185026 matches found
PT-2026-58026
Path traversal in Ivanti Xtraction before version 2026.2.1 allows a remote authenticated attacker to read arbitrary files outside the web root...
PT-2026-58027
A vulnerability was detected in Tenda BE12 Pro 16.03.66.23. Impacted is the function fromSetIpBind of the file /goform/SetIpBind. The manipulation of the argument page results in stack-based buffer overflow. It is possible to launch the attack remotely. The exploit is now public and may be used...
PT-2026-58030
Sustainable Irrigation Platform SIP through version 5.2.16 contains a stored cross-site scripting vulnerability that allows unauthenticated attackers to inject arbitrary JavaScript by supplying malicious script payloads within program names submitted via HTTP requests. Attackers can exploit the...
PT-2026-58025
An open redirect in Ivanti Xtraction before version 2026.2.1 allows a remote unauthenticated attacker to redirect users to arbitrary external URLs...
PT-2026-58032
Vulnerability in Spotfire Spotfire Enterprise Spotfire Server modules, Spotfire Spotfire Enterprise with External Consumers Spotfire Server modules, Spotfire Spotfire on Kubernetes Spotfire Server modules. This issue affects Spotfire Enterprise: through 14.0.12, through 14.4.2, through 14.5.0,...
PT-2026-58008
A vulnerability was identified in open62541 up to 1.5.5. Affected by this issue is the function responseReadNamespacesArray of the file src/client/ua client connect.c of the component Shared Client Library. Such manipulation of the argument Server NamespaceArray leads to null pointer dereference...
PT-2026-58007
The Academy LMS – WordPress LMS Plugin for Complete eLearning Solution plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 3.8.0 via the 'save lesson note', 'get lesson note', and 'complete lesson video' AJAX handlers due to missing...
PT-2026-57989
A flaw was identified in Argo CD, the GitOps engine used by Red Hat OpenShift GitOps, that could allow an unauthenticated attacker with network access to the Argo CD repo-server to achieve remote code execution. Under certain conditions, the attacker may then manipulate cached data to deploy...
PT-2026-58000
Privilege escalation in Checkmk versions 2.5.0 before 2.5.0p9, 2.4.0 before 2.4.0p34, 2.3.0 before 2.3.0p49, and 2.2.0 EOL allows a local unprivileged user to execute arbitrary commands as root by starting a process crafted to look like a SAP HANA instance. Without an explicit database...
PT-2026-57999
The fix for CVE-2026-0716 commit 6ff7ef0, libsoup 3.6.6 placed the integer overflow guard inside the if masked block, leaving unmasked server-to-client frames unprotected. A malicious WebSocket server can send a crafted unmasked frame with a payload length near UINT64 MAX to trigger an OOB read i...
PT-2026-57963
The Word Count and Social Shares WordPress plugin through 1.0 does not validate a user-supplied file path before deletion, nor does it have proper authorization or CSRF checks, allowing any authenticated user, such as a Subscriber, to delete arbitrary files on the server, which can lead to a full...
PT-2026-57956
A vulnerability was identified in nextlevelbuilder GoClaw up to 3.13.3-beta.3. This vulnerability affects the function handleNavigate of the file pkg/browser/tool.go. Such manipulation of the argument args.targetUrl leads to information disclosure. The attack may be performed from remote. The...
PT-2026-57953
A vulnerability was found in nextlevelbuilder GoClaw 3.11.3. Affected by this issue is the function ExecApprovalManager.CheckCommand of the file internal/tools/exec approval.go. The manipulation results in incomplete blacklist. The attack can be executed remotely. The exploit has been made public...
PT-2026-57945
SAP S/4HANA application Project Management PPM-PRO allows an attacker with high privileges to execute crafted database queries, exposing the backend database. This results in low impact on confidentiality, with no impact on integrity and availability of the application...
PT-2026-57935
Due to an HTTP Request Smuggling vulnerability in SAP Approuter, an unauthenticated attacker could send a specially crafted HTTP request that leads to request-response desynchronization. This could result in the exposure of user responses and cause the system to become unavailable. This leads to ...
PT-2026-57939
SAP HANA Database user self service tools allows an unauthenticated user to send specially crafted requests that produce distinguishable responses, enabling enumeration of valid user accounts and email addresses. Successful exploitation could allow the attacker to enumerate valid user accounts,...
PT-2026-57994
Allocation of resources without limits vulnerability in elixir-mint mint allows a remote HTTP/2 server to exhaust memory on the client host and cause a denial of service. The Mint.HTTP2.handle continuation/3 function in lib/mint/http2.ex accumulates the header-block fragment carried by each HTTP/...
PT-2026-57992
Improper Handling of URL Encoding Hex Encoding vulnerability in Apache Tomcat's rewrite valve allowed security constraint bypass for some configurations. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.23, from 10.1.0-M1 through 10.1.56, from 9.0.0.M1 through 9.0.119, from 8.5.0...
PT-2026-58003
A vulnerability has been identified in SIMATIC S7-PLCSIM Advanced All versions. Affected devices do not properly handle high-volume multicast network traffic, which can exhaust available memory resources in the affected application. This could allow an unauthenticated attacker on the local networ...
PT-2026-57998
A vulnerability has been identified in COMOS V10.4.5 All versions V10.4.5.0.2, COMOS V10.6 All versions V10.6.1, Designcenter NX All versions V2512.7000, Simcenter 3D All versions V2512.7000, Simcenter Femap V2506 All versions V2506.0003, Simcenter Femap V2512 All versions V2512.0002, Simcenter...
PT-2026-58004
A vulnerability has been identified in Opcenter X All versions V2604. Affected applications do not properly validate the algorithm specified in the JSON Web Token JWT header. This could allow an unauthenticated remote attacker to forge arbitrary JWT, bypass authentication mechanisms and impersona...
PT-2026-58001
DBI::SQL::Nano versions from 1.42 before 1.651 for Perl have inverted = SQL operators on text. DBI::SQL::Nano, DBI's built-in mini-SQL engine, evaluated WHERE predicates incorrectly in some cases. In the non-numeric string branch of the is matched method, = was evaluated using Perl's le operator...
PT-2026-58005
A vulnerability relating to insufficient access control has been identified in the session management of the Sesame Time web application and its REST v3 API. The flaw lies in the fact that the system uses the session identifier USID as the sole validation mechanism, without verifying whether that...
PT-2026-57962
The Ultimate Before After Image Slider & Gallery WordPress plugin before 4.7.1 does not escape the value of the BEAF Slider widget's shortcode field before outputting it on the front end the value is passed through do shortcode, which echoes non-shortcode content verbatim, allowing users with...
PT-2026-57969
A vulnerability was identified in code-projects Online Job Portal 1.0. The affected element is an unknown function of the file /Admin/EditUser.php. Such manipulation of the argument UserId leads to sql injection. The attack may be launched remotely. The exploit is publicly available and might be...
PT-2026-57941
Due to a Cross-Site Scripting XSS vulnerability, applications based on Business Server Pages framework in SAP NetWeaver Application Server ABAP reflects unsanitized input into the HTTP response which allows an attacker to inject and execute arbitrary JavaScript code under certain conditions...
PT-2026-57933
A security vulnerability has been detected in mosaxiv clawlet up to 0.2.10. This affects the function tools.webFetch of the file tools/tool web fetch.go. Such manipulation leads to server-side request forgery. The attack can be launched remotely. The exploit has been disclosed publicly and may be...
PT-2026-57940
SAP NetWeaver Enterprise Portal allows an unauthenticated attacker to inject malicious scripts into a URL parameter. The scripts are reflected in the server response and executed in a user's browser when the crafted URL is visited, leading to theft of session information, manipulation of portal...
PT-2026-57937
SAP NetWeaver Application Server ABAP allows an authenticated attacker to leverage logical errors in memory management to cause a memory corruption that could lead to unauthorized data access, modification, or system unavailability. This has high impact on confidentiality, integrity, and...
PT-2026-57936
SAP Approuter does not properly validate incoming request headers during the OAuth2 login flow under certain configurations. This allows an unauthenticated remote attacker to craft a malicious link which, when clicked by a victim, could lead to unauthorized access. Successful exploitation results...
PT-2026-57942
SAP Commerce Cloud could retain a sample OAuth2 client with publicly documented sample credentials originating from sample configuration provided in SAP Help Portal documentation. If left unchanged, an unauthenticated attacker could use these well-known credentials to obtain a valid access token...
PT-2026-58012
A security flaw has been discovered in Tenda BE12 Pro 16.03.66.23. This affects the function fromSafeClientFilter of the file /goform/SafeClientFilter. Performing a manipulation of the argument page results in stack-based buffer overflow. The attack is possible to be carried out remotely. The...
PT-2026-58014
We are aware that exploit code for this is public however we are not aware of any attacks in the wild abusing this flaw. This vulnerability was fixed in Firefox 152.0.6...
PT-2026-58009
A security issue exists within the 1715-AENTR EtherNet/IP Adapter. The affected product exposes a network-accessible debug port that does not enforce proper privilege controls, allowing unauthenticated remote access to intrusive command-line interface CLI commands. If exploited, a threat actor...
PT-2026-58028
Snowflake SQLAlchemy versions prior to 1.11.0 contain several security vulnerabilities, including: Improper handling of user-supplied column identifiers in merge operations could allow SQL injection through attacker-controlled input keys. An attacker may be able to exploit this through request...
PT-2026-58029
Buffer Overflow vulnerability in aMULE-Project aMule v.2.3.3 allows a remote attacker to cause a denial of service via the OP SERVERMESSAGE Handler...
PT-2026-57975
CVE-2026-58319: Apache Doris: Improper Authentication in Frontend HTTP API https://t.co/CEeGFvGyhj Severity: critical Doris is a real-time database for modern analytics and AI...
PT-2026-57974
🔴 NukeViet, Path Traversal to Arbitrary File Deletion, CVE-2026-54065 High -DC-Jul2026-955 https://t.co/yASozOdaJS...
PT-2026-57976
🔴 DIRAC FileCatalog DatasetManager Remote Code Execution RCE via SQL Injection + eval — CVE-2026-61667 Critical -DC-Jul2026-956 https://t.co/bT2K4jS01F...
PT-2026-57977
Got CVE-2026-61839 on grav cms: https://t.co/C1H94QxrBn...
PT-2026-57982
A Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in SUSE Virtual Machine Driver Pack allows an attacker with the ability to modify the registry to affect the integrity of the driver. We're not aware of a feasible way to exploit this currently. This issue affect...
PT-2026-57991
Allocation of resources without limits vulnerability in elixir-mint mint allows a remote HTTP server to exhaust memory on the client host and cause a denial of service. The Mint.HTTP1.decode headers/5 and Mint.HTTP1.decode trailer headers/4 functions in lib/mint/http1.ex accumulate every parsed...
PT-2026-57997
Eclipse Kura versions prior to 5.6.2 trust the client-supplied X-Forwarded-For HTTP header as the authoritative source of the client IP address in audit log entries. The org.eclipse.kura.web2 Web Console and org.eclipse.kura.rest.provider REST API components use this header as the primary IP sour...
PT-2026-57981
For requests that have a body, but reading the body may end up in reading 0 bytes, there is a buffer leak. This is particularly the case for 100-Continue, but any request where the network is slow can leak...
PT-2026-57961
A vulnerability was found in louisho5 picobot up to 0.2.0. This issue affects the function ExecTool.Execute of the file internal/agent/tools/exec.go of the component exec Tool. The manipulation results in os command injection. The attack requires a local approach. The exploit has been made public...
PT-2026-57966
The Newsletters WordPress plugin before 4.15 does not prevent deserialization of untrusted input that is stored through a public form, allowing unauthenticated attackers to inject a PHP object and, via a property-oriented gadget chain bundled with the Newsletters WordPress plugin before 4.15, wri...
PT-2026-57950
The News Kit Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Site Logo Title and Single Author Box Widgets in all versions up to, and including, 1.4.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...
PT-2026-57983
In Eclipse Jetty, a first HTTP/1.1 request with trailers causes the server to retain the trailers in subsequent requests performed over the same connection. Subsequent request that do not have trailers report the trailers of the first request. Subsequent request that do have trailers report the...
PT-2026-57951
The FoodBook Lite - Online Food Ordering System plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.5.6. The registration function, accessible via the wp ajax nopriv registration action AJAX action, lacks any nonce verification or capability check,...
PT-2026-57988
Multiple input validation vulnerabilities in the Snowflake Spark Connector spark-snowflake versions prior to 3.2.1 can allow attackers to exfiltrate OAuth client credentials, execute arbitrary SQL with the connector's Snowflake role, or redirect COPY operations to attacker-controlled storage. An...