175420 matches found
PT-2026-48243
This update for xen fixes the following issues: - CVE-2026-42487: x86 HVM I/O port list traversal bsc1266952. - CVE-2026-42488: x86: mismatched mapcache metadata bsc1266955. - CVE-2026-42489,CVE-2026-42490: domctl lock open to abuse bsc1266953...
PT-2026-48320
A SpEL Injection vulnerability exists in the Spring Data KeyValue if unsanitized user input is passed as Sort into a repository query method that delegates evaluation to the SpelPropertyComparator. Affected versions: Spring Data KeyValue / Spring Data Redis 4.0.0 through 4.0.5; 3.5.0 through...
PT-2026-47692
Path traversal vulnerability in the SMS app. Impact: Successful exploitation of this vulnerability may affect availability...
PT-2026-47864
Name of the Vulnerable Software and Affected Versions Windows Attestation affected versions not specified Description A trust boundary violation in Device Health Attestation allows an authorized attacker to elevate privileges locally to SYSTEM level. A trust boundary violation occurs when a progr...
PT-2026-47716
Name of the Vulnerable Software and Affected Versions Apache Answer versions prior to 2.0.1 Description The server fails to sufficiently validate user-supplied image URLs. This allows arbitrary external content to be embedded as profile images, potentially exposing users to unintended external...
PT-2026-48316
Applications using Spring Data Commons may be vulnerable to a Denial of Service DoS attack leading to a StackOverflowException when parsing Sort parameters. Affected versions: Spring Data Commons 4.0.0 through 4.0.5; 3.5.0 through 3.5.11; 3.4.0 through 3.4.14; 3.3.0 through 3.3.16; 3.2.0 through...
PT-2026-47726
Name of the Vulnerable Software and Affected Versions Catalyst::Plugin::Authentication versions prior to 0.10 027 Description The software is susceptible to session fixation attacks because it does not automatically change the session id after authentication. This allows an attacker who obtains a...
PT-2026-47902
Name of the Vulnerable Software and Affected Versions Windows Performance Monitor affected versions not specified Description An integer underflow wrap or wraparound in Windows Performance Monitor allows an unauthorized attacker to execute code over a network. This condition can lead to remote co...
PT-2026-48173
An insecure authentication vulnerability in the /api/social-sign-in endpoint of bookcars v8.3 allows attackers to bypass authentication via a forged JWT token...
PT-2026-47780
A flaw was found in 389 Directory Server. The PBKDF2-SHA256 password storage plugin does not enforce an upper bound on the iteration count extracted from stored password hashes. A privileged attacker who can modify a user's password hash can cause excessive CPU consumption during authentication,...
PT-2026-47778
A flaw was found in 389 Directory Server. The dereference control plugin does not check for allocation failure before using a BER structure, allowing an unauthenticated remote attacker to crash the LDAP server when the system is under memory pressure...
PT-2026-48028
Improper authorization in Microsoft Office SharePoint allows an authorized attacker to execute code over a network...
PT-2026-48101
Name of the Vulnerable Software and Affected Versions Microsoft Office SharePoint affected versions not specified Description Improper neutralization of input during web page generation leads to cross-site scripting, which allows an authorized attacker to perform spoofing over a network. Cross-si...
PT-2026-48242
This update for xen fixes the following issues: - CVE-2026-42487: x86 HVM I/O port list traversal bsc1266952. - CVE-2026-42488: x86: mismatched mapcache metadata bsc1266955. - CVE-2026-42489,CVE-2026-42490: domctl lock open to abuse bsc1266953...
PT-2026-48039
Name of the Vulnerable Software and Affected Versions Windows Storage affected versions not specified Description An untrusted search path in Windows Storage allows an authorized attacker to elevate privileges locally. Privilege escalation occurs when an application searches for a required file i...
PT-2026-48229
Name of the Vulnerable Software and Affected Versions Substance3D Sampler versions 6.0.0 and earlier Description An out-of-bounds write issue exists where the software writes data past the end of the intended buffer. This can lead to arbitrary code execution in the context of the current user...
PT-2026-48326
Spring Data REST serializes the full exception cause chain into HTTP error response bodies, potentially exposing persistence-layer internals to HTTP clients. Affected versions: Spring Data REST 3.7.0 through 3.7.19; 4.3.0 through 4.3.16; 4.4.0 through 4.4.14; 4.5.0 through 4.5.11; 5.0.0 through...
PT-2026-48132
Name of the Vulnerable Software and Affected Versions Adobe Experience Manager Forms JEE versions LTS SP1 Adobe Experience Manager Forms JEE versions prior to 6.5.24.0 Description A stored Cross-Site Scripting XSS issue allows a high-privileged attacker to inject malicious scripts into vulnerable...
PT-2026-47872
Name of the Vulnerable Software and Affected Versions Microsoft Kinect affected versions not specified Description Improper access control allows an authorized attacker to elevate privileges locally. Recommendations At the moment, there is no information about a newer version that contains a fix...
PT-2026-48239
21 zero-day vulnerabilities in FFmpeg, the world’s most widely deployed media processing library, including a critical RCE-capable heap buffer overflow reachable with a single 183-byte network packet. The autonomous agent discovered vulnerabilities spanning the TS demuxer, VP9 decoder, RTP...
PT-2026-48089
Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting XSS vulnerability. An attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim's browser...
PT-2026-48310
Since Spring Security SAML decrypts SAML Responses as well as elements of SAML LogoutRequests and LogoutResponses without requiring a valid signature, attackers may be able to craft these SAML payloads and use the Service Provider as a decryption oracle. Affected versions: Spring Security 5.7.0...
PT-2026-47711
Name of the Vulnerable Software and Affected Versions The Events Calendar for GeoDirectory plugin for WordPress versions prior to 2.3.29 Description Authenticated attackers with Subscriber-level access or higher can elevate their privileges to Administrator. This occurs because the ajax ayi actio...
PT-2026-48308
An attacker able to influence values in RelyingPartyRegistration may be able to run arbitrary code on HTML forms generated by Spring Security filters. Affected versions: Spring Security 5.7.0 through 5.7.23; 5.8.0 through 5.8.25; 6.3.0 through 6.3.16; 6.4.0 through 6.4.16; 6.5.0 through 6.5.10;...
PT-2026-48327
JsonKafkaHeaderMapper and the deprecated DefaultKafkaHeaderMapper matched type headers against trusted packages using a prefix check, meaning that trusting any package implicitly trusted all of its subpackages. Combined with Jackson's default bean deserialization, a producer could supply crafted...
PT-2026-48315
Spring Security's CookieRequestCache and CookieServerRequestCache store the pre-authentication request URL in a browser cookie so that users can be redirected back to their intended destination after a successful login. In affected versions, the full absolute URL is stored in the cookie and is us...
PT-2026-47722
The Slider Revolution plugin for WordPress is vulnerable to Sensitive Information Disclosure in versions up to and including 7.0.10. This is due to three compounding design flaws: 1 the plugin leaks a valid backend AJAX nonce revslider actions to all authenticated users including Subscribers via...
PT-2026-47775
A flaw was found in 389 Directory Server. A type confusion in the SSO token extended operation handler causes partial stack address information to be disclosed in LDAP responses to authenticated users...
PT-2026-48000
Name of the Vulnerable Software and Affected Versions Windows NTFS affected versions not specified Description A heap-based buffer overflow in Windows NTFS allows an unauthorized attacker to execute arbitrary code locally or remotely, potentially affecting the entire system. A heap-based buffer...
PT-2026-47999
Name of the Vulnerable Software and Affected Versions Windows affected versions not specified Description A use after free issue in the Universal Plug and Play component upnp.dll allows an unauthorized attacker to execute code over a network. Use after free is a memory corruption flaw that occurs...
PT-2026-47652
Name of the Vulnerable Software and Affected Versions Spring Framework versions 7.0.0 through 7.0.7 Spring Framework versions 6.2.0 through 6.2.18 Spring Framework versions 6.1.0 through 6.1.27 Spring Framework versions 5.3.0 through 5.3.48 Description Spring MVC and WebFlux applications are...
PT-2026-47745
Name of the Vulnerable Software and Affected Versions TYPO3 CMS versions prior to 10.4.57 TYPO3 CMS versions 11.0.0 through 11.5.51 TYPO3 CMS versions 12.0.0 through 12.4.46 TYPO3 CMS versions 13.0.0 through 13.4.31 TYPO3 CMS versions 14.0.0 through 14.3.3 Description Authenticated backend users...
PT-2026-47890
Name of the Vulnerable Software and Affected Versions Windows Ancillary Function Driver for WinSock affected versions not specified Description A use after free issue in the Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. Use after free i...
PT-2026-47889
Name of the Vulnerable Software and Affected Versions Windows Hotpatch Monitoring Service affected versions not specified Description An out-of-bounds write in the Hotpatch Monitoring Service allows an authorized attacker to elevate privileges locally. An out-of-bounds write occurs when a program...
PT-2026-47891
Name of the Vulnerable Software and Affected Versions Windows Telephony Service affected versions not specified Description A race condition exists in the Windows Telephony Service due to improper synchronization when using a shared resource. This allows an authorized attacker to elevate privileg...
PT-2026-48254
Name of the Vulnerable Software and Affected Versions Acrobat Reader versions prior to 26.001.21652 Description A Use After Free issue exists where memory is accessed after it has been freed. This can lead to arbitrary code execution in the context of the current user. Exploitation requires user...
PT-2026-47871
Name of the Vulnerable Software and Affected Versions Windows Universal Disk Format File System Driver UDFS affected versions not specified Description An elevation-of-privilege issue exists in the Windows Universal Disk Format File System Driver UDFS, which allows attackers to gain higher...
PT-2026-48218
Name of the Vulnerable Software and Affected Versions SQLite versions prior to 3.53.2 Description A heap-based buffer overflow exists in the FTS5 full-text search extension. An attacker can cause a crash or execute arbitrary code by providing a crafted database containing malicious continuation...
PT-2026-47856
Name of the Vulnerable Software and Affected Versions OpenSSL affected versions not specified Description A heap out-of-bounds read can occur during CMS password-based decryption RFC 3211 / PWRI key unwrap when processing attacker-supplied CMS data. The issue arises in the kek unwrap key function...
PT-2026-48596
These are all security issues fixed in the libIex-3 4-33-3.4.12-1.1 package on the GA media of openSUSE Tumbleweed...
PT-2026-47278
Name of the Vulnerable Software and Affected Versions Bolt CMS versions prior to 3.7.6 Description An issue exists in the HTML Attribute Handler component within the file src/Storage/Field/Type/TextType.php. A remote attacker can perform HTML injection by manipulating the style argument. This...
PT-2026-47202
A vulnerability has been found in hs-web hsweb-framework up to 5.0.1. The affected element is the function denied of the file hsweb-system/hsweb-system-file/src/main/java/org/hswebframework/web/file/FileUploadProperties.java of the component File Upload. The manipulation of the argument filename...
PT-2026-47258
A vulnerability has been found in D-Link DCS-5615 1.01.00. Affected by this vulnerability is an unknown functionality of the file /etc/conf.d/boa/boa.conf of the component Boa Webserver. Such manipulation leads to least privilege violation. The attack can be executed remotely. The exploit has bee...
PT-2026-47330
phpMyFAQ is an open source FAQ web application. Prior to version 4.1.4, attachment passwords are hashed using SHA-1, a cryptographically broken algorithm. SHA-1 has been vulnerable to collision attacks since 2017 SHAttered. Version 4.1.4 fixes the issue...
PT-2026-47436
A vulnerability was identified in D-Link DGS-1100-08PD 1.00.006. This issue affects some unknown processing of the file /etc/boa.conf of the component Web Interface. Such manipulation leads to least privilege violation. The attack may be launched remotely. The attack requires a high level of...
PT-2026-47575
Summary Arc's user-SQL validator internal/api/query.go:ValidateSQLRequest blocked only read parquet and arc partition agg via regex denylist. The broader DuckDB I/O function family — read csv auto, read csv, read json, read json auto, read text, read blob, glob, parquet metadata, parquet schema,...
PT-2026-47373
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified openSUSE Tumbleweed versions prior to kernel-devel-7.0.12-1.1 Description A flaw in the SELinux component allows only a single open of the '/sys/fs/selinux/policy' endpoint at any time. This...
PT-2026-47266
This vulnerability exists in Bagisto due to improper validation of user-supplied input in the ImageCacheController component. An unauthenticated remote attacker could exploit this vulnerability by sending crafted path traversal sequences through the filename parameter to access arbitrary files...
PT-2026-47540
Name of the Vulnerable Software and Affected Versions strongSwan affected versions not specified Description An issue exists where strongSwan incorrectly handles the cloning of certain identities, leading to a double-free condition when destroying those cloned identities. A remote attacker could...
PT-2026-47429
Improper neutralization of special elements in the built-in PAM provider password rotation templates in Devolutions Server allows an authenticated user with write access to a vault to execute arbitrary commands on the systems managed by the affected PAM provider. This issue affects : Devolutions...