Lucene search
K
PtsecurityRecent

184569 matches found

Positive Technologies
Positive Technologies
added 2026/06/20 12:0 a.m.21 views

PT-2026-51136

Name of the Vulnerable Software and Affected Versions SP LMS versions prior to 4.1.4 Description SP LMS com splms by JoomShaper contains a PHP Object injection flaw where user-controlled cookie data is deserialized without validation. Specifically, the application passes the lmsOrders cookie to a...

9.5CVSS6.3AI score0.02726EPSS
Exploits4References14
Positive Technologies
Positive Technologies
added 2026/06/20 12:0 a.m.20 views

PT-2026-51137

Name of the Vulnerable Software and Affected Versions iCagenda versions prior to 3.9.15 iCagenda versions prior to 4.0.8 Description The iCagenda extension for Joomla contains a flaw in the file attachment feature of its public event submission form. Due to improper restriction of file types, an...

10CVSS6.5AI score0.01505EPSS
Exploits4References31
Positive Technologies
Positive Technologies
added 2026/06/20 12:0 a.m.18 views

PT-2026-51156

Cap-go before 12.128.12 contains a broken cursor pagination vulnerability in the /private/devices endpoint on the Cloudflare/workerd path that allows authenticated attackers to cause duplicate-page loops and make later rows unreachable. Attackers with app.read devices access can exploit...

5.3CVSS5.9AI score0.00238EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.5 views

PT-2026-53804

Summary On a multi-tenant stigmem node, a tenant administrator could list, read, and admit or reject quarantined facts belonging to other tenants. The list/count queries and get quarantined fact in routes/quarantine.py lacked an f.tenant id = identity.tenant id predicate, and the garden lookup wa...

8.6CVSS5.5AI score
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.7 views

PT-2026-53791

DNS-resolved Private Hostname SSRF in web url read Summary The web url read MCP tool in mcp-searxng is vulnerable to Server-Side Request Forgery SSRF via DNS rebinding bypass. The assertUrlAllowed function at src/url-reader.ts:85-93 validates only the syntactic hostname string against a private...

7.1CVSS5.9AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.16 views

PT-2026-51107

Summary With $wgEmbedVideoRequireConsent enabled the default, the urls for videos are stored in a json-ified data attributedata-mw-iframeconfig. When given a malformed url or id, the data-mw-iframeconfig attribute can be escaped via single quotes, allowing for html/javascript injection. Details T...

7.5CVSS6AI score
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.6 views

PT-2026-53651

This update for xwayland fixes the following issues: - CreateSaverWindow Use-After-Free Information Disclosure. bsc1266301 - Font Alias Stack-based Buffer Overflow. bsc1266294 - GLX ChangeDrawableAttributes Out-Of-Bounds Read/Write. bsc1266300 - XKB Key Types Stack-based Buffer Overflow. bsc12662...

5.8AI score
Exploits0References10
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.14 views

PT-2026-51112

Name of the Vulnerable Software and Affected Versions Parse Server affected versions not specified Description The default fileUpload.fileExtensions blocklist can be bypassed by uploading files with non-standard or compound extensions combined with a dangerous content type. This allows the upload...

2.1CVSS5.8AI score0.00406EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.12 views

PT-2026-51092

Name of the Vulnerable Software and Affected Versions concurrent-ruby versions prior to 1.3.7 Description A synchronization correctness issue exists in the public Concurrent::ReadWriteLock API. The function release write lock does not verify if the calling thread actually acquired the write lock,...

9.8CVSS5.9AI score0.0016EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.13 views

PT-2026-51090

Name of the Vulnerable Software and Affected Versions concurrent-ruby versions prior to 1.3.7 Description The Concurrent::AtomicReferenceupdate function can enter a permanent busy retry loop when the current value is Float::NAN. This occurs due to the interaction between AtomicReferenceupdate,...

8.2CVSS5.8AI score0.00278EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.19 views

PT-2026-50969

Name of the Vulnerable Software and Affected Versions Tenda AC7 version 15.03.06.44 Description A stack buffer overflow exists in the '/goform/AdvSetMacMtuWan' endpoint. This issue occurs when processing the wanSpeed parameter, which can lead to remote arbitrary code execution. Recommendations At...

9.8CVSS6.4AI score0.00584EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.15 views

PT-2026-50909

Name of the Vulnerable Software and Affected Versions Windows Firewall Control version 4.8.6.0 Description An unquoted service path issue exists where the wfcs.exe service is configured with a path containing spaces that is not enclosed in quotes. This allows a local attacker to escalate privileg...

8.5CVSS5.9AI score0.00113EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.22 views

PT-2026-51001

Name of the Vulnerable Software and Affected Versions Slopsmith versions prior to 0.2.9-alpha.5 Description Slopsmith is a web application for browsing, playing, and practicing Rocksmith 2014 Custom DLC. A path-traversal issue in the archive extractors allows an attacker to write arbitrary files...

9.4CVSS6.7AI score0.00568EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.4 views

PT-2026-53774

Affected versions: v0.123.0 through v0.163.0. Earlier versions are not affected. Fixed in: v0.163.1. Severity: Medium. Requires the attacker to be able to place or convince a site author to place a symlink inside a mounted directory — for example, inside a locally-vendored theme under themes/...

6CVSS5.8AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.20 views

PT-2026-50871

Name of the Vulnerable Software and Affected Versions FFmpeg affected versions not specified Description A use-after-free issue exists in the RASC video decoder. The decode move function initializes a read pointer into a decompressed buffer; however, a subsequent reallocation of that buffer durin...

6.5CVSS6AI score0.00245EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.11 views

PT-2026-51065

Name of the Vulnerable Software and Affected Versions jupyterlab-git affected versions not specified Description A stored cross-site scripting XSS issue exists in the PlainTextDiff.ts component of the jupyterlab-git extension. The createHeader function passes Git filenames directly to innerHTML...

9.3CVSS6.6AI score0.00284EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.17 views

PT-2026-51007

Name of the Vulnerable Software and Affected Versions js-toml versions prior to 1.1.1 Description The software contains a quadratic time complexity issue during the parsing of hexadecimal, octal, and binary integer literals. This occurs because the parseBigInt function uses a loop that performs a...

7.5CVSS5.8AI score0.00415EPSS
Exploits1References13
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.25 views

PT-2026-51039

Name of the Vulnerable Software and Affected Versions Cap-go versions prior to 12.128.2 Description An authentication logic flaw allows an attacker to register and control an account linked to a victim's email address before the email is verified. By enabling two-factor authentication on this...

9.3CVSS5.9AI score0.00351EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.15 views

PT-2026-50914

Name of the Vulnerable Software and Affected Versions Network Inventory Advisor version 5.0.26.0 Description The niaservice service is installed with an unquoted binary path. This configuration allows local attackers to escalate privileges by placing malicious executables in intermediate...

8.5CVSS6.2AI score0.0012EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.13 views

PT-2026-50885

Name of the Vulnerable Software and Affected Versions Apache APISIX versions 3.0.0 through 3.16.0 Description An Open Redirect issue exists in the default configuration of the cas-auth plugin, where unsanitized cookie values can lead to URL redirection to untrusted sites. This flaw can be leverag...

6.1CVSS5.8AI score0.004EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.23 views

PT-2026-51025

Name of the Vulnerable Software and Affected Versions Authelia versions 4.36.0 through 4.39.19 Description Authelia is an open-source authentication and authorization server providing two-factor authentication and single sign-on SSO. A lack of domain canonicalization in specific edge cases can...

2.3CVSS5.9AI score0.00283EPSS
Exploits0References13
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.23 views

PT-2026-50989

Name of the Vulnerable Software and Affected Versions Joomla! Component VMap version 1.9.6 Description An SQL injection allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code into the latlngbound parameter. This is achieved by sending GET requests to the...

8.8CVSS6.2AI score0.00366EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.25 views

PT-2026-51103

Summary A Stored Cross-Site Scripting XSS issue previously existed in the Text Widget in Board of Outerbase Studio where unsanitized HTML could be rendered using dangerouslySetInnerHTML Steps to Reproduce 1. Create a new dashboard. 2. Add a Text widget. 3. Insert the following payload: html...

4.4CVSS5.8AI score
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.14 views

PT-2026-51121

Name of the Vulnerable Software and Affected Versions SpiceDB versions prior to 1.54.0 Description Under concurrency, the CheckPermission and CheckBulkPermissions functions can incorrectly return PERMISSIONSHIP HAS PERMISSION instead of PERMISSIONSHIP CONDITIONAL PERMISSION for a specific resourc...

3.7CVSS5.9AI score
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.16 views

PT-2026-51018

gin-vue-admin is an AI-assisted basic development platform. In version 2.9.1, an authenticated attacker with access to the code-generation feature and MCP management interface can exploit this vulnerability by injecting attacker-controlled Go source code through POST /autoCode/addFunc, and then...

8.7CVSS6.6AI score0.0047EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.30 views

PT-2026-51008

Name of the Vulnerable Software and Affected Versions @microsoft/kiota-http-fetchlibrary versions 1.0.0-preview.97 through 1.0.0-preview.101 Description The RedirectHandler in the library fails to properly remove sensitive headers during cross-origin redirects. While it is intended to strip...

6.9CVSS5.8AI score0.0065EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.13 views

PT-2026-51108

Name of the Vulnerable Software and Affected Versions OpenBao affected versions not specified Description An issue exists in the shared LDAP utility library sdk/helper/ldaputil/client.go used by the LDAP authentication backend and OpenLDAP secrets engine. The GetUserDN function incorrectly uses...

6.8CVSS6AI score
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.14 views

PT-2026-50964

Name of the Vulnerable Software and Affected Versions JHotelReservation version 6.0.7 Description An SQL injection allows unauthenticated attackers to execute arbitrary SQL queries. This is achieved by sending POST requests to the 'search-hotels' endpoint with malicious code injected into the roo...

8.8CVSS6.2AI score0.00296EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.23 views

PT-2026-50835

Name of the Vulnerable Software and Affected Versions Canonical MicroCeph versions from the squid and tentacle track Description A path traversal issue exists in the remote-import API. Users possessing a join token or a trusted cluster mTLS certificate, such as enrolled cluster members, can...

5CVSS5.9AI score0.00208EPSS
Exploits0References13
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.21 views

PT-2026-50851

Name of the Vulnerable Software and Affected Versions 2Download Connector for 2DL Hosted Checkout versions prior to 0.1.6 Description The plugin fails to properly verify user authorization before performing specific actions. This allows unauthenticated attackers to access arbitrary customer...

5.3CVSS6AI score0.00299EPSS
Exploits0References14
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.16 views

PT-2026-51110

Name of the Vulnerable Software and Affected Versions OpenBao versions prior to 2.5.5 Description Users granted namespace management capabilities within a non-root namespace can abuse the canonicalization of the literal path "root" to manage the containing namespace itself. Several endpoints unde...

2.3CVSS5.9AI score
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.5 views

PT-2026-53764

Summary EnvironmentManager.restoreenv, backupId computes the backup path with joinenvDir, '.backups', backupId and only checks that this path exists. It does not resolve the result or verify that it remains under data//.backups. A caller can pass a traversal backup ID such as...

6.1CVSS5.9AI score
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.10 views

PT-2026-51095

Name of the Vulnerable Software and Affected Versions miniflux-v2 affected versions not specified Description URL restrictions can be bypassed, leading to an open redirect. The application uses the IsRelativePath function to validate redirect URLs by requiring relative paths and prohibiting host ...

5.1CVSS5.9AI score
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.15 views

PT-2026-53784

Arbitrary Cloudinary API Parameter Signing in @jhb.software/payload-cloudinary-plugin Summary @jhb.software/payload-cloudinary-plugin v0.3.4 exposes a server-side signing endpoint POST /api/cloudinary-generate-signature that passes attacker-supplied paramsToSign directly to cloudinary.utils.api...

7.1CVSS6AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.23 views

PT-2026-50849

Name of the Vulnerable Software and Affected Versions STRABL – A checkout solution plugin for WordPress versions prior to 4.6 Description The plugin contains a missing authentication flaw in the REST API webhook endpoint "/wp-json/strabl/webhook/order". The endpoint uses a permission callback set...

5.3CVSS5.9AI score0.00382EPSS
Exploits0References20
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.21 views

PT-2026-50864

The security fix for CVE-2025-0728 in eclipse-threadx NetX Duo refactors error handling in the HTTP server PUT process to use a shared cleanup label, but this unified cleanup path unconditionally calls fx file close even when the file was never successfully opened. Multiple error branches jump to...

7.5CVSS5.8AI score0.00263EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.13 views

PT-2026-51051

Name of the Vulnerable Software and Affected Versions Symfony UX LiveComponent versions prior to 2.x Symfony UX LiveComponent versions prior to 3.x Description The createHtml function in SymfonyUXLiveComponentUtilChildComponentPartialRenderer interpolates the $childTag variable directly into the...

5.1CVSS6AI score
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.13 views

PT-2026-51106

Summary The user supplied class value is fed directly into the sprintf call that creates HTML. You can add a quote to escape the class and then inject arbitrary html/javascript to the final output. Details The template here adds a figure with a class that is substituted in. This value is provided...

8.6CVSS6AI score
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.5 views

PT-2026-53647

Root has patched GHSA-458j-xx4x-4375 in the @rootio/hono package for Root:npm. Multiple fixed versions available...

4.3CVSS5.8AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.6 views

PT-2026-53795

Hugo's default code-block renderer wrote the Markdown code-fence language / info-string into the wrapper without HTML escaping. A fence info-string containing a quote and a payload breaks out of the attribute and injects a live script element. This is not an issue if you fully trust every file...

5.1CVSS5.8AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.22 views

PT-2026-50847

Name of the Vulnerable Software and Affected Versions Bogo plugin for WordPress versions prior to 3.9.2 Description An issue exists where authenticated attackers with subscriber-level access and above can extract the raw title, content, excerpt, and password of private, draft, or password-protect...

4.3CVSS5.9AI score0.00254EPSS
Exploits0References17
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.19 views

PT-2026-50839

Name of the Vulnerable Software and Affected Versions ts-deepmerge versions prior to 8.0.0 Description An uncaught exception occurs due to improper handling of built-in Object.prototype methods, such as toString and valueOf. When user-controlled input contains these keys with non-function values,...

6.9CVSS5.8AI score0.00308EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.20 views

PT-2026-50875

Name of the Vulnerable Software and Affected Versions JetBrains Hub versions prior to 2026.1.13757 JetBrains Hub versions prior to 2025.3.148033 JetBrains Hub versions prior to 2025.2.148048 JetBrains Hub versions prior to 2025.1.148120 JetBrains Hub versions prior to 2024.3.148430 JetBrains Hub...

9.8CVSS5.9AI score0.00365EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.20 views

PT-2026-50974

Name of the Vulnerable Software and Affected Versions OpenFGA versions prior to 1.18.0 Description The OIDC authenticator fails to validate the JWT audience aud claim when no audience is configured. In environments where a single identity provider issues tokens for multiple services, a token...

6.8CVSS5.8AI score0.00298EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.14 views

PT-2026-51078

Name of the Vulnerable Software and Affected Versions CoreWCF versions prior to 1.8.1 CoreWCF versions prior to 1.9.1 Description SAML token validation in the SamlSecurityTokenHandler does not enforce SubjectConfirmation method URIs or holder-of-key proof keys. This allows an attacker to...

7.4CVSS5.9AI score0.00178EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.13 views

PT-2026-51070

Name of the Vulnerable Software and Affected Versions CoreWCF versions prior to 1.8.1 CoreWCF versions prior to 1.9.1 Description WS-Security signature verification performs a document-wide ds:Signature lookup. An unauthenticated remote attacker can place a SOAP header before wsse:Security and...

5.9CVSS6AI score0.00238EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.15 views

PT-2026-51075

Name of the Vulnerable Software and Affected Versions CoreWCF versions prior to 1.8.1 CoreWCF versions prior to 1.9.1 Description CoreWCF UnixDomainSocket POSIX peer identity resolution utilizes non-reentrant getpwuid and getgrgid calls. This creates a race condition where concurrent connections...

6.2CVSS6AI score0.001EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.15 views

PT-2026-51116

Name of the Vulnerable Software and Affected Versions dbt-mcp version 1.19.1 Description The local OAuth helper FastAPI server bundled with dbt-mcp exposes the 'GET /dbt platform context' endpoint without authentication or host-origin validation. After a user completes the OAuth login flow, this...

6.8CVSS5.9AI score
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.13 views

PT-2026-51021

Name of the Vulnerable Software and Affected Versions Mercator versions prior to 2025.05.19 Description A Server-Side Request Forgery SSRF exists in the CVE configuration panel at the '/admin/config/parameters' endpoint. The testProvider method in ConfigurationController passes user-supplied inpu...

5.3CVSS6.3AI score0.0054EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.18 views

PT-2026-50937

Name of the Vulnerable Software and Affected Versions Joomla! Component Price Alert version 3.0.2 Description An SQL injection allows unauthenticated attackers to execute arbitrary SQL queries. By sending requests to the 'subscribeajax' view with crafted payloads in the product id parameter,...

8.8CVSS6.2AI score0.00334EPSS
Exploits0References7
Total number of security vulnerabilities184569