175406 matches found
PT-2026-43631
Impact When @hapi/wreck follows a 3xx redirect to a different hostname, only the Authorization and Cookie headers are stripped. The standard credential header Proxy-Authorization is forwarded intact to the redirect target, potentially exposing forward-proxy credentials to a host outside the...
PT-2026-44130
The LAPI router uses gin-contrib/gzip with DefaultDecompressHandle globally pkg/apiserver/controllers/controller.go. This middleware decompresses incoming request bodies without enforcing a maximum decompressed size. The endpoints /v1/watchers or /v1/watchers/login require no authentication. An...
PT-2026-44129
Summary A flaw in Deno's Node.js tls compatibility layer could cause a TLS client to transmit application data in plaintext after a connection retry. When autoSelectFamily was enabled and the first address-family attempt failed, the socket reinitialization path reused a stale TLS upgrade hook tha...
PT-2026-44133
Description SymfonyComponentHtmlSanitizerTextSanitizerUrlSanitizer::parse used by UrlSanitizer::sanitize and therefore by every HtmlSanitizer config that allows links or media accepts URLs that contain Unicode explicit-direction BiDi formatting characters: U+202A–U+202E LRE / RLE / PDF / LRO / RL...
PT-2026-43683
Name of the Vulnerable Software and Affected Versions dbgate-serve versions prior to 7.1.9 Description An unauthenticated remote code execution issue exists in the database management tool. Attackers can achieve full system compromise without authentication or user interaction by injecting code...
PT-2026-47211
Unknown description...
PT-2026-43757
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw in the xen-netback component allows a malicious or buggy Xen guest to cause a guest-to-host denial of service on systems where panic on warn is set to 1. The issue occurs because...
PT-2026-43825
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the vidi connection ioctl function where the vidi-edid user pointer is directly dereferenced within the kernel. This allows arbitrary kernel memory access from user spac...
PT-2026-43715
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL pointer dereference exists in the AppArmor module. Specifically, the aa sock file perm function does not properly handle cases where sock and sock-sk can be NULL during socket set...
PT-2026-43836
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The ps gamepad create function calls input ff create memless without verifying its return value. This lack of validation can result in incorrect behavior or potential system crashes when...
PT-2026-43457
Summary A Server-Side Code Injection vulnerability exists in the Yamcs algorithm evaluation engine org.yamcs.algorithms.JavaExprAlgorithmExecutionFactory. The application dynamically compiles and evaluates user-controlled algorithm text without enforcing a secure sandbox. An authenticated user wi...
PT-2026-43645
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in RealMag777 WPCS currency-switcher allows DOM-Based XSS.This issue affects WPCS: from n/a through = 1.3.1...
PT-2026-43884
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the deferred split queue during migration. The migrate folio move function records the deferred split queue state from the source and replays it on the...
PT-2026-43943
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the KVM nSVM component where a VMMCALL is not properly handled when L2 is active, L1 does not want to intercept the VMMCALL, nested svm l2 tlb flush enabled is true, a...
PT-2026-43933
Name of the Vulnerable Software and Affected Versions Linux kernel versions 6.18.16 Linux kernel version 6.19.6 Linux kernel version 7.0-rc1 Description An off-by-one error exists in the Ceph component of the Linux kernel. The issue occurs when move dirty folio in page array fails to allocate a...
PT-2026-43948
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory corruption issue exists in the Linux kernel crypto acomp component. The function acomp save req incorrectly stores the address of the chain member &req-chain in req-base.data...
PT-2026-43882
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.11-1.1 Description An issue exists in the TCP implementation where the inet csk listen stop function migrates an established child socket from a closing listener to another socket within the same SO REUSEPORT...
PT-2026-43896
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description On Uniprocessor UP kernels where CONFIG SMP is not enabled, the spin trylock function acts as a no-op and unconditionally succeeds. This allows kmalloc nolock called from a Non-Maskable...
PT-2026-43862
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the io uring/zcrx component. The function io free rbuf ring utilizes a struct user struct, but io zcrx ifq free releases this structure before the ring i...
PT-2026-43944
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified openSUSE Tumbleweed versions prior to kernel-devel-7.0.11-1.1 Description An issue exists in the atmel-tdes crypto component where the DMA output dma addr out is synced using dma sync single for...
PT-2026-43966
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the caif connect function where a client is torn down after a remote shutdown by calling caif disconnect client and caif free client. The caif free client function...
PT-2026-43903
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.11-1.1 Description A use-after-free issue exists in the vfio/cdx component. The function vfio cdx set msi trigger reads vdev-config msi and operates on the vdev-cdx irqs array without proper serialization...
PT-2026-43929
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An integer overflow exists in the run unpack function within the ntfs3 driver. The volume boundary check lcn + len sbi-used.bitmap.nbits utilizes raw addition, which can wrap around when...
PT-2026-43925
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.11-1.1 Description A race condition exists in the amphion VPU driver within the Linux kernel. This occurs when v4l2 m2m ctx release frees the m2m ctx context while v4l2 m2m try run is attempting to call devic...
PT-2026-43939
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The run unpack function in the ntfs3 driver fails to verify if the size size and offset size bytes read via run unpack s64 fit within the remaining buffer, despite checking run buf run...
PT-2026-43930
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A deadlock can occur during the shadow stack signal frame pop process in the sigreturn operation. The kernel attempts to verify that it is reading actual shadow stack memory by holding t...
PT-2026-43679
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL pointer dereference exists in the Linux kernel's TAPRIO child qdisc implementation. When a TAPRIO child qdisc is deleted via RTM DELQDISC, the taprio graft function stores a NULL...
PT-2026-43856
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified openSUSE Tumbleweed versions prior to kernel-devel-7.0.11-1.1 Description A use-after-free issue exists in the testdrv probe function. The function retrieves the device node from the PCI device,...
PT-2026-43946
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.11-1.1 Description A null-pointer dereference occurs in the rbd module when device add disk fails after device add has successfully published the device. In this scenario, the error path triggers a double...
PT-2026-43868
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified openSUSE Tumbleweed versions prior to kernel-devel-7.0.11-1.1 Description Two issues exist in the pt5161l read block data function within the hwmon component. First, a buffer overrun occurs because...
PT-2026-43887
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.11-1.1 Description Privileged users can trigger an out-of-bounds memory access via DAMON SYSFS. The issue occurs because the node ID in damos quota goal-nid for node mem used bp and node mem free bp is used i...
PT-2026-43859
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists in the ALSA caiaq component. The error handling path for the setup card function fails to kill the internal URB cdev-ep1 in urb if it was submitted before the error...
PT-2026-43869
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the ext2 filesystem where the ext2 iget function fails to reject inodes that have a link count i nlink of zero while maintaining a valid mode and a zero deletion time ...
PT-2026-43872
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A resource leak exists in the xfs alloc buftarg function within the XFS file system. The issue occurs in the error path where the DAX Direct Access device reference is not properly...
PT-2026-43874
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified openSUSE Tumbleweed versions prior to kernel-devel-7.0.11-1.1 Description In the hwmon powerz component, a DMA buffer may share a cacheline with a mutex depending on the architecture. This cacheline...
PT-2026-43888
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified openSUSE Tumbleweed versions prior to kernel-devel-7.0.11-1.1 Description Issues exist in the thermal core regarding thermal zone governor cleanup. If thermal zone device register with trips fails...
PT-2026-43649
Name of the Vulnerable Software and Affected Versions VikBooking Hotel Booking Engine & PMS versions prior to 1.9.0 Description An improper limitation of a pathname to a restricted directory, known as Path Traversal, allows access to files outside of the intended directory. Recommendations Update...
PT-2026-43470
A vulnerability was determined in QianFox FoxCMS up to 1.2.6. The impacted element is an unknown function of the file /Tag/edit of the component Administrator Backend. Executing a manipulation can lead to cross site scripting. It is possible to launch the attack remotely. The exploit has been...
PT-2026-43669
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in RealMag777 Active Products Tables for WooCommerce profit-products-tables-for-woocommerce allows Blind SQL Injection.This issue affects Active Products Tables for WooCommerce: from n/a through = 1.0...
PT-2026-43574
The WP Promoter plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.3. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts...
PT-2026-43564
A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the accountstatus view devices parameter due to improper neutralization of special elements in a SQL UPDATE command allowing for reading the whole database and changing values in a non critical table...
PT-2026-43575
Name of the Vulnerable Software and Affected Versions MetaMagic SEO Plugin versions prior to 1.7 Description The MetaMagic SEO Plugin for WordPress is subject to Cross-Site Request Forgery, a flaw where an attacker tricks a victim into performing actions they did not intend to. This occurs due to...
PT-2026-43500
The Cryptocurrency Prijsvergelijking Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting in version 1.0. This is due to insufficient output escaping in the as get coin shortcode function, which renders the 'width' and 'height' shortcode attribute directly into the style...
PT-2026-43478
The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin plugin for WordPress is vulnerable to denial of service in all versions up to, and including, 1.6.11.5. This is due to a publicly accessible REST API endpoint /wp-json/ssa/v1/async that calls PHP's sleep function on a...
PT-2026-43475
Name of the Vulnerable Software and Affected Versions GDAL versions 3.1.0 through 3.13.0 Description The netCDF driver contains a stack-based buffer overflow in the scanForGeometryContainers function located in frmts/netcdf/netcdfsg.cpp. The issue occurs because the function reads a geometry...
PT-2026-43477
The Style Kits – Advanced Theme Styles for Elementor, Elementor Kits & Elementor Patterns plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the '/wp-json/agwp/v1/tokens/save' endpoint kit title parameter in versions up to, and including, 2.5.0 due to insufficient input...
PT-2026-43474
A vulnerability was detected in UTT HiPER 1250GW up to 3.2.7-210907-180535. Affected by this vulnerability is the function strcpy of the file /goform/formConfigFastDirectionW of the component Web Management Interface. Performing a manipulation of the argument Profile results in stack-based buffer...
PT-2026-44085
pam usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.0, the pusb pad compare function in src/pad.c only verified that the user-side pad /.pamusb/device.pad could be read, but did not enforce that the system-side pad the pad file on the USB device was als...
PT-2026-43589
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jthemes Themebox - Digital Products Ecommerce allows Reflected XSS. This issue affects Themebox - Digital Products Ecommerce: from n/a through 1.4.2...
PT-2026-43638
Missing Authorization vulnerability in Strategy11 Team AWP Classifieds another-wordpress-classifieds-plugin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AWP Classifieds: from n/a through = 4.4.5...