Lucene search
+L
PtsecurityRecent

187392 matches found

ptsecurity
ptsecurity
added 2026/06/17 12:0 a.m.24 views

PT-2026-50439

Name of the Vulnerable Software and Affected Versions NGINX Open Source versions 1.31.0 through 1.31.1 NGINX Ingress Controller affected versions not specified NGINX Gateway Fabric affected versions not specified NGINX Instance Manager affected versions not specified Description A use-after-free...

9.2CVSS7.1AI score0.03225EPSS
Exploits3References91
ptsecurity
ptsecurity
added 2026/06/17 12:0 a.m.18 views

PT-2026-50249

Name of the Vulnerable Software and Affected Versions snes9x version 1.63 Description An out-of-bounds write occurs when loading a ROM alongside a crafted .ups patch file, which can lead to a denial of service and cause the emulator to crash. Recommendations At the moment, there is no information...

2.9CVSS5.8AI score0.00125EPSS
Exploits0References6
ptsecurity
ptsecurity
added 2026/06/17 12:0 a.m.16 views

PT-2026-50238

A vulnerability in nltk.app.wordnet app up to version 3.9.3 allows unauthenticated remote shutdown of the local WordNet Browser HTTP server when started in its default mode. The server listens on all interfaces and processes a specific unauthenticated GET request /SHUTDOWN%20THE%20SERVER to...

7.5CVSS7.4AI score0.00325EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2026/06/17 12:0 a.m.16 views

PT-2026-50196

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.155 Description An inappropriate implementation in the Passwords component allows a remote attacker to leak cross-origin data, which is data from a different domain than the one serving the current...

9.6CVSS5.9AI score0.00601EPSS
Exploits0References39
ptsecurity
ptsecurity
added 2026/06/17 12:0 a.m.22 views

PT-2026-50205

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.155 Description A use after free issue exists in the Tab Strip component. This occurs when a program continues to use a pointer after it has been freed, which can lead to heap corruption a memory...

8.8CVSS5.8AI score0.00601EPSS
Exploits0References42
ptsecurity
ptsecurity
added 2026/06/17 12:0 a.m.24 views

PT-2026-50202

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 149.0.7827.155 Description A use after free issue in the Downloads component allows a remote attacker to potentially exploit heap corruption through a crafted HTML page. Use after free occurs when an...

8.8CVSS5.8AI score0.00601EPSS
Exploits0References41
ptsecurity
ptsecurity
added 2026/06/17 12:0 a.m.18 views

PT-2026-50194

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.155 Description An out-of-bounds read in Chromoting allows a local attacker to obtain potentially sensitive information from process memory by using a malicious file. An out-of-bounds read occurs when...

9.6CVSS5.9AI score0.00601EPSS
Exploits0References39
ptsecurity
ptsecurity
added 2026/06/17 12:0 a.m.15 views

PT-2026-50199

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.155 Description A use after free issue in Chromoting on Windows allows a local attacker to achieve OS-level privilege escalation by using a malicious file. Use after free is a memory corruption flaw...

9.6CVSS5.8AI score0.00601EPSS
Exploits0References42
ptsecurity
ptsecurity
added 2026/06/17 12:0 a.m.15 views

PT-2026-50215

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.155 Description An object lifecycle issue in Metrics allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape. This is achieved through the use of a...

9.6CVSS5.9AI score0.00601EPSS
Exploits0References41
ptsecurity
ptsecurity
added 2026/06/17 12:0 a.m.15 views

PT-2026-50216

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.155 Description A heap buffer overflow exists in WebRTC in Google Chrome on Windows. A remote attacker can execute arbitrary code by inducing the victim to open a crafted HTML page. A heap buffer...

9.6CVSS6.6AI score0.00601EPSS
Exploits0References41
ptsecurity
ptsecurity
added 2026/06/17 12:0 a.m.19 views

PT-2026-50203

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.155 Description Insufficient validation of untrusted input allows a remote attacker who has compromised the renderer process to bypass the same origin policy, which is a security mechanism that...

9.6CVSS5.9AI score0.00601EPSS
Exploits0References40
ptsecurity
ptsecurity
added 2026/06/17 12:0 a.m.21 views

PT-2026-50190

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.155 Description A use after free issue in DigitalCredentials on Windows allows a remote attacker to potentially perform a sandbox escape by using a crafted HTML page. Use after free occurs when an...

9.6CVSS6.1AI score0.00601EPSS
Exploits0References41
ptsecurity
ptsecurity
added 2026/06/17 12:0 a.m.23 views

PT-2026-50211

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.155 Description An out-of-bounds read exists in WebRTC Web Real-Time Communication, a project that provides websites and applications with real-time communication capabilities in Google Chrome on...

9.6CVSS5.9AI score0.00601EPSS
Exploits0References40
ptsecurity
ptsecurity
added 2026/06/17 12:0 a.m.17 views

PT-2026-50219

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 149.0.7827.155 Description An uninitialized use in the GPU allows a remote attacker to leak cross-origin data through the use of a crafted HTML page. Recommendations Update to version 149.0.7827.155 o...

9.6CVSS5.9AI score0.00601EPSS
Exploits0References38
ptsecurity
ptsecurity
added 2026/06/17 12:0 a.m.19 views

PT-2026-50206

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.155 Description An inappropriate implementation in Extensions allows an attacker to bypass the Same Origin Policy SOP—a security mechanism that restricts how a document or script loaded from one origi...

9.6CVSS5.9AI score0.00601EPSS
Exploits0References40
ptsecurity
ptsecurity
added 2026/06/17 12:0 a.m.12 views

PT-2026-53079

Local Privilege Escalation via LIBMOUNT FORCE MOUNT2 Environment Variable - nosuid/noexec Bypass in SUID mount8...

5.8AI score
Exploits0References6
ptsecurity
ptsecurity
added 2026/06/17 12:0 a.m.22 views

PT-2026-50543

Shaarli is a personal bookmarking service. Versions 0.16.1 and prior contain a DOM-based Cross-Site Scripting XSS vulnerability in the Thumbnail Synchronizer feature. When an administrator runs the thumbnail update process, malicious bookmark titles are returned via an AJAX response and inserted...

5.8CVSS5.2AI score0.0013EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2026/06/17 12:0 a.m.26 views

PT-2026-50536

Shaarli is a personal bookmarking service. Versions 0.16.1 and prior contain a stored Cross-Site Scripting XSS vulnerability in the tag filtering functionality of Shaarli. An authenticated user can inject arbitrary JavaScript into the tags field when creating a bookmark Shaare. The malicious...

4.8CVSS5.3AI score0.00115EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2026/06/17 12:0 a.m.15 views

PT-2026-50516

Name of the Vulnerable Software and Affected Versions undici versions 6.x prior to 6.26.0 undici versions 7.0.0 through 7.27.x undici versions 8.x prior to 8.5.0 Description The cookie parser in the parseSetCookie function percent-decodes cookie values using qsUnescape, which converts encoded...

5.9CVSS5.5AI score0.00257EPSS
Exploits0References86
ptsecurity
ptsecurity
added 2026/06/17 12:0 a.m.19 views

PT-2026-50429

Name of the Vulnerable Software and Affected Versions NGINX Gateway Fabric affected versions not specified Description An injection issue exists in the NGINX configuration generator component when NGINX Plus is used as the data plane. User-supplied string values from the serverTokens field of the...

8.6CVSS6AI score0.00567EPSS
Exploits0References11
ptsecurity
ptsecurity
added 2026/06/17 12:0 a.m.23 views

PT-2026-50430

Name of the Vulnerable Software and Affected Versions 389 Directory Server affected versions not specified Description A flaw exists in the aclp normalize acltxt function within aclparse.c. A malformed Access Control Instruction ACI string can trigger heap-buffer-overflow writes and reads during...

5.4CVSS5.8AI score0.00226EPSS
Exploits0References12
ptsecurity
ptsecurity
added 2026/06/17 12:0 a.m.33 views

PT-2026-50438

Name of the Vulnerable Software and Affected Versions NGINX Plus affected versions not specified NGINX Open Source affected versions not specified Description A flaw in the ngx http proxy v2 module and ngx http grpc module modules can be triggered when NGINX is configured to proxy HTTP/2 traffic...

9.2CVSS7.5AI score0.03552EPSS
Exploits1References86
ptsecurity
ptsecurity
added 2026/06/17 12:0 a.m.24 views

PT-2026-50410

Name of the Vulnerable Software and Affected Versions Apache Shiro versions prior to 2.2.1 Apache Shiro versions prior to 3.0.0-alpha-2 Description A remote attacker can inject LDAP special characters into the Distinguished Name DN construction within the DefaultLdapRealm class. User-supplied...

9.1CVSS5.3AI score0.00494EPSS
Exploits0References9
ptsecurity
ptsecurity
added 2026/06/17 12:0 a.m.19 views

PT-2026-50250

Got 2 CVEs today: CVE-2026-46655 - virtio-win kvm-guest-drivers - 7.8 High CVE-2026-46977 - Oracle VirtualBox - 3.2 Low...

3.2CVSS5.2AI score0.00162EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2026/06/17 12:0 a.m.28 views

PT-2026-50207

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.155 Description An inappropriate implementation in Extensions allows a remote attacker who has compromised the renderer process to bypass site isolation using a crafted HTML page. Site isolation is a...

9.6CVSS5.8AI score0.00601EPSS
Exploits0References40
ptsecurity
ptsecurity
added 2026/06/17 12:0 a.m.23 views

PT-2026-50212

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.155 Description A use-after-free issue exists in the Media component. This occurs when a program continues to use a pointer after it has been freed, which can lead to memory corruption. A remote...

9.6CVSS6.2AI score0.00601EPSS
Exploits0References41
ptsecurity
ptsecurity
added 2026/06/17 12:0 a.m.25 views

PT-2026-50217

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.155 Description A use after free issue in Extensions allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. A use after free...

9.6CVSS5.6AI score0.00601EPSS
Exploits0References42
ptsecurity
ptsecurity
added 2026/06/17 12:0 a.m.23 views

PT-2026-50210

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.155 Description Insufficient policy enforcement in File System Access allows a remote attacker who has compromised the renderer process to bypass site isolation by using a crafted PDF file. Site...

9.6CVSS5.9AI score0.00601EPSS
Exploits0References40
ptsecurity
ptsecurity
added 2026/06/17 12:0 a.m.26 views

PT-2026-50208

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.155 Description An inappropriate implementation in the Passwords component allows a remote attacker to leak cross-origin data. This occurs when a user is convinced to perform specific UI gestures on a...

9.6CVSS5.9AI score0.00601EPSS
Exploits0References40
ptsecurity
ptsecurity
added 2026/06/17 12:0 a.m.27 views

PT-2026-50193

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.155 Description A use after free issue exists in the Web Authentication component. This allows a remote attacker to execute arbitrary code by inducing the user to open a specially crafted HTML page. U...

9.6CVSS6.3AI score0.00601EPSS
Exploits0References41
ptsecurity
ptsecurity
added 2026/06/17 12:0 a.m.17 views

PT-2026-50200

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.155 Description An inappropriate implementation in the Media component allows a remote attacker to obtain potentially sensitive information from process memory by using a crafted HTML page...

9.6CVSS5.9AI score0.00601EPSS
Exploits0References38
ptsecurity
ptsecurity
added 2026/06/17 12:0 a.m.20 views

PT-2026-50197

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.155 Description A heap buffer overflow occurs in WebRTC, which is a framework that enables real-time communication such as voice and video calls within web browsers. This issue allows a remote attacke...

9.6CVSS6.5AI score0.00601EPSS
Exploits0References41
ptsecurity
ptsecurity
added 2026/06/17 12:0 a.m.22 views

PT-2026-50218

Name of the Vulnerable Software and Affected Versions Google Chrome on Mac versions prior to 149.0.7827.155 Description A race condition in the Updater allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape. This is achieved through the use of a...

9.6CVSS5.9AI score0.00601EPSS
Exploits0References41
ptsecurity
ptsecurity
added 2026/06/17 12:0 a.m.17 views

PT-2026-50187

Name of the Vulnerable Software and Affected Versions Google Chrome on Windows versions prior to 149.0.7827.155 Description A use-after-free issue exists in WebShare. This occurs when a program continues to use a pointer after it has been freed, which can lead to memory corruption. A remote...

9.6CVSS5.9AI score0.00601EPSS
Exploits0References42
ptsecurity
ptsecurity
added 2026/06/17 12:0 a.m.19 views

PT-2026-50213

Name of the Vulnerable Software and Affected Versions Google Chrome on Linux versions prior to 149.0.7827.155 Description An inappropriate implementation in Views allows a remote attacker who has compromised the renderer process to inject arbitrary scripts or HTML via a crafted HTML page. This...

9.6CVSS6AI score0.00601EPSS
Exploits0References41
ptsecurity
ptsecurity
added 2026/06/17 12:0 a.m.19 views

PT-2026-50192

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 149.0.7827.155 Description A use after free issue in the Passwords component allows a remote attacker to execute arbitrary code when a user accesses a specially crafted HTML page. Use after free is a...

9.6CVSS6.2AI score0.00601EPSS
Exploits0References38
ptsecurity
ptsecurity
added 2026/06/17 12:0 a.m.18 views

PT-2026-50204

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.155 Description A race condition in the Safe Browsing component of Google Chrome on Mac allows a remote attacker who has already compromised the renderer process to potentially perform a sandbox escap...

9.6CVSS5.9AI score0.00601EPSS
Exploits0References42
ptsecurity
ptsecurity
added 2026/06/17 12:0 a.m.18 views

PT-2026-50198

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 149.0.7827.155 Description An inappropriate implementation in the WebView component allows a remote attacker to perform privilege escalation by using a crafted HTML page. Recommendations Update Google...

9.6CVSS5.9AI score0.00601EPSS
Exploits0References39
ptsecurity
ptsecurity
added 2026/06/17 12:0 a.m.12 views

PT-2026-50195

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.155 Description A use after free issue in Extensions allows an attacker who convinces a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. Use...

9.6CVSS5.8AI score0.00601EPSS
Exploits0References40
ptsecurity
ptsecurity
added 2026/06/17 12:0 a.m.22 views

PT-2026-50600

Name of the Vulnerable Software and Affected Versions org.hl7.fhir.utilities versions 6.9.8 and earlier Description The org.hl7.fhir.utilities library contains an XML External Entity XXE injection flaw. The saxonTransform function overloads instantiate a bare net.sf.saxon.TransformerFactoryImpl...

9.2CVSS6AI score0.00309EPSS
Exploits1References8
ptsecurity
ptsecurity
added 2026/06/17 12:0 a.m.21 views

PT-2026-50470

Name of the Vulnerable Software and Affected Versions undici version 8.1.0 Description The undici WebSocket client enforces maxPayloadSize on a per-frame basis but fails to enforce the cumulative size of fragmented uncompressed messages. A malicious WebSocket server can stream numerous small...

7.5CVSS5.8AI score0.00426EPSS
Exploits0References8
ptsecurity
ptsecurity
added 2026/06/17 12:0 a.m.19 views

PT-2026-50373

Missing Authorization vulnerability in Rara Themes Metro Magazine allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Metro Magazine: from n/a through 1.3.7...

4.3CVSS5.2AI score0.00208EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2026/06/17 12:0 a.m.17 views

PT-2026-50276

Subscriber Arbitrary File Deletion in WPBot Pro Wordpress Chatbot = 13.6.5 versions...

7.7CVSS5.2AI score0.0045EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2026/06/17 12:0 a.m.21 views

PT-2026-50263

Incorrect Authorization vulnerability allows users to access workflow instance information belonging to projects they do not have permission to access. This issue affects Apache DolphinScheduler versions prior to 3.4.2. Users are recommended to upgrade to version 3.4.2, which fixes this issue...

5.3AI score0.00312EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2026/06/17 12:0 a.m.19 views

PT-2026-50309

Unauthenticated SQL Injection in Blocksy Companion Pro 2.1.29 versions...

9.3CVSS5.8AI score0.00372EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2026/06/17 12:0 a.m.22 views

PT-2026-50256

Name of the Vulnerable Software and Affected Versions Regesta Smart HD-PLC - TLDPH16D2 version 11.02.05.10.02 Description A network attacker can obtain privileged information without requiring registration. This information disclosure occurs by using the Version command through the endpoint...

6.9CVSS5.9AI score0.00394EPSS
Exploits0References9
ptsecurity
ptsecurity
added 2026/06/17 12:0 a.m.14 views

PT-2026-50372

Missing Authorization vulnerability in ali2woo AliNext allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects AliNext: from n/a through 3.3.5...

6.5CVSS5.2AI score0.00269EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2026/06/17 12:0 a.m.9 views

PT-2026-54556

Уязвимость класса DefaultLdapRealm фреймворка Apache Shiro связана с непринятием мер по нейтрализации специальных элементов в запросе LDAP. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, обойти ограничения безопасности и осуществить подмену данных...

9.4CVSS5.8AI score
Exploits0References3
ptsecurity
ptsecurity
added 2026/06/17 12:0 a.m.17 views

PT-2026-50267

Subscriber Arbitrary File Upload in Grip = 1.0.9 versions...

9.9CVSS5.2AI score0.00471EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2026/06/17 12:0 a.m.24 views

PT-2026-50461

Name of the Vulnerable Software and Affected Versions Cisco Umbrella Virtual Appliance affected versions not specified Description An issue in the vmadmin CLI of Cisco Umbrella Virtual Appliance allows an authenticated, local attacker to elevate privileges. This is caused by insufficient validati...

6.2CVSS5.9AI score0.00104EPSS
Exploits0References8
Total number of security vulnerabilities187392