184449 matches found
PT-2026-44375
An issue was discovered in Canonical Multipass for macOS before version 1.16.3 due to an incomplete fix for CVE-2025-5199. While the patch in version 1.16.0 updated the ownership of the multipassd daemon binary to root:wheel, five co-located binaries multipass, qemu-img, qemu-system-aarch64,...
PT-2026-44246
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description In the virtio bt module, the virtbt rx work function calls skb putskb, len using a length value obtained from virtqueue get buf without validating it against the buffer size exposed to t...
PT-2026-44221
Name of the Vulnerable Software and Affected Versions KubeVirt versions prior to 1.8.3-1.1 Description A path traversal flaw exists in the virt-exportserver component. An attacker with namespace-level access can exploit the 'VMExport directory' endpoint by placing a symbolic link symlink within a...
PT-2026-44194
Name of the Vulnerable Software and Affected Versions Keycloak affected versions not specified Description A flaw allows a remote attacker with high privileges, such as a realm administrator configuring a malicious Lightweight Directory Access Protocol LDAP server or an attacker who has compromis...
PT-2026-44284
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A divide-by-zero error exists in the setup geo function within the md/raid10 module. The issue occurs when the setup geo function extracts near copies nc and far copies fc from the...
PT-2026-44266
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.11-1.1 Description In the ASoC qcom q6apm-lpass-dai component, the prepare function can be called multiple times, leading to multiple graph opens for the playback path. This behavior results in memory leaks...
PT-2026-44227
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description In stacked Linux Security Module LSM configurations, the sock has perm and nlmsg sock has extended perms functions incorrectly dereference sk-sk security directly. This assumes the SELin...
PT-2026-44241
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A null pointer dereference occurs in the papr hvpipe dev create handle function. This issue was introduced when the function was converted to use FD PREPARE, which caused the src info...
PT-2026-44259
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A potential buffer length underflow exists in the mt7921 driver within the mt76 wifi module. The buf len variable, used to limit iterations when retrieving country power settings, may...
PT-2026-44353
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An out-of-bounds read issue exists in the drm/amdgpu/vcn3 component when parsing decoding messages. This occurs because the system fails to properly check bounds against the end of the...
PT-2026-44200
The HT Contact Form – Drag & Drop Form Builder for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'file upload' parameter in all versions up to, and including, 2.8.2 due to insufficient input sanitization and output escaping. This makes it possible for...
PT-2026-44793
Name of the Vulnerable Software and Affected Versions gdk-pixbuf-loader-libheif versions prior to 1.22.2-1.1 Description Security issues were identified and resolved in the gdk-pixbuf-loader-libheif package. Recommendations Update to version 1.22.2-1.1...
PT-2026-44226
Dlink DWR-X1820 router uses weak default password generated from its IMEI number and does not require users to change it. An attacker who knows how passwords are generated can easily crack the default password if they have the device IMEI number. This issue was fixed in version 1.00B16CP...
PT-2026-44732
Name of the Vulnerable Software and Affected Versions Arcane versions prior to 1.19.4 Description An authenticated user can perform an arbitrary read of any file accessible by the Arcane backend process. This occurs because the ProjectService.CreateProject function writes attacker-supplied compos...
PT-2026-44329
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified openSUSE Tumbleweed versions prior to kernel-devel-7.0.11-1.1 Description An issue exists in the batman-adv module where the tp meter fails to reject new sender or receiver sessions during the...
PT-2026-44240
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.11-1.1 Description A flaw exists in the RDMA mana component where a user can specify Work Queues WQs sharing the same Completion Queue CQ as part of the user API. This action triggers a WARN ON condition with...
PT-2026-44282
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A Time-of-Check to Time-of-Use TOCTOU race condition exists in the btrfs ioctl space info function. The function performs two passes over block group RAID type lists: the first to...
PT-2026-44422
Name of the Vulnerable Software and Affected Versions Casdoor versions prior to 2.362.1 Description The SAML service provider implementation fails to validate the AudienceRestriction element in SAML assertions. This occurs because the buildSp function in object/saml sp.go does not set the...
PT-2026-43549
The Livemesh Addons for Beaver Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the labb admin ajax AJAX action in all versions up to, and including, 3.9.2 due to missing authorization checks and insufficient input sanitization. The AJAX handler verifies a nonce but...
PT-2026-44028
Name of the Vulnerable Software and Affected Versions ElementsKit Elementor addons Lite versions prior to 3.9.7 Description A missing authorization issue in Wpmet ElementsKit Elementor addons Lite allows for the exploitation of incorrectly configured access control security levels. This is a brok...
PT-2026-43993
Name of the Vulnerable Software and Affected Versions Keycloak affected versions not specified Description An authenticated user with low privileges can achieve privilege escalation by sending an oversized JSON Web Token JWT, which is a compact, URL-safe means of representing claims to be...
PT-2026-44084
pam usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.0, src/mem.c implemented out-of-memory guards for xmalloc, xrealloc, and xstrdup using assertdata != NULL. The C standard specifies that all assert expressions are compiled out when NDEBUG is defined a...
PT-2026-43789
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak occurs in the RDMA/mlx5 component within the UVERBS HANDLERMLX5 IB METHOD GET DATA DIRECT SYSFS PATH function. The function uses kobject get path to allocate memory for the...
PT-2026-43875
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists between the damos walk and kdamond fn functions. When the kdamond fn main loop finishes, it cancels remaining damos walk requests and unsets damon ctx-kdamond...
PT-2026-43918
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.11-1.1 Description A soft lockup occurs in the retry aligned read function when an overlapped stripe is encountered. The function releases the stripe via raid5 release stripe, placing it on the lockless...
PT-2026-43795
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak occurs in the wave5 VPU driver. In the functions wave5 vpu open enc and wave5 vpu open dec, a VPU instance is allocated using kzalloc. If the subsequent allocation for the...
PT-2026-43941
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified openSUSE Tumbleweed versions prior to kernel-devel-7.0.11-1.1 Description A memory leak and use-after-free issue exists in the spi: ch341 driver. The problem occurs during probe failures when the...
PT-2026-43739
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak occurs in the pqi report phys luns function. The issue arises when the function encounters an unsupported data format or when the allocation for the rpl 16byte wwid list...
PT-2026-43601
An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the saveObjectFromData function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...
PT-2026-44034
When creating an export through the pretix API, API clients are returned an UUID value for their export job a long, random string like 35742818-c375-4d15-839f-d49aecce94d6. Using this UUID, the API client can then request the actual file for download. The same kind of UUID is used in other places...
PT-2026-44094
Function calls to WOSCommonUtil.dll!WOSSysInfoGetDeviceInterface in various DLLs i.e., WOSProfileMgrModule.dll, WOSWebDavModule.dll can return a NULL pointer i.e., when no user is logged into the Triofox Server Agent Management Console. The returned NULL pointer is not checked before being...
PT-2026-43910
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.11-1.1 Description An issue exists in the RDMA/rxe component where the rxe rcv function fails to properly validate the incoming packet length before calculating the payload size. The payload size calculation...
PT-2026-43536
The CDN Linker lite plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.3.1. This is due to missing or incorrect nonce validation on the ossdl off options function. This makes it possible for unauthenticated attackers to update the plugin's setting...
PT-2026-43618
A highly authenticated attacker can alter the config generator injecting a payload into future created configurations. The device is not correctly checking this configuration value before passing it to an system execute leading to code execution. This can result in a total loss of confidentiality...
PT-2026-47219
Name of the Vulnerable Software and Affected Versions Twig versions prior to 3.26.0 Description An issue exists where the sandbox visitor fails to wrap mapping keys in ArrayExpression with CheckToStringNode. When a dynamic key expression resolves to a Stringable object, the ArrayExpression::compi...
PT-2026-43981
Name of the Vulnerable Software and Affected Versions IBM Db2 versions 12.1.0 through 12.1.4 Description An authorization bypass occurs when uploading to a remote object storage path using a special query. Recommendations At the moment, there is no information about a newer version that contains ...
PT-2026-43577
Name of the Vulnerable Software and Affected Versions Synology BeeDrive for desktop versions prior to 1.3.2-13814 Description A flaw in the redis-server component allows local users to perform denial-of-service attacks, which occur when a system is overwhelmed to the point of becoming unavailable...
PT-2026-44033
A cross-site request forgery CSRF vulnerability in Jenkins Multijob Plugin 662.vd2e0001f6b b d and earlier allows attackers to resume failed Multijob builds...
PT-2026-43663
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in RealMag777 TableOn posts-table-filterable allows Blind SQL Injection.This issue affects TableOn: from n/a through = 1.0.5.1...
PT-2026-43667
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Timo Affiliate Super Assistent amazonsimpleadmin allows Stored XSS.This issue affects Affiliate Super Assistent: from n/a through = 1.10.1...
PT-2026-44011
Jenkins Active Directory Plugin 2.41 and earlier follows LDAP referrals by default...
PT-2026-43498
Name of the Vulnerable Software and Affected Versions faq shortocde versions prior to 1.1 Description The faq shortocde plugin for WordPress contains a Stored Cross-Site Scripting issue. This occurs because the color attribute within the 'faq' shortcode does not have sufficient input sanitization...
PT-2026-44014
Name of the Vulnerable Software and Affected Versions Jenkins Pipeline: Groovy Libraries Plugin versions prior to 797.v90ea a 9b e45a 0 Description The plugin does not prohibit symbolic links in shared libraries. This allows attackers who can control the content of a library used by a Pipeline jo...
PT-2026-43685
Name of the Vulnerable Software and Affected Versions IBM QRadar versions 7.5.0 through 7.5.0 UP15 Interim Fix 002 Description A privileged user can upload a malicious backup archive. When this archive is restored, it can be used to gain unauthorized access to the underlying operating system...
PT-2026-44006
Agent Zero before version 1.15 contains a stored cross-site scripting vulnerability that allows attackers to execute arbitrary JavaScript in the application origin by serving SVG files through the image get API endpoint without Content-Security-Policy, X-Content-Type-Options, or Content-Dispositi...
PT-2026-43944
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified openSUSE Tumbleweed versions prior to kernel-devel-7.0.11-1.1 Description An issue exists in the atmel-tdes crypto component where the DMA output dma addr out is synced using dma sync single for...
PT-2026-43908
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified openSUSE Tumbleweed versions prior to kernel-devel-7.0.11-1.1 Description A flaw exists in the greybus gb-beagleplay component where the hdlc append function calls usleep range while the tx producer...
PT-2026-43480
Name of the Vulnerable Software and Affected Versions Tanium Connect affected versions not specified Description An issue in Tanium Connect allows for unauthorized code execution. Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerabili...
PT-2026-43655
Insertion of Sensitive Information Into Sent Data vulnerability in ZAYTECH Smart Online Order for Clover clover-online-orders allows Retrieve Embedded Sensitive Data.This issue affects Smart Online Order for Clover: from n/a through = 1.6.0...
PT-2026-43816
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the hardware random number generator hwrng core. The hwrng fill pointer is not cleared until the hwrng fillfn thread exits. Because hwrng unregister reads hwrn...