Lucene search
K
PtsecurityRecent

184899 matches found

Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.13 views

PT-2026-51086

Name of the Vulnerable Software and Affected Versions Oj versions prior to 3.17.2 Description When operating in usual mode with create id enabled, the Oj::Parserparse function is susceptible to heap corruption. This occurs when a JSON object key is exactly 65,535 bytes long, leading to an integer...

8.7CVSS5.8AI score0.00253EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.12 views

PT-2026-51105

Summary When passing an unknown service name to embedvideo, an error message is rendered containing the invalid service name. The service name is not sanitized and can contain HTML. Details There is a hardcoded list of allowed services in a switch statement inside EmbedServiceFactorynewFromName...

7.5CVSS6AI score
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.20 views

PT-2026-50928

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the Linux kernel BPF reuseport program handling. When a UDP reuseport group uses a cBPF program and that program is replaced or detached via the setsocko...

7.8CVSS5.8AI score0.00104EPSS
Exploits0References19
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.14 views

PT-2026-51085

Name of the Vulnerable Software and Affected Versions Oj versions prior to 3.17.2 Description A heap use-after-free occurs when disabling symbol keys on a reused Oj::Parser instance. When the symbol keys setting is changed from true to false, the opt symbol keys set function frees the internal ke...

8.7CVSS5.8AI score0.00428EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.16 views

PT-2026-50926

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the RDMA Remote Direct Memory Access component during the rereg mr process. When IB MR REREG ACCESS changes from read-only RO to read-write RW, the umem user memory mu...

8.8CVSS5.8AI score0.0053EPSS
Exploits1References379
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.6 views

PT-2026-53789

Impact The HmacSha256 class contained two functions: - hashpayload — a plain unkeyed SHA-256 digest. The Hmac prefix in the class name was misleading; this function has no key parameter, so it could never have been an HMAC. - hmacSHA256key, data — a properly keyed HMAC-SHA256. A reader who didn't...

8.2CVSS5.9AI score
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.6 views

PT-2026-53763

Summary EnvironmentManager.listBackups reads each backup's manifest.json and trusts the manifest's path field. EnvironmentManager.pruneBackups later passes that trusted entry.path directly to rmSyncentry.path, recursive: true, force: true . An attacker who can place or modify a manifest inside...

7.1CVSS6AI score
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.15 views

PT-2026-50962

Name of the Vulnerable Software and Affected Versions Joomla! Component Extra Search version 2.2.8 Description An SQL injection allows unauthenticated attackers to manipulate database queries by injecting SQL code. This is achieved by sending GET requests to the 'index.php' endpoint using the...

8.8CVSS5.9AI score0.00267EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.22 views

PT-2026-50851

Name of the Vulnerable Software and Affected Versions 2Download Connector for 2DL Hosted Checkout versions prior to 0.1.6 Description The plugin fails to properly verify user authorization before performing specific actions. This allows unauthenticated attackers to access arbitrary customer...

5.3CVSS6AI score0.00299EPSS
Exploits0References14
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.20 views

PT-2026-50871

Name of the Vulnerable Software and Affected Versions FFmpeg affected versions not specified Description A use-after-free issue exists in the RASC video decoder. The decode move function initializes a read pointer into a decompressed buffer; however, a subsequent reallocation of that buffer durin...

6.5CVSS6AI score0.00245EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.22 views

PT-2026-51041

Name of the Vulnerable Software and Affected Versions Branda plugin for WordPress versions prior to 3.4.30 Description The plugin is susceptible to privilege escalation through account takeover. This occurs because the software fails to properly validate a user's identity before updating a...

9.8CVSS6AI score0.00625EPSS
Exploits1References13
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.13 views

PT-2026-51166

These are all security issues fixed in the freerdp-3.27.1-1.1 package on the GA media of openSUSE Tumbleweed...

5.9AI score
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.17 views

PT-2026-51071

Name of the Vulnerable Software and Affected Versions CoreWCF versions prior to 1.8.1 CoreWCF versions prior to 1.9.1 Description The SamlSerializer skips the final SignatureValue verification when a service validates SAML tokens using a non-X.509 signing token. This occurs when the service is...

7.4CVSS5.9AI score0.0015EPSS
Exploits0References15
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.6 views

PT-2026-53773

Summary The Contracts Wizard generators printed info.securityContact and info.license verbatim into a single-line comment of the generated Solidity, Cairo, Stellar/Soroban, and Stylus source without rejecting line terminators. A newline or r in either field ends the comment, so the text after it ...

3.3CVSS6.1AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.15 views

PT-2026-51117

Summary The built-in HTTP server started by allure serve and allure open is vulnerable to path traversal. The server resolves request URI paths directly against the report directory without normalizing or validating that the resolved path stays within the report directory. An attacker who can rea...

6.2CVSS6.1AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.17 views

PT-2026-51002

Name of the Vulnerable Software and Affected Versions PhpWeasyPrint versions prior to 2.6.0 Description PhpWeasyPrint is a PHP library used for generating PDFs from HTML pages or URLs. The library fetches content of option values server-side using the file get contents function when a value is...

6.5CVSS5.9AI score0.00242EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.24 views

PT-2026-50849

Name of the Vulnerable Software and Affected Versions STRABL – A checkout solution plugin for WordPress versions prior to 4.6 Description The plugin contains a missing authentication flaw in the REST API webhook endpoint "/wp-json/strabl/webhook/order". The endpoint uses a permission callback set...

5.3CVSS5.9AI score0.00382EPSS
Exploits0References20
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.20 views

PT-2026-50930

Name of the Vulnerable Software and Affected Versions Joomla! Component My Projects version 2.0 Description An SQL injection allows unauthenticated attackers to execute arbitrary SQL queries. This is achieved by injecting malicious code through the VerAyari parameter at the component endpoint,...

8.8CVSS6.1AI score0.00334EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.17 views

PT-2026-51100

Name of the Vulnerable Software and Affected Versions Langflow versions prior to 1.7.0 Description The logout button fails to clear the user session, allowing a previous user to remain logged in unless another user explicitly authenticates. This occurs because the '/logout' endpoint deletes...

6.1CVSS5.9AI score0.00152EPSS
Exploits1References10
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.17 views

PT-2026-51078

Name of the Vulnerable Software and Affected Versions CoreWCF versions prior to 1.8.1 CoreWCF versions prior to 1.9.1 Description SAML token validation in the SamlSecurityTokenHandler does not enforce SubjectConfirmation method URIs or holder-of-key proof keys. This allows an attacker to...

7.4CVSS5.9AI score0.00178EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.20 views

PT-2026-51010

Name of the Vulnerable Software and Affected Versions AWX affected versions not specified Description A flaw exists in the GitHub webhook integration where the controller stores the pull request.statuses url value from a pull request webhook payload without validating if it points to a trusted...

6.3CVSS5.9AI score0.00204EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.19 views

PT-2026-50968

Name of the Vulnerable Software and Affected Versions Tenda AC7 version 15.03.06.44 Description A stack buffer overflow occurs in the '/goform/AdvSetMacMtuWan' endpoint through the mac parameter. A stack buffer overflow is a condition where a program writes more data to a buffer located on the...

9.8CVSS6.4AI score0.00384EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.19 views

PT-2026-50919

Wondershare PDFelement 5.2.9 contains a privilege escalation vulnerability due to an unquoted service path in the WsAppService Windows service. Local attackers can place a malicious executable in the service path and execute code with LocalSystem privileges upon service restart or system reboot...

8.5CVSS6AI score0.0012EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.15 views

PT-2026-51097

Name of the Vulnerable Software and Affected Versions py7zr versions prior to 0.22.1 Description The Worker.decompress function in py7zr/worker.py extracts archive entries without tracking the total decompressed size. This allows a specially crafted .7z file to cause disk or memory exhaustion...

8.7CVSS5.9AI score0.00321EPSS
Exploits0References14
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.23 views

PT-2026-50828

Name of the Vulnerable Software and Affected Versions Mitsubishi Electric MELSEC iQ-F Series FX5-EIP EtherNet/IP module versions 1.000 and prior Description An integer overflow or wraparound in the EtherNet/IP function allows a remote attacker to cause a denial-of-service DoS condition. By rapidl...

8.7CVSS6AI score0.00379EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.20 views

PT-2026-50976

Name of the Vulnerable Software and Affected Versions CedarJava versions prior to 2.3.6 CedarJava versions prior to 3.4.1 CedarJava versions prior to 4.9.0 Description Improper input handling in the toCedarExpr method on Cedar Value types allows for Cedar-expression injection. The method fails to...

8.8CVSS6.2AI score
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.18 views

PT-2026-51052

Description SymfonyUXAutocompleteDoctrineEntitySearchUtil::addSearchClause builds the LIKE expression used by the autocomplete endpoint by wrapping the client-supplied query in %...% without escaping the SQL LIKE wildcards %, , . The value is passed as a bound parameter, so this is not SQL...

6.3CVSS5.9AI score
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.8 views

PT-2026-55945

Name of the Vulnerable Software and Affected Versions LangSmith Client SDKs versions prior to 0.8.18 Description An issue exists in the TracingMiddleware where an attacker can send an HTTP request to a server to force the reading of an arbitrary file from the local filesystem. The contents of the...

7.7CVSS6.2AI score0.00174EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.6 views

PT-2026-53793

XML Entity Expansion Billion Laughs DoS in XMLSitemapParser Summary ultimate-sitemap-parser version 1.8.0 and earlier parse attacker-controlled XML content using Python's xml.parsers.expat without any restriction on DTD declarations or recursive entity references. An attacker who can serve a...

7.5CVSS6AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.8 views

PT-2026-53770

Gzip Decompression Bomb Bypasses Sitemap Size Limit Summary ultimate-sitemap-parser enforces a 100 MiB size limit on sitemap responses, but applies it only to the compressed bytes received over the network. When a .gz sitemap is fetched, usp/helpers.py:239 calls gzip lib.decompressdata with no...

7.5CVSS5.8AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.3 views

PT-2026-54552

Уязвимость плагина cas-auth облачного API-шлюза Apache APISIX связана с подделкой межсайтовых запросов. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, осуществить CSRF-атаку...

9.4CVSS5.8AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.13 views

PT-2026-52064

Name of the Vulnerable Software and Affected Versions Node.js versions 26.0.0 through 26.3.0 Description A flaw in the Node.js Permission API allows a local server to be started via a Unix domain socket, bypassing the requirement for the --allow-net permission. Recommendations Update to version...

10CVSS7.1AI score0.26356EPSS
Exploits4References49
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.19 views

PT-2026-51114

Summary The CartController defines a RateLimiter behavior that is only activated when the 'number' POST/GET parameter is explicitly provided. Details When an attacker submits coupon codes against the session-based cart without passing a 'number' parameter, no rate limiting is applied. This allows...

6.9CVSS5.9AI score
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.7 views

PT-2026-53781

A field can be hidden from a user with a field-level SELECT permission DEFINE FIELD code ON secret PERMISSIONS FOR select WHERE owner = $auth.id. When that field is indexed, a record user who cannot read it could still recover the relative ordering of its values across every record by issuing ORD...

4.3CVSS5.8AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.5 views

PT-2026-53794

Impact The previous BasicCookieStorage did not enforce RFC 6265 scoping rules around cookie domain, path, and Secure attribute. A client using a single storage instance to talk to multiple origins could have cookies leak across domains, or have Secure cookies sent over plain HTTP — the deprecatio...

6.9CVSS5.8AI score
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.19 views

PT-2026-50884

Name of the Vulnerable Software and Affected Versions Apache APISIX versions 2.3 through 3.16.0 Description The openid-connect plugin under default configuration contains an issue where insufficient verification of data authenticity allows an attacker to spoof identity headers. This can lead to...

9.1CVSS5.9AI score0.00213EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.7 views

PT-2026-53790

Unauthenticated nested page API leaks restricted & unpublished content - Location: app/controllers/alchemy/api/pages controller.rb:28 Api::PagesControllernested - Affected version: Alchemy CMS 8.3.0.dev Rails 8.1.3 Description The unauthenticated GET /api/pages/nested endpoint returns the full pa...

7.5CVSS5.8AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.4 views

PT-2026-54553

Уязвимость плагина openid-connect облачного API-шлюза Apache APISIX связана с недостаточной проверкой подлинности данных при обработке заголовков идентификации. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, проводить спуфинг-атаки...

9.4CVSS5.8AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.5 views

PT-2026-53240

Root has patched GHSA-wxgw-qj99-44c2 in the @rootio/node-forge package for Root:npm. Multiple fixed versions available...

5.8AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.5 views

PT-2026-53801

Summary On a multi-tenant stigmem node, RTBF right-to-be-forgotten tombstones were mis-scoped two ways. 1 issue tombstone defaulted the tenant to "default" instead of the caller's tenant, so tombstones could be written to the wrong tenant. 2 The read-suppression path — get tombstone filter...

7.2CVSS5.5AI score
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.2 views

PT-2026-54536

Уязвимость плагина forward-auth облачного API-шлюза Apache APISIX связана с недостаточной проверкой входных данных. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, проводить спуфинг-атаки...

9CVSS5.8AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.4 views

PT-2026-54528

Уязвимость программного обеспечения управления аккаунтами JetBrains Hub связана с недостаточным контролем модификации динамически определённых характеристик объекта. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, обойти ограничения безопасности, получить...

9CVSS5.8AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.3 views

PT-2026-54533

Уязвимость программного обеспечения управления аккаунтами JetBrains Hub связана с ошибками в коде генератора псевдослучайных чисел при генерации ключей хоста. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, получить полный контроль над приложением...

10CVSS5.8AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.7 views

PT-2026-54535

Уязвимость плагина authz-casdoor облачного API-шлюза Apache APISIX связана с недостатками процедуры авторизации. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, обойти ограничения безопасности и получить несанкционированный доступ к защищаемой информации...

8.5CVSS5.8AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.3 views

PT-2026-54537

Уязвимость плагина jwt-auth облачного API-шлюза Apache APISIX связана с обходом аутентификации посредством спуфинга. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, обойти ограничения безопасности и получить несанкционированный доступ к защищаемой информации...

9.4CVSS5.8AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.5 views

PT-2026-53329

Impact Parse Server is vulnerable to denial of service. A remote attacker can send a single, small query 1 KB containing deeply nested query condition operators. Parse Server processes the nested structure with exponential time complexity, which blocks the Node.js event loop and makes the server...

8.7CVSS5.8AI score
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.6 views

PT-2026-53771

Impact A Parse Server LiveQuery subscriber can receive object field values they are not authorized to read when a single save changes both an object field and the subscriber's ACL read access to that object. When such a save removes the subscriber's read access, the resulting leave event still...

2.3CVSS5.8AI score
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.4 views

PT-2026-54527

Уязвимость программного средства управления проектами и задачами JetBrains YouTrack и программного обеспечения управления аккаунтами JetBrains Hub связана с отсутствием аутентификации для критичной функции. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, обойти...

10CVSS5.8AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.6 views

PT-2026-53769

Summary Anki launches a local HTTP server to serve media files and web pages for parts of its interface. The server fails to validate requests in the following ways: 1. No sufficient validation of the Origin header. 2. Some endpoints are vulnerable to path traversal attacks. This allows malicious...

8.7CVSS5.8AI score
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.7 views

PT-2026-53779

Lokka versions prior to 2.1.2 constructed Azure Resource Manager request URLs using direct string concatenation with user-controlled path input. Specially crafted path values could alter URL authority parsing and cause Azure Resource Manager bearer tokens to be sent to an unintended host. Version...

8.7CVSS5.8AI score
Exploits0References3
Total number of security vulnerabilities184899