m.19 views

PT-2019-3613 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel versions through 5.3.2 Description: An issue was discovered in the write tpt entry function in drivers/infiniband/hw/cxgb4/mem.c. The cxgb4 driver is directly calling dma map single a DMA function from a stack variable. This coul...

10CVSS7.8AI score0.72105EPSS
Exploits146References919
Positive Technologies
Positive Technologies
added 2019/10/01 12:0 a.m.19 views

PT-2019-4229 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel versions through 5.3.11 Description: The issue is related to a memory leak in the fsl lpspi probe function in the Linux kernel, which can cause a denial of service due to memory consumption. This can be triggered by failures in p...

10CVSS7.1AI score0.16908EPSS
Exploits117References842
Positive Technologies
Positive Technologies
added 2019/04/01 12:0 a.m.19 views

PT-2019-4499 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.1 Description: The issue is related to a memory leak in the feat register sp function, which may cause denial of service. This is due to an uncontrolled resource consumption. Recommendations: For Linux kernel...

10CVSS7.4AI score0.98745EPSS
Exploits164References1824
Positive Technologies
Positive Technologies
added 2018/01/17 12:0 a.m.19 views

PT-2018-1905 · Rsync +3 · Rsync +3

Name of the Vulnerable Software and Affected Versions: rsync versions prior to 3.1.3 Description: The issue is related to the parse arguments function in options.c in rsyncd, which does not prevent multiple uses of the --protect-args parameter. This allows remote attackers to bypass an...

9.8CVSS7.2AI score0.07489EPSS
Exploits0References73
Positive Technologies
Positive Technologies
added 2017/06/27 12:0 a.m.19 views

PT-2017-3905 · Faad2 +1 · Faad2 +1

Name of the Vulnerable Software and Affected Versions: FAAD2 version 2.7 Description: The issue is related to the mp4ff parse tag function, which can lead to a denial of service due to an infinite loop and CPU consumption when processing a crafted mp4 file. This allows remote attackers to exploit...

7.8CVSS6.1AI score0.01518EPSS
Exploits22References104
Positive Technologies
Positive Technologies
added 2017/05/19 12:0 a.m.19 views

PT-2017-2221 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.11.1 Description: The issue exists due to insufficient input validation in the tcp v6 syn recv sock function. This can be exploited by a local user to cause a denial of service or possibly have other unspecifi...

10CVSS7.7AI score0.60631EPSS
Exploits104References927
Positive Technologies
Positive Technologies
added 2017/04/24 12:0 a.m.19 views

PT-2017-4905 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel versions 2.6.x through 4.x Description: The issue is a memory leak in the videobuf subsystem, specifically in the drivers/media/video/videobuf-core.c file. This allows local users to cause a denial of service by consuming memory...

10CVSS7AI score0.16908EPSS
Exploits118References809
Positive Technologies
Positive Technologies
added 2017/01/26 12:0 a.m.19 views

PT-2017-3944

Name of the Vulnerable Software and Affected Versions OpenSSL versions 1.0.2 through 1.0.2k OpenSSL versions 1.1.0 through 1.1.0d MySQL Server versions 5.6.35 and earlier MySQL Server versions 5.7.18 and earlier Description The issue is related to an out-of-bounds read in the OpenSSL library when...

10CVSS8.5AI score0.99999EPSS
Exploits190References229
Positive Technologies
Positive Technologies
added 2016/12/29 12:0 a.m.19 views

PT-2022-24411 · Phpipam +1 · Phpipam +1

Name of the Vulnerable Software and Affected Versions: phpipam versions prior to 1.5.0 Description: A vulnerability has been found in phpipam, allowing for cross site scripting through the manipulation of an unknown functionality in the file app/admin/import-export/import-load-data.php of the...

9.8CVSS6.4AI score0.99714EPSS
Exploits84References76
Total number of security vulnerabilities5000