Lucene search
K
PtsecurityRecent

184508 matches found

Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.13 views

PT-2026-55816

CVE ID :CVE-2026-50238 Published : July 3, 2026, 10:25 a.m. | 3 hours, 20 minutes ago Description :None Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

5.9AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.18 views

PT-2026-55636

Name of the Vulnerable Software and Affected Versions Microsoft Edge Chromium-based affected versions not specified Description An issue involving type confusion, which occurs when a program accesses a resource using an incompatible data type, allows an unauthorized attacker to execute arbitrary...

7.5CVSS6.3AI score0.00249EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.20 views

PT-2026-55530

Name of the Vulnerable Software and Affected Versions Dell PowerProtect Data Domain versions 7.7.1.0 through 8.6 Dell PowerProtect Data Domain versions 8.6.1.0 through 8.6.1.10 Dell PowerProtect Data Domain versions 8.3.1.0 through 8.3.1.30 Dell PowerProtect Data Domain versions 7.13.1.0 through...

4.3CVSS6AI score0.00152EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.25 views

PT-2026-55630

Name of the Vulnerable Software and Affected Versions Microsoft Edge Chromium-based affected versions not specified Description Improper authorization allows an unauthorized attacker to execute code over a network. Recommendations At the moment, there is no information about a newer version that...

8.3CVSS6.1AI score0.00405EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.12 views

PT-2026-55514

Name of the Vulnerable Software and Affected Versions Ad Inserter – Ad Manager & AdSense Ads versions prior to 2.8.17 Description An Insecure Direct Object Reference exists via the data attribute of the adinserter shortcode. The replace ai tags function processes a reusable-block-N tag pattern th...

4.3CVSS6AI score0.00273EPSS
Exploits0References15
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.13 views

PT-2026-55649

Name of the Vulnerable Software and Affected Versions Microsoft Edge Chromium-based affected versions not specified Description Insufficient UI warnings regarding dangerous operations allow an unauthorized attacker to perform spoofing over a network. Recommendations At the moment, there is no...

4.3CVSS6AI score0.00398EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.17 views

PT-2026-55525

Name of the Vulnerable Software and Affected Versions Kong Konnect MCP server versions prior to 1.0.0 Description An issue exists where the server fails to properly validate content returned to the Large Language Model LLM. This allows a remote attacker to perform an indirect prompt injection by...

7.4CVSS6.1AI score0.00258EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.14 views

PT-2026-55581

Name of the Vulnerable Software and Affected Versions RT-Thread versions prior to 5.0.3 Description A memory corruption issue exists in the sys getaddrinfo function within the components/lwp/lwp syscall.c file. A local attacker can trigger this by manipulating the ai addr argument. Recommendation...

6.8CVSS6.2AI score0.00119EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.13 views

PT-2026-55641

Name of the Vulnerable Software and Affected Versions Microsoft Edge Chromium-based affected versions not specified Description A type confusion issue occurs when a resource is accessed using an incompatible type. This flaw allows an unauthorized attacker to bypass a security feature over a...

8.3CVSS6AI score0.00372EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.13 views

PT-2026-55629

Access of resource using incompatible type 'type confusion' in Microsoft Edge Chromium-based allows an unauthorized attacker to perform spoofing over a network...

8.1CVSS6AI score0.00329EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.18 views

PT-2026-55587

Name of the Vulnerable Software and Affected Versions Gitea versions 1.5.0 through 1.26.2 Description A defect in the Time-based One-Time Password TOTP single-use enforcement allows a valid TOTP code to be accepted multiple times. This issue affects web two-factor authentication flows and the Bas...

7.1CVSS7.2AI score0.00481EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.12 views

PT-2026-55626

Name of the Vulnerable Software and Affected Versions Microsoft Edge Chromium-based affected versions not specified Description A use after free issue exists that allows an unauthorized attacker to execute arbitrary code over a network. Use after free is a memory corruption flaw that occurs when ...

7.5CVSS6.3AI score0.00429EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.13 views

PT-2026-55659

Name of the Vulnerable Software and Affected Versions Microsoft Edge for Android affected versions not specified Description Improper access control allows an unauthorized attacker to bypass a security feature over a network. Recommendations At the moment, there is no information about a newer...

6.5CVSS5.9AI score0.00475EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.10 views

PT-2026-55607

Name of the Vulnerable Software and Affected Versions Gitea versions prior to 1.26.3 Description Git LFS Large File Storage object reuse allows users with repository access to authorize private source objects even if they lack Code-unit access. Recommendations Update Gitea to version 1.26.3 or...

7.1CVSS7AI score0.00323EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.16 views

PT-2026-55588

Name of the Vulnerable Software and Affected Versions Gitea versions prior to 1.25.5 Description Insufficient permission checks occur when listing tracked time entries. Recommendations Update to version 1.25.5 or later...

5.3CVSS6.1AI score0.00286EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.11 views

PT-2026-55579

Name of the Vulnerable Software and Affected Versions RT-Thread versions prior to 5.0.3 Description A stack-based buffer overflow exists in the recvmsg function within the bsp/loongson/ls1cdev/libraries/ls1c can.h library of the ls1c CAN Handler component. This issue requires local access to be...

8.5CVSS7.4AI score0.00141EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.12 views

PT-2026-55637

Name of the Vulnerable Software and Affected Versions Microsoft Edge Chromium-based affected versions not specified Description An issue occurs when an operation is performed on a resource after it has expired or been released. This allows an unauthorized attacker to disclose information over a...

6.1CVSS5.8AI score0.00586EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.16 views

PT-2026-55631

Name of the Vulnerable Software and Affected Versions Microsoft Edge Chromium-based affected versions not specified Description An issue exists where access to a resource using an incompatible type, known as type confusion, allows an unauthorized attacker to execute code over a network. Type...

8.3CVSS6.1AI score0.00438EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.10 views

PT-2026-55585

Name of the Vulnerable Software and Affected Versions keras-team/keras version 3.14.0 Description Improper handling of deserialization in the Lambda layer allows for arbitrary OS-level code execution in the context of the server or user process. The raise for lambda deserialization function fails...

9.8CVSS7.7AI score0.00397EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.12 views

PT-2026-55645

Name of the Vulnerable Software and Affected Versions Microsoft Edge for Android affected versions not specified Description A time-of-check time-of-use TOCTOU race condition exists, which is a software bug where a system checks the state of a resource before using it, but the state changes betwe...

7.5CVSS6.3AI score0.0027EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.13 views

PT-2026-55493

Name of the Vulnerable Software and Affected Versions WP Import Export Lite versions prior to 3.9.31 Description An issue exists in the wpie import upload file from url AJAX action. The plugin initially uses wp safe remote get to download files, which blocks private IP ranges. However, if this ca...

5.5CVSS6.1AI score0.00235EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.12 views

PT-2026-55512

Name of the Vulnerable Software and Affected Versions LatePoint – Calendar Booking Plugin for Appointments and Events versions prior to 5.6.2 Description An authorization bypass exists because the plugin fails to properly verify if a user is authorized to perform specific actions. Unauthenticated...

5.3CVSS6.2AI score0.00338EPSS
Exploits0References14
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.11 views

PT-2026-55658

Name of the Vulnerable Software and Affected Versions Gitea affected versions not specified Description An HMAC ambiguity in Gitea Actions Artifacts V4 signed URLs allows for cross-repository artifact reading and cross-task upload-state writing. HMAC Hash-based Message Authentication Code is a...

9.6CVSS5.9AI score0.00177EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.14 views

PT-2026-55633

Name of the Vulnerable Software and Affected Versions Microsoft Edge Chromium-based affected versions not specified Description A use after free issue exists that allows an unauthorized attacker to execute arbitrary code over a network. Use after free is a memory corruption flaw that occurs when ...

8.3CVSS6.3AI score0.00438EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.14 views

PT-2026-55539

Name of the Vulnerable Software and Affected Versions Dell PowerProtect Data Domain versions 7.7.1.0 through 8.7 Dell PowerProtect Data Domain LTS2026 release versions 8.6.1.0 through 8.6.1.10 Dell PowerProtect Data Domain LTS2025 release versions 8.3.1.0 through 8.3.1.30 Dell PowerProtect Data...

4.9CVSS6AI score0.00422EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.14 views

PT-2026-55576

webpack-dev-server versions 5.2.5 and earlier terminate the whole Node.js process when an unauthenticated peer sends either a normal HTTP request with a malformed Host header or a WebSocket upgrade to the default /ws endpoint with a malformed Origin header. The malformed value causes an uncaught...

5.3CVSS6AI score0.00308EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.15 views

PT-2026-55440

Name of the Vulnerable Software and Affected Versions weDocs: AI Powered Knowledge Base, Docs, Documentation, Wiki & AI Chatbot versions prior to 2.3.1 Description The plugin contains a missing authorization flaw. The do migration function, registered as the wedocs migrate betterdocs to wedocs AJ...

4.3CVSS5.9AI score0.00213EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.10 views

PT-2026-55578

Name of the Vulnerable Software and Affected Versions GIMP affected versions not specified Description A heap buffer overflow exists in the Paint Shop Pro PSP file format parser. The issue occurs when the software incorrectly calculates buffer sizes while processing low bit-depth images, which...

7.3CVSS6.6AI score0.00233EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.14 views

PT-2026-55442

Name of the Vulnerable Software and Affected Versions weDocs: AI Powered Knowledge Base, Docs, Documentation, Wiki & AI Chatbot versions prior to 2.3.1 Description Insufficient input sanitization and output escaping allow authenticated attackers with contributor-level access and above to perform...

6.4CVSS6.1AI score0.00206EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.14 views

PT-2026-55593

Name of the Vulnerable Software and Affected Versions Gitea versions prior to 1.25.5 Description Insufficient visibility checks exist within organization permission APIs, which may affect hidden members and private organizations. Recommendations Update to version 1.25.5 or later...

7.5CVSS6.1AI score0.00353EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.14 views

PT-2026-55495

Name of the Vulnerable Software and Affected Versions NEX-Forms – Ultimate Forms Plugin for WordPress versions prior to 9.2.3 Description Insufficient input sanitization and output escaping allow unauthenticated attackers to perform Stored Cross-Site Scripting XSS, a technique where malicious...

7.2CVSS6.1AI score0.00304EPSS
Exploits0References19
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.15 views

PT-2026-55490

UNSUPPORTED WHEN ASSIGNED Improper Validation of Specified Quantity in Input in the ASUS AI Suite 3 driver allows a local user to bypass security validation and access restricted memory blocks via crafted IOCTL requests, leading to privilege escalation...

7.3CVSS5.8AI score0.00096EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.16 views

PT-2026-55505

Name of the Vulnerable Software and Affected Versions Apache Lucene.Net.Analysis.Common versions 4.8.0-beta00005 through 4.8.0-beta00017 Description Improper Restriction of XML External Entity Reference XXE in the Lucene.Net.Analysis.Common library, specifically within the PatternParser. XXE is a...

9.8CVSS6AI score0.00328EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.14 views

PT-2026-55489

Name of the Vulnerable Software and Affected Versions ASUS AI Suite 3 affected versions not specified Description Improper validation of the specified quantity in the input of the ASUS AI Suite 3 driver allows a local user to access unintended memory regions. This is achieved through crafted IOCT...

8.5CVSS5.9AI score0.00103EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.10 views

PT-2026-55624

Name of the Vulnerable Software and Affected Versions Microsoft Edge Chromium-based affected versions not specified Description A Use-After-Free memory corruption issue exists in the Chromium engine of Microsoft Edge. This flaw allows an unauthorized remote attacker to execute arbitrary code over...

7.5CVSS6.3AI score0.00429EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.15 views

PT-2026-55543

Name of the Vulnerable Software and Affected Versions pardus-software versions prior to 1.0.5 Description A missing authorization issue allows for argument injection, which occurs when an application fails to properly sanitize user-supplied input used as arguments to a command or function,...

8.8CVSS6AI score0.00163EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.12 views

PT-2026-55509

Name of the Vulnerable Software and Affected Versions Quiz and Survey Master QSM – Easy Quiz and Survey Maker versions prior to 11.1.5 Description An authorization bypass exists because the plugin fails to properly verify if a user is authorized to perform specific actions. Authenticated attacker...

4.3CVSS5.8AI score0.00312EPSS
Exploits0References19
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.16 views

PT-2026-55647

Name of the Vulnerable Software and Affected Versions Microsoft Edge for Android affected versions not specified Description A relative path traversal issue exists in Microsoft Edge for Android. This flaw allows an unauthorized attacker to disclose information locally. Path traversal is a techniq...

6.8CVSS5.8AI score0.00323EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.15 views

PT-2026-55621

Name of the Vulnerable Software and Affected Versions Microsoft Edge Chromium-based affected versions not specified Description A Server-side request forgery SSRF issue exists, which allows an unauthorized attacker to perform spoofing over a network. SSRF is a flaw where an attacker can induce th...

6.5CVSS6.1AI score0.00617EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.11 views

PT-2026-55612

Name of the Vulnerable Software and Affected Versions Microsoft Edge Chromium-based affected versions not specified Description An issue exists where sensitive information is exposed to an unauthorized actor, which could allow a remote attacker to perform spoofing over a network. Recommendations ...

6.5CVSS6AI score0.00651EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.15 views

PT-2026-55517

Name of the Vulnerable Software and Affected Versions Zakra versions prior to 4.2.1 Description The Zakra theme for WordPress contains a Stored Cross-Site Scripting issue. This occurs because the theme registers three post meta fields—zakra menu item color, zakra menu item hover color, and zakra...

6.4CVSS6.1AI score0.00187EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.18 views

PT-2026-55605

Name of the Vulnerable Software and Affected Versions Gitea versions prior to 1.26.0 Description The software does not fail closed when encountering bufio.Scanner errors during the processing of pre-receive hook input. This behavior allows oversized input to bypass branch-protection checks...

9.8CVSS6AI score0.00472EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.20 views

PT-2026-55632

Name of the Vulnerable Software and Affected Versions Microsoft Edge Chromium-based affected versions not specified Description Improper access control allows an unauthorized attacker to perform spoofing over a network. Spoofing is a technique where a person or program successfully masquerades as...

8.1CVSS6AI score0.00312EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.14 views

PT-2026-55532

Name of the Vulnerable Software and Affected Versions Dell PowerProtect Data Domain versions 7.7.1.0 through 8.7 Dell PowerProtect Data Domain LTS2026 release versions 8.6.1.0 through 8.6.1.10 Dell PowerProtect Data Domain LTS2025 release versions 8.3.1.0 through 8.3.1.30 Dell PowerProtect Data...

4.4CVSS5.9AI score0.00133EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.15 views

PT-2026-55604

Name of the Vulnerable Software and Affected Versions Gitea versions prior to 1.25.5 Description The software accepts malformed or injected forwarded-proto values during the detection of public URLs. This flaw allows for the generation of spoofed canonical URLs. Recommendations Update Gitea to...

7.5CVSS5.9AI score0.00431EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.15 views

PT-2026-55617

Name of the Vulnerable Software and Affected Versions Microsoft Edge Chromium-based affected versions not specified Description An improper authorization flaw allows an unauthorized attacker to bypass a security feature over a network. This issue enables exploitation without prior authentication,...

10CVSS6AI score0.00463EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.11 views

PT-2026-55516

Name of the Vulnerable Software and Affected Versions Apache Lucene.Net.Replicator versions 4.8.0-beta00005 through 4.8.0-beta00017 Description A Path Traversal issue exists in the Lucene.Net.Replicator library, which allows an unauthenticated user to perform an arbitrary file read on the...

8.9CVSS6.1AI score0.00703EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.13 views

PT-2026-55654

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description An unauthenticated Regular Expression Denial of Service ReDoS exists due to improper pattern matching within the CODEOWNERS file processing. This allows a remote...

7.5CVSS6AI score0.00331EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.14 views

PT-2026-55619

Name of the Vulnerable Software and Affected Versions Microsoft Edge Chromium-based affected versions not specified Description Improper input validation allows an unauthorized attacker to execute code over a network. Input validation is the process of ensuring that a program operates on clean,...

8.8CVSS6.1AI score0.00479EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.10 views

PT-2026-55577

Name of the Vulnerable Software and Affected Versions Open Asset Import Library Assimp versions prior to 6.0.5 Description A double free issue exists in the PLY Model Handler component within the Assimp::Exporter::ExportToBlob function located in the code/AssetLib/Ply/PlyLoader.cpp file. This fla...

6.5CVSS6.9AI score0.00233EPSS
Exploits0References11
Total number of security vulnerabilities184508