175536 matches found
PT-2026-41264
A race condition in the MxGPU-Virtualization driver’s ioctl path caused by concurrent unsynchronized access to the global variable amdgv cmd in an unlocked ioctl handler could be exploited by an attacker to trigger a heap-based buffer overflow, potentially resulting in denial-of-service within th...
PT-2026-41258
Improper cleanup of shared register resources in GPU firmware could allow an admin-privileged attacker from a Guest Virtual machine VM to access these shared resources from another Guest VM, potentially resulting in the loss of confidentiality, integrity, or availability...
PT-2026-41260
Name of the Vulnerable Software and Affected Versions mlflow versions prior to 3.10.0 Description An authentication bypass occurs when the server is started with authentication enabled --app-name basic-auth and served via uvicorn ASGI. The FastAPI permission middleware only enforces authenticatio...
PT-2026-41256
Insufficient parameter sanitization in TEE SOC Driver could allow an attacker to issue a malformed DRV SOC CMD ID SRIOV CHECK TA COMPAT to cause incorrect shared memory mapping, potentially resulting in unexpected behavior...
PT-2026-41243
Improper isolation of GPU HW register space could allow a privileged attacker in malicious Guest Virtual Machine VM to perform unauthorized access to specific victim range of GPU MMIO register space, potentially causing the host OS to reboot and creating a Denial of Service DOS condition...
PT-2026-41249
An out of bounds read within the AMD Platform Management Framework PMF could allow an attacker to trigger a read of an arbitrary memory location potentially resulting in loss of availability or confidentiality...
PT-2026-41239
Improper validation in Power Management Firmware PMFW may allow an attacker with privileges to pass malformed workload arguments when exporting table data from SMU to DRAM potentially resulting in a loss of confidentiality and/or availability...
PT-2026-41242
Improper Input Validation in the AMD RAID driver could allow an attacker to point to an arbitrary memory location potentially resulting in privilege escalation and arbitrary code execution...
PT-2026-41241
Improper restriction of operations within the bounds of a memory buffer in the AMD secure processer ASP could allow an attacker to read or write to protected memory potentially resulting in arbitrary code execution...
PT-2026-41257
Insufficient parameter sanitization in AMD Secure Processor ASP TEE SOC Driver could allow an attacker to issue a malformed DRV SOC CMD ID LOAD GFX IP FW SR-IOV command to cause out-of-bounds read, potentially resulting in SOC Driver memory contents exposure or an exception...
PT-2026-41259
Insufficient parameter sanitization in TEE SOC Driver could allow an attacker to issue a malformed DRV SOC CMD ID SRIOV COPY VF CHIPLET REGS to write invalid data to a remote Die, potentially resulting in unexpected behavior...
PT-2026-41247
An out of bounds write within the AMD Platform Management Framework PMF could allow an attacker to execute arbitrary code at an elevated privilege level potentially leading to loss of confidentiality integrity, or availability...
PT-2026-41238
A TOCTOU Time-Of-Check to Time-Of-Use in the graphics interface may allow an attacker to load registers repeatedly creating a race condition potentially leading to a loss of integrity...
PT-2026-41237
A compromised Trusted OS TOS driver could issue a malformed call that could potentially allow memory access outside the intended range resulting in loss of integrity...
PT-2026-41250
An unchecked return value within the AMD Platform Management Framework PMF could allow an attacker to write to an arbitrary memory address resulting in denial of service or arbitrary code execution...
PT-2026-41245
Improper access control between the Joint Test Action Group JTAG and Advanced Extensible Interface AXI could allow an attacker with physical access to read or overwrite the contents of cross-chip debug XCD registers potentially resulting in loss of data integrity or confidentiality...
PT-2026-41246
An out-of-bounds read in power management firmware by a malicious local attacker with low privileges could potentially lead to a partial loss of confidentiality and availability...
PT-2026-41253
Name of the Vulnerable Software and Affected Versions AGESA Bootloader Firmware affected versions not specified Description An insecure default configuration state of the DDR5 memory module within the AGESA Bootloader Firmware allows a local user to abuse the unprotected PMIC Power Management...
PT-2026-41248
Improper input validation within the AMD Platform Management Framework PMF could allow an attacker to unmap arbitrary memory pages potentially impacting integrity and availability, or allowing privilege escalation resulting in loss of confidentiality...
PT-2026-41255
Name of the Vulnerable Software and Affected Versions AMD affected versions not specified Description An out-of-bounds write exists in the AMDGV CMD GET DIAG DATA ioctl handler. This issue could allow a local user to escalate privileges through remote code execution. Recommendations At the moment...
PT-2026-41244
An unchecked return value within the AMD Platform Management Framework PMF could allow an attacker to read or modify an arbitrary address potentially resulting in loss of confidentiality, integrity, or availability...
PT-2026-41269
The The7 theme for WordPress is vulnerable to Stored Cross-Site Scripting via the 'dt default button' shortcode in all versions up to, and including, 14.3.2. This is due to insufficient input sanitization and output escaping on the 'title' component of the 'link' shortcode parameter. This makes i...
PT-2026-41270
Improper input validation in Delphix Continuous Data connectors allows an authenticated user to execute arbitrary operating system commands on the staging or target host...
PT-2026-41268
The FOX – Currency Switcher Professional for WooCommerce plugin for WordPress is vulnerable to unauthorized data loss due to a missing capability check on the 'admin head' function in all versions up to, and including, 1.4.5. This makes it possible for authenticated attackers, with...
PT-2026-41265
Cross-site scripting vulnerability exists in Musetheque V4 Information Disclosure for IPKNOWLEDGE V4L1 rev2203.0 and earlier. If a file containing malicious contents is uploaded, an arbitrary script may be executed on a user's web browser when viewing the administration page showing the informati...
PT-2026-41285
Name of the Vulnerable Software and Affected Versions Huawei HarmonyOS affected versions not specified Description A permission control issue exists in the web component. Successful exploitation of this flaw may affect the availability of the system. Recommendations At the moment, there is no...
PT-2026-41292
Permission control vulnerability in the security control module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...
PT-2026-41283
Permission control vulnerability in the app management and control module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...
PT-2026-41290
Permission control vulnerability in the projection module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...
PT-2026-41287
Permission control vulnerability in the smart sensing service. Impact: Successful exploitation of this vulnerability may affect service confidentiality...
PT-2026-41281
Permission control vulnerability in calls. Impact: Successful exploitation of this vulnerability may affect availability...
PT-2026-41288
Permission control vulnerability in the manufacturability design module. Impact: Successful exploitation of this vulnerability may affect availability...
PT-2026-41291
Out-of-bounds write vulnerability in the distributed file system module. Impact: Successful exploitation of this vulnerability may affect availability...
PT-2026-41286
Use-After-Free UAF vulnerability in the web. Impact: Successful exploitation of this vulnerability may affect availability...
PT-2026-41282
Permission control vulnerability in contacts. Impact: Successful exploitation of this vulnerability may affect availability...
PT-2026-41289
Permission control vulnerability in the manufacturability design module. Impact: Successful exploitation of this vulnerability may affect availability...
PT-2026-41275
The Quick Playground plugin for WordPress is vulnerable to Path Traversal in versions up to and including 1.3.3. This is due to insufficient path validation in the qckply zip theme function, which appends a user-controlled 'stylesheet' parameter directly to the theme root directory path without...
PT-2026-41277
The NEX-Forms – Ultimate Forms Plugin for WordPress plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'table' parameter in all versions up to, and including, 9.1.12 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the...
PT-2026-41276
The Advanced Custom Fields: Font Awesome plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to and including 5.0.2. This is due to insufficient input validation of JSON field values and unsafe client-side HTML construction in the update preview JavaScript function...
PT-2026-41278
The Classified Listing – AI-Powered Classified ads & Business Directory Plugin plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 5.3.10. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it...
PT-2026-41271
SzafirHost verifies the signature of the downloaded JAR file using class JarInputStream reading from the beginning of the file, but loads classes using class JarFile/URLClassLoader reading the Central Directory from the end. It can lead to remote code execution by allowing an attacker to combine ...
PT-2026-41280
The Notify Odoo plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.1. This is due to missing or incorrect nonce validation on the updateSettings function. This makes it possible for unauthenticated attackers to change the Notify Odoo URL to ...
PT-2026-41273
The Form Notify plugin for WordPress is vulnerable to Authentication Bypass in versions up to and including 1.1.10. This is due to the plugin trusting user-controlled cookie data to determine which WordPress account to authenticate after a LINE OAuth login. When LINE doesn't provide an email...
PT-2026-41272
The Smartcat Translator for WPML plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'routeData' REST endpoint in all versions up to, and including, 3.1.77. This makes it possible for unauthenticated attackers to overwrite the plugin's...
PT-2026-41274
The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to Privilege Escalation in versions up to and including 3.28.36. This is due to insufficient authorization checks in the role field update mechanism combined with overly permissive capabilities for the admin form post type. The...
PT-2026-41293
Name of the Vulnerable Software and Affected Versions Imager::File::GIF versions prior to 1.003 Description Imager::File::GIF for Perl allows a heap out of bounds OOB write when processing crafted multi-frame GIF files. This occurs because the i readgif multi low function allocates a single per-r...
PT-2026-41294
Apache::Session::Generate::SHA256 versions before 1.3.19 for Perl create insecure session ids. Apache::Session::Generate::SHA256 generated session ids insecurely. The default session id generator returns a SHA-256 hash of the built-in rand function, the epoch time, and the PID, that is hashed...
PT-2026-41299
Name of the Vulnerable Software and Affected Versions Imager versions prior to 1.031 Description Imager for Perl allows a heap out of bounds OOB write—a memory corruption where data is written outside the boundaries of an allocated heap buffer—when processing crafted multi-frame GIF files. The i...
PT-2026-41296
PDF Export Module used in DHTMLX's products Gantt and Scheduler is vulnerable to Remote Code Execution due to lack of "data" parameter sanitization. An unauthenticated attacker can inject the malicious JavaScript code to the parameter whose value is processed by Node.js and subsequently executed...
PT-2026-41295
PDF Export Module used in DHTMLX's products Gantt and Scheduler is vulnerable to Path Traversal due to lack of HTML sanitization. An unauthenticated user could craft the html payload which could include local files from the server and display them in the generated PDF. This issue was fixed in PDF...